TweakTown
Tech content trusted by users in North America and around the world
5,918 Reviews & Articles | 38,135 News Posts

TweakTown News

Refine News by Category:

Hacking & Security Posts - Page 14

TweetDeck back online after XSS attack caused users to RT mystery code

Tweetdeck has been compromised by an XSS vulnerability, causing some users to retweet a mysterious line of code.

 

TweakTown image news/3/8/38406_01_tweetdeck_back_online_after_xss_attack_caused_users_to_rt_mystery_code.jpg

 

At first, Tweetdeck said the vulnerability had been fixed but users later reported continuing attacks, such as the code retweets, leading to it being taken offline. It has since returned.

 

"We've temporarily taken TweetDeck services down to assess today's earlier security issue," the company said. "We'll update when services are back up."

Continue reading 'TweetDeck back online after XSS attack caused users to RT mystery code' (full post)

P.F. Chang's restaurant latest to be hit by data breach

Popular restaurant P.F. Chang's reportedly suffered a data breach and customer debit and credit card information is at risk, the restaurant chain recently confirmed. The information was stolen between March and May, however, it's uncertain how many of the restaurant's locations have been affected in the breach.

 

TweakTown image news/3/8/38405_01_p_f_chang_s_restaurant_latest_to_be_hit_by_data_breach.jpg

 

Law enforcement and financial institutions have contacted P.F. Chang's and a full investigation is currently underway.

 

"P.F. Chang's takes these matters very seriously and is currently investigating the situation, working with the authorities to learn more," said Anne Deanovic, P.F. Chang's spokesperson, said in a statement. "We will provide an update as soon as we have additional information."

 

Companies are suffering data breaches, exposing customer personal information for use by cybercriminals. Much of the stolen information ends up available for sale in underground hacker forums, where criminals can purchase bulk data.

Former vice president Al Gore says Edward Snowden not a traitor

Former vice president Al Gore said former NSA contractor Edward Snowden did "an important service" when he publicly disclosed mass spying and surveillance. It's the most vocal support Snowden has received from a U.S. lawmaker, and shows there is still a fierce debate regarding his loyalties.

 

TweakTown image news/3/8/38393_01_former_vice_president_al_gore_says_edward_snowden_not_a_traitor.jpg

 

Gore was careful not to paint Snowden as a traitor, nor did he describe Snowden as a whistleblower: "What he revealed in the course of violating important laws included violations of the US constitution that were way more serious than the crimes he committed." Gore also said organized surveillance by the NSA was "a threat to democracy, to the heart of democracy."

 

Politicians are continually voicing their opinion on Snowden and his actions, with Secretary of State John Kerry saying Snowden is a "coward." Former U.S. president Jimmy Carter said he personally would consider pardoning Snowden, while Sen. Dianne Feinstein said the former NSA contractor never raised any snooping concerns.

Gartner: Security software market grew 4.9 percent during 2013

The worldwide security software revenue increased 4.9 percent up to $19.9 billion in 2013,

Considering the large volume of cyberattacks, just 4.9 percent growth is rather slow, but two of the top five major security vendors saw a decline in growth.

 

TweakTown image news/3/8/38391_01_gartner_security_software_market_grew_4_9_percent_during_2013.jpg

 

As users struggle with sophisticated malware that traditional anti-virus software cannot detect, it's possible the market will see an uptick in sales. Threats are evolving and it will be up to these companies to try to create next-generation security platforms.

 

"Overall, the larger trend that emerged in 2013 was that of the democratization of security threats, driven by the easy availability of malicious software and infrastructure (via the underground economy) that can be used launch advanced targeted attacks,"Ruggero Contu, Gartner research director, in a statement. "This ubiquity of security threats has led organizations to realize that traditional security approaches have gaps, thereby leading them to rethink and invest more in security technology."

Continue reading 'Gartner: Security software market grew 4.9 percent during 2013' (full post)

Organized Chinese hacker group targeting western defense companies

A hacker group from Shanghai, China is responsible for using cyberattacks to target aerospace companies in the United States and Europe, according to a recent report from CrowdStrike. An alleged hacker group with ties to the People's Liberation Army, dubbed "Putter Panda," operates command and control servers and intelligence-gathering operations.

 

TweakTown image news/3/8/38389_01_organized_chinese_hacker_group_targeting_western_defense_companies.jpg

 

Launching phishing attacks using custom-designed malware, the hacker group targeted Adobe Reader, Microsoft Office, and other popular apps.

 

"Putter Panda is a determined adversary group, conducting intelligence-gathering operations targeting the government, defense, research and technology sectors in the United States, with specific targeting of the U.S. defense and European satellite and aerospace industries," according to a recent release from CrowdStrike.

Continue reading 'Organized Chinese hacker group targeting western defense companies' (full post)

Millions of smart TVs vulnerable to 'red button' attack

Internet-enabled smart TVs can be compromised quickly and effectively by hackers, using the "red button attack" aimed at compromising users by sending spam and launching attacks. Hackers also have had success by hijacking built-in audio and video into smart TVs, the researchers warn. Any smart TV that is utilizes the hybrid broad-cast broadband (HbbTV) standard is vulnerable to the exploit - which is the majority of TVs in Europe, and about to become even more prevalent in the United States.

 

TweakTown image news/3/8/38358_01_millions_of_smart_tvs_vulnerable_to_red_button_attack.jpg

 

"For this attack you do not need an Internet address, you do not need a server," said Yossef Oren, Network Security Lab researcher from Columbia University. "You just need a roof and an antenna and once you are done with your attack, there's completely no trace of you."

 

The Internet of Things is expected to explode in popularity, but anti-virus and additional security measures need to be in place to keep devices secure. After first discovering the flaw in late 2013, it wasn't seen as widespread enough to change the standard - but security experts are finally paying attention.

Two Russians confess for using Apple iCloud 'ransomware' tactics

The Russian Ministry of Internal Affairs announced two people have been arrested - and confessed - for their role in compromising Apple device owners with ransomware attacks. The suspects phished users and compromised iCloud logins, and used the stolen credentials to lock iPhones, iPads and Mac devices. Most users were affected in Australia, but Apple owners in the United States, United Kingdom, and New Zealand also fell victim. Both hackers, living in Moscow, are reportedly 17 and 23 years of age.

 

TweakTown image news/3/8/38356_01_two_russians_confess_for_using_apple_icloud_ransomware_tactics.jpg

 

Russian authorities have seized PCs, mobile phones, and SIM cards reportedly used to launch the ransomware attacks.

 

Ransomware attacks are becoming increasingly common, as cybercriminals are able to compromise users and demand payment for access to devices and technology. In addition to the two people already arrested in Russia, other groups are reportedly trying to launch similar attacks on users.

Study reveals cyberattacks a multi-billion dollar problem worldwide

Cyberattacks have a global ripple effect that leads to costs from $375 billion up to $575 billion per year, and the problem isn't getting any better, according to a recent report. Security firm McAfee and the Center for Strategic and International Studies teamed up to interview economists, lawyers and government officials specializing in cyberattack data. In 2013, the same group estimated cyberattacks costs around $100 billion to U.S. companies per year.

 

TweakTown image news/3/8/38355_01_study_reveals_cyberattacks_still_not_as_bad_as_counterfeiting_just_yet.jpg

 

Companies are struggling to keep data secure, and as learned from the massive Target and eBay breaches, consumers often are on the losing end. However, it's difficult to try to analyze the actual cost of cyberattacks, with some companies unaware they were targeted - or don't want to run the risk of negative public perception caused by a breach.

 

A company that suffers a data breach should be proactive and inform customers, rather than burying the evidence and keep it secret.

Number of compromised records increased 46% year-over-year during Q1

The number of data records compromised during the first quarter has increased 46 percent year-over-year when compared to 2013, as an estimated 176 million records were compromised, according to a new security report.

 

TweakTown image news/3/8/38353_01_number_of_compromised_records_increased_46_year_over_year.jpg

 

Not surprisingly, the business sector suffered the highest number of breaches, accounting for 57.5 percent of reported incidents, ahead of government (15.7 percent), unknown (13 percent), education (7.3 percent), and the medical industry (6.4 percent). Almost 63 percent of incidents led to one to 1,000 records compromised, though six reported incidents led to at least one million records stolen.

 

"It's difficult to say whether security is deteriorating, bad actors are getting better or some combination of both," said Inga Goddijn, Risk Based Security insurance practice lead, in a statement. "What we do know is that there have been eight events in the past six months that have involved the compromise of at least 10 million records per event and the trend is continuing with the most recent revelations at eBay."

Continue reading 'Number of compromised records increased 46% year-over-year during Q1' (full post)

Anonymous plans to attack World Cup sponsors with cyberattacks

The hacker collective Anonymous is preparing to attack World Cup 2014 sponsors, in response to the Brazilian government spending outlandish amounts of money to prepare for the soccer tournament. It is unknown which specific companies will be hit, but World Sponsor companies include Adidas, Coca-Cola, Emirates Aireline, and Budweiser.

 

TweakTown image news/3/8/38340_01_anonymous_plans_to_attack_world_cup_sponsors_with_cyberattacks.jpg

"We have already conducted late-night tests to see which of the sites are more vulnerable," a hacker known as "Che Commodore" told Reuters. "We have a plan of attack. This time we are targeting the sponsors of the World Cup."

 

The hacker group has already hit the Brazilian Foreign Ministry, compromising at least three hundred documents before the email system was shut down. A phishing attack was used to compromised the ministry, but cyberattacks on World Cup sponsors will likely rely on distributed denial-of-service (DDoS) attacks.

Continue reading 'Anonymous plans to attack World Cup sponsors with cyberattacks' (full post)

Latest Tech News Posts

View More News Posts

TweakTown Web Poll

Question: Facebook's acquisition of Oculus VR will...

Improve Oculus Rift Development

Hamper Oculus Rift Development

Completely destroy Oculus Rift Development

Let's wait and see, I'm not sure

or View the Results

View More Polls

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases