June 19, 2009
Update covering June 12 - 18, 2009
Welcome to Tech Talk! In this edition, Tech Talk Editors Andy Zavoina and John Burnett write about breaches, botnets, browsers and more.
Our selections from this week's tech news:
- Heartland after the breach
- Bundling up the Heartland suits
- Assessing PCI card data security
- Crooks checking stolen card info
- Botnets for hire
- Suit for padded click-counts
- No Facebook friends for spammer
- Calling for a tax break
|
- New micro-payments players
- Risky search terms
- Bing gets cleaned up
- Freebies to check out
- Patches galore
- Adobe takes to the cloud
- Tips for better employees
- and on the lighter side...
|
Get the details below.
|
Heartland smoke begins to clear
The Heartland Payment Systems data breach was massive and far-reaching. Lawsuits are still pending and may take some time to work through the system. But what is Heartland doing now? This article looks at the efforts Heartland has taken since the breach to improve security, to share with the industry the mistakes that were made and to show how, as an industry, they can coordinate efforts and create a better processing system. Computerworld has the details.
Deep in the Heartland of Texas
There are 31 separate lawsuits facing Heartland Payment Systems. Recognizing that there would be redundant discovery requests and pretrial motions, the cases are being consolidated and will be heard in Texas, where the IT function of Heartland is located.
RBS Worldpay is also facing two lawsuits for its data breach. Those cases will both be heard in Georgia. Read more on both of these stories in the Bay Areas News Zone.
Weak credit card security
If you are interested in credit card processing and security, and especially if you answer questions on the subject, consider reading this explanation of why some believe that PCI security standards are weak, and not enough compliance is required. The article notes that fewer than 100 payment processors out of the 700 that Visa works with are PCI-compliant. On the other hand, security has improved because fewer retailers are storing sensitive card data. Get all the details in The Washington Post.
Will PCI compliance reduce chargebacks and improve the bottom line for merchants? Read thoughts on PCI from the merchants' perspective in the StorefrontBacktalk blog.
Crooked card-checking sites
If you've had a customer call about an unrecognized minor credit or debit card authorization that never resulted in an actual transaction, his or her account may have been checked out by cyber criminals attempting to verify card numbers acquired after any one of the data breaches we've reported in Tech Talk. Your customer might get hit with significant fraudulent transactions soon thereafter. Brian Krebs blogs about "An Odyssey of Fraud" in Security Fix.
Renta-bots
A security firm announced this week that it had discovered a network that rents time on its botnet to enable cyber crooks to insert malware on Internet-connected computers. According to Finjan's Cybercrime Intelligence Report, the botnets are in place, and they are available for hire. For more information, and a link to the Finjan report, read CNET News.
Fraudulent clickers
Microsoft is like many Internet advertisers that pay advertising costs based on the results of "click through" advertisements. If you place an advertisement on your site, you can be paid based on the number of clicks. Sometimes the rules are abused and the clicks don't actually represent a user interested in the product being touted. Microsoft is now suing three people for $750,000 for abusive ad clicking. Read more at the Wall Street Journal.
Facebook spammer facing jail time
Sanford Wallace, AKA "spam king," could be facing jail time for his role in spamming Facebook users. He has already lost a similar case involving MySpace that resulted in a $234 million judgment against him. Wallace has filed for Chapter 11 bankruptcy protection, thereby staying Facebook's motion for a default judgment against him, and a judge is considering criminal proceedings. CNet News has more on this story.
Phone tax threat fizzles
The IRS was helping look for ways to offset federal budget problems when it suggested that it might start enforcing an old law to tax personal use of employer-provided mobile phones. When the agency asked last week for public comments on ways to clarify the old law, it apparently stirred up a hornets' nest. This week, the IRS flip-flopped and asked Congress to clarify the law to prevent taxation of personal use of the phones. PCWorld has details.
Reuters reports that the Obama administration announced its support for the repeal of the tax.
Mobile micro-money movers
Boku and Zong are two emerging "wannabe" major players in the mobile micro-payments game. Will these two companies familiarize consumers with mobile payments enough to open the door to mobile banking and increased customer acceptance? A CNet News article explains how their systems work and includes links to the Boku and Zong websites.
What not to look for
McAfee studied 2,600 of the most common search terms in the leading search engines -- Google, Yahoo and others. They examined 413,000 of the results pages and can tell you which terms are more likely to result in malware being on the landing page. You can read more on the study and which search terms put you at the most risk, at CNN.
No Bada-Bing on Better Bing?
Microsoft's new search engine, Bing, is getting some fine-tuning. Almost immediately upon Bing's launch, critics pointed out the ease with which Bing made porn available to users, young and old. Microsoft is moving what many consider to be offensive sites to separate servers, making it easier to have them filtered from search results. Read more at PCWorld.
Freeware from gizmo's
We don't usually recommend websites and programs to our readers. You need to decide what works for you, based on your needs and your skillset. Yet the word "free" is a temptation even to us, so we invite you to review the gizmo's freeware site for its list of free security products that may interest you, even as we call your attention to the dislaimer that appears near the top of its page. Programs for virus and malware protection and more are listed on techsupportalert.com.
Firefox - Chrome - Apple fixes
Last week Firefox users were served 11 patches for vulnerabilities in the popular browser. Six of the weaknesses were considered critical problems. The major repairs affect JavaScript engines and a Secure Socket Layer (SSL) vulnerability. Read more on what was repaired in Computerworld.
Google also provided an update to fix two security issues with its Chrome browser. One gap that was corrected would have allowed a hacker to execute code on a user's computer. You can read about this update at PC1News.com.
Apple's version of Java was patched Monday. More than two dozen vulnerabilities were repaired in this long-awaited release. Get the details in The Washington Post.
Apple's iPhone was also not without security problems. The new iPhone 3.0 operating system includes not only many new features, but also plugs 46 security holes. CNET Reviews has this story.
|
Adobe takes on Google Docs in the cloud
Acrobat.com was launched this week by Adobe as a cloud-based service intended to give Google Docs some competition. Acrobat.com includes spreadsheets and presentation programs that may be viewed and updated by multiple users. A Smartphone version is in the works. For Acrobat.com's tiered pricing and other details, read ZDNet.
Management tips
You want to keep your employees informed, involved, and productive. Although labeled as "keeping IT employees upbeat," the management tips published in this Computerworld article can work anywhere in your bank.
|
Print Friendly Version!
Email This Article!
Discuss NOW!
