TweakTown NewsRefine News by Category:
A team of researchers at CrowdStrike is claiming China's "Deep Panda" cyber offensive group has begun targeting, and has now compromised, US national security think tanks. In an alarming statement, co-founder Dmitri Alperovitch asserted that the attacks seem to be tied into monitoring activity from the newly founded Islamic State of Iraq and the Levant (ISIS).
In a blog post, CrowdStrike's co-found Dmitri Alperovitch outlined the company's work with human rights groups and security think tanks. Former senior government officials frequently work in organizations like these, and so are a natural target of hostile intelligence services, Alperovitch said, adding that he has "great confidence" the Deep Panda group is affiliated with the Chinese government. It's one of 30 CrowdStrike closely follows in China, but the company points out it is also one of the most sophisticated.
As the armed ISIS faction launched an attack on an oil refinery, Alperovitch claims Deep Panda began a hunt for files from US thinktank employees. He pointed out that China is the top foreign investor in Iraq's oil infrastructure, and so espionage fits in with the country's national interests. "It wouldn't be surprising if the Chinese government is highly interested in getting a better sense of the possibility of deeper US military involvement that could help protect the Chinese oil infrastructure in Iraq," Alperovitch wrote. "In fact, the shift in targeting of Iraq policy individuals occurred on June 18, the day that ISIS began its attack on the Baiji oil refinery."
Public utility companies and federal governments need to be more aware to the real threat of cyberattacks, with criminals reaching new levels of network penetration. Following suspicions of a cyberattack, companies need to conduct an in-house and third-party security audit to determine how the incident occurred.
It was previously noted that public utility companies struggling to meet growing cyberattack threats - but the realization that eastern European hackers were able to compromise oil and gas companies as part of "Dragonfly" provides a more frantic view of cybersecurity. The U.S. government is mulling over stricter regulations to force utility companies to be more careful with network connections and security from outside threats.
"These infections not only gave the attackers a beachhead in the targeted organizations' networks, but also gave them the means to mount sabotage operations against infected (industrial control system) computers," Symantec noted.
The popular video website Dailymotion was compromised by cybercriminals able to inject malicious code, redirecting visitors and secretly installing malware. The iframe first appeared on June 28 and installed the Sweet Orange Exploit Kit, targeting Oracle Java, Microsoft Internet Explorer and the Adobe Flash Player.
It seems only a small number of users were compromised, and Dailymotion quickly restored videos and ensured they were safe again.
"If the kit successfully exploited any of these vulnerabilities, then Trojan.Adclicker was downloaded onto the victim's computer," according to Symantec researchers. "This malware forces the compromised computer to artificially generate traffic to pay-per-click Web advertisements in order to generate revenue for the attackers."
Most of us understand that one of the ways to keep people who aren't authorized to get into your iPhone out is by using a password. The problem for many is that unlocking the screen of your device with a password can be a nuisance. Apple is tipped to be working on a new feature for the iPhone 6 that will make password security easier to live with.
According to rumors floating around the web, the iPhone 6 will get automatic unlocking. Apple has filed a patent application that outlines ways that the next iPhone might get automatic unlocking. The app outlines a method where the iPhone will only deploy password locks when it is used on an unknown network.
That would mean if you try to use your iPhone at home, no password would be needed, but if you try to use it on a network at the local coffee shop, it would ask for a password. The patent app is titled "Location-Sensitive Security Levels and Setting Profiles Based on Detected Location." As with all patent apps, there is no guarantee that this tech will ever be used.
The Stanford Federal Credit Union contacted around 18,000 of its customers, informing them their personal information was accidentally included in an email to another bank customer. The personal information sent includes customer names, mailing addresses, member numbers, credit information, loan offers, and tax identification numbers.
The incident took place on April 30 and the bank began informing customers in early June. The employees quickly discovered the mistake and data was reportedly destroyed before the customer opened the email.
"While we are confident this information was never seen by unauthorized individuals and you are not at risk, we feel it is important to communicate with our members in any situation involving their information or accounts," said Joan Opp, Stanford Federal Credit Union CEO, in a statement. "I also want to emphasize that our electronic systems were in no way compromised and your accounts remain secure."
