Tech content trusted by users in North America and around the world
6,377 Reviews & Articles | 40,396 News Posts
TRENDING NOW: NVIDIA unveils GeForce GTX Titan X with 12GB of VRAM at GDC 2015

TweakTown News

Refine News by Category:

Hacking & Security Posts - Page 1

US transition to Chip-and-PIN cards may not stop security problems

Consumers in the United States are receiving new credit cards and retailers must upgrade their payment terminals. Cybersecurity experts warn that since credit card companies will rely on signatures while PIN numbers won't be required - due to higher cost and increased complexity - stolen and lost cards could still be vulnerable.

 

transition-chip-pin-cards-stop-security-problems_01

 

Chip-enabled cards will help lower fraud in retail stores, but online fraud is likely to increase, which has happened in other countries that adopted similar technology years ago. There will be a learning process for US consumers and retailers unfamiliar with Chip-and-PIN - but it should help usher in change, even if security concerns remain.

 

"A payment standard that is accepted globally will substantially reduce transaction costs for them," said Rick Dakin, CEO of the Coalfire cybersecurity risk and compliance firm, in a statement to Reuters. "Also they have already done the heavy lifting for EMV so they are ready and pushing for it."

Javelin Strategy: New identity fraud victim every two seconds in 2014

Criminals took $16 billion from 12.7 million US consumers last year, with a new identity fraud victim every two seconds, according to a new report from Javelin Strategy & Research. Two-thirds of identity fraud victims last year received notification that their personal information was compromised in a data breach, which took over headlines as major retailers were hit.

 

javelin-strategy-new-identity-fraud-victim-two-seconds-2014_01

 

On the bright side, new account fraud, which is when a criminal opens up an account in a victim's name, dropped to a record low in 2014. In addition, new monitoring and protection systems saw the amount lost due to fraud dropping 11 percent year-over-year, from $18 billion in 2013 down to $16 billion in 2014.

 

"Despite the headlines, the occurrence of identity fraud hasn't changed much over the past year, and it is still a significant problem," said Al Pascual, director of fraud & security at Javelin Strategy & Research. "Consumers, financial institutions and retailers are all taking aggressive steps, yet we must remain vigilant. The criminals will continue to find new ways to commit fraud, so taking advantage of available technology and services to protect against, detect and resolve identity fraud is a must for all individuals and corporations."

Continue reading 'Javelin Strategy: New identity fraud victim every two seconds in 2014' (full post)

'FREAK attack' leaves Apple, Google Android users vulnerable to attack

The "FREAK attack" may have exposed millions of Apple and Google Android Internet users, though there have been no confirmed cases of attacks against Web browsers. If exploited, hackers could compromise usernames, passwords, and other personal information in a rather simple manner.

 

freak-attack-leaves-ios-google-android-users-vulnerable-attack_01

 

The "Factoring attack on RSA-EXPORT Keys" attack stems from a US law that required "export-grade" products with weaker encryption protocols to be shipped overseas. Despite the federal restrictions being lifted more than 15 years ago, popular software - which eventually found its way to the United States - were still vulnerable.

 

Apple and Google have both created software updates to prevent this type of attack from being problematic. The Apple update will be issued next week, while Google has already offered an update to wireless carriers and smartphone manufacturers.

Continue reading ''FREAK attack' leaves Apple, Google Android users vulnerable to attack' (full post)

Lawyer: Edward Snowden wants to return to US if given fair trial

Former NSA contractor Edward Snowden wants to return to the United States in the future, but needs guarantees of a fair trial. The only promise he has been given is that he wouldn't face the death penalty if he is convicted - and privacy advocates believe the US government, which wants to do anything to get him into custody, cannot be trusted.

 

lawyer-edward-snowden-return-given-fair-trial_01

 

"He is thinking about it," said Anatoly Kucherena, a Russian lawyer representing Snowden, during a recent news conference. "He has a desire to return and we are doing everything we can to make it happen. Snowden is ready to return to the United States, but on the condition that he is given a guarantee of a legal and impartial trial."

 

Kucherena also noted that he is working with a group of international lawyers to determine the best method for Snowden's potential return to the United States. Snowden has a three-year Russian residency, but would likely face immediate arrest if he tried to leave Russia.

Concern in rising number of tax-related scams and cybercrime

The US federal government is worried about a growing number of cases related to Stolen Identity Refund Fraud (SIRF), with criminals filing state and federal taxes - and making off with the tax refunds. Tax-related identity theft was the most reported type of fraud submitted to the Federal Trade Commission (FTC) in 2014, with the agency receiving 109,063 complaints.

 

concern-rising-number-tax-related-scams-cybercrime_01

 

Recently, the Internal Revenue Service (IRS) issued another public advisory to remind people that any telephone calls or emails claiming to be the IRS are fraudulent. In these scams, criminals ask victims to provide personal information or transfer money to them.

 

"It is a massive problem," said Brian Krebs, independent cybersecurity investigative reporter, in a statement published by the Milwaukee Journal Sentinel. "It's probably going to emerge as the biggest identity theft problem this year."

Continue reading 'Concern in rising number of tax-related scams and cybercrime' (full post)

US regulator worried of major 'Armageddon' cyberattack targeting banks

Ben Lawsky, a New York financial regulator and head of the New York Department of Financial Services, is reportedly considering new regulation to help prevent against "an Armageddon-type" cyberattack. There is concern that a coordinated cyberattack would be able to hit the "broader economy" of the United States.

 

regulator-worried-major-armageddon-cyberattack-targeting-banks_01

 

"We are concerned that within the next decade, or perhaps sooner, we will experience an Armageddon-type cyber event that causes a significant disruption in the financial system for a period of time," Lawsky said while speaking at Columbia Law School.

 

To help prevent against a "cyber 9/11," Lawsky wants financial institutions and insurance companies be graded by the DFS. The legislation may also require multifactor authentication and other requirements to keep data secure. Banks also must be proactive in their effort to keep data secure, as foreign-based hackers continue their attempts to disrupt Wall Street.

Report: Lenovo only collected $250,000 from Superfish installations

Lenovo likely only collected $200,000 up to $250,000 for its Superfish adware installations on consumer PCs, according to a report from Forbes. Previous estimates predicted higher figures - but considering the company's major earnings - the low sum likely won't be worth the legal and public relations headaches.

 

report-lenovo-collected-250-000-superfish-installations_01

 

It is alarming Lenovo, which finalized a deal in summer 2014 to pre-install Superfish, received such a small amount for jeopardizing so much. In addition to promising no more Superfish installations, the company's website was reportedly compromised by the Lizard Squad hacker group last week.

 

It looks like Lenovo is learning from its mistakes, promising to be more transparent about pre-installed software in the future. For new machines running Microsoft Windows 10, the Lenovo standard image will only include the OS, security software, Lenovo applications, and software/drivers required to make hardware work well.

Report: 5 billion Google Android apps are vulnerable to cyberattack

More than five billion downloaded Google Android apps could be targeted by hackers, according to cybersecurity experts. Most forms of malware (96 percent) are focused on compromising Android, according to data from the FireEye cybersecurity firm.

 

report-5-billion-google-android-apps-vulnerable-cyberattack_01

 

Android is open source and allows more developers to contribute to the OS, but that also gives hackers a great opportunity to create sophisticated malware. Malware targeting Android drastically increased from 240,000 samples in 2013 up to 390,000 unique samples last year - and the problem seems to be accelerating.

 

"You can get all the code and then you can insert additional instructions and make it look and feel like the original app and no way for a consumer to tell the difference when they download it," said Jason Steer, director of technology strategy at FireEye, in a statement given to CNBC.

Continue reading 'Report: 5 billion Google Android apps are vulnerable to cyberattack' (full post)

Cyberattacks top threat to United States, intelligence agencies say

Cyberattacks from foreign states and rogue hacker groups have become the top threat to the United States, according to US intelligence experts. Director of National Intelligence, James Clapper, is especially concerned of potential attacks from Russia, China, Iran and North Korea - saying low-to-moderate level cyberattacks pose a long-term threat against critical infrastructure.

 

cyberattacks-top-threat-united-states-intelligence-agencies_01

 

In addition to cyberespionage from foreign governments, there is rising concern of hacker groups able to infiltrate government agencies and companies - sometimes with support from foreign governments - with the goal of interrupting business operations, stealing money, and compromising employee and customer personal data.

 

Unfortunately, the US government has focused more on its cyber surveillance programs while largely neglecting cybersecurity. Even though it's effective to have offensive weapons, the United States has a lot more to lose than other countries if a major data breach occurs - and there is growing focus on being able to identify and defend against attacks.

Companies transitioning to better detection, response of cyberattacks

By 2018, 40 percent of large enterprises will have some type of plan to respond to aggressive cybersecurity business disruptions, a drastic increase from zero percent in 2015, according to the Gartner research group.

 

companies-transitioning-better-detection-response-cyberattacks_01

 

Gartner describes an aggressive business disruption attack as a coordinated and sophisticated effort to interfere with and damage business operations - wiped data, servers knocked offline, intellectual property stolen.

 

"Entirely avoiding a compromise in a large complex enterprise is just not possible, so a new emphasis toward detect and respond approaches has been building for several years, as several attack patterns and overwhelming evidence support that a compromise will occur," said Paul Proctor, VP and distinguished analyst at Gartner. "Preventive controls, such as firewalls, antivirus and vulnerability management, should not be the only focus of a mature security program."

Continue reading 'Companies transitioning to better detection, response of cyberattacks' (full post)

Latest News Posts

View More News Posts

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases
Or Scroll Up Or Down