Lisa Vaas

The FBI has arrested a Bulgarian woman in connection with an international scheme that’s responsible for defrauding eBay users of more than $350,000. The agency announced on Monday that police in Budapest, Hungary had on March 22 arrested Mariyana Feliksova Lozanova, aka “Gentiane La France,” aka “Naomi Elizabeth DeBont,” with conspiracy to commit wire fraud […]

Expect to see the 2 billionth personal record compromised by years end, according to recent research from the University of Washington. But dont blame it on rogue hackers; sorry to say, its your own fault, Corporate America. Researchers at the university in Seattle estimate that electronic records—those containing Social Security or credit card numbers, academic […]

Exploit code is out for a critical MDAC vulnerability that Microsoft reported in its MS07-009 bulletin, so if you haven’t patched yet, better hop to it. The vulnerability, which can allow a remote attacker to take over a PC, is in Microsoft’s Data Access Components. Microsoft provided a fix for the vulnerability on Patch Tuesday, […]

The new version of HD Moore’s point-and-click Metasploit Framework that was rewritten from scratch in the Ruby scripting language is ready to penetrate, pick at patches, regress test and otherwise hack away. Moore has said that the primary goals of Version 3.0 of his open-source exploit creation tool are improved automation of exploitation through scripting, […]

As if RFID chips in drivers licenses and passports werent scary enough already, Londons Royal Academy of Engineering is suggesting that someday a terrorist will be able to read personal details from a distance and, given the right antennas and amplification, set a bomb to go off when a particular person gets within range. Its […]

Cisco is snipping the wires from hardwired surveillance cameras, rolling out IP cameras that hook into Cisco networks and that can be watched from any network point—not just the traditional central control room. “Our mission in life is to run physical security applications across the network,” said Steve Collen, director of product marketing for Ciscos […]

A new tool too dangerous to give away can turn any PC—Windows, Mac, Linux—or any device with a browser into a site attacker. The tool, called Jikto, is a Web application scanner that searches for cross-site scripting vulnerabilities. Billy Hoffman, a security researcher with SPI Dynamics, demonstrated what the tool could do at the ShmooCon […]

After having listened to audiotapes that execs found “painful,” Microsoft has owned up to the fact that some of its Xbox Live support center agents have fallen for pretexting and have given away personal information that could have potentially enabled pretexters to hijack accounts. “The [Xbox Live] network isn’t being hacked—[but] through working with [security […]

A Trojan is using the free Skype VOIP service to spread to users’ friends, family and colleagues, Websense Security Labs reported on March 22. The Trojan, a copy of the Trojan named Warezov or Stration, is not propagating itself. However, when it runs, its sends a URL to all users within the victim’s Contacts list, […]

Researchers on March 21 announced that the systems which control dams, oil refineries, railroads and nuclear power plants have a vulnerability that could be used to cause a denial of service or a system takeover. The flaw, reported by Neutralbit, is the first remotely exploitable SCADA security vulnerability, according to the security services provider. SCADA […]