Web.com Latest Hacking Victim
Hackers gain unauthorized access to the computers of Internet services provider Web.com Group and stole credit card information of 93,000 customers.
According to a website set up by the company to share information about the incident, Web.com discovered the security breach on Aug. 13 as part of its ongoing security monitoring.
Attackers compromised credit card information for around 93,000 accounts, as well as the names and addresses associated with them. No other customer information like social security numbers was affected, the company said.
According to the company, the verification codes for the exposed credit cards were not leaked. However, there are websites on the Internet that don’t require such codes for purchases.
Web.com has notified affected customers via email and will also follow up with letters sent through the U.S. Postal Service. Those users can sign up for a one-year free credit monitoring service.
The company did not specify how the intruders gained access to its systems, but has hired a “nationally recognized” IT security firm to conduct an investigation.
Web.com provides a variety of online services, including website and Facebook page design, e-commerce and marketing solutions, domain registration and Web hosting. The company claims to have over 3.3 million customers and owns two other well known Web services companies: Register.com and Network Solutions.
Register.com and Network Solutions customers were not impacted by this breach unless they also purchased services directly from Web.com.
Source-http://www.thegurureview.net/aroundnet-category/web-com-latest-victim-of-credit-card-hacking.html
More Trojan Malware Found On Macs
Following the outbreak of the Flashback Mac Trojan, security researchers have identified two more cases of Mac OS X malware. The good news is most Mac owners have little reason to worry about them.
Both cases are variants on the same Trojan, called SabPub, Kaspersky Lab Expert Costin Raiu wrote on Securelist.
The first variant is known as Backdoor.OSX.SabPub.a. Like Flashback, this new threat was likely spread through Java exploits on Websites, and allows for remote control of affected systems. It was created roughly one month ago.
Fortunately, this malware isn’t a threat to most users for a few reasons: It may have only been used in targeted attacks, Raiu wrote, with links to malicious Websites sent via e-mail, and the domain used to fetch instructions for infected Macs has since been shut down.
Furthermore, Apple’s security update for Flashback helps render future Java-based attacks harmless. In addition to removing the Flashback malware, the update automatically deactivates the Java browser plug-in and Java Web Start if they remain unused for 35 days. Users must then manually re-enable Java when they encounter applets on a Web page or a Web Start application.
The second SabPub variant is old-school compared to its sibling. Instead of attacking through malicious Websites, it uses infected Microsoft Word documents as vector, distributed by e-mail.