TweakTown
Tech content trusted by users in North America and around the world
6,155 Reviews & Articles | 39,554 News Posts

TweakTown News

Refine News by Category:

Hacking & Security Posts - Page 11

Tesco Hudl, other Android devices have data reset flaw, experts say

The Google Android-powered Tesco Hudl tablet has a data reset flaw in which the factory reset option doesn't do a good job deleting information, according to security specialists. There is concern that many Tesco tablets end up on eBay, and despite having broken screens, weren't wiped of onboard data.

 

TweakTown image news/3/9/39734_01_tesco_hudl_other_android_devices_have_data_reset_flaw_experts_say.jpg

 

Researchers were also able to discover PIN codes to unlock the tablets, with Wi-Fi keys, cookies and Web browsing data from original owners discovered.

 

"The factory data reset doesn't appear to zero all sectors on the disc; it's simply too quick a reset process to do so," said Ken Munro, a Pen Test Partners security expert, in a statement to The Register. "So then we bought a few Tesco refurbished Hudls from the Tesco Outlet Store on eBay. Whilst two of them had been correctly zeroed using a wiping product, one was not. From this we recovered some of the previous owners personal data, again including social media and mail profiles."

Continue reading 'Tesco Hudl, other Android devices have data reset flaw, experts say' (full post)

Chinese businessman indicted for alleged role in hacking U.S. military

Chinese national Su Bin has been indicted by a federal grand jury, allegedly working with two other hackers in their efforts to compromise Boeing. The trio stole information related to the F-22 and F-35 fighter jets, along with the C-17 military transport aircraft, and wanted to sell the information to Chinese companies.

 

TweakTown image news/3/9/39732_01_chinese_businessman_indicted_for_alleged_role_in_hacking_u_s_military.jpg

 

If convicted of unauthorized computer access and conspiracy charges, Su faces up to 30 years in federal prison. The Chinese citizen is currently in Canadian custody and will likely be extradited to the United States to face prosecutors.

 

When people think of cybercrime, it's related more to state-sponsored hacking conducted by cyberattacks from criminals overseas. However, there are occasional incidents where attacks are launched from North America and the alleged suspects are caught.

Continue reading 'Chinese businessman indicted for alleged role in hacking U.S. military' (full post)

Repeated cyberattacks targeting French site Rue89, website staff

Repeated cyberattacks against French news website Rue89 has drawn criticism from the Committee to Protect Journalists (CPJ), with staff and their families being harassed after publishing a story related to a "militant Zionist" cybercriminal. The person in question, Gregory Chelli, lives in Israel, and reportedly attacked people he thought were against Israel.

 

TweakTown image news/3/9/39730_01_repeated_cyberattacks_targeting_french_site_rue89_website_staff.jpg

 

The official Rue89 website suffered multiple distributed denial-of-service (DDoS) attacks, according to Pierre Haski, website editorial director. An official complaint has been filed with the French public prosecutor's office, and Chelli already faced a suspended sentence in France, but it's unsure what will happen this time around.

 

"We call on French and Israeli authorities to launch a thorough investigation into these attacks on Rue89 and to ensure its staff members' safety," said Nina Ognianova, CPJ Europe and Central Asia Program Coordinator, in a statement. "Such intimidation tactics against journalists and their families must not be tolerated, lest they lead the media to self-censor."

Continue reading 'Repeated cyberattacks targeting French site Rue89, website staff' (full post)

Hackers could compromise smartphones by using device's gyroscope

Hackers can compromise a smartphone user and eavesdrop by using the device's internal gyroscope, according to a study from Stanford University and the Rafael Advanced Defense Systems technology company. Instead of directly listening to a phone conversation, this is remote eavesdrop exploit so users can be snooped on when in the immediate area of a device.

 

TweakTown image news/3/9/39726_01_hackers_compromising_smartphones_by_using_device_s_gyroscope.jpg

 

"Whenever you grant anyone access to sensors on a device, you're going to have unintended consequences," said Dan Boneh, Stanford security professor, in a statement to Wired. "In this case the unintended consequence is that they can pick up not just phone vibrations, but air vibrations."

 

The gyroscope in smartphones use a small plate that vibrates around 200 hertz, which is fast enough to recognize human voices. Using customized speech recognition software allowed the researchers to accurately determine 65 percent of "numeric digits" of a specific speaker. Eavesdropping levels aren't quite the same as using a compromised smartphone's microphone, but shows the potential threat level of current data security efforts.

Apple iCloud data to be stored on Chinese servers, report notes

Apple is reportedly going to begin moving personal iCloud data of Chinese users onto servers that are located inside the country's borders. The decision was made in an effort to make data access faster and more reliable for Apple customers, and the company has partnered with China Telecom.

 

TweakTown image news/3/9/39725_01_apple_icloud_data_to_be_stored_on_chinese_state_controlled_servers.jpg

 

"Apple takes user security and privacy very seriously," Apple noted in a statement sent to Reuters. "We have added China Telecom to our list of data center providers to increase bandwidth and improve performance for our customers in mainland China. All data stored with our providers is encrypted. China Telecom does not have access to the content."

 

The encryption keys will not be located in China and China Telecom will not have access to them, according to sources.

Continue reading 'Apple iCloud data to be stored on Chinese servers, report notes' (full post)

Report: SuperValu, Albertson's grocery stores hit by data breaches

Cybercriminals successfully breached Albertson's and SuperValu, which are two of the largest and most popular grocery store chains in the United States. The massive data breach also impacts their umbrella companies, including Acme, Jewel-Osco, Shaw's, Star Market, Cub Foods, Farm Fresh, Shop 'N Save, Hornbacher's, and Shoppers Food & Pharmacy.

 

TweakTown image news/3/9/39724_01_report_supervalu_albertson_s_grocery_stores_hit_by_data_breaches.jpg

 

The SuperValu breach might have affected customers between June 22 and July 17 in Illinois, Maryland, Minnesota, Virginia and Missouri. It's unknown how many Albertson's customers might be affected from the data breach.

 

"The safety of our customers' personal information is a top priority for us," said Sam Duncan, SuperValu President and CEO, in a statement. "The intrusion was identified by our internal team, it was quickly contained, and we have had no evidence of any misuse of any customer data. I regret any inconvenience that this may cause our customers but want to assure them that it is safe to shop in our stores."

Continue reading 'Report: SuperValu, Albertson's grocery stores hit by data breaches' (full post)

Rady Children's Hospital facing lawsuit related to data breach

Following a data breach suffered by Rady Children's Hospital in June 2013, a mother has filed a lawsuit against the company related to a security breach that led her daughter's medical records to be exposed.

 

TweakTown image news/3/9/39723_01_rady_children_s_hospital_facing_lawsuit_related_to_data_breach.jpg

 

The Rady data breach occurred when an employee emailed a spreadsheet containing patient admittance records from July 1, 2012 to June 30, 2013 to four job applicants. The records included patient names, birth dates, primary medical diagnoses, medical record numbers, insurance carrier information, and admittance and discharge dates.

 

"This is not one or two records dropped in the parking lot," said David A. Miller, an attorney representing the mother, in a statement to the media. "The people they gave this information to didn't even work there. They were job applicants."

Continue reading 'Rady Children's Hospital facing lawsuit related to data breach' (full post)

Kanguru launches USB 3.0 flash drive using trusted secure firmware

USB portable data storage company Kanguru has released an unencrypted USB 3.0 flash drive, utilizing onboard trusted firmware that defends against malicious firmware-based attacks. The drive has read speeds up to 230MB/s with 85MB/s write speed, Kanguru noted. Storage capacities range in size: 8GB, 16GB, 32GB, 64GB and 128GB, with a starting price of $29.95 for the 8GB drive. The flash drive also has a strong aluminum housing to keep it safe from any significant external damage.

 

TweakTown image news/3/9/39693_01_kanguru_launches_usb_3_0_flash_drive_using_trusted_secure_firmware.jpg

 

"Our Kanguru Defender series of secure, hardware encrypted USB drives is immune to a potential attack like 'BadUSB' because of the digitally signed secure firmware," said Nate Cote, Kanguru EVP, in a press statement. "With the release of the new Kanguru FlashTrust, we now offer this same level of firmware protection to the multi-billion dollar market segment of unencrypted USB device users."

 

As many users and business workers rely on flash drives, there has been an increase in secure flash drives - IronKey, Kingston secure USB flash drives, Imation Defender, Kanguru, and the Apricorn Aegis secure key, among others. There is a good selection of secure products that can be chosen, using various security protocols to keep data safe.

Amobile Spy unveils Android spy app so you can snoop on your kids

Amobile Spy recently launched the iKeyMonitor Android Spy App, a custom app designed to help parents track what their children do using their smartphones.

 

TweakTown image news/3/9/39690_01_amobile_spy_unveils_android_spy_app_so_you_can_snoop_on_your_kids.jpg

 

The app has the ability to log passwords and keystrokes, monitor WhatsApp message recording, Web history tracking, capture screenshots, log email reporting and 2-side SMS/call logging. The keylogger monitors everything from Facebook, Twitter, Gmail, Skype, Yahoo Messenger and other popular social media or communication apps.

 

"iKeyMonitor Android Keylogger offers simple, secure, and secret ways to record the activities on Android devices with incredible monitoring features," said Kyle Davis, Amobile Development Department Manager, in a press statement. "We're also giving users smart features to review the logged data remotely."

Continue reading 'Amobile Spy unveils Android spy app so you can snoop on your kids' (full post)

Jailbroken iOS devices being targeted, exploited by new theft malware

A new Chinese malware infected more than 75,000 jailbroken Apple iPhones, with the malware hijacking 22 million advertisements. AdThief, also known as Spad, is the iOS malware and was able to covertly operate around four months - and only works on jailbroken devices. Although originally found by researcher Claud Xiao in March, Fortinet senior mobile researcher Axelle Apvrille took a closer look at AdThief.

 

TweakTown image news/3/9/39669_01_jailbroken_ios_devices_being_targeted_exploited_by_new_theft_malware.jpg

 

Operating on 15 different mobile adkits, the malware changed a developer or affiliate ID so the attacker would collect the revenue. Eight of the adkits are Chinese, and jailbreaking devices is a rather common technique among Chinese consumers. Security experts continually warn users that jailbroken smartphones and tablets pose significant threats to users.

 

The Chinese hacker, known as Rover12421 did contribute to the code, but denied saying he or she is behind the entire project.

Latest Tech News Posts

View More News Posts

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases