Visa Inc. Announces Decision to Fund Litigation Escrow Account
Press Release
Source: Visa Inc.
Tuesday June 30, 2009,
SAN FRANCISCO, June 30 /PRNewswire-FirstCall/ -- Visa Inc. (NYSE: V - News) today announced that the Company has decided to deposit $700 million ("Loss Funds") into the litigation escrow account previously established under the Company's retrospective responsibility plan (the "Plan"). Under the terms of the Plan, when the Company funds the litigation escrow, its U.S. financial institutions, the sole holders of Class B shares, bear a corresponding financial impact via a reduction in their as converted share count. As a result, the deposit of Loss Funds has the effect of a repurchase by the Company of $700 million of Class A Common Stock on an as converted basis. The deposit of the Loss Funds will be conducted in accordance with the Company's Certificate of Incorporation currently in effect.
About Visa: Visa operates the world's largest retail electronic payments network providing processing services and payment product platforms. This includes consumer credit, debit, prepaid and commercial payments, which are offered under the Visa, Visa Electron, Interlink and PLUS brands. Visa enjoys unsurpassed acceptance around the world and Visa/PLUS is one of the world's largest global ATM networks, offering cash access in local currency in more than 170 countries. For more information, visit www.corporate.visa.com
Tuesday, June 30, 2009
Visa Decides to Fund $.7 Billion Litigation Escrow Account
MLHuillier Targets 1500 Outlets Nationwide
MLhuillier targets 1,500 outlets nationwide | The Freeman >> The Freeman Sections >> Cebu Business
Cebu Business
MLhuillier targets 1,500 outlets nationwide
By Rhia de Pablo Updated July 01, 2009 12:00 AM
CEBU, Philippines – Buoyed by the rapid success of its remittance business, Cebuano financial services company M.Lhuillier Philippines targets to open 1,500 outlets nationwide in the next two to three years to widen its ML Kwarta Padala network all over the country.
MLhuillier Philippines vice president Michael Lhuillier said that they envision to establish the widest reach of financial services to the public.
He said that right now, they are talking to a lot of different interested partners in Macau and other locations abroad that will expand their reach to Filipinos overseas.
Lhuillier said that last year, they have opened an office in Los Angeles, California and they are looking at strengthening this to service the remittance requirements of overseas Filipino workers (OFWs) stationed in North America and in Canada, which still has the highest number of Filipino workers.
He said that right now they have established 1, 200 different MLhuillier locations nationwide and they target to open 1,500 outlets for the next two to three years of operations.
“We always want to work harder and continue doing business. Amidst the financial crisis, we strive to be better for there is always a need to send money and to borrow money. We want to make sure that our systems are good so that we can service more people,” said Lhuillier.
He said that the take up of their loans have always remained on a steady trend as they have done this service for three generations already; however, their remittance segment has so far been gaining the fastest growth.
MLhuillier started their ML Kwarta Padala in 1996 initially targeting students and with that they have pioneered the electronic money transfer in the country and remodelled the old send out practice because now, a lot of Filipinos from different walks of life are already utilizing this service.
“Now, the whole industry is moving towards electronic money transfer but since we have pioneered this service, this now serves as our key advantage against our local and even multinational money transfer competitors,” said Lhuillier.
But getting at the level of success that MLhuillier is enjoying right now has not been an easy feat because it entailed a lot of hard work and investments on their part, according to Lhuillier.
He said that just last year; they have poured in more than two million pesos investment to purchase servers for their data center to maintain and upgrade the quality of their systems.
After they have opened a back-up office in Manila, they are also looking at setting up another back up office in either Hong Kong or in Los Angeles.
Meanwhile, aside from their plans of putting one MLhuillier branch in every municipality, they are looking at also opening up more 24 hours and seven days a week MLhuillier branches nationwide to provide more ease and convenience to their widely segmented clientele, said Lhuillier.
He added that they are also currently mounting up another value added feature in their ML Kwarta Padala service through utilizing cards that can be accessed through ATM machines.
Lhuillier outlaid plans of further diversifying their services to become a full pledged financial services institution.
He also said that they are looking at putting up their own bank in the near future “whenever opportunity would present itself.”
“Profit is the reward that comes later because we first look at the employment that we can generate from our investments. We are proud of being a Filipino company specifically a Cebuano company and we will constantly invest and throw back our resources to the country’s economy as well as provide employment to as many people,” said Lhuillier.
To learn more about MLhuillier, visit their website: http://www.mlhuillierinc.com/products_and_services/mlkwarta.asp
Fidelity National Information Services Ranked Top Global Mobile Banking Vendor
I first reported this on May 6th, PIN Payments Blog: FIS Ranked #1 in Vendor Matrix by ABI Research but FIS did their press release today, so here it is in their own words:
Fidelity National Information Services' Mobile Banking Solution Earns Top Ranking in Analyst Survey
FidelityNational Information Services has been ranked at the top of the latestVendor Matrix released by ABI Research. Fiserv and Sybase claimed thesecond and third spots in the company’s new evaluation
FIS Mobile Banking is a comprehensive two-way mobile banking productand the first industry offering in production to provide all threemodes of mobile banking - SMS/text, mobile Web and downloadableapplication. FIS Mobile Banking is also iPhone certified.
Established in 1990, ABI Research provides in-depth analysis andquantitative forecasting of emerging trends in global connectivity.From offices in North America, Europe and Asia, ABI Research'sworldwide team of experts advises thousands of decision makers throughresearch and advisory services in seven key practice areas. The ABIVendor Matrix is an analytical tool developed by ABI Research toprovide a clear understanding of vendors' positions in specificmarkets, with vendors being assessed on the important parameters ofinnovation and implementation across several criteria unique to eachvendor matrix. For more information about ABI Research, visitwww.abiresearch.com.
"FIS has assembled a comprehensive suite of mobile banking solutionswhich can accommodate a financial institution whether they would liketo offer consumers an SMS, mobile Internet or downloadable application,all of which are integrated into FIS' core banking solutions," saidMark Beccue, senior analyst of consumer mobility for ABI Research, in arecent ABI Research press release. "That, combined with theirmarket-leading reach into financial institutions worldwide, whichbecame even larger with their recent announcement that they wouldacquire Metavante Technologies, secured them the top score," he said.
"We're honored to have the ABI analysts - and the industry as a whole -recognize the FIS mobile banking solution as the premier mobilesolution in the industry," said Anthony Jabbour, executive vicepresident for FIS core processing and e-payments. "The uniquetriple-play capability of FIS Mobile Banking, backed by the service andexpertise that are hallmarks of every FIS solution, clearlydifferentiates FIS Mobile Banking from the rest of the pack."
About Fidelity National Information Services
Fidelity National Information Services, Inc. (NYSE: FIS), a member ofthe S&P 500, is a leading provider of core processing forfinancial institutions; card issuer and transaction processingservices; and outsourcing services to financial institutions andretailers throughout the world. FIS has processing and technologyrelationships with 40 of the top 50 global banks, including nine of thetop 10 and has been ranked the number one banking technology providerin the world by American Banker and the research firm FinancialInsights in the annual FinTech 100 rankings. Headquartered inJacksonville, Fla., FIS maintains a strong global presence, servingmore than 14,000 financial institutions in more than 90 countriesworldwide. For more information on Fidelity National InformationServices, please visit www.fidelityinfoservices.com.
Forward-Looking Statements
This press release contains forward-looking statements that involve anumber of risks and uncertainties. Statements that are not historicalfacts, including statements about our beliefs and expectations, areforward-looking statements. Forward-looking statements are based onmanagement's beliefs, as well as assumptions made by, and informationcurrently available to, management. Because such statements are basedon expectations as to future economic performance and are notstatements of fact, actual results may differ materially from thoseprojected. We undertake no obligation to update any forward-lookingstatements, whether as a result of new information, future events orotherwise. The risks and uncertainties which forward-looking statementsare subject to include, but are not limited to: changes in generaleconomic, business and political conditions and other risks detailed inthe "Statement Regarding Forward-Looking Information," "Risk Factors"and other sections of the Company's Form 10-K and other filings withthe Securities and Exchange Commission.
SOURCE Fidelity National Information Services
To view a chart showing the rankings of the “Top 10” firms in this Vendor Matrix, please visit “Mobile Banking Vendor Matrix.”Registration on the ABI Research website (free) is required. Access tothe rankings and profiles of all companies surveyed is available toclients of ABI Research.
zoompass Blog Says "Prepayed = Prepared"
Paying with Zoompass
So you’ve had a fun night out with friends. You jump in a cab, get all the way home and realize you spent all your cash and forgot to go to the ATM before you left. You’ve got one unhappy cab driver on your hands, and a very expensive ride to the nearest ATM – which of course, is never your bank.
So you’ve had a fun night out with friends. You jump in a cab, get all the way home and realize you spent all your cash and forgot to go to the ATM before you left. You’ve got one unhappy cab driver on your hands, and a very expensive ride to the nearest ATM – which of course, is never your bank.
Zoompass-Prepaid-MasterCard
Not to worry – instead, just Zoom your friends and ask them to cover the cab fare, then use your Zoompass Prepaid MasterCard to pay for your ride.
The Zoompass Prepaid MasterCard is a contactless payment card that is linked to the funds in your Zoompass account so you can make purchases or withdraw cash. The Zoompass Prepaid MasterCard can be used anywhere MasterCard is accepted electronically, including online. You can also Tap & Go™ at the checkout using the PayPass™ feature for small, everyday purchases like coffee and movie tickets. It’s like having exact change wherever you go. What’s more, there are many PayPass-ready locations across Canada.
To get your Zoompass Prepaid MasterCard:
* Sign up for a Zoompass account at Zoompass.com
* Link your bank account to your Zoompass account and verify your information
* Make sure there is $15 in your Zoompass account by either transferring money from your bank account or requesting money from a friend or family member
* Request a Zoompass Prepaid MasterCard
It’s so easy – you’ll never be stuck with an empty wallet again. And there’s no cost to request the card.
Facebook Nabs New Payments Director from Google
June 29th, 2009
Now, we’ve learned that Facebook recently hired Prashant Fuloria, formerly a Director of Product Management at Google where he worked on Google Checkout amongst various other projects during his six year stint, as the new Director of Product Management responsible for Facebook payments. Highly regarded by colleagues, Fuloria left Google and started at Facebook last month.
With Fuloria’s hiring, the march of former Googlers two exits up the 101 to Facebook continues. At one point, nearly 10% of Facebook employees came from Google. Just a couple of weeks ago, Greg Badros, who headed up the AdSense engineering team for several years at Google, joined Facebook as a Director of Engineering.
Fuloria has his work cut out for him as he oversees the development, testing, and wider launch of Facebook payments services over the next several months. While Facebook only accepts credit card payments today, it is likely to expand its payments tests in the future, as the company seeks to monetize users across geographies and demographic profiles. Managing the integration of payments methods and systems into the Facebook experience is an increasingly important challenge for the company as it seeks to create a new, substantial direct-to-consumer revenue stream in a market that is known for its high operational costs, major fraud challenges, and international complexity.
Continue Reading at Inside Facebook
Kapersky Labs Warns on ATM Skimming
Be on your guard: ATM skimming will likely grow due to poor security - News - PC Authority
Be on your guard: ATM skimming will likely grow due to poor security: by Daniel Long on Jun 30, 2009
ATM security is so poor worldwide, that many more machines are likely to be easily compromised in the future, warns Kaspersky
As the growth of ATM fraud increases around the world exponentially in recent times, anti-malware researchers are keen to solve a crisis in the making.
The bad guys are getting smarter, they're growing distinctively more sophisticated , warns Sergey Golovanov, senior malware Analyst for Kaspersky Lab in Moscow, who is speaking at the 10th Virus Analyst summit in Croatia. Golovanov is an expert on the cyber criminal groups who utilise ATM fraud. And in his work, he's seen some interesting trends pop up.
The problem says Golovanov, is not that security experts aren't looking for a way to solve the multitude of ATM security flaws; it's that their hands are tied. And then placed in a trench of concrete, so to speak.
"We haven't got very far yet...the systems used by banks are closed and they are not going to let outsiders access those systems", insists Golovanov, conjuring up a world where ATMs become easier to break into, because the good guys can't inspect the systems at the root of the cause.
Some ATMs in Russia and other Eastern localities have been found to infected with internal malware scripts that can capture the users details from within, without physical skimming props; a go-to cash making machine that spurts out easy money for criminal networks.
Continue Reading at PC Authority
CBA Forced to Shut Down NetBank Due to Phishing
Phishing Can Be Eliminated Easily. Banks Issue Card, Banks Issue PIN, what's missing? HomeATM's PCI 2.0 Certified PIN Entry Device, which would allow users to "swipe" their card and enter their PIN, as opposed to "typing" their UserName and Password. What do you think phishers phish phor? Right, the log-in details. If consumers swiped their card and entered their PIN for online banking access (like they do for ATM access) Phishing would be eliminated...
Finextra: CBA takes NetBank offline as phishing activity spikes
CBA takes NetBank offline as phishing activity spikes
Commonwealth Bank of Australia's online banking operations have suffered multiple outages, sparking speculation that the bank has fallen prey to a massive Denial of Service attack by hackers.
