TweakTown NewsRefine News by Category:
Cybercriminals are finding it rather easy to launch attacks against companies and universities, especially with attention focused more on Heartbleed. Almost 20 universities and a handful of healthcare providers have come under attack, which will continue to happen as IT managers scramble to try and secure databases.
"We have had very bad luck with several universities as far as reaching out about breaches," said Alex Holden, Hold Security CTO, in a statement to the media. "The problem is finding with in a very large, decentralized infrastructure the right person to talk to and impress on them that something is going on."
Instead of launching attacks against individual users, cybercriminals are largely finding it more lucrative to compromise large databases - personal information is valuable, and can be stolen for personal use, sold, or traded.
Iowa State University recently confirmed it suffered a data breach and the personal information of up to 30,000 current and former students is now at risk. Particularly, the Social Security Numbers of students enrolled at ISU between 1995 and 2012 were vulnerable, though it doesn't appear cyberattackers accessed the information.
Instead, those responsible for the attack decided to mine for bitcoins using the school's servers - with ISU believing five network attached storage drives manufactured by Synology are at fault.
"We don't believe our students' personal information was a target in this incident, but it was exposed," said Jonathan Wickert, Senior VP and Provost, in a press statement. "We have notified law enforcement, and we are contacting and encouraging those whose Social Security numbers were on the compromised servers to monitor their financial reports."
Medical professionals have become victims of identity theft, with Social Security Numbers and other personal information used to help process fraudulent tax returns, according to recent reports. The victims, less than 1,000 total so far, didn't know about the breach until they tried to file their returns and found that someone else already had beaten them to the punch.
Victims were found in the following states: Colorado, Connecticut, Vermont, Massachusetts, Iowa, North Carolina, South Dakota, Maine, Indiana, and New Hampshire. The Indiana State Medical Association (ISMA) sent a memo to healthcare professionals in the state to be aware of the tax scam.
"The DOR is viewing this as a large problem and officials are very concerned," said Julie Reed, ISMA general council, during a recent conversation. "While their investigation has not yet identified the source of the presumed breach, they are tracking all the cases, looking for patterns, and actively investigating and pursuing leads."
NEC Hong Kong is currently developing a new facial recognition technology that can be used by stores, hotels, and other retail establishments to quickly identify customers. Retailers have tried to use smartphones to help monitor customer activity, especially if guests log onto free, open Wi-Fi hotspots, though customers found ways to disable such features.
When most people think of facial recognition, it's in regards to security and possible privacy issues - but NEC and companies have a more unique reasoning behind why stores, hotels, and other establishments might want to adopt the technology:
"Everyone loves to feel special. That's why any organization that can greet a customer by name and start helping them the minute they walk in to a shop, bank or hotel will have a tremendous advantage over one that relies on ID cards or other impersonal procedures," said Elsa Wong, NEC Hong Kong Managing Director, in a press statement.
Internet users are now being warned of a recent 2014 FIFA World Cup scam that promises recipients of a cash prize and free tickets - including an offering for more than $5 million cash and a trip to the World Cup.
Despite the outlandish offer of money, poorly written email, and rather silly email subject line, it appears that some Internet users might be getting caught up in the scam.
The World Cup runs from June 12 to July 13, and cybersecurity experts warn of other possible scams that could capitalize on the popular sporting event. As noted by Malwarebytes, "major sporting events are traditionally a huge draw for scammers and there will no doubt be many more of these come from now until June."
U.S. Attorney Zach Fardon has shaken things up and cybercrime and securities fraud will lead to coordinated and better organized attempts to crackdown on crime. Similar to other government officials, Fardon understands the need to combat cybercrime, including assigning someone to the role of cybercrime deputy chief, to investigate organized cybercrime efforts.
However, Chicago has a tremendous issue with street-level crime, and Fardon has been criticized for not focusing enough on those issues.
Trying to battle against cybercrime has proven to be a difficult battle, with a mix of reckless users and rather confusing local, state, and federal guidelines. Each state has different methods to investigate and prosecute cybercrime, though it's often too late, at the expense of innocent users that may have had their identity or debit and credit card information stolen.
The Pirate Bay officially processed its 10 millionth torrent upload, a major milestone that even led site programmers to modify code to ensure an extra digit wouldn't wreak havoc. The current Pirate Bay database has more than 3 million torrents available for users to choose from, with duplicates, fake content, and piracy issues sometimes leading to torrents disappearing from the database.
A pirated video from "IntimateLesbians" had the honorary distinction of being the 10 millionth upload on The Pirate Bay - and while not all uploaded content is still available - it's a tremendous milestone for a company that has been under intense copyright and public scrutiny for years.
The Pirate Bay currently has 10,000 uploads per day, and it will probably take less than two years to hit the 20 millionth upload milestone.
A police warning has led to the closure of The Sports Torrent Network, a popular file sharing website with more than 20,000 members. TSTN often linked to soccer, NHL hockey, Formula 1 races, and other popular European sporting events, though didn't want to suffer the wrath of potential legal issues from the British government and copyright holders.
In addition to thousands of dollars in fines, site operators also could have faced up to 10 years in prison if found guilty for copyright-related crimes.
"Pipcu has the lawful right to pursue action against you and against the thesportstorrentnetwork.co.uk website in order to prevent, detect and disrupt criminal activity," according to a warning issued by the City of London Police Intellectual Property Crime Unit.
Researchers have found severe vulnerabilities in satellite systems manufactured by some of the largest military contractors, which could lead to military operations being disrupted and interruption of flight-safety communications.
The IOActive security consultant group found vulnerabilities in software and ground-based satellites made by US, UK, United Arab Emirates, and Japanese satellite manufacturers.
"CERT-UK is aware of the report and expects all vendors to work to patch security vulnerabilities they are informed of," according to a British cabinet office spokesperson in a statement to the Guardian. It is important that organizations know what technologies they use and check that they are updated regularly in order to receive critical security patches."
Crafts store Michaels confirmed that as many as 2.6 million customers, totaling almost 7 percent of customers paying with debit and credit card, were affected by a data breach that began last year.
Customer information exposed includes card numbers and expiration dates, though the store didn't confirm if names, addresses and PIN numbers were also breached. Since the news of the breach earlier this year, the popular arts and crafts store has removed the malware and reportedly boosted security to try and prevent future incidents.
In addition to Michaels, its Aaron Brothers subsidiary also suffered a data breach affecting around 400,000 debit and credit cards.