More Stories
United Airlines Sets Minimum Bar on Security

United Airlines has rolled out a series of updates to its Web site that the company claims will help beef up the security of customer accounts. But at first glance, the core changes -- moving from a 4-digit PINs to password and requiring customers to pick five different security questions and answers -- may seem like a security playbook copied from, circa 2009. Here's a closer look at what's changed in how United authenticates customers, and hopefully a bit of insight into what the nation's fourth-largest airline is trying to accomplish with its new system.

A Life or Death Case of Identity Theft?

Identity thieves have perfected a scam in which they impersonate existing customers at retail mobile phone stores, pay a small cash deposit on pricey new phones, and then charge the rest to the victim's account. In most cases, switching on the new phones causes the victim account owner's phone(s) to go dead. This is the story of a Pennsylvania man who allegedly died of a heart attack because his wife's phone was switched off by ID thieves and she was temporarily unable to call for help.

SSA: Ixnay on txt msg reqmnt 4 e-acct, sry

The U.S. Social Security Administration says it is reversing a newly enacted policy that required a cell phone number from all Americans who wished to manage their retirement benefits at The move comes after a policy rollout marred by technical difficulties and criticism that the new requirement did little to prevent identity thieves from siphoning benefits from Americans who hadn't yet created accounts at for themselves.

Visa Alert and Update on the Oracle Breach

Credit card industry giant Visa on Friday issued a security alert warning companies using point-of-sale devices made by Oracle's MICROS retail unit to double-check the machines for malicious software or unusual network activity, and to change passwords on the devices. Visa also published a list of Internet addresses that may have been involved in the Oracle breach and are thought to be closely tied to an Eastern European organized cybercrime gang.

The Reincarnation of a Bulletproof Hoster

In April 2016, security firm Trend Micro published a damning report about a Web hosting provider referred to only as a "cyber-attack facilitator in the Netherlands." If the Trend analysis lacked any real punch that might have been because -- shortly after the report was published -- names were redacted so that it was no longer immediately clear exactly who the bad hosting provider was. This post aims to shine a bit more light on the individuals apparently behind this mysterious rogue hosting firm -- a company called HostSailor[dot]com.

Inside ‘The Attack That Almost Broke the Internet’

In March 2013, a coalition of spammers and spam-friendly hosting firms pooled their resources to launch what would become the largest distributed denial-of-service (DDoS) attack the Internet had ever seen. The assault briefly knocked offline the world's largest anti-spam organization, and caused a great deal of collateral damage to innocent bystanders in the process. Here's a never-before-seen look at how that attack unfolded, and a rare glimpse into the shadowy cybercrime forces that orchestrated it.

Master Your Own Destiny: An Interview on Entrepreneurship with Pascal Finette

In case you haven’t noticed, entrepreneurship is on the rise. In the US, 2015 had the most startup growth seen annually in over 20 years. Some attribute this growth to the recovery of the US economy. Others claim it’s being fueled by sheer necessity. Take, for example, statistics on the increase in entrepreneurship among college students and young professionals. One of the most exciting startup movements is the rise of social entrepreneurship—those founding companies to... read more

Road Warriors: Beware of ‘Video Jacking’

A little-known feature of many modern smartphones is their ability to duplicate video on the device's screen so that it also shows up on a much larger display -- like a TV. However, new research shows that this feature may quietly expose users to a simple and cheap new form of digital eavesdropping.Dubbed "video jacking" by its masterminds, the attack uses custom electronics hidden inside what appears to be a USB charging station. As soon as you connect a vulnerable phone to the appropriate USB charging cord, the spy machine hijacks the phone's video display and records a video of everything you tap, type or view on it as long as it's plugged in -- including PINs, passwords, account numbers, emails, texts, pictures and videos.

More posts are loading...