The Square personal commerce system, which allows iPhone and iPad users to accept credit cards, could also make it easy for people to convert stolen credit card information into cash, security researchers said on Thursday. Read more
Apple’s iPhone is more vulnerable to phishing attacks than users might realise because it can obscure the true addresses of the websites that phone owners are visiting. Read more
A researcher on Thursday posted software tools that he said would enable widespread eavesdropping on calls made over GSM networks with less than $2,000 worth of equipment.
Speaking at the second day of the Black Hat technology security conference in Las Vegas, researcher Karsten Nohl, who had previously reported that he had cracked GSM encryption, said he was distributing the tools free in order to pressure carriers to make fairly simple changes to fix the vulnerability. Read more
Most of the organised hacking rings aiming at bank fraud these days are stealing login credentials and then taking advantage of the relatively recent opportunities provided by online account access, wire transfers and other means for mis-shipping electronic funds.
But a newly discovered Russian group was using networks of compromised personal computers and techniques for hacking into databases to write $9m in counterfeit checks, thought until now to be the purview mainly of old-time loners. Read more
Security firm KnujOn (backwards for No Junk, reflecting the small outfit’s anti-spam roots) has a new report out this morning, pointing a finger at website registrars for facilitating a wide range of internet crime.
My story in today’s FT centres on the case KnujOn makes against eNom, the No. 2 seller of domain names and a profitable unit of Demand Media, which would probably prefer that any stink wait until after its anticipated IPO.
But the bigger picture is more important. Read more