TweakTown
Tech content trusted by users in North America and around the world
5,919 Reviews & Articles | 38,136 News Posts

TweakTown News

Refine News by Category:

Hacking & Security Posts - Page 1

China Telecom to offer Microsoft Xbox One console to gamers

The Microsoft One Xbox game console will be exclusively offered in China using the China Telecom network, both companies recently announced. This will be the first Xbox One to enter the Chinese market this Autumn, China Telecom said in a recent press statement.

 

TweakTown image news/3/9/39305_01_china_telecom_to_offer_microsoft_xbox_one_console_to_gamers.jpg

 

The Xbox One has struggled throughout Asia, where the Sony PlayStation series of game consoles remain popular. However, lower pricing and a stronger marketing push has drawn attention from gamers - where Microsoft partnered with the BesTV New Media Internet TV set-top box.

 

The game consoles will be available starting in China Telecom stores starting this September, with an estimated $80 million investment from BesTV and Microsoft to help move the project along.

Bay Area Pain Medical Associates suffers PC theft, patients at risk

The Bay Area Pain Medical Associates company recently sent notices to patients informing them of a data breach on May 19, in which three desktop PCs were stolen following an office break-in. The Sausalito Police Department is currently investigating, as the company warns patients of what is at risk: There were around 2,780 patients affected due to the breach, with a spreadsheet including patient data available on one of the PCs taken from the office.

 

TweakTown image news/3/9/39295_01_bay_area_pain_medical_associates_suffers_pc_theft_patients_at_risk.jpg

 

The medical records were encrypted, but a single Excel spreadsheet contained "approximately 2,780 patient names, including yours, and years of service may have been available," the company sent in a memo to patients.

 

These types of incidents seem to happen too frequently - even if PCs and laptops are safely secured in offices - security experts recommend ensuring devices are password-protected and utilize encryption. Selling medical records is big business to cybercriminals, more valuable than traditional stolen personal information.

Six arrested for their role in StubHub ticket hacking charges

A group compromised of U.S. and foreign citizens have been arrested and indicted for their alleged role of an international crime ring that ripped off StubHub. Two Americans, one Russian national, three people from London, and one Canadian were rounded up - the six conspired to use stolen debit and credit card information to purchase thousands of tickets to sports games, concerts, and other in-demand tickets.

 

TweakTown image news/3/9/39294_01_six_arrested_for_their_role_in_stubhub_ticket_hacking_charges.jpg

 

The tickets would then be resold and the profits would be split amongst the group. They face a mix of charges related to money laundering, criminal possession of stolen property, identity theft and grand larceny, according to the court.

 

"You are no longer safe to travel and operate outside of your home country, without significant risk of arrest and prosecution," said Robert Capps, StubHub former security executive, in a statement. "Isolation is a powerful force in the effort to change behaviors. Confined within the borders of their home country, I suspect we'll see a change in behavior of some of these criminals."

Continue reading 'Six arrested for their role in StubHub ticket hacking charges' (full post)

Hackers infiltrate Wall Street Journal network in new cyberattack

The Wall street Journal operates a print publication and it has an online presence as well. Hackers recently attacked the WSJ computer network and forced the publication offline. Authorities say that the hackers were able to infiltrate WSJ computer systems used to host graphics.

 

TweakTown image news/3/9/39287_3_hackers_infiltrate_wall_street_journal_network_in_new_cyberattack.jpg

 

As a result of the breach, systems were taken offline to isolate the attack. According to the WSJ, no damage, or altering of news graphics has been found, but a review of the systems is ongoing. A spokesman for the WSJ said, "We are investigating an incident related to wsj.com's graphics systems. At this point we see no evidence of any impact to Dow Jones customers or customer data."

 

A user going by the name w0rm posted to Twitter an image of the hacked website with an offer to sell the user name and other info required to control the server for a bitcoin, worth about $620.

Law enforcement get new search tool to monitor people of interest

A person and mobile phone search database popular among law enforcement and federal agencies, LP Police, has now added advanced live data search capabilities so police can resolve cases faster.

 

TweakTown image news/3/9/39277_01_law_enforcement_get_new_search_tool_to_monitor_people_of_interest.jpg

 

A new social media search allows offers to enter a name and have immediate access to user profiles, profile photos, social influence, and other data, from more than 100 social media services. Searching for people through the work search feature will pull current and former employers, names, company names, position held, phone numbers and addresses.

 

"The LP Police team is pleased to introduce yet another round of significant search updates and user improvements," said Ron Lifton, LP Police CEO, in a press statement. "Police departments, government agencies and law enforcement across the country unanimously endorse our ongoing enhancements, best phone data in the industry, and bullet proof customer support."

Continue reading 'Law enforcement get new search tool to monitor people of interest' (full post)

Security company KnowBe4 warns of CryptoWall ransomware

The federal government might have disrupted Cryptolocker ransomware operations, but the Benjamin F. Edwards & Co. brokerage house recently suffered an attack by the CryptoWall, the DOJ.NH website recently reported. The incident took place in late May, with the unauthorized third party compromising their computer systems - informing customers of the data breach.

 

TweakTown image news/3/9/39276_01_security_company_knowbe4_warns_of_cryptowall_ransomware.jpg

 

Many companies are rolling out new security and try to educate users about safely and properly interacting with emails, online accounts, and other cloud-based services proves to be difficult. As users are compromised, critical work documents become unusable until a payment has been made to operators of the ransomware - and educating users to spot these social engineering techniques should be a first great step.

 

"We are seeing a new wave of ransomware created by Russian cybercriminals, and our recent survey shows that IT pros expect it to get worse the rest of the year," said Stu Sjouwerman, KnowBe4 CEO, in a press statement. "To add insult to injury, apart from the confidential files being encrypted and ransom extorted, the ransomware sends unidentified data out of the victim's network. That means the malware infection needs to be treated as a data breach with accompanying very high costs."

Malcovery Security lists phished brands that slipped by your antivirus

Cybercriminals trying to phish users typically rely on email to compromise unsuspecting victims, and remains the primary mechanism to launch malware attacks. There has been an uptick in activity that has led to more spam messages, along with coordinated spear phishing attacks targeting specific organizations.

 

 

The top brands suffering from phishing attacks and malicious spam: RingCentral, ADP, Her Magesty's Revenue Customs, HSBC, Bank of America, eFax, NatWest, RBS, IRS, Sage, "Court Notice," Lloyds Bank, Wells Fargo, and Broad Oak.

 

"Phishing and malicious spam continue to threaten networks and brands, and as a result, they key question a company needs to ask about the brands listed in this report is, 'Would any of my employees ever respond to an email from one of these brands?' If so, your business may already be infected with malware," said Greg Coticchia, Malcovery Security President and CEO, in a press statement.

Continue reading 'Malcovery Security lists phished brands that slipped by your antivirus' (full post)

StubHub working with New York police officials to investigate fraud

Cybercriminals were able to gain access to at least 1,000 StubHub customer accounts in 2013, fraudulently purchasing tickets to concerns, sports games, and other live events. Using data breaches from other websites and relying on malware that compromised users, they were able to access account holder login and password data.

 

TweakTown image news/3/9/39270_01_stubhub_working_with_new_york_police_officials_to_investigate_fraud.jpg

 

In a statement, StubHub said it applauded the efforts of New York City law enforcement to make arrests related to the case - including a case opened by the New York City District Attorney's Office. No internal technical or financial systems were breached by the hackers, and StubHub was quick to work with customers that were affected.

 

The large scale cyberattacks that lead to personal data and username/passwords being stole, and then used on different websites and services.

Security specialists developing protection for connected vehicles

The hackers responsible for exposing vulnerabilities targeting the Toyota Prius and Ford Escape are developing a solution to better defend vehicles from cyberattacks. Both Charlie Miller and Chris Valasex plan to show off their "intrusion prevention device" during the Black Hat hacking conference next month - a solution that uses around $150 in electronic parts able to listen to car network traffic - with rogue activity and additional anomalies blocked.

 

TweakTown image news/3/9/39269_01_security_specialists_developing_protection_for_connected_vehicles.jpg

 

"Cybersecurity is a global concern and it is a growing threat for all industries, including the automotive," noted Jack Pokrzywa, SAE International manager of global ground vehicle standards.

 

The Internet of Things (IoT) has drawn great interest from researchers and consumers, but security standards are currently fractured. Connected cars are becoming more common on U.S. roadways, and Internet or satellite connectivity provide a perfect attack opportunity for cybercriminals.

Point-of-sale security efforts lackluster as threats increase

Small businesses and local mom-and-pop stores are familiar with cybersecurity risks they face, but major retailers and corporations also suffer from difficult point-of-sale (POS) systems struggling with security problems. Botnets made of thousands of compromised PCs are trying to launch brute-force attacks against POS with lackluster security in place.

 

TweakTown image news/3/9/39259_01_point_of_sale_security_efforts_lackluster_as_threats_increase.jpg

 

"Point of sale architecture and security is such a niche industry in terms of how to secure these systems and how card data flows," said Lucas Zaichowsky, AccessData enterprise defense architect, said. "It's like a big black box; those who know it well are few and far between. Even PCI auditors don't understand it all that well."

 

Zaichowsky will speak during the Black Hat USA 2014 in early August, hoping to spur interest in helping POS dealers build better defense of POS technologies. Cybercriminals rely on exposing older versions of VNC, PCAnywhere and other remote management clients, able to brute-force their way into networks.

Latest Tech News Posts

View More News Posts

TweakTown Web Poll

Question: Facebook's acquisition of Oculus VR will...

Improve Oculus Rift Development

Hamper Oculus Rift Development

Completely destroy Oculus Rift Development

Let's wait and see, I'm not sure

or View the Results

View More Polls

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases