Information Security News
Shares of anti identity theft service LifeLock fell almost 18 percent on Monday after the company said it was temporarily suspending its iOS and Android apps because it may have failed to adequately secure user data.
The stock price closed down $2.28, or 17.6 percent, to $10.70 on the New York Stock Exchange Monday. The sell-off was triggered by LifeLock's move late last week to delete all information stored on its servers by the Wallet mobile applications for iOS and Android devices. LifeLock, which acquired the apps in December for about $42.6 million, also pulled them from the Apple App Store and Google Play Market. The company took the unusual steps after determining that unspecified aspects of the apps "may not be fully compliant with payment card industry (PCI) security standards" that are binding on most merchants who accept payments through credit or debit cards.
"We know we’re asking a lot of our LifeLock Wallet users—to delete and go without this application for a period of time," CEO Todd Davis wrote in a blog post published Friday. "I personally apologize for the inconvenience. At the same time, I want to make sure that when LifeLock Wallet is available again, you’ll know that you can download it, provide your personal information, and use it again with confidence—knowing that it’s backed by an industry leader that is committed to doing the right thing and taking care of its customers." The company, which said there's no indication that any data has been maliciously compromised, issued an accompanying statement to shareholders at the same time.
More than 100 people in the US and countries around the world have been arrested and charged with using malware available for sale online to surreptitiously spy on computer users' most intimate moments. The victims include Miss Teen USA, who last year was the target of a high-profile peeping tom attack that secretly snapped nude images while she was dressing in her bedroom.
The coordinated global crackdown coincided with the FBI seizure of bshades.eu, a website that, according to US prosecutors, brazenly sold Blackshades for about $40 and provided technical support for the so-called remote access trojan (RAT). Indictments filed in US District Court in Manhattan named Alex Yücel and Brendan Johnston with distributing, marketing, and supporting the malware and Kyle Fedorek and Marlen Rappa with purchasing it and collectively using it to infect more than 400 people. Police in at least 15 countries outside of the US announced the arrest of 100 other people in raids that were coordinated to prevent defendants from tipping off each other. Word of the raids began circulating over the weekend on hacker forums.
While prosecutors said Blackshades was used to perpetrate everything from bank fraud to extortion, the best known application remains men using it to spy on women through the webcams of RAT-infected PCs. Blackshades isn't the only malware used in the illicit pastime, although the ease in buying, installing, and using it makes it among the most popular, especially by peeping toms with little technical skill.
How To Talk About InfoSec To Your Board Of Directors
How To Talk About InfoSec To Your Board Of Directors. Today's cybersecurity challenges cannot be met by a compartmentalized IT strategy because every piece of the modern enterprise runs on connectivity and data. In our global economy, the rapid ...
CISO and beyond: Insights and advice from security thought leaders
Posted by InfoSec News on May 19http://online.wsj.com/news/articles/SB10001424052702303409004579566310503798566.html
Posted by InfoSec News on May 19http://www.lawfareblog.com/2014/05/35072/
Posted by InfoSec News on May 19http://www.nextgov.com/cybersecurity/2014/05/heartbleed-superbug-found-utility-monitoring-systems/84637/
Posted by InfoSec News on May 19http://www.infosecnews.org/emory-university-windows-network-wiped-out-blame-emps-cyberwar-squirrels-try-accidental-reformat/
Posted by InfoSec News on May 19http://news.techworld.com/security/3517094/worried-us-retailers-battle-cyber-attacks-through-new-intelligence-sharing-body/