These are new product announcements from my main website (Open 24/7/365). We have a life-time warranty / guarantee on all products. (Includes parts and labor). Here you will find a variety of cutting-edge Surveillance and Security-Related products and services. (Buy/Rent/Layaway) Post your own comments and concerns related to the specific products or services mentioned or on surveillance, security, privacy, etc.

Monday, August 11, 2014

Russian Hackers Amassed 1.2 Billion Web Credentials (Where's The NSA?)

Click Here Or On Above Image To Reach Our Experts

Russian Hackers Amassed 1.2 Billion Web Credentials

Updated: Sept. 8, 2014

Home Depot Confirms Data Breach

Home Depot Inc. confirmed Monday that its payment systems were breached at nearly 2,200 U.S. and Canadian stores in a cyberattack that may have stretched back to April.

The company said it is working aggressively to root out the malware that infected its data systems and protect its customer data, but stopped short of addressing when or whether the breach had ended.

The acknowledgment is the result of an investigation begun by the home-improvement company a week ago after it received reports from banks and law enforcement that its payment data systems may have been hacked.

Since then, it has been working with the Secret Service and banks, as well as with computer security firms Symantec Corp. and Fishnet Security, to determine whether it had been hacked and uncover the software responsible.

Law enforcement and payment officials were concerned about the potential scale of the attack, since it may have persisted for more than four months, much longer than the holiday season attack on Target Corp. that compromised data from 40 million credit- and debit-card accounts. One person familiar with parts of the investigation said tens of millions of cards may have been affected.

The attack may have begun during the company's busy spring selling season and follows warnings from law enforcement that retailers could face assaults on their point-of-sale systems.

Parts of the software used in the attack appeared to be based on the malware used against Target, a person familiar with parts of the investigation said. That doesn't necessarily mean the attack was the work of the same hackers.

The Target card-stealing code, known as Black POS, has been widely sold on underground hacking forums since being crafted by a Russian teenager, cybercrime experts have said.

In this case it was modified by someone who appeared to know Russian, the person said. This included stylistic flourishes including links to a Wikipedia article on a list of wars involving the U.S. and the website for a book titled, "America's Deadliest Export: Democracy."

Security blogger Brian Krebs earlier reported details of the malware used against Home Depot.

Home Depot—the country's fourth-largest retailer by revenue after Wal-Mart Stores Inc., Costco Wholesale Corp. and Kroger Co. —said the investigation is ongoing and that it is still working to determine how many customers were affected and what information was taken.

The attack catches the chain in the middle of a growth spurt stemming from the improvement in the housing market. In the six months ended Aug. 3, Home Depot recorded more than 750 million customer transactions, although that might not correlate to the number of people affected. In the same period, it booked $43.5 billion in sales, up 4.4% from a year earlier.

Home Depot has assured customers they won't be responsible for any fraudulent charges on their credit or debit cards and has promised to offer free identity-protection services, including credit monitoring, to any affected customers.

It said there was no evidence the breach has affected its more than 100 stores in Mexico or customers who shopped on its website. It also said it didn't have any indications that PIN numbers from debit cards were compromised.

Card-issuing banks so far haven't alerted their customers to potential fraud or reissued cards because of the Home Depot incident. The banks are scouring their customer databases to determine a common thread among any fraudulent transactions that have occurred.

Card users in Canada, which requires more secure chip and PIN technology, likely face lower risks of fraudulent charges than those in the U.S.

Meanwhile, attorneys general from California, Connecticut, Illinois, Massachusetts and New York have joined together to investigate thecircumstances and cause of breach, as well as how Home Depot handles the impact on shoppers, the states said.

"We have been in contact with Home Depot and will be working with attorneys general across the country to review the circumstances and cause of any potential breach, whether Home Depot had sufficient safeguards in place to protect consumer information, and to confirm that Home Depot will take appropriate steps to protect its customers," said Jillian Fennimore, a spokeswoman for Massachusetts Attorney General Martha Coakley.

Updated: Sept. 2, 2014

Credit Card Breach At Home Depot

Multiple banks say they are seeing evidence that Home Depot stores may be the source of a massive new batch of stolen credit and debit cards that went on sale this morning in the cybercrime underground. Home Depot says that it is working with banks and law enforcement agencies to investigate reports of suspicious activity.

Contacted by this reporter about information shared from several financial institutions, Home Depot spokesperson Paula Drake confirmed that the company is investigating.

“I can confirm we are looking into some unusual activity and we are working with our banking partners and law enforcement to investigate,” Drake said, reading from a prepared statement. “Protecting our customers’ information is something we take extremely seriously, and we are aggressively gathering facts at this point while working to protect customers. If we confirm that a breach has a occurred, we will make sure customers are notified immediately. Right now, for security reasons, it would be inappropriate for us to speculate further – but we will provide further information as soon as possible.”

There are signs that the perpetrators of this apparent breach may be the same group of Russian and Ukrainian hackers responsible for the data breaches at Target, Sally Beauty and P.F. Chang’s, among others. The banks contacted by this reporter all purchased their customers’ cards from the same underground store – rescator[dot]cc — which on Sept. 2 moved two massive new batches of stolen cards onto the market.

In what can only be interpreted as intended retribution for U.S. and European sanctions against Russia for its aggressive actions in Ukraine, this crime shop has named its newest batch of cards “American Sanctions.” Stolen cards issued by European banks that were used in compromised US store locations are being sold under a new batch of cards labled “European Sanctions.”

It is not clear at this time how many stores may be impacted, but preliminary analysis indicates the breach may extend across all 2,200 Home Depot stores in the United States. Home Depot also operates some 287 stores outside the U.S. including in Canada, Guam, Mexico, and Puerto Rico.

This is likely to be a fast-moving story with several updates as more information becomes available. Stay tuned.

Update: 1:50 p.m. ET: Several banks contacted by this reporter said they believe this breach may extend back to late April or early May 2014. If that is accurate — and if even a majority of Home Depot stores were compromised — this breach could be many times larger than Target, which had 40 million credit and debit cards stolen over a three-week period.

Updated: August 20, 2014

UPS: We’ve Been Hacked!

Malware that impacted 51 franchises in 24 states may have compromised customers' credit and debit card information

The United Parcel Service announced Wednesday that customers’ credit and debit card information at 51 franchises in 24 states may have been compromised. There are 4,470 franchised center locations throughout the U.S., according to UPS.

The malware began to infiltrate the system as early as January 20, but the majority of the attacks began after March 26. UPS says the threat was eliminated as of August 11 and that customers can shop safely at all locations.

“The customer information that may have been exposed includes names, postal addresses, email addresses and payment card information,” wrote the company in a public statement. “Not all of this information may have been exposed for each customer. Based on the current assessment, The UPS Store has no evidence of fraud arising from this incident. The UPS Store is providing an information website, identity protection and credit monitoring services to customers whose information may have been compromised.”

A list of impacted franchises can be found here.

Updated: Aug 15, 2014 5:30 AM PDT

Supervalu Hacked, Shopper's Credentials Stolen

Supervalu, Inc. on Friday confirmed a data breach affecting its computer network that processes debit and credit card transactions. The breach affects an unknown number of Cub Foods shoppers who used cards between June 22 and July 14, 2014.

Information Possibly Stolen

According to Supervalu, the “criminal intrusion” may have resulted in the theft of:

- Debit And Credit Card Account Numbers
- Credit Card Expiration Dates
- Cardholder Names

The company has not yet confirmed whether any cardholder information was stolen, and there's no evidence of misuse, but this announcement is being made “out of an abundance of caution.”

Stores Affected

180 Supervalu stores and stand-alone liquor stores were affected by this breach. They are listed at www.supervalu.com under the Consumer Security Advisory section. The stores include:

Cub Foods

Farm Fresh


Shop 'n Save

Shoppers Food And Pharmacy

What Supervalu Is Doing

Once they were aware of the intrusion, Supervalu took immediate steps to secure the affected part of its network. An investigation, with the help of third-party forensic experts, is ongoing to determine how the network was breached and how many customers were affected.

“The safety of our customers' personal information is a top priority for us,” Supervalue CEO Sam Duncan said. “The intrusion was identified by our internal team, it was quickly contained, and we have had no evidence of any misuse of any customer data. I regret any inconvenience that this may cause our customers but want to assure them that it is safe to shop in our stores.”

Identity Protection

Supervalu is offering customers whose payment cards may have been affected 12 months of identity protection services through AllClear ID. A call center to answer customer questions will be staffed Monday through Saturday from 8 a.m. to 8 p.m. CT, at (855) 731-6018. Customers can also visit www.supervalu.com under the Consumer Security Advisory section for additional information.

Business Impact

“I think the big question will be what did they know and when did they know it?” said Nick Halter of the Minneapolis-St. Paul Business Journal. “Terrible timing for Supervalu. They just acquired those Rainbow stores, and at the same time Hy-Vee is moving into town. If they lose some consumer confidence right now, that's not going to help (Supervalu).”

Related Breach Affecting Albertson's

According to Supervalu, some stores owned and operated by Albertson's suffered a related breach. For more information on the Albertson's breach, visit albertsons.com, acmemarkets.com, jewelosco.com, or shaws.com.

The breach appears to have taken place between June 22 and July 17, the companies said. It may have may have resulted from hackers installing malicious software onto the company's point-of-sale network, said people familiar with the situation. That is the system that includes the cash register and terminals that handle credit card and debit card transactions.

Supervalu, which listed its affected stores online, said it has set up a call center to take customer questions about the breach and is offering 12 months of free identity protection services to customers whose cards may have been affected.

AB Acquisition said it is working with Supervalu "to better understand the nature and scope of the incident." It wasn't immediately clear exactly how many of its stores were affected.

"We understand the inconvenience and concern an incident like this can cause, and we deeply regret that our customers' data was targeted, " said Mark Bates, senior vice president and chief information officer at AB Acquisition in a statement.

An attack on the company's point-of-sale system would be similar to other recent high-profile data breaches, most notably the massive hack that occurred at Target Corp.  during the winter holiday-shopping season. In the incident, thieves stole 40 million payment-card numbers and the personal information of 70 million shoppers.

Since then, hackers also have taken aim at a number of merchants, including luxury retailer Neiman Marcus Group, restaurant chain P.F. Chang's China Bistro Inc., and Goodwill Industries International Inc. thrift stores.

The spate of data breaches recently has raised questions about whether companies should always notify their customers, vendors and authorities immediately after breaches. Some executives believe such incidents should be kept quiet if valuable information is stolen, even if it might be compromised.

Breaches also are costly for banks, which usually bear the cost of fraud on cards they have issued. U.S. credit-card fraud losses totaled roughly $18 billion last year, according to Javelin Strategy And Research, a consulting firm that is a unit of Greenwich Associates.

The Supervalu investigation comes at a time when banks and merchants are racing to roll out new technology to make card transactions safer. Banks are ramping up plans to issue cards that contain a computer chip that creates a unique code for each transaction, making card data less valuable to thieves.

Merchants, meanwhile, are upgrading their computer terminals to accept the new chip cards, which have been used for years in Europe, Asia and Canada.

The supermarket industry has been roiled in recent years by a wave of mergers and acquisitions. Cerberus, which owns a minority stake in Supervalu, has been especially active and earlier this year agreed to buy Safeway Inc.

Supervalu has struggled more than other major grocery chains to keep customers amid pressure from Wal-Mart Stores Inc.,   drugstores and dollar stores ramping up their food sales. Supervalu has brought in a new chief executive, sold five of its grocery-store chains and eliminated up to 1,100 positions from its corporate and store-support-center offices.

Supervalu had sales of roughly $17 billion last year. It is the 7th-largest U.S. grocery chain with a 2.1% share and operates under brands such as Cub Foods, Farm Fresh and Save-A-Lot.

Most of Supervalu's stores are independently run but receive their goods from Supervalu.

Russian Hackers Amassed 1.2 Billion Web Credentials (Where's The NSA?)

A gang of Russian hackers appears to have amassed a stockpile of 1.2 billion usernames and passwords as its members roamed the Internet targeting online users.

Based on the number of unique email addresses, the hackers appear to have collected data on more than half a billion people.

Security experts say this collection of usernames and passwords is impressive in size and points to a trend in recent years where cybercriminals amass web credentials for later use.

Those experts say breaches involving usernames and passwords are dangerous for consumers, who frequently use the same credentials for multiple sites. For instance, after hackers robbed customer credentials from Adobe last fall, Facebook later discovered that some of its users employed the same username and password combination on their Facebook accounts.

“It doesn’t really matter which websites they get passwords from,” said Avivah Litan, a security analyst at Gartner. Litan said the type of theft it has documented has been going on “for a long time,” but said the number of records affected in this instance is notable.


In this case, Hold says the hackers hit some 420,000 Web addresses for both large and small sites.

The list of affected sites “includes many leaders in virtually all industries across the world, as well as a multitude of small or even personal websites,” the company says on its website.

The New York Times, which first reported it's findings, said the criminals are so far using the data for sending spam on social-media accounts.

Security companies often obtain hacker data by infiltrating secret forums and sometimes buy samples of stolen data to see who has been affected. Other times they can gain access to a cybercriminal’s server.

There is worry among some in the security community that keeping personal information out of the hands of thieves is increasingly a losing battle.

In December, 40 million credit card numbers and 70 million addresses, phone numbers and additional pieces of personal information were stolen from the retail giant Target by hackers in Eastern Europe.

And in October, federal prosecutors said an identity theft service in Vietnam managed to obtain as many as 200 million personal records, including Social Security numbers, credit card data and bank account information from Court Ventures, a company now owned by the data brokerage firm Experian.

But the discovery dwarfs those incidents, and the size of the latest discovery has prompted security experts to call for improved identity protection on the web.

“Companies that rely on user names and passwords have to develop a sense of urgency about changing this,” said Avivah Litan, a security analyst at the research firm Gartner. “Until they do, criminals will just keep stockpiling people’s credentials.”

Websites inside Russia had been hacked, too. Presently there doesn't seem to be any connection between the hackers and the Russian government. One prominent security expert said he planned to alert law enforcement after making the research public, though the Russian government has not historically pursued accused hackers.

So far, the criminals have not sold many of the records online. Instead, they appear to be using the stolen information to send spam on social networks like Twitter at the behest of other groups, collecting fees for their work.


Selling The Records On The Black Market Would Be Lucrative

While a credit card can be easily canceled, personal credentials like an email address, Social Security number or password can be used for identity theft. Because people tend to use the same passwords for different sites, criminals test stolen credentials on websites where valuable information can be gleaned, like those of banks and brokerage firms.

Computer security consulting firms have contacts in the criminal hacking community and has been monitoring and even communicating with this particular group for some time.

Wireless Camera Finder

The hacking ring is based in a small city in south central Russia, the region flanked by Kazakhstan and Mongolia. The group includes fewer than a dozen men in their 20s who know one another personally — not just virtually. Their computer servers are thought to be in Russia.

“There is a division of labor within the gang,” experts say. “Some are writing the programming, some are stealing the data. It’s like you would imagine a small company; everyone is trying to make a living.”

They began as amateur spammers in 2011, buying stolen databases of personal information on the black market. But in April, the group accelerated its activity. Experts surmised they partnered with another entity, whom he has not identified, that may have shared hacking techniques and tools.

Since then, the Russian hackers have been able to capture credentials on a mass scale using botnets — networks of zombie computers that have been infected with a computer virus — to do their bidding. Any time an infected user visits a website, criminals command the botnet to test that website to see if it is vulnerable to a well-known hacking technique known as an SQL injection, in which a hacker enters commands that cause a database to produce its contents. If the website proves vulnerable, criminals flag the site and return later to extract the full contents of the database.

“They audited the Internet,” experts say. It was not clear, however, how computers were infected with the botnet in the first place.

By July, criminals were able to collect 4.5 billion records — each a user name and password — though many overlapped. After sorting through the data, experts found that 1.2 billion of those records were unique. Because people tend to use multiple emails, they filtered further and found that the criminals’ database included about 542 million unique email addresses.


Most of these sites are still vulnerable, emphasizing that the hackers continue to exploit the vulnerability and collect data.

Experts had begun alerting victimized companies to the breaches, but had been unable to reach every website. Some firm are also trying to come up with an online tool that would allow individuals to securely test for their information in the database.

The disclosure comes as hackers and security companies gathered in Las Vegas for the annual Black Hat security conference this week. The event, which began as a small hacker convention in 1997, now attracts thousands of security vendors peddling the latest and greatest in security technologies. At the conference, security firms often release research — to land new business, discuss with colleagues or simply for bragging rights.

Yet for all the new security mousetraps, data security breaches have only gotten larger, more frequent and more costly. The average total cost of a data breach to a company increased 15 percent this year from last year, to $3.5 million per breach, from $3.1 million, according to a joint study last May, published by the Ponemon Institute, an independent research group, and IBM.

Last February, experts also uncovered a database of 360 million records for sale, which were collected from multiple companies.

“The ability to attack is certainly outpacing the ability to defend,” said Lillian Ablon, a security researcher at the RAND Corporation. “We’re constantly playing this cat and mouse game, but ultimately companies just patch and pray.”

Monty Henry, Owner

Additional Resources:

Target Says 110 Million Cards Stolen (Maybe They Should Be Accepting Bitcoin?)

Major Hotels Hit By Data Breach, Card Fraud  (Should Be Accepting Bitcoin!)

Job Seekers Rush To Apply For Roles Paid In Bitcoin And Employers Desiring To Pay In Bitcoins

What is BitCoin and How Does It Work?


NOW, look in on your home, second home, lake house or office anytime, anywhere from any internet connected PC/Lap-top or Internet active cell phone, including iphone or PDA.

Watch your child's caregiver while sitting at a traffic light or lunch meeting, or check on your business security from the other side of the world. Our built-in hidden video features all digital transmissions providing a crystal clear image with zero interference. With the IP receiver stream your video over the internet through your router, and view on either a PC or smart phone. Designed exclusively for DPL-Surveillance-Equipment, these IP hidden wireless cameras come with multiple features to make the user's experience hassle-free.

NOW, look in on your home, second home, lake house or office anytime, anywhere from any internet connected PC/Lap-top or Internet active cell phone, including iphone or PDA: http://www.dpl-surveillance-equipment.com/wireless_hidden_cameras.html

Watch your child's caregiver while sitting at a traffic light or lunch meeting, or check on your business security from the other side of the world. Our built-in hidden video features all digital transmissions providing a crystal clear image with zero interference. With the IP receiver stream your video over the internet through your router, and view on either a PC or smart phone. Designed exclusively for DPL-Surveillance-Equipment, these IP hidden wireless cameras come with multiple features to make the user's experience hassle-free.

• Remote Video Access

• Video is Recorded Locally To An Installed SD Card (2GB SD Card included)

• Email Notifications (Motion Alerts, Camera Failure, IP Address Change, SD Card Full)

• Live Monitoring, Recording And Event Playback Via Internet

• Back-up SD Storage Up To 32GB (SD Not Included)

• Digital Wireless Transmission (No Camera Interference)

• View LIVE On Your SmartPhone!


* Nanny Cameras w/ Remote View
* Wireless IP Receiver
* Remote Control
* A/C Adaptor
* 2GB SD Card
* USB Receiver



Receiver Specs:

* Transmission Range of 500 ft Line Of Sight
* Uses 53 Channels Resulting In No Interference
* 12V Power Consumption
* RCA Output
* Supports up to 32gig SD

Camera Specs:

* 640x480 / 320x240 up to 30fps
* Image Sensor: 1/4" Micron Sensor
* Resolution: 720x480 Pixels
* S/N Ratio: 45 db
* Sensitivity: 11.5V/lux-s @ 550nm
* Video System: NTSC
* White Balance: Auto Tracking

Make Your Own Nanny Cameras:  Make Tons Of Money In A Booming, Nearly Recession-Proof Industry!

Your Primary Customers Include But Are Not Limited To Anyone In The Private Investigator, Government, Law Enforcement And/Or Intelligence Agencies Fields!

* You Buy Our DVR Boards And We'll Build Your Products! (Optional)

Our New Layaway Plan Adds Convenience For Online Shoppers

DPL-Surveillance-Equipment's layaway plan makes it easy for you to buy the products and services that you want by paying for them through manageable monthly payments that you set. Our intuitive calculator allows you to break down your order's purchase price into smaller payment amounts. Payments can be automatically deducted from your bank account or made in cash using MoneyGram® ExpressPayment® Services and you will receive your order once it's paid in full. Use it to plan and budget for holiday purchases, anniversaries, birthdays, vacations and more!

DPL-Surveillance-Equipment's Customers can now use the convenience of layaway online to help them get through these tough economic times.

We all shop now and then just to face a hard reality -- big credit card bills. However, our latest financing innovation can help you avoid that. Find out why more and more shoppers are checking out DPL-Surveillance-Equipment's e-layaway plan.

If you're drooling over a new nanny camera, longing for a GPS tracker, or wishing for that spy watch, but you're strapped for cash and can't afford to do credit, do what Jennie Kheen did. She bought her iPod docking station (hidden camera w/motion-activated DVR) online using our convenient lay-away plan.

Our online layaway plan works like the old-fashioned service stores used to offer. But, in Kheen's case, she went to DPL-Surveillance-Equipment.com, found the iPod docking station (hidden camera w/motion-activated DVR), then set up a payment plan.

"It's automatically drawn from my account," she said. "I have a budget, $208.00 a month.

In three months, Kheen had paid off the $650.00 iPod docking station. She paid another 3.9 percent service fee, which amounted to about $25.35 (plus $12.00 for shipping) for a total of $687.35.

"You pay a little bit each month," Kheen said. "It's paid off when you get it and you don't have it lingering over your head. It's great."

Flexible payment terms and automated payments make our layaway plan an affordable and fiscally responsible alternative to credit cards.

1. Register:

It's quick, easy and FREE! No credit check required!

2. Shop:

Select the items or service you want and choose "e-layaway" as your payment option. Our payment calculator makes it easy for you to set up your payment terms.

3. Make Payments:

Payments are made on the schedule YOU set. Check your order status or adjust your payments online in a secure environment.

4. Receive Products:

Receive the product shortly after your last payment. The best part, it's paid in full... NO DEBT.

More Buying Power:

* Our lay-away plan offers a safe and affordable payment alternative without tying up your credit or subjecting the purchase to high-interest credit card fees.

No Credit Checks or Special Qualifications:

* Anyone 18 years old or older can join. All you need is an active bank account.

Freedom From Credit Cards:

* If you are near or beyond your credit limit or simply want to avoid high interest credit card fees, our e-layaway is the smart choice for you.

Flexible Payment Schedules:

* Similar to traditional layaway, e-layaway lets you make regular payments towards merchandise, with delivery upon payment in full. Payments are automatically deducted from your bank account or made in cash using MoneyGram® ExpressPayment®

A Tool for Planning Ahead:

* Our e-layaway makes it easy for smart shoppers like you to plan ahead and buy items such as bug detectors, nanny cameras, audio bugs, gps trackers, and more!

No Hidden Charges or Mounting Interest:

Our e-layaway makes shopping painless by eliminating hidden charges and monthly interest fees. Our customers pay a flat transaction fee on the initial purchase price.


* You have the right to cancel any purchase and will receive a refund less a cancellation fee. See website for details.

Security and Identity Protection:

DPL-Surveillance-Equipment has partnered with trusted experts like McAfee and IDology to ensure the security and integrity of every transaction. Identity verification measures are integrated into our e-layaway system to prevent fraudulent purchases.

Note: Simply Choose e-Lay-Away as a "Payment Option" in The Shopping Cart

DPL-Surveillance-Equipment.com is a world leader in providing surveillance and security products and services to Government, Law Enforcement, Private Investigators, small and large companies worldwide. We have one of the largest varieties of state-of-the-art surveillance and counter-surveillance equipment including Personal Protection and Bug Detection Products.

Buy, rent or lease the same state-of-the-art surveillance and security equipment Detectives, PI's, the CIA and FBI use. Take back control!


Phone: (1888) 344-3742 Toll Free USA
Local: (818) 344-3742
Fax (775) 249-9320


Google+ and Gmail



AOL Instant Messenger


Yahoo Instant Messenger

Alternate Email Address

Join my Yahoo Group!

My RSS Feed

Bookmark and Share


Post a Comment

Note: Only a member of this blog may post a comment.

<< Home