TweakTown
Tech content trusted by users in North America and around the world
5,674 Reviews & Articles | 36,065 News Posts
Weekly Giveaway: Fractal Design Arc Cases Contest (Global Entry!)

TweakTown News

Refine News by Category:

Hacking & Security Posts - Page 1

Michaels admits to data breach, 2.6 million customers at risk

Crafts store Michaels confirmed that as many as 2.6 million customers, totaling almost 7 percent of customers paying with debit and credit card, were affected by a data breach that began last year.

 

TweakTown image news/3/7/37143_01_michaels_admits_to_data_breach_2_6_million_customers_at_risk.jpg

 

Customer information exposed includes card numbers and expiration dates, though the store didn't confirm if names, addresses and PIN numbers were also breached. Since the news of the breach earlier this year, the popular arts and crafts store has removed the malware and reportedly boosted security to try and prevent future incidents.

 

In addition to Michaels, its Aaron Brothers subsidiary also suffered a data breach affecting around 400,000 debit and credit cards.

Continue reading 'Michaels admits to data breach, 2.6 million customers at risk' (full post)

Edward Snowden asks Vladimir Putin about Russian spying activities

Former NSA contractor Edward Snowden recently had the chance to quiz Russian President Vladimir Putin about his country's cyber surveillance and snooping activities. During a video interview, Snowden posed the following question: "Does Russia intercept or store or analyze the communication of millions of individuals?"

 

 

Putin's response to the question: "Our agents are controlled by law. You have to get court permission to put an individual under surveillance. We don't have mass permission, and our law makes it impossible for that kind of mass permission to exist."

 

Of course, western intelligence sources are hesitant to believe what Putin claims, especially with Russia often blamed for cyber espionage and various cybercrimes. Meanwhile, it seems Putin is having a fun time poking fun at the United States and England, which following Snowden's disclosures last year, indicate both nations have sophisticated spying programs.

Continue reading 'Edward Snowden asks Vladimir Putin about Russian spying activities' (full post)


Samsung's Galaxy S5 sees its fingerprint sensor hacked by fake finger

Samsung followed in Apple's footsteps with the addition of a fingerprint sensor on the front of the Galaxy S5, but it now appears that Apple's implementation of bio-metric security may actually be safer than Samsung's version. A new video has surfaced that shows just how easy it is to spoof the Galaxy S5's sensor with nothing but a casting made from common wood glue.

 

 

The video was created by SRLabs, and shows the company using a false finger with the correct fingerprint unlocking the phone. While SRLabs was able to do the same with the iPhone 5S, Apple's Touch ID also utilized a password prompt that prevented further entry. Furthermore, SRLabs was able to use the fake finger to complete transactions on the PayPal app with its new fingerprint authentication feature. This is actually quite scary when you consider that lifting a fingerprint is actually quite easy.

Continue reading 'Samsung's Galaxy S5 sees its fingerprint sensor hacked by fake finger' (full post)

Wireless carriers, smartphone makers agree to device kill switches

Smartphone kill switches will be added to new devices by manufacturers and wireless carriers, but law enforcement officials are concerned the "baseline anti-theft tool" doesn't go far enough to prevent smartphone theft.

 

TweakTown image news/3/7/37099_01_wireless_carriers_smartphone_makers_agree_to_device_kill_switches.jpg

 

As part of the voluntary agreement, the CTIA-The Wireless Association says the functionality will be added starting after July 2015 - and can ship pre-loaded on smartphones, or as a follow-up download.

 

"We strongly urge CTIA and its members to make their anti-theft features enabled by default on all devices, rather than relying on consumers to opt-in," according to San Francisco district attorney George Gascon, a supporter of mandatory kill-switches, in a statement. "The industry also has a responsibility to protect its consumers now and not wait until next year."

Continue reading 'Wireless carriers, smartphone makers agree to device kill switches' (full post)

Retailer LaCie fesses up to one-year data breach, customers at risk

Electronics retailer LaCie is the latest company to suffer a security breach, with scores of customer records up for grabs, left exposed for one year. LaCie, which is now owned by Seagate, was informed of the breach by the FBI, which will also contribute to the investigation.

 

TweakTown image news/3/7/37080_01_retailer_lacie_fesses_up_to_one_year_data_breach_customers_at_risk.jpg

 

It's unknown how many customers were exposed in the breach, with limited information until the forensics analysis is completed. However, it appears the hackers were able to compromise LaCie's online store using the same Adobe ColdFusion vulnerabilities that led to breaches among other retailers.

 

"The information that may have been accessed by the unauthorized person includes name, address, email address, payment card number and card expiration date for transactions made between March 27, 2013 and March 10, 2014," according to a statement emailed to Krebs on Security. "We engaged a leading forensic investigation firm, who conducted a thorough investigation into this matter."

Avast survey finds 27 percent of users don't plan to leave XP

More than one-quarter of Avast's current Microsoft Windows XP customers don't plan to leave behind the OS that is now no longer supported by Microsoft, according to a recent survey conducted by the security company.

 

TweakTown image news/3/7/37077_01_avast_survey_finds_27_percent_of_users_don_t_plan_to_leave_xp.jpg

 

Prior to the end of support date on April 8, XP users were already under increased threat of cyberattacks, and that trend is only expected to continue.

 

"XP users were not planning on doing anything," said Ondrej Vlcek, Avast Chief Operating Officer, in a blog post. "As Avast users they are protecting themselves since we will continue to support Windows XP users for at least the next three years."

Continue reading 'Avast survey finds 27 percent of users don't plan to leave XP' (full post)

Mt. Gox founder not interested in visiting the US to answer subpoena

Mt. Gox founder Mark Karpeles will not return to the United States to explain the company's demise, leading to bankruptcy, as he waits to investigate a subpoena issued by the U.S. Department of Treasury's Financial Crimes Enforcement Network division.

 

TweakTown image news/3/7/37078_01_mt_gox_founder_not_interested_in_visiting_the_us_to_answer_subpoena.jpg

 

Karpeles has been ordered to speak during a testimony scheduled for Friday in Washington, D.C. A Japanese court was scheduled to discuss the issue, in case the U.S. asks for him to be turned over.

 

"Mr. Karpeles is now in the process of obtaining counsel to represent him with respect to the FinCEN subpoena," according to a legal filing. "Until such time as counsel is retained and has an opportunity to 'get up to speed' and advise Mr. Karpeles, he is not willing to travel to the U.S."

Continue reading 'Mt. Gox founder not interested in visiting the US to answer subpoena' (full post)

Chinese government has no plans to slow down cyberattacks

The Chinese government is improving its cyberattack and cyberspying abilities, and western nations must work to improve their own cyberdefense, according to security researchers.

 

TweakTown image news/3/7/37071_01_chinese_government_has_no_plans_to_slow_down_cyberattacks.jpg

 

The risk of cyberthreats continues to expand as criminals continue to find newer and more creative ways to compromise users.

 

"Cyberthreat actors are expanding the uses of computer network exploitation to fulfill an array of objectives, from the economic to the political," according to the report. "Threat actors are not only interested in seizing the corporate crown jewels but are also looking for ways to publicize their views, cause physical destruction and influence global decision makers. Private organizations have increasingly become collateral damage in political conflicts. With no diplomatic solution in sight, the ability to detect and respond to attacks has never been more important."

Continue reading 'Chinese government has no plans to slow down cyberattacks' (full post)

Private sector, government agencies need to share threat data

There is a growing need for the US government and private sector to improve communication and work on sharing threat and attack information.

 

TweakTown image news/3/7/37069_01_private_sector_government_agencies_need_to_share_threat_data.jpg

 

The idea isn't necessarily a new one, with the private sector pestering government agencies to become more transparent regarding cybersecurity threats - especially with sophisticated attacks stemming from Eastern Europe and China.

 

"We've been trying for three years to get the government to create a protected avenue to share information from the government down to the private sector up to the government," said Tom Ridge, former US Department of Homeland Security secretary, during a recent security conference. "We've been unsuccessful."

Continue reading 'Private sector, government agencies need to share threat data' (full post)

Pentagon plans to hire cybersecurity specialists, boost capabilities

The United States wants to improve its Cyber Command over the next two years, and will increase security staff to more than 6,000 employees, Defense Secretary Chuck Hagel recently said. Both military and civilian candidates will be included, as the US government wants to improve both cybersecurity and offensive weapons that can be used to target foreign operations.

 

TweakTown image news/3/7/37068_01_pentagon_plans_to_recruit_cybersecurity_specialist_boost_capabilities.jpg

 

The government will likely need to work with universities and private sector companies to try and find candidates - especially with so much competition for skilled cybersecurity experts.

 

"It has to do with having the skills," said Michael Daly, Raytheon cyber business CTO, in a statement to SCMagazine. "I think that when the jobs are there, the people with the skills are seeking them out and going after them. What we are seeing is a huge backlog as far as being able to hire people into these jobs. The number of security jobs have grown, but these jobs are taking a lot longer to fill."

Latest Tech News Posts

View More News Posts

Latest Downloads

View More Latest Downloads

TweakTown Web Poll

Question: Did EA kill the Battlefield franchise with the terrible BF4 issues?

Yes, Battlefield is doomed

No, Battlefield will live on strong

I'm not sure, but I know EA needs to improve its game

or View the Results

View More Polls

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases
Get TweakTown updates via Facebook!
Just click the "Like" button below