TweakTown
Tech content trusted by users in North America and around the world
6,141 Reviews & Articles | 39,479 News Posts
Weekly Giveaway: Win an Antec Case, PSU and Cooler (Global Entry!)

TweakTown News

Refine News by Category:

Hacking & Security Posts - Page 11

Manchester United won't let fans bring tablets, laptops into stadium

New "security intelligence" has led Manchester United to ban tablets and laptops from the Old Trafford stadium located in Old Trafford, Greater Manchester. Greater Manchester Police will not be involved in the ban, and includes both smaller and larger tablets. Smartphones that are 5.9" x 3.9" or smaller will still be allowed into the arena without a problem.

 

TweakTown image news/3/9/39655_01_manchester_united_won_t_let_fans_bring_tablets_laptops_into_stadium.jpg

 

Stadium officials noted it would be "impractical" for each fan to power up tablets and laptops as they enter the arena - unlike at airports, where passengers will be able to quickly show that they have a legitimate electronic device.

 

The TSA may request passengers flying into the United States to power on their mobile devices - a move that Britain has matched - at the risk of some type of explosive device hidden inside.

Security firm Trend Micro finds threats plague consumers, companies

The first two quarters of 2014 again revealed cyberthreats, data breaches and high-risk cyber vulnerabilities that companies struggle to keep up with, according to a new report from security firm Trend Micro.

 

TweakTown image news/3/9/39625_01_security_firm_trend_micro_finds_threats_plague_consumers_companies.jpg

 

Consumers face issues such as data theft of customer names, passwords, email addresses, home addresses, phone numbers, and birth dates. Cybercriminals are finding ways to steal this type of information directly from consumers, or compromising companies.

 

"Organizations must treat information security as a primary component of a long-term business strategy rather than handling security issues as a tertiary, minor setbacks," said Raimund Genes, Trend Micro CTO, in a press statement. "Similar to having a business strategy to improve efficiency, a well-thought-out security strategy should also improve current protection practices that achieve long-term benefits. The incidents observed during this quarter further establish the need for a more comprehensive approach to security."

Continue reading 'Security firm Trend Micro finds threats plague consumers, companies' (full post)

Group wants to help automakers keep connected vehicles safer

The "I am the Calvary" security group hopes to bridge the gap between automakers and security researchers, in an effort to keep connected vehicles more secure. The group wants to see the following: design security, development and testing phase, collaboration with researchers, and helping automakers provide assurance of connected security updates.

 

TweakTown image news/3/9/39628_01_group_wants_to_help_automakers_keep_connected_vehicles_safer.jpg

 

"We don't need to wait for bad things [to happen] before starting to take safety into our design [considerations]," said Joshua Corman, Sonatype CTO and I am the Calvary co-founder, in a statement. "It takes a very long time to develop technologies and get them in the market. What we start today may not manifest for several years."

 

As newer vehicles rely on connected features, such as GPS, radio, and other Internet-based solutions, there is growing concern cybercriminals will be able to exploit these new features.

FBI investigating spear phishing attack against Clearview Credit Union

A new spear phishing attempt posing as a message from the Clearview Federal Credit Union has led to an investigation from the FBI, with messages asking both members and non-members about their accounts. The attacks include phone calls, emails and text messages, warning of debit card suspensions because of "an error of (Clearview's) internal processors."

 

TweakTown image news/3/9/39623_01_fbi_investigating_spear_phishing_attack_against_clearview_credit_union.jpg

 

Spear phishing attacks targeted selected groups with custom attacks, as cybercriminals try to compromise users as quickly and efficiently as possible. The stolen data is quickly sold or traded online, with criminals moving on to other targets.

 

"It's important to be cognizant of ways to protect your individual identity," said Christianne Gribben, Clearview spokeswoman, in a public statement. "If anyone has submitted their personal information through these avenues, member or not, they should contact their financial institutions immediately."

Hackers having their way with Eastern Bloc political leaders

Organized cybercriminals are targeting Eastern Bloc politicians and embassies, and it's still unknown who is behind the attacks, according to security firm Symantec. The attack began with a former Soviet Union country infected, which led to 60 other computers being compromised - and the infections spread throughout the rest of the year and into 2013.

 

TweakTown image news/3/9/39622_01_hackers_having_their_way_with_eastern_bloc_political_leaders.jpg

 

"Because of the targets chosen and the advanced nature of the malware used, Symantec believes that a state-sponsored group was behind these attacks," according to Symantec. "The current campaign is the work of a well-resourced and technically competent attack group that is capable of penetrating many network defenses. It is focused on targets that would be of interest to a nation state, with spying and theft of sensitive data among its objectives."

 

There is growing concern of state-sponsored attacks against political rivals, with China and Russia typically blamed - but groups stemming from Iran and other foreign governments have stepped up their cyber initiatives to conduct cyberespionage.

Florida-based TotalBank informing customers of data breach

Florida-based TotalBank is informing around 72,500 of its customers of a data breach that involves personal information ranging from names, banking information, account balances, PIN numbers, and possible Social Security numbers.

 

TweakTown image news/3/9/39600_01_florida_based_totalbank_informing_customers_of_data_breach.jpg

 

"An unauthorized third party" was able to compromise the TotalBank network, with bank officials notifying customers starting in early July. "The information did not include customer passwords or the type of information that would allow access to your bank account, which remains secure," said Luis de la Aguilera, TotalBank President and CEO.

 

There is a stronger call for the U.S. government to force banks - which already have stricter security protocols in place - to keep their customers safe. Cybercriminals find it extremely easy to sell and trade bulk information in organized underground forums.

California Governor Jerry Brown to decide on smartphone 'kill switch'

California Governor Jerry Brown is now taking a look at the mandatory smartphone 'kill switch' bill after it was passed by the state legislature. If Brown approves the bill, all smartphone devices sold in the state following July 2015 must have some type of anti-theft technology.

 

TweakTown image news/3/9/39599_01_california_governor_jerry_brown_to_decide_on_smartphone_kill_switch.jpg

 

"Our goal is to swiftly take the wind out of the sails of thieves who have made the theft of smartphones one of the most prevalent street crimes in California's biggest cities," noted Mark Leno (D - San Francisco), author of the controversial bill.

 

California's decision has become the strongest effort to clamp down on smartphone theft, which has led to robberies and crimes in metropolitan areas. Apple already has a kill switch option on its devices, so owners are able to remotely shut off phones. Meanwhile, Google and Microsoft are working on similar solutions for their devices.

Northrop Grumman courts British kids for cyber warfare training

Warplane manufacturer Northrop Grumman is offering British children the chance to learn cyber defence skills in UK schools, targeting those between 12- to 18 years old.

 

TweakTown image news/3/9/39588_01_northrop_grumman_courts_british_kids_for_cyber_warfare_training.jpg

 

Northrap Grumman's program is dubbed CyberCenturion, and it will cater to any young person who wants to learn more about cyber security, including in the international arena. It's feared that there will be a skills gap if nothing is done to train young people in science and engineering, which the programme aims to address. It comes as part of the British government's Cyber Security Challenge UK, which seeks to promote cyber security particularly among young people through a series of competitions.

 

Those who do particularly well at certain competitions, such as checking virtual machines for vulnerabilities, could be offered an internship placement with Northrop Grumman. "The CyberCenturion competition will provide a way for young people interested in the world of cyber security to understand the cyber challenges of today, test their cyber defense skills and inspire them in their choice of career," the company's chief exec, Andrew Tyler, said.

Blackphone responds to claim it was hacked in under five minutes

The Blackphone was announced as a way for security conscious consumers to use their device in peace, without the fear of their communications being compromised - and it has now been 'hacked' at the Black Hat event in under five minutes.

 

TweakTown image news/3/9/39587_01_blackphone_responds_to_claim_it_was_hacked_in_under_five_minutes.jpg

 

@TeamAndIRC managed to gain root access to the Blackphone at the DefCon hacking conference within five minutes by going through the Android Debugging Bridge, and without using a bootloader to boot. Blackphone still seems to be solidly secure on the surface nonetheless, and now the company has responded to the discovery.

 

Blackphone said it is perhaps not as big of a disaster as it sounds: the company underplayed getting access through ADB, claiming it is just a part of the Android OS that the firm opted to turn off, and that a patch is on the way. But another vulnerability uncovered by TeamAndIRC, the company said in a blog post, is "accurate" - and a patch was released in three days of its initial discovery. Blackphone went on to congratulate the hacker for finding the bug.

Underground markets for stolen data as organized as real businesses

Criminals that compromise networks and steal large amounts of information are finding easier and more organized methods to quickly get rid of the data. Data dumps are one of the most popular products found on these underground forums, where buyers and sellers communicate in an organized fashion similar to an official business from the legitimate world.

 

TweakTown image news/3/9/39586_02_underground_markets_for_stolen_data_as_organized_as_real_businesses.jpg

 

Many cybercriminal groups are trying to steal bulk data, such as the Target and eBay breach, looking to offload the information as quickly as possible. Using organized underground hacker forums, many based in Eastern Europe and China, they are able to sell and trade the data.

 

"When we think about the markets themselves they are organized in a unique fashion," said Tom Hold, Michigan State University associated professor specializing in cybercrime. "At the individual level, we're talking about a process where we're seeing peers and colleagues; at the formal forum level, we're seeing a more formal organization that takes place."

Latest Tech News Posts

View More News Posts

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases