TweakTown NewsRefine News by Category:
Microsoft Windows XP remains an extremely popular and well-liked operating system, but the security benefits alone of Windows 7 and 8/8.1 haven't been enough to get users to migrate. However, Microsoft and security experts are strongly urging both users and companies to upgrade, or potentially face harmful cyberattacks.
Pure Hacking has a few tips regarding XP: Disable what users don't need on the OS, replace XP with Windows 7, segregate legacy installations, and implement application whitelisting control.
"Across Australia there are tens of thousands of machines still running Windows XP - just think POS terminals, let alone all those SMBs," said Gordon Maddern, Pure Hacking CTO, in a statement. "Anyone still on XP will be wide open to attack. All new vulnerabilities - and countless numbers of these are likely - will no longer be fixed by Microsoft. I cannot stress enough, it's time to migrate, migrate, migrate."
In reality, SMBs and corporations should have created a migration plan long ago - and should be well underway with the migration plan - but it's become evident that many companies will instead try to scramble to stay in compliance.
As the Microsoft end of support for the aging Windows XP operating system quickly approaches, security researchers believe the banking industry faces a serious risk of compromised ATMs, according to Symantec.
The Backdoor.Ploutus.B malware variant, an upgraded version of sophisticated malware that proved effective in 2013, allows cybercriminals to force ATMs to dispense cash.
The criminals simply send an SMS to a compromised ATM, walk up, and collect the stolen cash - using a network packet monitor (NPM) and other tools to properly infect the ATM.
"As soon as the compromised ATM receives a valid TCP or UDP packet from the phone, the NPM will parse the packet and search for the number '5449610000583686' at a specific offset within the packet in order to process the whole package of data," said Daniel Regalado, Symantec security researcher, in a blog post. "Once that specific number is detected, the NPM will read the next 16 digits and use them to construct a command line to run Ploutus."
The University of California at San Francisco (UCSF) recently suffered a data breach and almost 10,000 people have been compromised, according to school officials. Several desktop PCs with unencrypted information were stolen from the university's Family Medical Center in January, including personal and health information.
Social Security numbers were exposed for 125 people, with a mix of patient names, birth dates, mailing addresses, medical record numbers, health insurance ID numbers, and driver's license numbers exposed in the breach.
The data theft is now being investigated by the California Department of Public Health, federal authorities, and the California Attorney General, with notification letters and free credit monitoring being offered to some of those exposed.
Security experts strongly urge companies, universities and research groups to encrypt data on PCs, especially if it includes personal or medical information.
The Chinese government is angry and now demands the US government to explain its reported spying actions against Huawei, a major Chinese electronics and telecom company. The report, led by insight taken from former NSA contractor Edward Snowden, accuses the NSA of spying on the company - and stealing information about Huawei customers.
The NSA was specifically trying to find ties between Huawei and the People's Liberation Army, though stumbled across intellectual property of Huawei network switches and routers, reporters state.
"China has already lodged many complaints with the United States about reports of its espionage activities," said Hong Lei, Chinese foreign ministry spokesperson, in a statement to the media.
It's ironic that countries such as Russia and China, which have been accused of launching cyberattacks - and violating human rights - are now demanding the US government to explain itself.
Time Warner Cable processed almost 12,000 government requests in 2013, with 82 percent subpoenas, 12 percent court-ordered incidents, 4 percent were search warrants, 2 percent were emergency requests, and 0.3 percent were wiretap orders.
TWC says the company received between 0 and 249 National Security Orders, though cannot identify an exact number. The company wants to become more open about customer information requests, especially after Edward Snowden's spying disclosures made last year.
We will issue future Transparency Reports on a semi-annual basis," TWC said in a statement. "We have also provided answers to frequently asked questions related to the practices we follow to strengthen protections for the privacy of customer information."
The NSA itself might begin offering transparency reports, as American citizens and foreign residents angry over organized NSA spying. Despite promised transparency from the US federal government and private Internet and telecom companies, users are now significantly more aware of snooping and other questionable behavior.
As multiple retailers learned over the past few months, improving security to defend against cyberattacks such as malware can be extremely difficult.
The massive data breach at Target garnered the most attention, but attacks at everyone from Neiman Marcus to Smucker's and Sally Beauty show consumers they need to closely pay attention to personal security.
"If authentication technology can be simple enough to use and noninvasive, our customers see this as a good thing... because it makes it clear to them that someone's looking out to protect their identity," said Paul Donfried, LaserLock CTO, in a statement.
Moving forward, security companies are developing next-generation anti-malware solutions designed to protect retailers - though consumers need to be aware of the links they click on and apps they install - with cybercriminals successfully using social engineering to cause breaches.
Chinese Internet and telecom giant Huawei didn't take kindly to reports the NSA targeted it with spying operations, along with preparing cyber weapons designed specifically to target the company if needed.
The NSA targeted Huawei as part of operation "Shotgiant," aimed to verify links between the company and the People's Liberation Army. US officials believed better understanding how Huawei works internally would give insight into the Chinese government's influence in the company.
"If the actions in the report are true, Huawei condemns such activities that invaded and infiltrated our internal corporate network and monitored our communications," said John Suffolk, Huawei global cyber security officer, in a statement to Reuters. "Corporate networks are under constant probe and attack from different sources - such is the status quo in otday's digital age."
It wouldn't be a surprise to hear US government officials snooped on Huawei, a Chinese electronics giant, which has also been accused of industrial espionage against US and western companies.
Still reeling from massive NSA spying revelations unveiled by former NSA contractor Edward Snowden, US politicians continue to discuss thoughts he is being greatly manipulated.
Snowden remains somewhere in Russia, protected by temporary asylum by President Vladimir Putin's administration.
"He is under the influence of Russian intelligence officials today," said Rep. Mike Rogers (R-Mich), House Intelligence Committee chairman, while speaking on Meet the Press. "He is actually supporting in an odd way this very activity of brazen brutality and expansionism of Russia. No counter-terrorism official in the United States does not believe that Mr. Snowden ... is not under the influence of Russian intelligence services. We believe he is, I certainly believe he is today."
US politicians and lawmakers believe Snowden is being manipulated by the Russian government and poses a great threat to US national security. Prior to Snowden's video interview during SXSW earlier this month, Congressman Mike Pompeo (R-Kansas) wanted event organizers to skip the interview.
Credit card companies and financial institutions indicate the California Department of Motor Vehicles may have been breached, with MasterCard recently sending an alert memo of a "card-not-present" breach indicating online transactions.
It's unknown how the California DMV was compromised, but stolen information includes credit card numbers, three-digit verification codes, and expiration dates are at risk - and an investigation will try to determine if driver's license numbers, Social Security numbers, phone numbers, and addresses were also at risk.
"We're seeing two percent of our card base compromised as a result of this, and our cards are 100 percent concentrated here in California," said a representative at an undisclosed bank, speaking to Krebs on Security. "That's still a big number, and it's a huge exposure window."
Consumers need to be vigilant in how they handle their own personal information, and follow these types of high-profile security breaches.
Another year, another sophisticated Internal Revenue Service (IRS) scam targeting users, with the IRS already receiving 20,000 reports about the clever scam. This particular scam is the largest scam IRS officials have found, and is stealing millions of dollars from US taxpayers across the country.
The scam first gained prominence last August, and largely targeted immigrants - but has evolved into anyone the scammers can trick.
"This is the largest scam of its kind that we have ever seen," said J. Russell George, IRS Treasury inspector, in a statement. "The scammers threaten those who refuse to pay with arrest, deportation or loss of a business or driver's license."
It's not uncommon for residents to receive a phone call from someone claiming to be with the IRS, stating the victim needs to pay or face arrest. The scam might seem ridiculous, but is a major problem - and certainly harms victims - with law enforcement and federal investigators trying to identify those involved.