TweakTown NewsRefine News by Category:
Cybercriminals are finding new methods to compromise energy companies and other critical industries with custom malware, exploiting legitimate apps. Instead of trying to hack the company directly, hackers are finding success in hacking software providers to hack vendors, according to security firm F-Secure.
The "Havex" malware previously hit the energy sector, and is now being used to target companies in Europe. An industrial machine producer and two educational organizations in France, with companies in Germany also hit.
"During the spring of 2014, we noticed that Havex took a specific interest in Industrial Control Systems (ICS) and the group behind uses an innovative Trojan horse approach to compromise victims," said F-Secure in a blog post. "The attackers have Trojanized software available for download from ICS/SCADA manufacturer websites in an attempt to infect the computers where the software is installed to."
PayPal's security procedures have been described as 'shoddy,' with the possibility of bypassing the company's two-factor authentication, according to security firm Duo Security. PayPal has created a workaround in place to reduce vulnerability, and a permanent fix is currently being developed.
Exploiting a flaw in the two-factor authentication (2FA) mechanism, but at least one person used flight mode to turn off connectivity immediately after logging into PayPal.
"The vulnerability lies primarily in the authentication flow for PayPal's API web services," according to the Duo Security blog post. "In particular, api.paypal.com, a REST-ful API which uses OAuth for authentication/authorization, does not directly enforce two-factor authentication requirements server-side when authenticating a user."
California Senate Bill 962, aimed at forcing smartphone manufacturers to include mandatory kill switches on smartphones, has passed the California Assembly committee. Apple, Google, Microsoft, Verizon Wireless and AT&T say they are okay with the law, after showing initial distrust of mandatory kill switches.
Last month, the California Senate passed the smartphone kill switch bill on its second try, with lawmakers saying police across the state are seeing smartphone thefts plaguing communities. San Francisco District Attorney George Gascon and Oakland Mayor Jean Quan applaud anti-theft smartphone technology, especially with smartphone-related crimes staggering high in San Francisco and Oakland, respectively.
"The only way to stop the victimization of innocent cell phone customers is to enable theft-deterrent technology on nearly every new smartphone sold in California, which this legislation will do," said Sen. Mark Leno, (D-San Francisco), the sponsor of the bill
Mobile gamers interested in playing Flappy Bird should be extremely careful, because most versions of the game circulating shipped with some type of malware. A whopping four out of every five Flappy Bird clone apps come with malware, and that shouldn't be a surprise, with the game pulled while still in such high demand.
The developer behind Flappy Bird, Dong Nguyen, removed his hugely popular game from app stores in February, concerned that it was causing addition. However, the game was so popular that it didn't take long before clones began hitting the Internet, and download rates of the knock-off versions picked up.
Some malware is responsible for texting premium services, while others intercept messages and phone calls, and others focus on targeting payment information.
Police departments in the United States are being targeted by cyberattacks compromising users and demanding ransom in exchange for control of PCs and files. It's a significant problem when emergency responders are unable to access databases and records due to someone carelessly clicking something in their email.
Recently, the Collinsville Police Department in Alabama was hit, triggered by someone in the police department opening a suspicious email attachment, that immediately hurt police activities. They were unable to access mug shot files, time sheets, and vehicle maintenance records - and the department's computer backups failed, and they might have to start over from scratch.
A police department in Massachusetts was compromised and chose to pay the $750 ransom, which is something federal investigators don't encourage. The files might be decrypted and returned, but likely don't end up returning the same way they were before being compromised.
Companies and enterprises are seeing the negative impact of cybersecurity issues, such as data breaches can cause, but aren't using information protection strategies to help combat the problem, according to a recent survey published by CSO Magazine and PwC.
Three out of four companies experienced some type of security problem in the past year, with an average of 135 incidents per company. To make matters worse, improving cybersecurity still isn't company priority when compared to other day-to-day business activities.
"While the number of cybercrime incidents and the monetary losses associated with them continue to rise, most U.S. organizations' cybersecurity capabilities do not rival the persistence and technological skills of their cyber adversaries," according to the survey.
New York City has a new financial cybercrimes task force with the Federal Bureau of Investigation (FBI) teaming up with the New York City Police Department and Metropolitan Transportation (MTA) authority. The three agencies will share threat assessment data and study cyberattacks in which money and funds have been compromised.
The FBI has become active in partnering with local agencies across the United States, as part of its Next Generation Cyber Initiative - understanding that cyberattacks continue to expand and evolve at a rapid pace.
"The task force model that has been successfully employed in response to bank robbery and terrorism cases is now being applied to the cyber realm," said George Venizelos, FBI Assistant Director, in a statement. "The FBI continues to develop positive working relationships with our fellow law enforcement officers in our joint efforts to tackle criminal activity, and we look forward to working with our partners at the NYPD and MTA to combat cybercrime."
Source code hosting service Code Spaces recently suffered a massive cyberattack that started with a distributed denial-of-service (DDoS) attack. The second phase of the attack occurred when a cybercriminal compromised the company's Amazon EC2 control panel, demanding a ransom from Code Spaces before the DDoS attack ended.
Code Spaces were unable to access company private keys, and the Amazon EC2 password was changed, but the hacker was still able to begin deleting artifacts from the control panel. Trying to restore the service back to normal will be too expensive and cumbersome, so Code Spaces folded up shop.
"Code Spaces will not be able to operate beyond this point... the cost of resolving this issue to date and the expected cost of refunding customers who have been left without the service they paid for will put Code Spaces in an irreversible position both financially and in terms of ongoing credibility."
Businesses struggle to keep their data secure, but find it even harder to deal with data breaches once they already happen. Companies that try to bury their heads in the sand and keep breaches secret could be harming themselves more than anything else, and should be more transparent.
Some companies try hiding data breaches or only confirm the news after security incident details are released. That can lead to major problems from shareholders, customers, and law enforcement officials.
"It's brought it to a point now where businesses have to pay attention," said Al Pascual, Javelin Strategy & Research senior analyst, in an interview with journalists. "Before, it was more of a concern for folks in the back office. They may have had some minor concerns about regulators or government officials, but now they have to worry about being punished by their shareholders, being punished by consumers who are pretty likely not to come back or to reduce their patronage."
Medical company Medtronic said it was breached by cyberattacks in separate incidents last year, with some patient records compromised. A number of medical records in the diabetes business unit was taken, but the company didn't disclose how many patients were affected, or what information was at risk.
Medtronic is the biggest standalone medical device maker in the world, and is a significant problem that rivals should pay attention to.
"Medtronic, along with two other large medical device manufacturers, discovered an unauthorized intrusion to our systems that was believed to originate from hackers in Asia," Medtronic confirmed in a filing to the Securities and Exchange Commission (SEC).