Featured: HomeATM....Better than the Durbin Amendment

HomeATM Lowers Your Interchange without

involving the government!  We involve you!

Virtually Eliminate MOTO Rates with either

our PCI Certified "Rover" or "SafeTPIN" PED. 

Crimeware Across the Globe

David Harley CITP FBCS CISSP
ESET Research Fellow



The ESET Blog recently posted about global crime-ware which I thought you might be interested in taking a look at.  Here's their post:



Crimeware Across the Globe

Here's a translation of another interesting blog from my colleague Jorge Mieres at ESET Latin America (the original is in Spanish). Apologies in advance for any errors in interpreting and interpretation, and if you find the sub-headers flippant, that's my fault too.  Jorge told me about it (the blog, not my tendency to flippancy) several days ago, but unfortunately I've been beset by travel and deadlines and had no opportunity to work on it. However, while assembling some notes for a journalist in the UK this morning, I found myself referring to it as source material, and figured it was about time to share it here: not only for its insights into the Latin American crimeware scene, but even more so as a neat summary of the way in which global crimeware is distributed regionally.

While the crimeware industry is seen as focusing its activities of origin in countries that are on the other side of the world from us in Latin America (Russia, Ukraine, China, etc.), criminal activities are not limited to Eastern Europe, and the general perception that this issue is not directly relevant to Latin America is completely wrong.

Indeed, the volume of security events generated through cyber-criminality is constantly increased in the region and Latin American cyber-criminal business models provide a popular template for models used elsewhere.

For more specific cases which illustrate this aspect in Argentina, Chile and Mexico, I recommend the reading of Crimeware in Latin America. [http://blogs.eset-la.com/laboratorio/2010/06/15/cibercrimen-en-latinoamerica/]

Crimeware represents a major problem at the global level to which nothing and no one is immune, home users being robbed of assets including their confidential information, while criminals target corporate sensitive information of any type.

The Law is an Ass?

While Eastern European countries often enjoy a weak legal framework in the field of computer security, affording offenders the opportunity to enjoy minimal risk of being discovered and consequently caught, Latin American legislation in this area is also weak and offers a similar criminal paradise.

Thus, it is possible to see "regionalized" figures for crimeware security incidents and trends by countries (or regions) that allow us to draw outlines a "criminal map".

Then… what of this side of the world?

There is no such thing as a free lunch: unless it's spam…

The highest rate of spread of spam, a key security problem, is located in the US and South American countries. According to Spamhaus, The US is located at the head of the top 10 spam-emitting countries, with Argentina and Brazil representing South America in that table.

Brazilian Malware? You can bank on it

Brazil is well known for banking attacks. Despite it's lower placing as regards the spread of spam, Brazil is also characterized as the source of development of Trojans designed to steal financial and banking information generally identified by ESET products as the Win32/Spy.Banker family.

The Return of El Mariarchi

Peru and Mexico also have significant communities engaged in the development of crimeware . Generally, web applications designed for the control and management of botnets are often developed in Russia. However, this area too is receiving increasing attention in Latin American countries: consider, for example, the 2009 SAPZ (Sistema de Administración de PCs Zombi – zombie PCs management system), and this year's Mexican botnet "Mariachi", discovered by our analysis and research laboratory here in Latin America.

More bull in the China Shop

China is well known for its targeted attacks. However, according to Spamhaus, China is also the second most prolific sender of spam. Chinese attackers also do a flourishing trade in Distributed Denial of Service (DDoS) attacks. Many security incidents gaining lots of attention from the media globally are associated with Operation Aurora, including attacks against human rights activists in China, Google and other major Western companies.

Russia: Give me Liberty or give me… errr, money…

Russia is a well-known workshop for crimeware resources, and stands out mainly as a source of more developer-oriented resources to augrment the crimeware black economy. A significant proportion of such resources as the ZeuS malware and exploit packs like Liberty heavily exploited by criminals, were originally developed in Russia.

A wide range of frauds, among many other illicit activities, also originate in Russia: while these may be propagated from Russian domains, they are also seen in other regions such as Iran, China and Ukraine.

Connection and Victimization

Ultimately, criminal industry and professionalization is growing by the day, impacting upon security and safety worldwide, feeding the clandestine economy in return, and generating criminal activity that leverages the Internet as a channel for infrastructural attack. In consequence, no matter where in the world we find ourselves, it is enough simply to be connected to the Internet to become a potential source of profit to cybercriminals.

Inevitably, we need to stay informed, alert and proactive, encouraging good security practices to lessen our exposure to attack.

Jorge Mieres

Security analyst

Thanks for letting us share that information, Jorge.

David Harley CITP FBCS CISSP
ESET Research Fellow

Related articles by Zemanta

• ESET ThreatBlog: Top 10 signs your computer may be part of a Botnet (boxofmeat.net)

Adult Websites Less of a Malware Threat than "Normal" Sites

Web Browsers Cannot be Trusted with Sensitive Data

from the e-Secure-IT Newswire

Adult websites less of a malware threat than 'normal' sites (from itpro at 2-7-2010) Legitimate websites infected with malware outnumber infected adult sites by a ratio of 99 to one, according to a report from security software maker Avast. Of all the sites found to be hosting spyware, Trojans, keyloggers and the like, Avast found that just one per cent were adult sites. In the UK, for example, the free anti-virus software maker found more infected domains containing the word “London” than including the word “sxx”, and said it was clear that the number of infected adult si... read more» Related News from the Wire: Trojans Account for Half of New Malware (from Softpedia at 2-7-2010) According to a report (PDF) released by Panda Security, computer trojans accounted for almost 52% of new malware created in the past three months. Meanwhile, the number of traditional virus samples received by the antivirus vendor during the last quarter has almost doubled. Computer trojans remain the malware type most preferred by cybercriminals. This is no surprise, considering that threats like Zbot or Clampi, which were used to steal millions of dollars from users and companies in the pas... read more»

Apples iPhone 4 Users Angry About "Grip of Death"

Bad News For Apple As Angry iPhone Users Sue

Tim Hewage, Sky News Online

Californian gadget giant Apple is being sued over its new iPhone 4 after angry users in America complained about poor reception.

Despite Apple's cult-like following and 1.7 million handsets flying off the shelves in the first three days of its launch, many owners seem less than happy with reception problems.

Some claim that Apple has breached its warranty and falsely advertised their shiny new must-have product because it loses signal if they hold it a certain way.

It has been dubbed the "grip of death" by some users... <<read more>>

Apple has released a letter after complaints and legal action about the new iPhone 4.   Here it is in full:

Does One Bad Apple Spoil the Whole Bunch?

"The iPhone 4 has been the most successful product launch in Apple's history. It has been judged by reviewers around the world to be the best smartphone ever, and users have told us that they love it.

So we were surprised when we read reports of reception problems, and we immediately began investigating them.

Here is what we have learned.

To start with, gripping almost any mobile phone in certain ways will reduce its reception by 1 or more bars. This is true of iPhone 4, iPhone 3GS, as well as many Droid, Nokia and RIM phones. But some users have reported that iPhone 4 can drop 4 or 5 bars when tightly held in a way which covers the black strip in the lower left corner of the metal band. This is a far bigger drop than normal, and as a result some have accused the iPhone 4 of having a faulty antenna design.

At the same time, we continue to read articles and receive hundreds of emails from users saying that iPhone 4 reception is better than the iPhone 3GS. They are delighted. This matches our own experience and testing. What can explain all of this?

We have discovered the cause of this dramatic drop in bars, and it is both simple and surprising.

iPhone 4 owners complain it can lose reception when holding the bottom left corner

Upon investigation, we were stunned to find that the formula we use to calculate how many bars of signal strength to display is totally wrong. Our formula, in many instances, mistakenly displays 2 more bars than it should for a given signal strength. For example, we sometimes display 4 bars when we should be displaying as few as 2 bars.

Users observing a drop of several bars when they grip their iPhone in a certain way are most likely in an area with very weak signal strength, but they don't know it because we are erroneously displaying 4 or 5 bars. Their big drop in bars is because their high bars were never real in the first place.

To fix this, we are adopting AT&T's recently recommended formula for calculating how many bars to display for a given signal strength. The real signal strength remains the same, but the iPhone's bars will report it far more accurately, providing users a much better indication of the reception they will get in a given area. We are also making bars 1, 2 and 3 a bit taller so they will be easier to see.

We will issue a free software update within a few weeks that incorporates the corrected formula. Since this mistake has been present since the original iPhone, this software update will also be available for the iPhone 3GS and iPhone 3G.

We have gone back to our labs and retested everything, and the results are the same-- the iPhone 4's wireless performance is the best we have ever shipped. For the vast majority of users who have not been troubled by this issue, this software update will only make your bars more accurate. For those who have had concerns, we apologize for any anxiety we may have caused.

As a reminder, if you are not fully satisfied, you can return your undamaged iPhone to any Apple Retail Store or the online Apple Store within 30 days of purchase for a full refund.

We hope you love the iPhone 4 as much as we do.

Thank you for your patience and support."

HomeATM Introduces ANYwhere Commerce Dot Com

FOR IMMEDIATE RELEASE -- July 1, 2010 -- PIN Debit News Blog



In a world chock full of dangerous, thus high cost "Card Not Present" (CNP) transactions, HomeATM proudly introduces "ANYwhere Commerce" which enables genuine "Card Present" (CP) and "PIN Debit" Interchange Rates versus of the riskier, hence significantly higher MOTO Interchange Fees.  Unlike our competitors, our device includes a secure built-in PCI 2.1 Certified PIN Entry Device.  We also manufacture a Chip and PIN Version for use in EMV countries.





Whereas MOTO rates can be as high or higher than 3% of the transaction, you can now accept credit cards for as low as 1.29%, Debit cards are lower and PIN Debit is lowest yet.  Anywhere Commerce is the answer to your "card present" and PIN Debit processing needs, and much more eloquent than the Durbin Amendment. (will probably save you more too!)   We are now taking orders and applications.  

ANYwhere Commerce features the following: 

• Universal POS plugs into any PC, Mac, iPhone, RIM, Android, iPad 


• Complete gateway services 


• Automated merchant boarding 


• 99% merchant approval 


• Card present credit and debit transactions 


• Processor neutral, we can work with your processor 


• Credit card rates as low as 1.29% 


• No more MOTO 


• Accept PIN Debit cards, assures lowest interchange possible 

HomeATM is the first company to be issued PCI 2.1 Certification for an eCommerce/Mobile/Tablet PIN Entry Device with built-in card reader. Unlike some card readers which have recently been released to the market, our device instantaneously 3DES Encrypts the Track 2 data and provides DUKPT (Derived Unique Key Per Transaction) End-to-End Encryption for PIN Entry and transmittal. HomeATM, in addition to ANYwhereCommerce.com is also proud to introduce "Rover" a smaller version of our PCI Certified SafeTPIN. It easily connects to any tablet, PC or mobile phone and instantly transforms it into a PCI compliant point-of-sale device.



Ideal for businesses on the go or SME's, for example: Dentists, Chiropractors, Lawyers, Plumbers, Repairmen, Maid Service, Electricians, Flea markets, Health Clinics, Farmers Markets, Direct sellers, Mobile kiosks, Food/Pizza Delivery, Insurance, Door to door, Realty, Limousine Service, Pest Control, Lawn-care, Field Services, HVAC, General Retail, Charities, Marine, Trade shows, Pet Groomers...more 

Compatible with most phones including RIM, Apple, Motorola, Samsung, Nokia, Sanyo and more. For a complete list of compatible devices complete with product details, please click here.



For more information, please visit HomeATM at www.homeatm.net or ANYwhere Commerce at ANYwhereCommerce.com 



About HomeATM

Located in Chicago with offices in Montreal and Hong Kong, HomeATM designed and manufactured the eCommerce Industry's first PCI Certified POS Device with Built-In PIN Pad and holds an international patent relating to eCommerce and Moblle PIN Debit with several more filed. As a POS manufacturer, HomeATM is always looking for innovative and thus strategic relationships as we build our global distribution channel. If you have an interest in learning more about our technology, including our EMV Chip and PIN device, please contact: John B. Frank, Director of Marketing, at jfrank@homeatm.net 

You can also learn more at the PIN Debit News Blog  Follow us on Twitter at www.Twitter.com/HomeATM 

Related articles by Zemanta

• Look What Congress Just Did to the Debit Card Market (pindebit.blogspot.com)


• Visa tightens rules for small sellers (go.theregister.com)


• Walmart Wants Chip and PIN (pindebit.blogspot.com)


• Whoa--my phone can pay my bar tab?! Fact. (chicagonow.com)


• Senator Seeks Interchange Fee Plan in Bank Bill - Reuters (pindebit.blogspot.com)


• MasterCard: Vermont Legislation Could Require Consumers to Pay More at Checkout (pindebit.blogspot.com)


• Brace Yourselves, Consumers: How Financial Regulatory Reform Will Impact You (pindebit.blogspot.com)


• HomeATM Introduces ANYWhereCommerce.com, Card Present Transactions for Merchants on the Go (pindebit.blogspot.com)

US Smart Phone Penetration Forecast to Reach 50% of All Handsets by the End Of 2011

Image via Wikipedia

Research and Markets: Smartphone Tariff Tracker - The US Smart Phone Penetration Forecast to Reach 50% of All Handsets by the End Of 2011

DUBLIN--(BUSINESS WIRE)--Research and Markets  has announced the addition of the "Smartphone Tariff Tracker" subscription to their offering.

The huge success of the Apple App Store was widely imitated by a number of other providers with RIM's BlackBerry and Google Android (with its Android Market application store) also providing their own variants. By mid-2009 the Apple App Store alone had 225,000 apps available with Google Market having a further 65,000 apps available for download.Smartphones are now becoming like mini-PCs with a range of functions on top of messaging and calls. A typical smart phone now has around 8 GB of memory capacity and a fast dual core processor supporting video, music, mobile internet, 3D graphics and a range of digital services.

The growth of the smart phone segment is particularly strong in mature markets. Half of all handsets sold in Japan - as of 2009 - can be classified as smart phones, with the US smart phone penetration forecast to reach 50% of all handsets by the end of 2011.

However, smart phone penetration is not so strong in emerging markets where there is a greater proportion of Pre Pay subscribers. In markets such as India and Latin America for example, smart phone handset penetration rates are currently less than 10%.

In mature markets the smart phone is typically sold as part of a Pay Monthly package with the MNO partly or wholly subsidising the purchase cost of the handset in return for an 18 month or 24 month contract term. There are signs that smart phones are also being sold into the Pre Pay sector, with individual MNOs providing "entry-level" versions of higher specification devices for purchase with Pre Pay mobile data coupons.

The uniqueness of this product:

• The first ever product in the market that holds pricing for BlackBerry, iPhone, iPad and other Smartphones


• In tabular output allowing for very quick comparison of any parameters as inclusive allowance, cost per month, per region etc.


• Prices are given in local currency and Euros


• Updated every quarter in its entirety, changes are marked for easy identification and the update is supported with a document that comments on the latest changes in details.


• Over a 1-year period, the customer can get an insight into trends, the latest trend in the Smartphone market is the increasing choice a subscriber has.

Price points covered in tabular output

• Type of price plan postpaid or prepaid


• Rental per month (or week, day) in local currency and Euros


• Included voice, SMS, MMS and data


• Excess usage charges for data, SMS and voice


• Details of contract terms


• Plus other relevant details relating to each price plan

Key Benefits

• First ever database in the market including Smartphone, BlackBerry, iPhone and iPad price plans


• Allowing to quickly view which operators are offering which services at what price. For example with one key stroke you can view all prepaid plans, or which operator has the most attractive offering and what the offering includes.


• Updated quarterly in full, changes are clearly marked, giving you the opportunity to see price trends in developed as well as emerging markets.


• Output in tabular output and supported with a summary analysis paper produced with each update commenting on the key changes that occurred since the last update.


• Pricing Analysis produced by the tariff team that has more than 25 years of experience in pricing.


• Each client is entitled to free enquiry service offering further information if required.

Subscription includes

• 1 spreadsheet holding prices for BlackBerry, iPad and iPhone for over 100 operators across all regions


• An update every quarter, changes made are highlighted


• Plus a summary report commenting on key changes


• Enquiry service

Executive Summary:

A new Smartphone price tracker shows the launch of new mass market tariffs in developed and developing countries

The launch of the latest product the Smartphone Tariff Tracker' finds that consumers and businesses in both mature and emerging markets are benefiting from the launch of new smartphone devices at more competitive price points for Pay Monthly and even Pre Pay segments. The Smartphone Tariff Tracker has in-depth information for BlackBerry, iPhone, iPad and other Smartphones with price plans from around the globe in an easy-to-use format. It is based on extensive research conducted with 164 operators across 119 countries and includes some 989 tariff packages complete with up to date analysis. Some of the findings from the first edition include:

• Traditionally a premium Smartphone product, the iPhone is now seeing entry level products are as low as Euro 3.50 a month including 100 MB from Vodafone India


• In developed markets the iPhone is seeing larger bundles and premium tariffs for Euro 166.67 a month including 5,000 minutes of domestic calling, 100 minutes to Europe, 1,500 SMS, unlimited data and Wi-Fi with the iPhone 8 GB at no charge from TIM Italy.


• BlackBerry's lowest inclusive allowance is 400 kbytes offered by Orange in Romania for Euro 4.20 with more than half of the BlackBerry offerings including unlimited data usage.

"The Smartphone Tariff Tracker' service provides real insight into the increased choices available to the consumer and business user", commented Margrit Sessions, Managing Director of Tariff Consultancy Ltd. "In mature markets the smart phone is typically sold as part of a Pay Monthly package with the MNO partly or wholly subsidising the purchase cost of the handset in return for an 18 month or 24 month contract term. There are increased signs that smart phones are also being sold into the Pre Pay sector, with individual MNOs providing entry-level' tariffs based on a "daily" usage rate. An example is offered by Zain in Jordan which has a Euro 1.14 daily rate for smartphone users" she added.

For more information visit http://www.researchandmarkets.com/research/1c33d2/smartphone_tariff

Related articles by Zemanta

• BlackBerry still leads in smart-phone market (sfgate.com)


• Constructing The Perfect Mobile Operating System (thenextweb.com)


• Spyware on Your Cell Phone? (newsweekinteractive.org)


• Bad News For Apple As Angry iPhone Users Sue (news.sky.com)

Malware Targets UK Online Banking

Security experts have discovered two new pieces of malware, specifically targeting UK bank customers.

By Jennifer Scott, 1 Jul 2010 at 15:05

Two new pieces of malware have been discovered that are intentionally aiming themselves at UK banking customers.

Security company Trusteer found the malicious programs, which are said to “fly under the radar” of anti-virus software to steal online banking logins in order to commit fraud.

Silon.var2 has been found on one in every 500 computers in the UK – compared to one in 20,000 in the US – and Agent.DBJP was found on one in 5,000 – compared to one in 60,000 across the Atlantic.

The company has also discovered two new Zeus botnets aimed at UK consumers, which have only been found on UK machines and only target UK-based banks.

Continue Reading

69% of Kids 11-14 are Mobile

Two-Thirds of Kids and Teens Now Mobile



A new eMarketer report analyzes the habits of US children and teenagers, who are becoming inseparable from their mobile devices at younger ages. Full Article



Related articles by Zemanta

• Youth Mobile Phone Studies - The Informative Flowtown Infographic Analyzes Teen Cell Phone Usage (GALLERY) (trendhunter.com)


• Should Parents Be Required To Track Their Teens? (rmtracking.com)

Payday Advance Loans Terminated in Arizona

Image via Wikipedia

Payday Advance Loans in Arizona Terminated!

 

PHOENIX, July 1 /PRNewswire/ -- AboutPaydayLoan.com - It looks like California isn't the only State with a Terminator running legislation. Former Arizona Assistant Attorney General Vince Rabago spent many years fighting the payday lending industry and today, with the help of Attorney General Terry Goddard on "operation sunset", they managed to terminate the payday loan business in the State of Arizona.

As a result, over 200 payday lending stores will have to call it quits; this reform in legislature will result in thousands of jobs lost within the State. Businesses in Arizona will be limited to other high risk loans, like auto title loans (Read Why Payday Loans Are Better Than Title Loans).

"It's a great day for Arizona, effectively ending predatory lending by virtue of these payday loans," says Rabago.  "Arizonaconsumers will be better off without payday lending."

It seems that, once again, politicians have decided what's good for the people rather than educate them about the risks, and benefits, of payday loans. With the government limiting choices for their citizens they are turning them over to mainstream banks that have previously denied them small loans because of bad credit or no collateral. The government should, instead of abolishing the payday loan industry, regulate the sector so that "predatory lending" is no longer associated with payday loans (Read Don't Limit Payday Lending, Promote Responsible Lending Instead).

There are responsible payday loan lenders out there, like Solomon Finance, that offer feasible payday advance loans with flexible fees and payment plans. They are the type of payday direct lenders that put heavy focus on educating their customers on when it is a good time to apply for payday loan and inform the consumer about all of the risks and fees associated with the loan.

"The payday lending industry is not part of the financial problems, I believe it is the over-regulation and lack of education that is the problem. Those two factors is what makes payday loans expensive. Payday lending is a high risk business, they have some of the highest tax rates and insurance costs when compared to other financial lenders," says a Al Sefati who is a payday loan SEO consultant in Los Angeles.

There is no doubt that many Arizona residents will miss their local, and online, payday advance lenders, especially when they need fast cash loans. Furthermore, the State of Arizona will miss the considerable amount of business, employment tax and even State contributions it was making off of the payday loan industry. Apart from that, now the State has to deal with thousands of unemployed workers who will lose their jobs because of this new law.

SOURCE AboutPaydayLoans