ALERT:ATM PIN NUMBERS HACKED!

Hackers broke into Citibank's network of ATMs inside 7-Eleven stores this year and stole customers' PIN codes, according to recent court filings that revealed a disturbing security hole in the most sensitive part of a banking record.

The scam netted the alleged identity thieves millions of dollars. But more importantly for consumers, it indicates criminals were able to access PINs -- the numeric passwords that theoretically are among the most closely guarded elements of banking transactions -- by attacking the back-end computers responsible for approving the cash withdrawals.

The case against three people in U.S. District Court for the Southern District of New York highlights a significant problem.

Hackers are targeting the ATM system's infrastructure, which is increasingly built on Microsoft Corp.'s Windows operating system and allows machines to be remotely diagnosed and repaired over the Internet. And despite industry standards that call for protecting PINs with strong encryption -- which means encoding them to cloak them to outsiders -- some ATM operators apparently aren't properly doing that. The PINs seem to be leaking while in transit between the automated teller machines and the computers that process the transactions.

"PINs were supposed be sacrosanct -- what this shows is that PINs aren't always encrypted like they're supposed to be," said Avivah Litan, a security analyst with Gartner research firm. "The banks need much better fraud detection systems and much better authentication."

It's unclear how many Citibank customers were affected by the breach, which extended at least from October 2007 to March. The bank has nearly 5,700 Citibank-branded ATMs inside 7-Eleven Inc. stores in the U.S., but it doesn't own or operate any of them.

MICROSOFT SCAMS AGAIN!

Businesses that skip Windows Vista and upgrade their computers directly from the XP operating system to Windows 7 could expose themselves to security risks and other problems, Microsoft says in a new white paper.

Bypassing Vista could have "implications for security, support, and regulatory compliance and reduce flexibility in the face of changing business requirements," writes Microsoft VP Mike Nash, in the paper.Specifically, Nash says that businesses that wait for Windows 7 -- set for release in late 2009 or early 2010 -- to upgrade from XP could find themselves using outdated applications that don't employ proper security safeguards or are no longer supported.

They also won't get the advantage of new security technologies and other improvements that Microsoft embedded in Vista, Nash says. "By not deploying Windows Vista, it means missing out on the proven benefits such as better security, productivity, search, mobility, manageability and infrastructure optimization," Nash says in the paper, which is titled "The Business Value Of Windows Vista."

Do you remember any similar pushes with previous operating systems? This could possibly be because of the absolute travesty that is Vista security, that has kept so many large businesses from switching to the operating system. After such an outcry from the IT community and backlash against their prettiest operating system, Microsoft has decided to switch their tactics from marketing to George Bush-esque "strategertizing". Overheard in a consultation, "OH so you don't want to upgrade to Vista? If you don't You will never be able to Upgrade again!!!" Basically they are trying to tell you that if you don't upgrade to Vista, You can't upgrade to 7. And you can bet that the software of 7 wont allow a install from XP. And will most likely have a discount upgrade to Vista. 49.99 so that you can upgrade to vista so that you can upgrade to 7 (It's a steal!!!)