Of all the spying programs revealed by former IT contractor Edward Snowden, the National Security Agency (NSA) was quick to deny exploiting users by impersonating Facebook.
Shortly after reports surfaced accusing the NSA of mimicking a Facebook server to help infect user PCs, users were upset - and the NSA wanted to offer a public statement.
"Recent media reports that allege NSA has infected millions of computers around the world with malware, and that NSA is impersonating U.S. social media or other websites, are inaccurate," the NSA said via its Public Affairs Office. "NSA uses its technical capabilities only to support lawful and appropriate foreign intelligence operations, all of which must be carried out in strict accordance with its authorities."
Online retailer NoMoreRack.com was hit by a second reported data breach in the past seven months, and has been notified by Discover regarding customer card data has been compromised, according to a report on the KrebsOnSecurity website.
Following the first reported attack, NoMoreRack teamed with information security compliance company Trustwave, and the forensic audit turned up "no clear cut evidence" of a successful data breach.
"So, as of last week, we engaged with Trustwave again to undergo another audit," said Vishal Agarwal, NoMoreRack Director of Business Development, in a statement. "We have been hearing the complaints from banks, but apart from that, and we've done our analysis and due diligence, and there is nothing seriously we can find that may have resulted in customer cards being compromised."
In an effort to keep user privacy more secure, search giant Google plans to encrypt searches in China, an effort that will rollout worldwide, to try and limit government snooping.
The Chinese government is well known for its censorship and spying activities, with tech-savvy users already relying on proxies and anonymous Internet browsers to slip past the "Great Firewall of China."
"No matter what the cause is, this will help Chinese netizens to access information they've never seen before," noted Percy Alpha, GreatFire.org co-founder, a group designed to monitor Chinese censorship. "It will be a huge headache for Chinese government authorities. We hope other companies will follow Google to make encryption by default."
Following reported spying activity from the National Security Agency (NSA), Google and other search companies have been blamed for their role in organized spying efforts. However, Google, Microsoft, Yahoo, and others have boosted search encryption efforts to help boost privacy in an age where government surveillance is a frightening reality.
Colleges and universities are popular targets for cybercriminals trying to compromise a large amount of users, stealing as much personal information as possible. However, university officials, after learning of a breach, often are unsure what to do - and struggle to alert students and faculty members in a streamlined manner.
Most recently, hackers compromised North Dakota University and Johns Hopkins University, with hackers stealing personal information.
In the Johns Hopkins University breach, hackers stole information on 850 current and former students, though no Social Security Numbers or highly sensitive information was taken. The breach reportedly took place sometime towards the end of 2013, but university officials didn't publicly report the incident until early March.
The North Dakota University System breach compromised students from different colleges and universities in North Dakota, hitting a few hundred staff members around 300,000 students - no financial data was stolen, but personal information, including Social Security Numbers, was compromised in the breach. There was a delay in reporting the incident so a forensic analysis could be conducted, according to security specialists.
Security experts are keen to try and help traditional anti-virus software evolve into a layer of added defense for breach detection systems (BDS), though the industry is having trouble finding its way there.
If hackers are unable to gain access to PCs, they are finding success targeting voice over Internet protocol (VoIP) phones in the office - which sometimes leads to direct access to computer networks.
Red Balloon, founded by researchers from Columbia University, are interested in developing security for embedded devices, helps companies keep devices more secure.
"Now that we know that these phones can be hacked and used as eyes and ears by the attackers, it's time we started demanding real security on the phones," noted Ang Cui, Red Balloon chief scientist, in a statement to the media. "These phones, like mother other embedded devices I've looked at, are about as protected as my laptop back in 2006, without anti-virus."
National credit reporting company Experian endured a data breach dating from 2007 to 2013, with a man posing as a private investigator reportedly purchasing consumer data. Vietnamese citizen Hieu Minh Ngo pleaded guilty last week, after reportedly selling the stolen information to a group of 1,300 customers.
The information Ngo offered up included full names, addresses, previous mailing addresses, phone numbers, e-mail information, birth dates, and Social Security Numbers. It's unknown how many people were affected, though security experts believe up to 30 million American records could have been shared.
Ngo faces up to 45 years in jail, and will be sentenced on June 16.
The National Security Agency (NSA) reportedly wants to infect millions of computers with malware, and the TURBINE program is based on hacking routers, impersonating Facebook, and other shady practices. Not surprisingly, the information was made public based on revelations released by former NSA contractor Edward Snowden.
The NSA posed as a fake Facebook server, and successfully infected a user's computer to gain access to stored files on a HDD, according to a report posted on The Intercept. Previously, the NSA would use this tactic for a small number of select targets that couldn't be tracked with regular wiretaps, but greatly expanded use over the past 10 years.
Security experts are disheartened by yet another data snooping case from the NSA, potentially opening up additional security issues by intentionally infecting computers with malware.
Legitimate WordPress sites can be compromised and turned into a weapon to use as part of a distributed denial-of-service (DDoS) attack, according to security researchers. A HTTP-based distributed flood attack from more than 162,000 attacks recently brought down a larger site, with the victim WordPress site forced offline due to a tremendous amount of traffic.
Compromised websites likely didn't realize they were hijacked and used as part of the attack, though administrators can search for XML-RPC "POST" requests in website logs.
"Any WordPress site with XML-RPC enabled (which is on by default) can be used in DDoS attacks against other sites," said Daniel Cid, Sucuri CTO, wrote in a blog post. "Note that XML-RPC is used for pingbacks, trackbacks, remote access via mobile devices and many other features you're likely very fond of."
Two men have been arrested and are allegedly involved in a cyberattack and data theft of KT Corp, a major South Korean phone company, with 12 million users affected. The breach took place over a long period, and the criminals took up to 300,000 piece of information at a time, and the South Korean government forced KT Corp to create an online database for users hit by the breach.
One of the suspects reportedly broke into the KT Corp computer system using custom-coded software he developed himself. During the breach, the accused hacker gained bank details, employment information and home addresses on 12 million KT - around 75 percent of the company's customers.
The information was later sold to another criminal, and he allegedly used the data to pose as a KT sales rep and sell mobile phones - the criminal scheme generated an estimated $10.8 million, according to reports.
Banks and other financial institutions are embracing biometrics as a next-level security platform, helping prevent against fraud and theft, according to a report published by the Global Industry Analysts (GIA) research group.
Fingerprint recognition is the most popular form of biometrics security, with high accuracy and relatively low deployment costs.
Most common biometric security tend to be fingerprint verification, hand-geometry recognition, speech recognition, and iris and retina scanning technologies. Each has significant advantages and disadvantages, leading some companies to adopt multiple types of biometrics. However, it's not cost-effective to install and maintain multiple layers of security, unless necessary, with each different solution needing a complex infrastructure.
Most cybercriminals want to exploit vulnerable networks and make a profit as quickly and easily as possible - and that includes compromising non-profit groups, even trying to conduct organized extortion. Hackers recently hijacked the crisis line of The Bridge for Youth, a Minnesota non-profit aimed at helping homeless adolescents in the state.
It seems The Bridge was hit with phone spam that was able to hijack phone lines and Internet access - and criminals will hold the lines for ransom, in exchange for monetary payment. Instead of paying the criminals, under police guidance, they refused - and then redirected the line to an answering machine - and worked with other non-profits to set up a new phone line.
"We had to shut down our crisis number of 35 years last Tuesday," said Dan Pfarr, The Bridge for Youth Executive Director, in a statement to the Minneapolis Star Tribune. "The guys who took over our crisis line wanted money. We told them we work with distressed families and kids at the low point of their lives. That we deal with lives. We can't have abused kids or parents... calling in and getting a busy signal."
Defunct bitcoin exchange Mt. Gox was under continued cyberattack prior to having its loot and source code stolen, enduring up to 150,000 DDoS (distributed denial-of-service) attacks per second, according to the Yomiuri Shimbun newspaper.
Cybercriminals attacked Mt. Gox by launching thousands of massive DDoS attacks to help cover attempts to steal bitcoins, which led to the Mt. Gox system to go down. Following the attack, Mt. Gox representatives announced 750,000 customer bitcoins were gone, along with 100,000 owned by the company.
Since its inception, bitcoin values have ranged from $40 per coin up to $1,100 in 2013, though is hovering around $610.
Up to 168,500 patients of the Los Angeles County Department of Health Services are at risk after thieves broke into the Sutherland Healthcare Solutions (SHS) office and stole PCs with personal information.
Included in the data breach: Names, Social Security Numbers, birthdates, addresses, medical diagnoses, medical and billing information. The Southern California SHS office was broken into on February 5, and the company is now working with law enforcement - and reviewing its internal policies to try and prevent a similar breach from happening in the future.
"We take this incident very seriously and are taking the necessary precautions to protect all patient related information from theft or criminal activity," SHS said in an open memo. "We and Los Angeles County are actively working with law enforcement."
Congressman Mike Pompeo (R-Kansas) doesn't want SXSW organizers to interview former NSA IT contractor Edward Snowden, saying Snowden cares more about personal fame than personal privacy of US citizens.
SXSW officials wanted to open a debate focused on government surveillance and how important it is to help develop the online ecosystem.
"Mr. Snowden's appearance would stamp the imprimatur of your fine organization on a man who ill deserves such accolades," Congressman Pompeo said in an open letter. "Rewarding Mr. Snowden's behavior in this way encourages the very lawlessness he exhibited. Such lawlessness - and the ongoing intentional distortion of truth that he and his media enables have engaged in since the release of these documents - undermines the very fairness and freedom that SXSW and the ACLU purport to foster. I strongly urge you to withdraw this invitation."
During his speech at the SXSW technology conference in Austin, Texas, Google chairman Eric Schmidt had some damning words to say about the Chinese, and the NSA. SChmidt said that government attacks from China, and the US, forced Google to boost its security protocols.
Schmidt said that governments around the world have come to the realization that trying to block Internet access to its citizens are futile, and that they have moved onto other methods of control. He said: "You don't turn off the Internet: you infiltrate it. The new model for a dictator is to infiltrate and try to manipulate it. You're seeing this in China, and in many other countries."
The Google chairman was pressed about the role of technology in uprisings, such as the one in the Ukraine right now, where he said that the spread of mobile devices has allowed people to organize much more easily, but although "revolutions are going to be easier to start," they'll also be "harder to finish."
Researchers from North Carolina State University have created the Practical Root Exploit Containment (PREC) tool aimed to look for root exploits in malicious apps.
Since most malicious apps targeting Google Android are based on C programming, not Java, researchers can compare apps with a database that describes how apps are expected to operate. Software anomaly detection isn't new, but researchers focused strictly on C code, greatly reducing the number of false positives by searching for C only.
"We have implemented PREC and evaluated our methodology on 140 most popular benign applications and 10 root exploit malicious applications," researchers wrote in their paper. "Our results show that PREC can successfully detect and stop all the tested malware while reducing the false alarm rates by more than one order of magnitude over traditional malware detection algorithms."
European Union law enforcement agency Europol is urging citizens to be careful using public Wi-Fi hotspots, due to an increase in the number of cybercriminals trying to steal information.
There is even greater concern when people use these hotspots to log into social media, make online purchases, or use online banking. However, the majority of consumers don't tend to focus on security, and aren't aware of the risks.
"We should teach users that they should not address sensitive information while being on an open insecure Wi-Fi Internet," said Troels Oerting, head of the Europol cybercrime unit, in an interview with BBC Click. "They should do this from home where they know actually the Wi-Fi and its security, but not if you are in a coffee shop somewhere you shouldn't access your bank or do all of these things that actually transfer very sensitive information."
First American Bank sent out a public memo warning members to be on alert when paying for taxicabs in Chicago using debit or credit cards - and urge those traveling in the Windy City to use cash payments.
First American Bank made the issue public almost three weeks after it was alerted of fraudulent behavior in Chicago cabs. To date, more than 200 new cards have been issued and at least $62,000 in suspected fraudulent activity has been flagged by the bank.
"We have become aware of a data breach that occurs when a card is used in Chicago taxxis, including American United, Checker, Yellow, and Blue Diamond and others that utilize Taxi Affiliation Services and Dispatch Taxi to process card transactions," said Tom Wells, First American Bank chairman, in a statement.
Companies infected with the Cryptolocker ransomware are willing to pay up, with 40 percent of companies hit sending around $500 to recover files.
Cryptolocker is plaguing companies, encrypting certain file formats that cause workplace disruption, which is likely why companies are so quick to make a payment to cybercriminals overseas.
"If the results reported on the rate of Cryptolocker victims who pay a ransom are to be strengthened by further research, these figures would be extremely troubling, netting criminals behind the ransomware hundreds of millions." said Dr. Julio Hernandez-Castro, University of Kent School of Computing professor, said in a statement. "This would encourage them to continue with this form of cybercrime, potentially prompting other criminal gangs to jump into an extremely profitable cybercrime market."
Cryptolocker is extremely tricky because a malware scan will remove the malware, but the encrypted files stay encrypted until the countdown ends.
Russia and Ukraine are locked in a tense political situation which has spilled over into the digital world, with both countries reportedly launching cyberattacks against one another. Security experts believe even if physical military skirmishes don't take place, there will be continued cyberattacks on both sides.
The Russian military is accused of knocking out mobile phone networks in the Ukraine, with social media and news sites defaced and temporarily replaced with propaganda.
"I confirm that an... attack is underway on mobile phones of members of the Ukrainian parliament for the second day in a row," said Valentyn Nalivaichenko, Ukrainian security chief, at a press conference.
Researchers from Saarland University in Germany created a unique piece of software designed to help keep Google Android users more secure. Specifically, the "Chabada" detection software helps scan apps to see if they are possibly infected.
App functionality is quickly scanned, and the software is able to identify if an app does something overly suspicious. Google reportedly is interested to have the entire Google App store searched to see which malicious apps may have slipped in.
"Apps whose functionality is described in the app store should behave accordingly," said Andreas Zeller, Saarland University professor of software engineering, in a statement. "If that is not the case, they are suspect."