Top 10 Stories

The Register: AT&T is warning customers that their personal information might have been breached as part of a scheme to unlock and resell devices. The company said in a filing to the California Attorney General's office that employees at an unnamed service provider it works with had accessed the personal data of customers including social security numbers and date of birth.

Arstechnica: We've all been there at some point—tempted to create a user account on a website that's mildly interesting, but the hassle of creating yet another unique password is just too high. Enter the secret URL, a Web address that ends with a long jumble of numbers and letters that aren't easily guessed. NosPronos.com, a site for predicting winners in the World Cup, recently implemented this approach. Creating an account requires a single click and...

Softpedia: In a recent report, Los Angeles-based security firm IntelCrawler has revealed that cloud-POS software is vulnerable to attacks that would allow malicious actors access to customer personal identification information. Cloud-POS software allows retail companies to synchronize POS (point-of-sale) information with a remote server. This allows merchants round the clock web-based access to the data from any device that has a web browser installed.

The Register: Chinese restaurant chain P.F. Chang's China Bistro has resorted to mechanical credit card imprint-capture machines after credit and debit card information was stolen from some of its 200+ restaurants. The company says that last Tuesday, June 10th, “P.F. Chang's learned of a security compromise” and “Immediately … initiated an investigation with the United States Secret Service and a team of third-party forensics experts to understand the nature and scope of the incident.”

Arstechnica: A Trojan that's currently doing the rounds in Japan is using Windows itself to try to defeat security software on infected machines.   Trend Micro reports that the BKDR_VAWTRAK malware, which steals credentials used for online banking at some Japanese banks, is using a Windows feature called Software Restriction Policies (SRP) to prevent infected systems from running a wide range of security programs, including anti-virus software from Microsoft, Symantec, and Intel. A total of...

PC World: RSS aggregator Feedly today went dark for the second time in two days as another wave of distributed-denial-of service (DDoS) attacks knocked it offline. At approximately 10:30 a.m. ET (7:30 a.m. PT), Feedly acknowledged that it had again been targeted by cyber criminals, who seem bent on crippling the RSS provider. At approximately 10:30 a.m. ET (7:30 a.m. PT), Feedly acknowledged that it had again been targeted by cyber criminals, who seem bent...

Graham Cluley: Those awfully nice people at Sage (a producer of popular accounting software) have been in touch, to let me know that I need to make a bank transfer… and the deadline is today! Well, I hate to be in debt and like to pay my bills on time – so lets see what happens if I click on the link. Perhaps surprisingly, those awfully nice people at Sage have decided to use the cloud...

The Register: A PayPal loophole can be exploited to earn free cash according to a convicted former NASA hacker turned white hat. Fraudsters can double their money, says Razvan Cernaianu, by funnelling cash into a mule account before filing for a transaction refund. Fraudsters can double their money, says Razvan Cernaianu, by funnelling cash into a mule account before filing for a transaction refund.

Tweaktown: As promised, the Anonymous hacker group is currently launching cyberattacks against the World Cup in Brazil and its event sponsors. The campaign, #OpHackingCup, officially began on Wednesday at midnight, with multiple websites defaced and one government website temporarily downed. The Brazilian arm of Anonymous reportedly said its efforts are to help fight for the Brazilian people.  

Forbes: Last fall, the FBI took down the world’s biggest online drug bazaar Silk Road, and arrested the man it alleged to be its kingpin, Ross Ulbricht, 30. The feds seized the site’s assets and Ulbricht’s which were primarily the currency of choice for anonymous purchases: Bitcoin. A whole lot of Bitcoin: 144,000 from Ulbricht and 30,000 from Silk Road coffers, worth over $100 million at Bitcoin’s current $600 valuation. Nine months later, the government...