NetBank began experiencing problems over the weekend before falling over Monday morning. The bank got the service back online early afternoon only for the system to stumble again later in the day.
CBA's Netbank has been the subject of fierce phishing activity since introducing a major upgrade last month.
Speaking to local newspapers, NetBank CEO Micahel Harte said the bank took the site offline when performance issues started to affect service quality early Monday.
Continue Reading at Finextra
1 Out of 3 is Bad
Third of internet users too scared to use credit card to shop online
Almost a third of internet users are too frightened to hand over their credit details while shopping online, a report published by The Office of Fair Trading has found.What makes them feel safe when shopping at a store? Well the only difference is that they get to swipe their card into a point of sale device. So, using logic 101, if they had a point-of-sale device they could use in the safety of their own home, we could empower more than 62 out of every 100 people to feel more secure. Why is this important? Because Chief executive John Fingleton said: "Onlineretailing is the future for many businesses and increasingly importantto the economy.
Among the people who do shop online, 37.8 feel it's as safe as shopping in a store. That means that 62.2% don't feel secure when doing so.
"Ifconsumers are not confident online, demand will grow at a slower rate.So we must tackle these concerns right now if the online market is togrow at its full potential."
The OFT said 30 per cent of internet users do not shop online because of a lack of trust. It added that, although consumer confidence is gradually improving, online markets cannot reach their full potential because it is still too low.
Minister for Consumer Affairs Gareth Thomas said: "UK consumers buy almost twice as much over the internet compared to their European neighbors. "It's encouraging that the OFT's survey shows increasing consumer confidence when buying online - but people still have concerns. "That's why we will be setting out proposals in our forthcoming consumer White Paper to better protect people from fraudsters and increase their consumer knowledge when shopping online."
The Interactive Media In Retail Group estimates that £43.8 billion was spent on online retail in the UK in 2008. Consumer Direct released separate figures today which found that more people are seeking guidance about internet shopping transactions. Inquiries about online purchases now account for 10 per cent of calls to the consumer advice helpline compared with 6 per cent in 2006.
And Here's Why! (Card Companies Will Remain Profitable)
CardTrak.com - News - CARD Act Impact
Like retailers who mark up stuff so they can offer a big discount, credit card issuers are beginning to jack up rates and fees ahead of the new regulations that will soon take effect. Some recent examples: Chase, Wells Fargo Financial and Bank of America. Chase announced it is raising its "Balance Transfer Fee" and "Cash Advance Fee" from 3% to 5% effective next month. Chase no longer caps either fee. Chase is also switching from fixed interest rates to variable. However, Chase says it may adjust the rates, fees and fee caps for special offers. According to CardTrak, Wells Fargo Financial is adding a 3% balance transfer fee with a $5 minimum and a $99 maximum to its "Cash on Demand" card next month. WFF also added a $35 annual fee and added a floor interest rate of 20.65%. Earlier this year, Bank of America increased its balance transfer fees. The BofA "Standard Balance Transfer Fee" is 4% with a $10 minimum. BofA ATM cash advances, bank cash advances, and cash equivalent transactions are now 5% with $15 minimum. Will there be more changes ahead of the "Credit CARD Act of 2009"? Duh!
On a side note, Bankrate did a study of the "fine print" involved with credit card company agreements: 2009 Credit Card Study: The fine print
Study Says Credit Card Industry will Stay Profitable
Credit Card Industry Will Stay Profitable: Study
The credit card industry will continue to provide one of the most lucrative returns of the asset classes within banks' portfolios even after new U.S. credit card rules are put in place, analysts at Keefe, Bruyette and Woods said.
Read full story from ABC News - Brian Ross and the Investigative Team
The credit card industry will continue to provide one of the most lucrative returns of the asset classes within banks' portfolios even after new U.S. credit card rules are put in place, analysts at Keefe, Bruyette and Woods said.
Read full story from ABC News - Brian Ross and the Investigative Team
Heartland Completes Phase 1 of End to End Encryption Pilot
Back in February, in a post entitled Heartland Exposes It's Own Card: I wrote: Is Heartland was going to take the position that they are a "plaintiff" rather than a "defendant" against claims from cardholders/issuers and V/MC themselves? Will they shoot back or is PCI DSS certification going to shoot down any argument that V/MC may have? Heartland Payment Systems, Bob Carr shows one of his cards.
In their newly released 4th Quarter Earnings Report he says that one of the biggest challenges they face in regards to the breach is "defending" claims that the "cardholders" "card issuers" V/MC, regulators (and others) have asserted (or may assert). For the first time (that I've seen) he implies that:
So it appears that they are preparing to claim that they are the plaintiffs and the defendants are going to be the brands (V/MC) Undoubtedly, they will use their PCI DSS certification as a launching pad to deter blame from them to others. PCI DSS may be the bullet that Heartland fires back with if V/MC tries to shoot them down. This is going to be an interesting legal development and the PIN Payments Blog will keep a close eye on further developments...
Well, here's the latest development. Heartland says they completed Phase 1 of their E2EE Pilot and identified "5 Zones" which the transaction has to travel through in order to obtain full end-to-end encryption. Problem is, unlike PINs, Card Numbers are NOT received by Visa/MC encrypted. So, they took advantage of this ailment and identified it. It's a most interesting approach to the beginnings of their "vigorous" defense. In the following press release you will see that they successfully ran (transmitted) an encrypted transaction through "4 of the 5 zones." 1 of the 5 could NOT be done, which logically "exposes" the culprit in the chain of command. "The Card Brands." Apparently the best move, when you're under the gun" is to turn it around and point the finger at the weakest link. Clever indeed.
Here's their Press Release:
Heartland Payment Systems Successfully Completes First Phase of End-to-End Encryption Pilot
In their newly released 4th Quarter Earnings Report he says that one of the biggest challenges they face in regards to the breach is "defending" claims that the "cardholders" "card issuers" V/MC, regulators (and others) have asserted (or may assert). For the first time (that I've seen) he implies that:
they intend to vigorously defend any such claims, and they have "meritorious defenses" to those claims.
So it appears that they are preparing to claim that they are the plaintiffs and the defendants are going to be the brands (V/MC) Undoubtedly, they will use their PCI DSS certification as a launching pad to deter blame from them to others. PCI DSS may be the bullet that Heartland fires back with if V/MC tries to shoot them down. This is going to be an interesting legal development and the PIN Payments Blog will keep a close eye on further developments...
Well, here's the latest development. Heartland says they completed Phase 1 of their E2EE Pilot and identified "5 Zones" which the transaction has to travel through in order to obtain full end-to-end encryption. Problem is, unlike PINs, Card Numbers are NOT received by Visa/MC encrypted. So, they took advantage of this ailment and identified it. It's a most interesting approach to the beginnings of their "vigorous" defense. In the following press release you will see that they successfully ran (transmitted) an encrypted transaction through "4 of the 5 zones." 1 of the 5 could NOT be done, which logically "exposes" the culprit in the chain of command. "The Card Brands." Apparently the best move, when you're under the gun" is to turn it around and point the finger at the weakest link. Clever indeed.
Here's their Press Release:
Heartland Payment Systems Successfully Completes First Phase of End-to-End Encryption Pilot
First AES-encrypted transaction from a merchant card reader to and through a major processor network completedPRINCETON, N.J.--(BUSINESS WIRE)--Heartland Payment Systems (NYSE: HPY - News), one of the nation’s largest payments processors, yesterday successfully completed the first phase of its end-to-end encryption pilot project. This first step involved the transmission of live AES (Advanced Encryption Standard)-encrypted card transactions from a merchant to Heartland’s processing platform. AES is the highest level of encryption and is currently on track to replace DES (Data Encryption Standard) and Triple DES as the desired standard for sensitive data.
- Press Release
- Source: Heartland Payment Systems
- On Tuesday June 30, 2009, 7:25 am EDT
According to Robert O. Carr, Heartland’s chairman and chief executive officer, to his knowledge, this is the first time encrypted transactions have been sent from a merchant’s card reader to and through a major processor’s payments network.
“Yesterday’s transactions involved a Texas-based merchant and multiple credit card, prepaid and signature debit card transactions testing each of the major card brands,” Carr explained. “These cards were read by our newly developed pilot tamper-resistant security module (TRSM) terminal. The data was encrypted as the electronic digits left the magnetic stripe and entered the TRSM hardware device. The data was then successfully transmitted to and through our processing platform for authorization and settlement.
“Typically, cardholder data is unencrypted as it leaves a merchant’s terminal and is not encrypted until it is either tokenized in a gateway or at rest in the processing platform’s data warehouse,” Carr explains. “This means cardholder data in transit is at risk of being compromised should it get in the hands of cyber criminals or hackers via such methods as network or memory sniffer malware. To protect data throughout the lifecycle of a credit, debit or prepaid card transaction, Heartland is developing end-to-end encryption technology we call E3™ that is designed to encrypt the transaction from the card read through our network and ultimately through transmission to the card brands.”
For Heartland, E3 protection involves five payment zones:
Zone 1: From data entry/card read at the merchant to the authorization network of the processor.
Zone 2: From the entry into the authorization network of the processor and through all points in which data is in motion within the network(s) of the processor and its sub-contractors.
Zone 3: While the data resides in a central processing unit (CPU) or a host security module (HSM).
Zone 4: In a direct access storage device (DASD) or archival storage.
Zone 5: From the processor to the authorization and settlement centers of the card brand or issuer.
“Monday’s successful test involved Zones 1, 2, 3 and 4,” detailed Steven M. Elefant, Heartland’s executive director of end-to-end encryption. “We believe that protecting data in these zones alone will significantly impact the protection of cardholder data.
Editor's Note: What? Imagine that, no Zone 5. This is one helluva clever way to expose Zone 5 as the culprit in the system. And it sets up their legal defense
“In Q4, Heartland expects to enhance protection in Zone 3,” Elefant continued. ”Protecting data in Zone 5 is contingent on the card brands. We are in active discussions with several of the brands, and our conversations have been very positive. Some card brands have indicated a willingness to pursue accepting transactions from those processors who send encrypted data. While we work on Zone 3 and collaborate with the brands on Zone 5, the next phase of this pilot project involves integrating a set of security-protected chips which we expect will further safeguard the data throughout the lifecycle of the transaction. Heartland plans to pilot this next phase in Q309.”
“We plan to continue to expedite the development of E3 and launch it commercially late this year,” Carr concluded. “We also plan to continue working with the ANSI ASC X9 Committee which is crafting an end-to-end encryption standard and follow that standard as much as practical. We are also working with established US equipment and software manufacturers to implement their TRSM devices into our E3 approach as soon as possible. We believe the marketplace will accept this higher level of payments security and are willing to share our knowledge and learnings with all industry stakeholders via the Payment Processors Information Sharing Council, FS-ISAC and Secure POS Vendor Alliance organizations.”
About Heartland Payment Systems
Heartland Payment Systems, Inc., a NYSE company trading under the symbol HPY, delivers credit/debit/prepaid card processing, payroll, check management and payments solutions to more than 250,000 business locations nationwide. Heartland is the founding supporter of The Merchant Bill of Rights, a public advocacy initiative that educates merchants about fair credit and debit card processing practices. For more information, please visit http://www.heartlandpaymentsystems.com and http://www.MerchantBillOfRights.com.
How to Hack an ATM Live Onstage Pulled from Black Hat Event
Juniper Networks Gags "ATM Jackpot" Researcher- Risky Business
According to Patrick Gray, at Risky.Biz, a demo, which would show Black Hat attendees how to jackpot (empty) an ATM on stage won't take place. Here's a quick blurb:
According to Patrick Gray, at Risky.Biz, a demo, which would show Black Hat attendees how to jackpot (empty) an ATM on stage won't take place. Here's a quick blurb:
Security and networking company Juniper yields to ATM vendor pressure...
June 30, 2009 --
RISKY.BIZ EXCLUSIVE -- A demonstration in which security researcher Barnaby Jack would "jackpot" an ATM live on stage at the upcoming Black Hat security conference in Las Vegas has been pulled by his employer.
Security and network device vendor Juniper Networks forced Mr. Jack to cancel his presentation, an anticipated highlight of the Black Hat event, following pressure from the affected ATM vendor. The demonstration would have seen the researcher hack an ATM live on stage, causing it to spit out cash, or "jackpot".
"The affected ATM vendor has expressed to us concern about publicly disclosing the research findings before its constituents were fully protected," a statement issued by Juniper Networks reads. "Considering the scope and possible exposure of this issue on other vendors, Juniper decided to postpone Jack’s presentation until all affected vendors have sufficiently addressed the issues found in his research."
Continue Reading
Max Vision Pleads Guilty to Hacking 1.8 Million Credit Card Numbers
The Butler "did not" do it as Max Butler says it was "Max Vision"...Both face 60 years...Max
This is a follow-up to: PIN Debit Payments Blog: Max Vision/Blind Justice: posted last Dec 27, 2008.
Max Butler, nicknamed Max Vision, now faces up to 60 years in prison after pleading guilty to hacking almost two-million credit card numbers. As I stated back in December, this has the potential for either a good book or movie script, especially
if he were to eventually start working for the people instead of against the people, ala Frank Abagnale Jr. and that seems likely in light of a statement released by his attorney:
“Max Vision, known in this case as Max Butler, pled guilty today as a first step toward getting this sad chapter of his life behind him. It is unfortunate that his life circumstances in 2005 led him to participate in this criminal conduct, and he very much regrets doing so,” he wrote.
As "Max Vision," he was an incredibly skilled hacker and security expert who boasted that he'd never met a computer system he couldn't crack. As "The Equalizer," he was an FBI informant, reporting on the activities of other hackers.As Max Butler, he was a family man in Santa Clara, California who ran a Silicon Valley security firm. At Max Vision Network Security, he specialized in running "penetration tests," attempting to break into corporate networks to prove that their security wasn't as good as it could be.
Superhacker Max Butler Pleads Guilty
By Kevin Poulsen | Wired
PITTSBURGH — A skilled San Francisco-based computer hacker who once sought to unite the cyber underworld under his benign rule pleaded guilty to federal wire fraud charges here Monday, admitting he stole nearly 2 million credit card numbers from banks, businesses and other hackers, which were used to rack up $86 million in fraudulent charges.
Max Ray Butler, 36, faces up to 60 years in prison for the two felonies under law, but his actual sentence will be influenced by a number of factors, not least a plea agreement with federal prosecutors that was filed under seal Monday.
Wearing an ill-fitting orange jail uniform and round glasses, his hair cut short and neat, the six-foot-plus Butler towered over the burly deputy marshals that brought him into the court room. Once he settled into his seat, he spoke softly and evenly as he answered questions from the judge, frequently drawing admonishments to speak up for the benefit of the court reporter.
“I actually did the actions that are relevant in the indictment, and I am guilty,” Butler said, at one point.
Butler identified himself in court as “Max Vision,” the name he gave himself in the 1990s when he became a superstar in the computer security community. At that time Butler was billing himself out as a $100-an-hour computer security consultant, and he earned the respect of his peers for creating and curating...
Continue Reading at Wired
This is a follow-up to: PIN Debit Payments Blog: Max Vision/Blind Justice: posted last Dec 27, 2008.
Max Butler, nicknamed Max Vision, now faces up to 60 years in prison after pleading guilty to hacking almost two-million credit card numbers. As I stated back in December, this has the potential for either a good book or movie script, especially
if he were to eventually start working for the people instead of against the people, ala Frank Abagnale Jr. and that seems likely in light of a statement released by his attorney:
“Max Vision, known in this case as Max Butler, pled guilty today as a first step toward getting this sad chapter of his life behind him. It is unfortunate that his life circumstances in 2005 led him to participate in this criminal conduct, and he very much regrets doing so,” he wrote.
Here is a quick backgrounder on Max Vision/Butler "The Equalizer."“Max has always preferred using his extraordinary computer skills his computer vision, for the good of society and the cyber world, and he hopes that he will be given the opportunity in the future to once again don the white hat.”
As "Max Vision," he was an incredibly skilled hacker and security expert who boasted that he'd never met a computer system he couldn't crack. As "The Equalizer," he was an FBI informant, reporting on the activities of other hackers.As Max Butler, he was a family man in Santa Clara, California who ran a Silicon Valley security firm. At Max Vision Network Security, he specialized in running "penetration tests," attempting to break into corporate networks to prove that their security wasn't as good as it could be.
Superhacker Max Butler Pleads Guilty
By Kevin Poulsen | Wired
PITTSBURGH — A skilled San Francisco-based computer hacker who once sought to unite the cyber underworld under his benign rule pleaded guilty to federal wire fraud charges here Monday, admitting he stole nearly 2 million credit card numbers from banks, businesses and other hackers, which were used to rack up $86 million in fraudulent charges.
Max Ray Butler, 36, faces up to 60 years in prison for the two felonies under law, but his actual sentence will be influenced by a number of factors, not least a plea agreement with federal prosecutors that was filed under seal Monday.
Wearing an ill-fitting orange jail uniform and round glasses, his hair cut short and neat, the six-foot-plus Butler towered over the burly deputy marshals that brought him into the court room. Once he settled into his seat, he spoke softly and evenly as he answered questions from the judge, frequently drawing admonishments to speak up for the benefit of the court reporter.
“I actually did the actions that are relevant in the indictment, and I am guilty,” Butler said, at one point.
Butler identified himself in court as “Max Vision,” the name he gave himself in the 1990s when he became a superstar in the computer security community. At that time Butler was billing himself out as a $100-an-hour computer security consultant, and he earned the respect of his peers for creating and curating...
Continue Reading at Wired
More on Max Vision:
Max Vision charged with hacking -- again
Sep 12, 2007 ... Federal prosecutors charge former security consultant Max Butler, better known amongst security researchers as "Max Vision," alleging that ...
Max Vision: FBI pawn?
May 5, 2001... FBI agents called him 'the Equalizer': a security expert and confessed hacker who infiltrated the electronic underground to help the Bureau. www.securityfocus.com/news/203 - 34k
A 'White Hat' Goes to Jail
"Max Vision," a renowned hacker, security expert and FBI informant, is sentenced to prison in a case that angers many in the hacking and cracking community.
Phishing and Brandjacking Financial Brands
MarkMonitor Research Shows How Online Scammers Are Using the Financial Crisis to Prey on Consumer Trust in Leading Brands
Latest Brandjacking Index Examines How Fraudsters Abuse Financial Brands
SAN FRANCISCO, June 29 2009 – MarkMonitor®, the global leader in enterprise brand protection, today released the company’s latest Brandjacking Index® that studies how fraudsters are abusing major financial brand names and topical subjects like refinancing or unemployment to lure unsuspecting consumers to questionable websites. Examining four leading financial brands, the research indicates opportunistic fraudsters are quick to target citizens looking for ways to get back on their feet from financial challenges and the housing market bust.
“Scammers are preying upon consumer hardship, demonstrating incredible creativity in combining technology, social engineering techniques and current events,” said Frederick Felman, chief marketing officer at MarkMonitor. “In this digital age, as the Internet pervades business and leisure, scam artists and fraudsters are quick to profit at the expense of trusted brands across a wide spectrum of industries.”
For this Brandjacking Index, MarkMonitor chose four top U.S. and international bank brands to monitor for scams focusing on terms such as foreclosure, mortgage, refinance and unemployed. MarkMonitor sifted through 134 million public domain records and searched billions of Web pages and spam email messages during the study period.
Research from the sample of financial brands shows profound levels of brand abuse, most notably through phishing and suspected domain squatting. More than 7,300 cybersquatted domains were identified targeting the four financial brands in the study. Fraudsters registered domains that combined those financial brands with the focus terms at the rate of more than one domain per day between September 2008 and April 2009. Phishing attacks against the four financial brands numbered 10,000, representing a 36 percent increase in Q1 2009 from the previous quarter.
Some of the highlighted findings in this report are:
Opportunistic abuse exploits economic hardship
- Morethan 7,300 domains exploited the four financial brands in the study,with 16 percent of the domains registered since September 2008
- 24percent of these cybersquatted domains registered since September 2008used the focus terms – foreclosure, mortgage, refinance and unemployed– translating to a registration rate of more than one cybersquatteddomain per day exploiting the focus terms
- Domains registered since September 2008 were 50 percent more likely to use the focus terms than domains registered earlier
- 52percent of the domains identified in the study did not encrypt customerdata, putting consumers’ personal identity information at risk
- A record 502 organizations were phished in Q1 2009, an increase of 24 percent from Q1 2008
- 93 organizations were phished for the first time in Q1 2009; 82 percent were financial brands
- Whilefinancial services remain a popular target, payment service providerswere the most phished category, at 42 percent of total phish attacks
- Socialmedia is one of the fastest-growing target category for phishers, withattacks increasing 241% against social media companies between Q1 2008and Q1 2009
Methodology
TheBrandjacking Index is an independent report produced by MarkMonitorthat tracks and analyzes online abuses of leading brands. Thecornerstone of the report is the volume of public data analyzed byMarkMonitor using the company’s proprietary algorithms – no customerdata or proprietary customer information is used to create theBrandjacking Index. During the study period of January through April,2009, MarkMonitor searched approximately 134 million public recordsdaily for brand abuse in domain data as well as Internet feeds fromleading international Internet Service Providers (ISPs), emailproviders and other alliance partners.About MarkMonitor
MarkMonitor,the global leader in enterprise brand protection, offers comprehensivesolutions and services that safeguard brands, reputation and revenuefrom online risks. With end-to-end solutions that address the growingthreats of online fraud, brand abuse and unauthorized channels,MarkMonitor enables a secure Internet for businesses and theircustomers. The company’s exclusive access to data combined with itspatented real-time prevention, detection and response capabilitiesprovide wide-ranging protection to the ever-changing online risks facedby brands today. For more information, visit www.markmonitor.com.###
Subscribe to:
Posts (Atom)