The wave of ATM card skimming attacks continue to grow. On The CyberJungle Saturday Feb 27th episode, we will talk the newest variations of this growing attack. The photos below are from ATM maker Diebold, via CSOonline.com.
Fake ATM card reader
Another Fake ATM card reader
The genuine ATM card reader: Same unit as the middle photo, but the genuine model adds a green-lighted perimeter as another layer of visual security.
This week’s features-
Interview with Joe Grand, electrical engineer, hardware hacker and proprietor of Grand Idea Studio. Ira and Joe discuss hardware hacking. Hobbyists, researchers, and innovators are modifying electronic devices in greater numbers
The 23-minute interview (too long for radio) is posted by itself as episode 104. There’s a partial version of the interview contained in the show, episode 105 of theCyberJungle.
Hardware Hacking Extra: Cell phone as vehicle starter- We got quite a few comments about this. visit: “Dave Hacks, Well, not really hack, but I definitely ‘modify’ things.”
http://davehacks.troublem8ker.com/wordpress/?p=4
AND — You probably didn’t know this, but Thursday January 28 is International Data Privacy Day. Does the market reward businesses that protect customer privacy? There must be some reward, because there’s growing field of certified privacy professionals… and their organization has thousands of members.
PLUS — Our take on this week’s news:
A new generation of card skimmers. Photos below.
Source: Krebsonsecurity.com and Mikko Hypponen:
Could you detect the ATM card skimmer here?
Pin-hole camera to capture PIN numbers
Indonesian Police Intensifying Efforts To Investigate ATM Scams http://ow.ly/16p52r
Data hung out to dry as 4,500 USBs are left in Dry Cleaners http://www.credant.com/news-a-events/press-releases/376-dry-cleaners.html
Microsoft Patches IE, Admits it Knew of Bug Last August: As Microsoft patched the Internet Explorer zero-day … http://bit.ly/8p2JnG
Emergency IE patch goes live as exploits proliferate: Hundreds of sights locked and loaded http://www.theregister.co.uk/2010/01/21/ie_emergency_patch_released/
80% of gov’t Web sites miss DNS security deadline http://www.computerworld.com/s/article/9147018/80_of_gov_t_Web_sites_miss_DNS_security_deadline
Microsoft confirms 17-year-old Windows bug http://www.computerworld.com/s/article/9146820/Microsoft_confirms_17_year_old_Windows_bug
Poisoned PDF pill used to attack US military contractors http://www.f-secure.com/weblog/archives/00001859.html
NTSB recommends camera surveillance in train locomotives, after investigating a crash that killed 25. The engineer was texting and using his cell phone at the time of the crash. The union representing train engineers has objected to the recommendation on privacy grounds. Salient fact in the story – the texting engineer had 5 reprimands in his personnel file, issued over a two-and-a-half year period. Now the feds should install cameras to watch ALL engineers (including the ones who follow the rules) just because railroad management failed to fire the loose cannon in their ranks?
http://www.ble.org/pr/news/headline.asp?id=29037
And Microsoft pushes congress for a cloud computing law.
http://thehill.com/blogs/hillicon-valley/technology/77155-microsoft-pushes-cloud-computing-act
