03-09-2010 22:18
Re: Proces lsass.exe?
Bez žurbe. [quote]What is lsass.exe?
A Microsoft Windows file stored in the c:\windows\system32 or c:\winnt\system32 directory that is short for Local Security Authority Subsystem Service and has the file description: LSA shell. This file is responsible for how Microsoft Windows handles security and security related policies, authority domain authentication, and Active Directory management on your computer.[/quote]
Forumi ::
ES::Zastita
Povezani zapisi:
09-01-2010 18:29
-- John Bambenek bambenek at gmail /dot/ com
(c) SANS Internet Storm Center. http://isc.sans.org Creative Commons Attribution-Noncommercial 3.0 United States License.
ISC
08-14-2010 4:09
 A group of hackers has recently published detailed information from an underground credit card company. On July 23rd, an anonymous group claimed to have compromised a server of an online credit card processor company. At that time, however, the extent of the compromise was unclear. Looking at the data that was published leads us to believe the compromise is very plausible.
The leaked data includes employee email addresses as well as recorded phone calls. A particular recorded conversation discussed the various ways of defrauding major credit cards companies. Another conversation discussed Fethard, a payment service that allows for anonymous payments and is often associated with money laundering and other cybercriminal activities.
Furthermore, there are assumtions that one of the persons behind the credit card processor company also serves as one of the Fethard owners. He has likewise been associated with a spam forum called crutop.nu. In 2007, a large sum of money was stolen from the Fethard funds. This has undoubtedly created problems for Fethard and has possibly pulled the mother company deeper into the cybercrime business.
The compromised credit card company that functions as the Fethard‘s mother company is infamous for processing payments for FAKEAV, pharmaceuticals on spam sites, extreme pornography and cheap mp3. Its official headquarters is in Amsterdam, the Netherlands. However it only has a handful of Dutch employees and the actual work is done in Russia and Latvia. The company has legitimate customers in Russia as well.
This hacking incident would probably make a lot of cybercriminals nervous. Unfortunately, the incident also puts the personal data of legitimate customers and of many ordinary Russians at risk.
Special thanks to Senior Threat Researcher Max Goncharov for additional information in this post.
Post from: TrendLabs | Malware Blog - by Trend Micro
Underground Credit Card Processor Compromised
trendmicro
| 
