Cybersecurity Roundup: Microsoft Crashes Botnet, Massive Credit Card Breach and More
This week Microsoft seized servers in several states and filed lawsuits against dozens of people in an anti-Zeus effort; and 10 million Visa and MasterCard accounts may be at risk after a major breach.
By Constantine von Hoffman, CIO
Microsoft launches major campaign against bots: Microsoft seized servers in several states and filed lawsuits against dozens of people this week as part of a major campaign against Zeus botnets. Microsoft’s Digital Crimes Unit said Operation b71 was its “most complex effort to disrupt botnets to date.” It resulted in the seizure of servers in Scranton, Pa., and Lombard, Ill., and lawsuits were filed against as many as 39 unnamed individuals. While this was a major action, Microsoft warned the move by no means marks the end of the Zeus threat.
News Corp. accused of hacking competitor: Representatives of Rupert Murdoch’s News Corp. cracked the smartcard codes of rival ONdigital in order to undermine the company’s success, according to reports on the BBC. NDS, a software company owned by News Corp, allegedly cracked the system and then posted the access codes on a pirate website known as THOIC where they could be used to illegally access free digital television. News Corp. strongly denies the charges.
Neither VISA nor MasterCard have said which U.S.-based processor was the source of the breach. But affected banks are now starting to analyze transaction data on the compromised cards, in hopes of finding a common point of purchase. Sources at two different major financial institutions said the transactions that most of the cards they analyzed seem to have in common are that they were used in parking garages in and around the New York City area.
Krebs’ sources say more than 10 million credit card numbers may be at risk.
House stops effort to block employer demands for Facebook passwords: The House of Representatives on Wednesday voted down an effort to stop some companies from demanding the Facebook logins of job applicants. Public outcry has been growing due to an Associated Press report on companies and government agencies that request Facebook logins so interviewers can look at content job applicants have marked private. Rep. Ed Permutter’s (D-CO) amendment to an FCC reform bill would have given the agency the power to prevent telecommunication companies from asking for the information. The amendment was rejected on grounds that it isn’t germane to the bill itself, leaving the House plenty of room to take up the topic in the future.