Tech content trusted by users in North America and around the world
6,307 Reviews & Articles | 41,802 News Posts

TweakTown News

Refine News by Category:

Hacking & Security Posts - Page 5

NSA, GCHQ plan to step up cybersecurity cooperation efforts in 2015

The US National Security Agency (NSA) and British GCHQ intelligence agencies plan to step up their cybersecurity cooperation, as both governments face increasing numbers of cyberattacks. The agencies plan to launch cyber war games to test the cybersecurity of financial institutions, hoping to defend against the "biggest modern threats that we face."

 

TweakTown image news/4/2/42893_01_nsa-gchq-plan-step-up-cybersecurity-cooperation-efforts-2015.jpg

 

"We have got hugely capable cyber defenses, we have got the expertise and that is why we should combine as we are going to, set up cyber cells on both sides of the Atlantic to share information," said British Prime Minister David Cameron during a press conference.

 

Following mass surveillance operations detailed by former NSA contractor Edward Snowden, critics said the US and UK government should focus on beefing up cybersecurity efforts - instead of spying on citizens, residents, and foreign governments - as cyberespionage campaigns target both countries.

Police make arrest in PlayStation and Xbox Live attacks

The Lizard Squad made waves with their massive DDoS attacks on PlayStation and Xbox Live networks over the Christmas holiday. These attacks spoiled Christmas for untold millions of people as the DDoS attacks crippled servers and left shiny new game consoles unable to connect to online services. These attacks appear to be part of a larger marketing scheme for the Lizard Squad's DDoS-for-hire services.

 

TweakTown image news/4/2/42891_01_police-make-arrest-playstation-xbox-live-attacks.png

 

The Lizard Squad isn't afraid to taunt authorities and that has drawn even more scrutiny. However, they have been very successful at remaining in the shadows, until now. UK police with the South East Regional Organized Crime Unit (SEROCU) cyber crime unit apprehended an 18-year-old male connected with the recent PlayStation and Xbox Live DDoS attacks. The man was also charged with several swatting incidents, in which a fake police call is made to instigate police raids against others.

Continue reading 'Police make arrest in PlayStation and Xbox Live attacks' (full post)

Companies need assistance with their efforts to defend cyberattacks

Cybercriminals want to breach US companies, stealing data and customer records, and have found surprising levels of success. Some breached companies eventually discover that criminals spent months poking aroun compromised systems, taking their time before stealing large amounts of data.

 

TweakTown image news/4/2/42875_01_companies-need-assistance-efforts-defend-cyberattacks.png

 

The US government wants companies to be more forthcoming about data breaches once they are discovered, but some companies - if they actually know about it - remain quiet. Companies will be given some leeway if they inform the Department of Homeland Security (DHS) about cybersecurity incidents after they do occur, according to changes the Obama Administration plans to put in place.

 

"There is an element of embarrassment at work here," said Robert Cattanach, partner at the Dorsey & Whitney law firm, in a statement published by reporters. "But hacking is not a problem that any one company can solve alone."

Report reveals DHS is a cybersecurity mess, with numerous problems

The Department of Homeland Security (DHS) is a bureaucratic mess when it comes to cybersecurity - and would be inefficient and overmatched trying to protect citizens and other federal branches. This news comes as part of the "A Review of the Department of Homeland Security's Missions and Performance" report, which heavily scrutinized DHS activities.

 

TweakTown image news/4/2/42872_01_report-reveals-dhs-cybersecurity-mess-numerous-problems.jpg

 

"Widespread weaknesses in the federal government's information security practices represent a significant vulnerability that could be exploited by adversaries, creating a potential threat to national security and American citizens," according to the report.

 

It's not just hacktivists trying to breach US infrastructure, but foreign states with sophisticated cyberespionage programs. The DHS itself has failed in maintaining its own security protocols, let alone trying to secure other departments from potential cyberattack.

French cyberdefense says 19,000 French websites under attack

The French government announced there are 19,000 civilian websites now under cyberattack by unknown sources, in a wide-ranging attack. The French Defense Ministry recently faced a targeted distributed denial of service (DDoS) attack, according to officials discussing the ongoing cyber operation.

 

TweakTown image news/4/2/42884_01_french-cyberdefense-19-000-websites-under-attack.jpg

 

"These attacks have no effect on the conduct of our operations," said Rear Admiral Arnaud Coustilliere, in a statement to CNNMoney. Reportedly, the attacks are targeting websites while hoping for weak cyber defenses, though the top visited French websites appear to be working fine.

 

Over the past week, cybercriminals have posted pro-Islamic images and messages on various religious groups websites and other sites. The Anonymous hacker group temporarily downed a jihadist website last week and the Charlie Hebdo magazine released a new edition that has sold millions of copies.

Lookout: Mobile malware skyrocketed 75 percent in 2014 alone

The threat of mobile malware continues to increase, with rates jumping 75 percent in 2014, according a report published by Lookout. Mobile users are urged to run some type of anti-virus and anti-malware security platform on their smartphones and tablets, as threats rise.

 

TweakTown image news/4/2/42860_01_lookout-mobile-malware-skyrocketed-75-percent-2014-alone.jpg

 

There are a number of different types of attacks, but ransomware has cybersecurity firms extremely anxious, especially as users download apps and other files from unknown sources. It may be harder to infect users with ransomware, but payouts are larger, as victims have to turn over a ransom for full control of their devices again.

 

"It all goes back to monetization, what's the endgame?" pondered Kevin Mahaffey, co-founder and CTO of Lookout, in a statement published by CNBC. "While it can be complicated it can generate a huge amount of money. The bad guys aren't stupid and they wouldn't do this if they weren't making money."

Continue reading 'Lookout: Mobile malware skyrocketed 75 percent in 2014 alone' (full post)

Microsoft wireless keyboards targeted by new $10 DIY sniffing device

A security researcher has developed a USB wall charger that can intercept, log, and decrypt signals sent from Microsoft's wireless keyboards. The KeySweeper was developed by Samy Kamkar, a giving sort, who has released instructions on how to build the device online.

 

TweakTown image news/4/2/42854_01_microsoft-wireless-keyboards-targeted-new-10-diy-sniffing-device.png

 

The KeySweeper can be built for as little as $10 and simply appears to be a typical, and functional, USB wall charger. The charger monitors all Microsoft keyboards in range. The transmissions are encrypted, but the researcher has found multiple bugs that enable easy decryption. The design also includes optional features, such as an internal rechargeable battery that keeps the device working even after being unplugged, and SMS notification when keywords are typed into the keyboard.

 

There is a detailed build log on GitHub, and also a video on YouTube. Microsoft has fired back by insisting that all models manufactured after 2011 feature AES encryption, which isn't decoded by the system, but Samy Kamkar has recently purchased a vulnerable model from Best Buy last month.

Continue reading 'Microsoft wireless keyboards targeted by new $10 DIY sniffing device' (full post)

JPMorgan Chase asked to turn over data regarding cybersecurity hack

Numerous states are now investigating a major data breach suffered by JPMorgan Chase in 2014, asking the company to turn over details regarding its security practices. Customer records that included names, addresses and phone numbers of up to 83 million members were stolen, though account numbers, passwords and Social Security numbers weren't impacted.

 

TweakTown image news/4/2/42843_01_jpmorgan-chase-asked-turn-over-data-regarding-cybersecurity-hack.jpg

 

"Critical facts about the intrusion remain unclear, including details concerning the cause of the breach and the nature of any procedures adopted or contemplated to prevent further breaches," according to the letter obtained by Reuters, which more than one dozen states sent to JPMorgan Chase.

 

States also asked if the bank received reports of fraud, and a description of its past and current security protections.

Cybercriminals will follow users to Apple Pay, other mobile systems

Apple Pay is helping lead a mobile payment revolution, with consumers and retailers seeing a wider number of payment options at checkout. Mobile security is expected to reach upwards of $11 billion in 2015 alone, industry analysts forecast, and trying to keep mobile payment platforms will need special attention.

 

TweakTown image news/4/2/42837_01_cybercriminals-follow-users-apple-pay-mobile-systems.jpg

 

Upwards of 30 million smartphones could be used for mobile payments worldwide, according to Deloitte, with five percent of NFC-equipped devices estimated to be used for in-store transactions. If interest is accelerating in mobile payment adoption, then it's likely cybercriminals will adapt their attack strategies.

 

"It's very easy to predict that as the adoption of mobile payment systems like Apple Pay increases, that attacks will grow to follow that," said Chris Doggett, North American managing director at Kaspersky Lab, in an interview with the Washington Post. "It's like that famous saying, 'Why do you rob banks? Because that's where the money is.' If Apple Pay becomes a big, pervasive system for payments, you can be sure that the criminals are going to be right behind, figuring out how to breach Apple's security and how to steal money."

Continue reading 'Cybercriminals will follow users to Apple Pay, other mobile systems' (full post)

Report: Employees pose biggest IT cybersecurity threat to companies

Even with cybercriminals using sophisticated attack methods to compromise companies, business leaders must deal with employees recklessly clicking links and installing unknown software, according to the "2015 State of the Endpoint" study.

 

TweakTown image news/4/2/42835_01_report-employees-pose-biggest-cybersecurity-threat-companies.jpg

 

Seventy-eight percent of surveyed IT professionals believe careless employees are the biggest threat, 68 percent blame personal devices in the workplace, and 66 percent cite commercial cloud apps used at work.

 

"Respondents in this year's study have shifted their thinking and are now also attributing endpoint risk to human behavior in addition to particular device vulnerabilities," said Chris Merritt, director of solution marketing at Lumension. "This is a significant cultural shift to note because it illustrates how IT is starting to look at cybersecurity holistically. In addition to technology solutions, in 2015 IT must also take into account company policies and control processes, user awareness and overall employee education."

Continue reading 'Report: Employees pose biggest IT cybersecurity threat to companies' (full post)

Latest News Posts

View More News Posts

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases