TweakTown
Tech content trusted by users in North America and around the world
5,920 Reviews & Articles | 38,141 News Posts

TweakTown News

Refine News by Category:

Hacking & Security Posts - Page 10

BBC apologizes for bizarre mobile app push notification

The BBC has had to apologize to its mobile app users following a weird push notification sent from its news app full of nosequiturs.

 

TweakTown image news/3/8/38721_01_bbc_apologizes_for_bizarre_mobile_app_push_notification.jpg

 

Twitter users wondered if the BBC had its security compromised when the app said: "NYPD Twitter campaign 'backfires' after hashtag hijacked. Push sucks! Pull blows! BREAKING NEWS No nudity in latest episode of Game of Thrones!!! MORE BREAKING NEWS IIIIIII like testing."

 

The broadcasting house insisted that its security had not, in fact, been breached - and that the notification was down to good old fashioned human error. "We apologize to our app users who were unnecessarily interrupted with the alert," a BBC spokesperson said. "We've been in the process of testing new functionality for our apps and a test message was sent in error."

Continue reading 'BBC apologizes for bizarre mobile app push notification' (full post)

Data breach leaves 1.3M health medical records in Montana at risk

The State of Montana's Department of Public Health and Human Services was hacked and cybercriminals compromised up to 1.3 million records. State officials confirmed the problem and said the department has informed customers, warning Social Security numbers and other personal information might be at risk.

 

TweakTown image news/3/8/38701_01_data_breach_leaves_1_3m_health_medical_records_in_montana_at_risk.jpg

 

In addition to customer Social Security numbers, hackers breached patient names, birth dates, bank account numbers, medical diagnosis, prescriptions, dates of service, and treatments given.

 

"We have absolutely no indication the criminals who illegally entered the server had any interest in the data they accessed in any way, shape or form, and we have no reports of people's identities being stolen," said Richard Opper, department director, in a statement.

Continue reading 'Data breach leaves 1.3M health medical records in Montana at risk' (full post)

Cybercriminals update Pony Loader malware to steal your bitcoins

The Pony Loader malware has been updated to v2.0 and has nasty new tricks to help compromise users and steal bitcoins. The updated version is able to compromise a large group of different cryptocurrency wallets, including Litecoin, Namecoin, Terracoin, Goldcoin, Junkcoin, and Anoncoin.

 

TweakTown image news/3/8/38700_01_cybercriminals_update_pony_loader_malware_to_steal_your_bitcoins.jpg

 

To counter this new malware threat, it's recommend users update to the newest bitcoin client, which gives users a way to encrypt private keys with passphrases.

 

"Given the capability to steal stored credentials from a wide variety of software, users should consider storing their passwords and bitcoin private keys using these programs risky," said Isaac Palmer, Damballa malware reserve engineer, in a blog post.

Continue reading 'Cybercriminals update Pony Loader malware to steal your bitcoins' (full post)

Havex malware modification targeting industrial control systems

Cybercriminals are finding new methods to compromise energy companies and other critical industries with custom malware, exploiting legitimate apps. Instead of trying to hack the company directly, hackers are finding success in hacking software providers to hack vendors, according to security firm F-Secure.

 

TweakTown image news/3/8/38699_01_havex_malware_modification_targeting_industrial_control_systems.jpg

 

The "Havex" malware previously hit the energy sector, and is now being used to target companies in Europe. An industrial machine producer and two educational organizations in France, with companies in Germany also hit.

 

"During the spring of 2014, we noticed that Havex took a specific interest in Industrial Control Systems (ICS) and the group behind uses an innovative Trojan horse approach to compromise victims," said F-Secure in a blog post. "The attackers have Trojanized software available for download from ICS/SCADA manufacturer websites in an attempt to infect the computers where the software is installed to."

Continue reading 'Havex malware modification targeting industrial control systems' (full post)

PayPal security 'shoddy,' Two-Factor Authentication bypassed

PayPal's security procedures have been described as 'shoddy,' with the possibility of bypassing the company's two-factor authentication, according to security firm Duo Security. PayPal has created a workaround in place to reduce vulnerability, and a permanent fix is currently being developed.

 

TweakTown image news/3/8/38678_01_paypal_security_shoddy_two_factor_authentication_bypassed.jpg

 

Exploiting a flaw in the two-factor authentication (2FA) mechanism, but at least one person used flight mode to turn off connectivity immediately after logging into PayPal.

 

"The vulnerability lies primarily in the authentication flow for PayPal's API web services," according to the Duo Security blog post. "In particular, api.paypal.com, a REST-ful API which uses OAuth for authentication/authorization, does not directly enforce two-factor authentication requirements server-side when authenticating a user."

