Slashdot Mirror

wiredmikey writes "It isn't often that after a data breach involving credit cards, the public is given information on the exact amount money lost by consumers as a result. Thanks to the FBI, however, we now have a better understanding of what 60,000 stolen credit cards translates to financially, as this data was included in their investigation notes while working the Stratfor case. The last time the public had something close to actual stats from the source, we learned that the TJX breach cost Visa $68 million in 2007, two years after the TJX network was compromised by Albert Gonzalez. Yet, those were Visa's estimates. Now, in the aftermath of the Stratfor breach, the FBI has attributed $700,000 worth of charge fraud to the 60,000 credit card records taken during the network compromise. AntiSec supporters walked away with 860,160 usernames and passwords, in addition to the credit card records."

itwbennett writes "According to what purports to be a leaked psychological assessment of the leaders of LulzSec and Anonymous by the FBI's Behavioral Science Unit, Anonymous is not only not a collection of individuals, it's a coherent group that poses a threat to national security. Neither the FBI nor the Dept. of Homeland Security have commented on the document, which may well be a fake, but seems to reflect accurately the thinking behind a series of DHS warning bulletins and crackdowns that have resulted in 75 raids and 16 arrests of Anonymous members just this year."

dasButcher writes "Network Solutions, the domain registration and hosting service company, suffered a massive security breach that lasted three months and exposed tens of thousands of credit card numbers of its customers and of the businesses that use its hosting and online payment processing service. The company is just beginning the victim notification process. 'There is no information on how the code was planted on the sites. While examination of the code shows that it had the ability to ship data off to a third party, and Network Solutions believes that it did just that, the exact code is not available for public review. There is also no public information as to where the data believed to be stolen was sent.'"

Not long after Firefox 3.5.1 was released to address a security issue, a new exploit has been found and a proof of concept has been posted. "The vulnerability is a remote stack-based buffer-overflow, triggered by sending an overly long string of Unicode data to the document.write method. If exploited, the resulting overflow could lead to code execution, or if the exploit attempts fail, a denial-of-service scenario." It's recommended that Firefox users disable Javascript until the issue is patched, though add-ons like NoScript should do the trick as well (unless a site on your whitelist becomes compromised).

Update: 07/20 00:09 GMT by KD : An anonymous reader informs us that the Mozilla security blog is indicating that this vulnerability is not exploitable; denial of service is as bad as it gets.

nandemoari sends along word that Apple has picked up Richard Teversham, a senior Executive from Microsoft's European Xbox operations, ending his 15 years of service to Redmond. Some press accounts assume that Teversham's role may lie in beefing up the games scene on the iPhone and iPod Touch. Forbes goes farther, opining that Apple "appears to be preparing an all-out assault on the handheld gaming market." Other reporting associates the hire with Apple's recent buildout of chip-design expertise.

nk497 writes "The worm that's supposedly infected almost nine million PCs running Windows, dubbed Cornficker or Downadup, could lead to a massive botnet, security researchers have said. The worm initially spread to systems unpatched against MS08-067, but has since 'evolved and is now able to spread to patched computers through portable USB drives through brute-force password-guessing.'"

Canadian scientists have created a device that efficiently removes CO2 from the atmosphere. "The proposed air capture system differs from existing carbon capture and storage technology ... while CCS involves installing equipment at, say, a coal-fired power plant to capture CO2 produced during the coal-burning process, ... air capture machines will be able to literally remove the CO2 present in ambient air everywhere. [The team used] ... a custom-built tower to capture CO2 directly from the air while requiring less than 100 kilowatt-hours of electricity per tonne of carbon dioxide."