Anti-piracy firm Rightscorp says more than 140 Internet service providers (ISPs) in the United States are disconnecting repeat copyright offenders. Most ISPs send notices to repeat copyright offenders, telling them that protected content, such as music, movies, and other content are being shared.
However, Rightscorp tracks what users are downloading and sharing on BitTorrent, then approaches user ISPs - and most fines are about $20 per shared file. Repeat offenders, however, need swifter punishment according to copyright holders, which is why Rightscorp is speaking with so many U.S. ISPs. It remains difficult to identify how many times a person must be caught sharing files to be considered a "repeat infringer," with companies such as AT&T refusing to unplug users unless a court order is issued.
"We push ISPs to suspend accounts of repeat copyright infringers and we currently have over 140 ISPs that are participating in our program, including suspending the accounts of repeat infringers," said Christopher Sabec, Rightscorp CEO, when speaking about the current state of copyright infringement.
May spam email traffic averaged 69.8 percent, a 1.3 percent drop from April, but security experts continue to tell Internet users to be weary of sometimes rather clever spam. There was a large amount of mass mailings for schools and universities, along with "offers" for student loan repayment plans also popular phishing techniques.
Email search sites were the most popular targets (32.2 percent) ahead of social media websites (23.9 percent), and financial and payment organizations were in the No. 3 spot (12.8 percent). Spammers rely on unsuspecting and gullible Internet users to click compromising links that install malware - or otherwise steal credentials.
"Spammers are constantly thinking up new tricks or turning to old favorites to catch out their victims," said Tatyana Shcherbakova, Kaspersky Lab Senior Spam Analyst, in a statement. "It's not just about advertising: this month we came across a number of mass mailings imitating official notifications from various services and companies. The attachments in these emails contained malware from the Andromeda family. This family consist of backdoors that allow attackers to silently control infected computers, which often become part of a botnet."
The rise of hackers and cybercrime are problematic, but national governments maintaining security and political control on the Internet will remain the biggest threat. Specifically, there will be a rise in blocking, filtering, segmentation and balkanization of the Internet, according to a study published by the Pew Research group.
Thirty-five percent of those surveyed said they expected significant changes "for the worse" in regards to accessing and sharing online content by 20125 - a troubling concern as more people begin to access the Internet.
"Governments worldwide are looking for more power over the Net, especially within their own countries," said Dave Burstein, Fast Net News editor, in a statement. "Britain, for example, has just determined the ISPs block sites the government considers 'terrorist' or otherwise dangerous. There will usually be ways to circumvent the obstruction but most people won't bother."
Banks and financial institutions must work through a new generation of malware designed to lurk on Web browsers and only collects data when users access a banking website. Similar to other methods, it all starts with clever social engineering used to compromise victims, which leads to the malware being secretly installed.
The new tactic has led to at least 400 cases, with banking users often unaware of many threats that face them. At the very least, security experts recommend customers never click links in emails that look like something from their bank - but even if users go directly to the bank website, that's when the malware causes mayhem.
"It's going to have graphics and terminology that would make you believe, hey, that sounds pretty legitimate," said JD Sherry, Trend Micro VP of technology and solutions, in a statement. "Once you click on that, you don't have intelligence to basically say that's a bad link. The device is going to download that particular malware."
The 'MiniDuke' hacker group are targeting governments and drug dealers, likely serving as cyber mercenaries working for a paid backer, using malware to compromise users. It's not uncommon to hear government departments, the private sector and public infrastructure being targeted, but focusing on drug dealers seems to be a newer twist.
A total of 23 countries were affected by MiniDuke, with an aim of plucking data and credential information - and the malware is evolving to now include commercial code, as it appears a subdivision could receive funds from law enforcement or rival criminal groups trying to steal drug-related information.
"They are more like underground cybercriminals than a typical nation state," said a Kaspersky Lab researcher. "This is what makes them stand out. They were collecting everything like emails, names, nicknames and handles."