Continue reading 'PayPal security 'shoddy,' Two-Factor Authentication bypassed' (full post)

Smartphone kill switch passes California Assembly, Headed to Floor

California Senate Bill 962, aimed at forcing smartphone manufacturers to include mandatory kill switches on smartphones, has passed the California Assembly committee. Apple, Google, Microsoft, Verizon Wireless and AT&T say they are okay with the law, after showing initial distrust of mandatory kill switches.

 

TweakTown image news/3/8/38680_01_smartphone_kill_switch_passes_california_assembly_headed_to_floor.jpg

 

Last month, the California Senate passed the smartphone kill switch bill on its second try, with lawmakers saying police across the state are seeing smartphone thefts plaguing communities. San Francisco District Attorney George Gascon and Oakland Mayor Jean Quan applaud anti-theft smartphone technology, especially with smartphone-related crimes staggering high in San Francisco and Oakland, respectively.

 

"The only way to stop the victimization of innocent cell phone customers is to enable theft-deterrent technology on nearly every new smartphone sold in California, which this legislation will do," said Sen. Mark Leno, (D-San Francisco), the sponsor of the bill

Around 80 percent of Flappy Bird clones installed with malware

Mobile gamers interested in playing Flappy Bird should be extremely careful, because most versions of the game circulating shipped with some type of malware. A whopping four out of every five Flappy Bird clone apps come with malware, and that shouldn't be a surprise, with the game pulled while still in such high demand.

 

TweakTown image news/3/8/38659_01_around_80_percent_of_flappy_bird_clones_installed_with_malware.jpg

 

The developer behind Flappy Bird, Dong Nguyen, removed his hugely popular game from app stores in February, concerned that it was causing addition. However, the game was so popular that it didn't take long before clones began hitting the Internet, and download rates of the knock-off versions picked up.

 

Some malware is responsible for texting premium services, while others intercept messages and phone calls, and others focus on targeting payment information.

Cyberattacks demanding ransom in exchange for files growing

Police departments in the United States are being targeted by cyberattacks compromising users and demanding ransom in exchange for control of PCs and files. It's a significant problem when emergency responders are unable to access databases and records due to someone carelessly clicking something in their email.

 

TweakTown image news/3/8/38656_01_cyberattacks_demanding_ransom_in_exchange_for_files_growing.jpg

 

Recently, the Collinsville Police Department in Alabama was hit, triggered by someone in the police department opening a suspicious email attachment, that immediately hurt police activities. They were unable to access mug shot files, time sheets, and vehicle maintenance records - and the department's computer backups failed, and they might have to start over from scratch.

 

A police department in Massachusetts was compromised and chose to pay the $750 ransom, which is something federal investigators don't encourage. The files might be decrypted and returned, but likely don't end up returning the same way they were before being compromised.

Continue reading 'Cyberattacks demanding ransom in exchange for files growing' (full post)

Current cybersecurity threats are confusing and companies struggle

Companies and enterprises are seeing the negative impact of cybersecurity issues, such as data breaches can cause, but aren't using information protection strategies to help combat the problem, according to a recent survey published by CSO Magazine and PwC.

 

TweakTown image news/3/8/38625_01_current_cybersecurity_threats_are_confusing_and_companies_struggle.jpg

 

Three out of four companies experienced some type of security problem in the past year, with an average of 135 incidents per company. To make matters worse, improving cybersecurity still isn't company priority when compared to other day-to-day business activities.

 

"While the number of cybercrime incidents and the monetary losses associated with them continue to rise, most U.S. organizations' cybersecurity capabilities do not rival the persistence and technological skills of their cyber adversaries," according to the survey.

Continue reading 'Current cybersecurity threats are confusing and companies struggle' (full post)

FBI teams up with NYPD and NYC MTA to create cybercrime task force

New York City has a new financial cybercrimes task force with the Federal Bureau of Investigation (FBI) teaming up with the New York City Police Department and Metropolitan Transportation (MTA) authority. The three agencies will share threat assessment data and study cyberattacks in which money and funds have been compromised.

 

TweakTown image news/3/8/38623_01_fbi_teams_up_with_nypd_and_nyc_mta_to_create_cybercrime_task_force.jpg

 

The FBI has become active in partnering with local agencies across the United States, as part of its Next Generation Cyber Initiative - understanding that cyberattacks continue to expand and evolve at a rapid pace.

 

"The task force model that has been successfully employed in response to bank robbery and terrorism cases is now being applied to the cyber realm," said George Venizelos, FBI Assistant Director, in a statement. "The FBI continues to develop positive working relationships with our fellow law enforcement officers in our joint efforts to tackle criminal activity, and we look forward to working with our partners at the NYPD and MTA to combat cybercrime."

Latest Tech News Posts

View More News Posts

TweakTown Web Poll

Question: Facebook's acquisition of Oculus VR will...

Improve Oculus Rift Development

Hamper Oculus Rift Development

Completely destroy Oculus Rift Development

Let's wait and see, I'm not sure

or View the Results

View More Polls

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases