Sign up for our Technology Newsletter 
Was The Omni Hotel Chain Hacked?
Omni Hotels & Resorts has reported that point-of-sale systems at some of its hotel locations were attacked by malware targeting payment card information.
The hacking of the systems of the luxury hotel chain follows similar breaches of point-of-sale systems at various hotels and retailers like Hyatt Hotels, Target, Starwood Hotels & Resorts Worldwide and Hilton Worldwide Holdings.
Omni — in Dallas, Texas — said in a statement Friday that on May 30 this year, it discovered it was hit by malware attacks on its network, affecting specific POS systems on-site at some of its properties. “The malware was designed to collect certain payment card information, including cardholder name, credit/debit card number, security code and expiration date,” Omni said. There isn’t evidence that other customer information, such as contact information, Social Security numbers or PINs, was compromised, it added.
The chain did not disclose how many of its 60 properties were affected and the likely number of cardholders that could have been affected. As there is no indication that reservation or select guest membership systems were affected, users were unlikely to be affected unless they physically presented their payment card at a POS system at one of the affected locations. The malware may have been in operation between Dec. 23 last year and June 14 this year, although most of the systems were affected during a shorter timeframe, according to the hotel.
The hotel chain, which operates hotels and resorts in the U.S., Canada and Mexico, could not be immediately reached for comment over the weekend for further details.
Omni said after discovering the malware attack, it had immediately hired IT investigation and security firms and has now contained the intrusion. It did not specify why it had delayed to inform customers.
Courtesy-http://www.thegurureview.net/aroundnet-category/omni-hotels-reports-hacking.html
Phishing Apps Plague Google Play
Google’s attempts to safeguard the Android app store — Google Play — are far from perfect, with malicious apps routinely slipping through its review process. Such was the case for multiple phishing applications this year that posed as client apps for popular online payment services.
Researchers from security firm PhishLabs claim that they’ve found 11 such applications since the beginning of 2016 hosted on Google Play, most of them created by the same group of attackers.
The apps are simple, yet effective. They load Web pages containing log-in forms that look like the target companies’ websites. These pages are loaded from domain names registered by the attackers, but because they are loaded inside the apps, users don’t see their actual location.
In some cases attackers registered domain names that are similar to those of the impersonated online payment services, PhishLab Security Threat Analyst Joshua Shilko said in a blog post.
More recently, attackers used domain names similar to those of cryptocurrency companies, suggesting that the cryptocurrency industry is also targeted.
PhishLabs did not name the exact payment card companies and online payment services whose users were targeted by these fake apps. However, most of those companies provide links to their official mobile applications on their websites and users should always use those links instead of manually searching for them on the Play store.
“In one case, a targeted company explicitly states on their website that no mobile application exists for their company and that users should be wary of any mobile application using their brand,” Shilko said.
The danger is that if phishers manage to routinely bypass Google’s review process and upload such apps to the Google Play store, their attacks might extend to other industries in the future.
Another problem is that even when these apps are detected by third-parties and reported, it can take several days for Google to remove them from the app store, leaving a sufficiently large window of opportunity for attackers. It’s not clear how attackers promote these fake apps or if they rely only on users finding them themselves, but in general phishing attacks are most effective during the first several hours after they’re launched.
Source- http://www.thegurureview.net/mobile-category/phishing-apps-continue-to-play-google-play.html
Samsung Buys LoopPay
March 5, 2015 by admin
Filed under Around The Net
Comments Off on Samsung Buys LoopPay
Samsung Electronics Co Ltd has acquired U.S. mobile wallet startup LoopPay, signaling its intention to launch a smartphone payments service to compete with rival Apple Inc.
Mobile payments have been slow to catch on in the United States and elsewhere, despite strong backing. Apple, Google, and eBay Inc’s PayPal have all launched services to allow users to pay in stores via smartphones.
The weak uptake is partly because many retailers have been reluctant to adopt the hardware and software infrastructure required for these new mobile payment options to work. These services also fail to offer much more convenience than simply swiping a credit card, Samsung executives said on Wednesday.
LoopPay’s technology differs because it works off existing magnetic-stripe card readers at checkout, changing them into contactless receivers, they said. About 90 percent of checkout counters already support magnetic swiping.
“If you can’t solve the problem of merchant acceptance…, of being able to use the vast majority of your cards, then it can’t really be your wallet,” said David Eun, head of Samsung’s Global Innovation Center.
Injong Rhee, who is leading Samsung’s as-yet-unannounced payments project, said the Asian giant will soon reveal more details of its envisioned service. He would not be drawn on speculation the company may do so during the Mobile World Congress in Barcelona.
He said new phones such as the upcoming, latest Galaxy would support the service.
Apple Pay, launched in September, allows iPhone users to pay at the tap of a button. Executives have lauded its rapid rollout so far, including the fact that more than 2,000 banks now support it and the U.S. government will accept Apple Pay later this year.
But Apple Pay requires retailers to install near-field communication and some have been reluctant. In addition, many retailers such as Wal-Mart Stores Inc and CVS Health Corp, back their own system, CurrentC.
Samsung had invested in LoopPay, along with Visa Inc and Synchrony Financial, before its acquisition. Terms of the deal, which Samsung negotiated over several months, were not disclosed.
It’s unclear how else Samsung could differentiate its service versus Apple’s or other rivals.
Banks Join Instant Chat
October 16, 2013 by admin
Filed under Around The Net
Comments Off on Banks Join Instant Chat
Goldman Sachs Group Inc, JPMorgan Chase & Co and six other financial institutions have agreed to join a new instant messaging network from Markit and Thomson Reuters Corp to connect disparate messaging systems.
The network, called Markit Collaboration Services, launched on Monday and allows members to chat with one another regardless of the proprietary messaging technology that each firm uses.
This open platform differs Bloomberg LP’s messaging system, which is a closed network only for users of Bloomberg terminals.
Bloomberg messaging is the most popular form of chat on Wall Street, and often cited as one of the reasons banks are willing to pay around $20,000 a year for a subscription to a Bloomberg terminal.
Markit and Thomson Reuters said they hoped their open messaging network will attract banks that want to chat with their clients or other financial institutions but cannot currently do so because they are on different messaging systems.
The other banks that have joined the new network are Deutsche Bank, Bank of America Merrill Lynch, Barclays, Citigroup, Credit Suisse and Morgan Stanley, according to a statement from Markit.
The banks collectively employ more than 1 million people worldwide, though it was not immediately clear how many individuals will use the new Markit service.
David Craig, president of Thomson Reuters’ Financial & Risk division, said one of the challenges facing banks is that their messaging systems do not always talk to one another. “That creates costs and complexity,” he said.
Markit and Thomson Reuters said the messages on the new network are encrypted, and the system does not store them.
Representatives from Bank of America, Deutsche Bank, Goldman Sachs and Morgan Stanley were not immediately available to comment on the new messaging system. Representatives from Barclays, Citi, Credit Suisse and JPMorgan also declined to comment.
Phishing Attacks Increasing
Security researchers at Kaspersky Lab have reported significant growth in phishing attacks over the last year.
In a study entitled “The Evolution of Phishing Attacks”, Kaspersky said it found 37.3 million out of its 50 million customers running its security products that were at risk of being phished from 2012 to the present, an 87 percent increase over the same period between 2011 and 2012.
“The nature of phishing attacks is such that the simplest types can be launched without any major infrastructure investments or in-depth technological research,” Kaspersky said in the report.
“This situation has led to its own form of ‘commercialization’ of these types of attacks, and phishing is now being almost industrialized, both by cybercriminals with professional technological skills and IT dilettantes.”
The security firm explained that overall, the effectiveness of phishing, combined with its profitability for criminals and how simple the process is to undertake has led to a steadily rising number of these types of incidents.
Kaspersky noted that most of the victims in 2012-2013 were located in just ten countries, that is, Russia, the US, India, Germany, Vietnam, the UK, France, Italy, China and Ukraine. These 10 countries were home to 64 percent of all phishing attack victims during this time.
In addition to a rise in the number of users attacked, the number of servers involved in phishing attacks also increased, Kaspersky said, without giving any exact numbers. Though the firm did reveal that internet giants like Yahoo, Google, Facebook and Amazon are the top targets of malicious users.
“Online game services, online payment systems, and the websites of banks and other credit and financial organizations are also common targets,” the firm added, warning users to stay vigilant when entering personal data.
Fed Contractor Arrested For Software Theft
January 28, 2012 by admin
Filed under Around The Net
Comments Off on Fed Contractor Arrested For Software Theft
Bo Zhang worked at the bank and took advantage of his position to commit the crime, according to prosecutors, and was arrested yesterday by the FBI and the Treasury Department.
“As today’s case demonstrates, our cyber infrastructure is vulnerable not only to cybercriminals and hackers, but also alleged thieves like Bo Zhang who used his position as a contract employee to steal government intellectual property,” said Manhattan US Attorney Preet Bharara.
“Fighting cyber crime is one of the top priorities of this office and we will aggressively pursue anyone who puts our computer security at risk.”
A complaint against Zhang has been unsealed and according to that he pilfered the Government-Wide Accounting and Reporting Program code by copying it to a hard drive owned by the Federal Reserve Bank of New York.
Poor Get Online With Cloud Phone
August 10, 2011 by admin
Filed under Smartphones
Comments Off on Poor Get Online With Cloud Phone
Start up firm Movirtu has made plans to help 3 million or more people in poor countries use mobile services by giving them personal phone numbers, not phones.
Working with a U.N.-affiliated initiative called Business Call to Action (BCtA), Movirtu will offer the numbers, which it calls mobile identities, through commercial carriers in developing countries in Africa and South Asia. People in those countries who typically borrow phones from others will be able to log into the carrier’s network and use their own prepaid minutes and bits of data. The service is called Cloud Phone, though it operates within a carrier’s own infrastructure rather than on the Internet as a classic cloud service would.
Having a personal mobile identity can save users money in two ways, according to Ramona Liberoff, executive vice president of marketing, strategy and planning at Movirtu. First, they can use mobile services without buying a phone, which is a luxury even at US$15 or $20 for people making $1 or $2 per day. Second, the cost of prepaid service from a carrier typically is less than what consumers in those countries pay someone to borrow a phone, she said.
Though it’s customary in many of these countries to lend a phone to someone in need, the borrower is also expected to pay the lender for the usage. The average savings from using regular prepaid service instead is estimated at about $60 per year, Liberoff said.
The service will help people to use mobile banking, insurance and farming assistance services as well as make phone calls, Liberoff said.
Some of these services currently can only be delivered to individuals and not to someone sharing a phone. Personal mobile identities could be a boon to NGOs (non-governmental organizations) that want to use mobile technology. “In many cases, there are great NGO programs that can’t reach 80 percent of their base,” because those people don’t have their own phones, Liberoff said.
Citigroup Hackers Pocketed $2.7 million
June 29, 2011 by admin
Filed under Around The Net
Comments Off on Citigroup Hackers Pocketed $2.7 million
Citigroup suffered about $2.7 million in losses after cybercriminals uncovered a way to lift credit card numbers from its website and make fraudulent transactions.
Citi acknowledged the breach earlier this month, saying hackers had gained accessed to more than 360,000 Citi credit card accounts of U.S. customers. The hackers didn’t breach Citi’s main credit card processing system, but were reportedly able to obtain the numbers, along with the customers’ names and contact information, by logging into the Citi Account Online website and guessing account numbers.
Until now, it wasn’t revealed if any fraud had occurred as a result of the theft. But Citi confirmed Friday that there were losses of $2.7 million from about 3,400 accounts.
The bank has said its customers will not be liable for the fraudalent transactions and losses as a result of them.
Visa Digital Wallet Coming
May 15, 2011 by admin
Filed under Smartphones
Comments Off on Visa Digital Wallet Coming
Visa Inc, the world’s largest credit and debit card processing network, is designing a digital wallet that people can use to pay for things on the Internet or with their phones instead of with traditional plastic cards.
The network said on Wednesday it is collaborating with several large U.S. and international banks to create the wallet. Its partners include US Bancorp, PNC Financial Services, Regions Financial, BB&T Corp, Toronto Dominion’s TD Bank and the U.S. arm of Barclays PLC.
The “digital wallet” will store the banks’ customers’ credit and debit card account information, both for Visa cards as well as other cards. People can use the wallet to pay for things online or in stores, Visa said.
The network will also have to convince merchants to put a new “one-click” button on their websites, so that potential customers can use their Visa digital wallets to buy things by clicking the button instead of by manually entering all of their account information every time they want to make an online purchase.
Banks, mobile phone operators and networks like Visa are all trying to gain territory in the small, but high-potential market for U.S. mobile payments. Last week Isis, a separate mobile payments venture run by three of the top four U.S. carriers, said it had modified its initial goals and was now open to working with Visa and MasterCard as it introduces its own mobile wallet.
Jim McCarthy, Visa’s head of global products, told Reuters in an interview on Wednesday that mobile payments in the United States “will more easily take off” from people using their smartphones’ browsers to buy things online.
Google Jumps Into Mobile Payments
March 28, 2011 by admin
Filed under Smartphones
Comments Off on Google Jumps Into Mobile Payments
Google is joining Citigroup and Mastercard to establish a mobile payment system that will turn Android phones into a kind of electronic wallet, the Wall Street Journal said, citing people familiar with the matter.
The new system, which is in its early stages, will allow consumers to wave their Android phones in front of a small reader at the checkout counter to make payments, the Journal reported.