Wild Toss
In lieu of ticker tape, many people threw shredded documents from their office windows — and some unshredded ones as well, some local reporters discovered.
The New York Daily News reported Saturday that an employee of the stock trading firm Alan Sarroff LLC hurled several paychecks from the 17th story of his office building. The company would not identify the worker, but described him as an "overenthusiastic" fan who did not realize he had thrown out confidential information. The paychecks had names, addresses, and Social Security numbers.
Separately, Fox News reported Friday that its own reporters found unshredded forms bearing medical and financial data that they described as "the perfect tools for identity theft."
Fox speculated that most of the information it found was from an insurance company with offices in downtown Manhattan, where the parade took place. Fox said it was contacting the people whose information it had found.
New Threats
The author of what may be the first malicious program for the Apple Inc. iPhone wants to teach you a lesson: don't hack your phone unless you don't want other people to hack it too.
"Who cares its only your bank details at stake," says an apostrophe-free comment buried in the program's coding; the application seems designed more to attract attention than to cause trouble, since all it apparently does is replace the user's phone wallpaper with a photo of the singer Rick Astley (the image also boasts that the software is "never gonna give you up"). The bug affects only those phones that have been "jailbroken," or hacked to allow users to install software from outside Apple's app store ecosystem, the online tech news site Ars Technica reported Monday.
The malware, which apparently began spreading from Australia, infects jailbroken phones that run the SSH network protocol and have not changed their default passwords. Although the Rick Astley bug apparently does nothing malicious, a hacker could use the same technique to steal any bank passwords typed into a compromised phone, the article said.
Apple has tried to hinder developers' efforts to jailbreak its phones. Many of the iPhone's software updates include coding intended to thwart hackers.
The phishers asking people to reveal their MySpace passwords don't seem to actually care about the MySpace passwords.
Instead, the scammers are impersonating News Corp.'s social networking Web site in an attempt to build credibility before attempting a more complicated scam, The Washington Post's Brian Krebs reported in his "Security Fix" column Monday.
Researchers at the University of Alabama at Birmingham examined some of the MySpace phishing messages, and noticed that they never seem to test the credentials for the social networking site.
"It's not clear whether the attackers really care about the login information," Krebs wrote, "as the bogus sites will authenticate a user regardless of the supplied user name and password."
