Tech content trusted by users in North America and around the world
6,370 Reviews & Articles | 40,340 News Posts
TRENDING NOW: SanDisk unveils huge 200GB microSD card for Android devices

TweakTown News

Refine News by Category:

Hacking & Security Posts - Page 11

Companies must 'update their security' plans to improve security

Business leaders are paying attention to cybersecurity more than they were in recent years, but struggle to find methods to keep networks secure. Trying to determine what steps to take remains a complicated issue, especially with some companies discovering data breaches months after the initial incident occurs.

 

expert-companies-update-security-plans-improve-security_01

 

There are a number of potential problems for companies trying to keep their networks secure, as potential attacks originate from a variety of sources. Much focus is dedicated to preventing a breach, but business leaders also need to focus on the likelihood that a cyberattack was successful:

 

"The role of organized crime and government-sanctioned hacking will continue to thwart cybersecurity efforts [in 2015]," said JF Roy, CTO of TIBCO LogLogic, in a statement to TweakTown. "Breaches will continue to be discovered after the fact, which means that businesses must update their security and risk management plans to include incident response policies with contingencies for involvement of federal law enforcement."

Researchers: Gas station fuel tanks are vulnerable to potential attack

It appears the serial ports of automated tank gauges (ATGs) of almost 5,300 gas stations and fuel depots in the United States are vulnerable because they aren't password protected. ATGs are used to more accurately track fuel tank inventory levels, raise alarms, track fuel deliveries, and conduct leak tests - but people with access to the interfaces could cause problems, according to the Rapid7 Security Street blog.

 

researchers-gas-station-fuel-tanks-vulnerable-potential-attack_01

 

It doesn't look like there have been any incidents of actual breaches, but shows the importance of password protecting connected technologies. ATGs can be accessed via serial port, plug-in serial port, TCP/IP circuit board, and fax/modem.

 

Rapid7 was made aware of the issue by Jack Chadowitz, founder of the Kachoolie security firm, and started investing ATG vulnerabilities since Jan. 9.

Lizard Squad says it wasn't hacked, distributed customer data

Despite previous reports claiming the Lizard Squad was hacked, which would be a public relations nightmare for the hacker group, it appears the list could have just been distributed. Members of the group were sharing the list with trusted contacts, plotting attacks against specific accounts that piqued their interest. Seems a trusted source received the list and decided to publicly release it, according to an unnamed Lizard Squad member.

 

lizard-squad-hacked-distributed-customer-data_01

 

"We've got a fairly good idea who handed it over to Krebs & co. though," a supposed Lizard Squad spokesman told Forbes. "I didn't look into it much but from what I heard there were some pretty well known Twitter users in there for example and gamers. There were some interesting people who signed up... and considering most users were stupid enough to reuse their passwords..."

 

The Lizard Squad still seems mainly interested in attacking gaming-related services and servers, and while several members have been arrested, continue to pose a threat.

Kaspersky: 32% of users don't take precautions when sharing devices

Thirty-two percent of users who share an Internet-enabled device, such as smartphones or tablets, with relatives, colleagues or friends don't take precautions to protect their information, according to a survey from Kaspersky Lab and B2B International.

 

kaspersky-32-users-take-precautions-sharing-devices_01

 

Many people use PCs, smartphones, tablets and other devices with at least one other person, with one in three users saying they share devices - but don't have proper security protocols in place while sharing technology.

 

"Sharing a computer or smartphone increases the risk of malware infection, data loss or account theft, so it is important to take precautions," said Elena Kharchenko, Head of Consumer Product Management at Kaspersky Lab. "Always keep backup compies of important files; delete information that should not fall into the wrong hands, especially by disabling form autofill; try to control user access rights on the device - and most importantly - use programs that provide protection against cyber threats."

Nonprofit groups must be aware of ransomware attacks, as threats rise

Attention on cyberattacks typically tends to focus on data breaches, but nonprofit groups likely face a higher risk of ransomware attacks. These types of attacks typically begin with a phishing attempt that gets an employee to unknowingly install custom malware designed to encrypt files - and hold critical data for ransom, or the files will be left permanently compromised.

 

nonprofit-groups-aware-ransomware-attacks-threats-rise_01

 

As nonprofits are adjusting efforts to reach fundraising goals, people donating to these groups expect a certain level of security while contributing money - and a ransomware attack can be extremely detrimental.

 

"In 2015, the number of unique cybersecurity threats has surpassed the 300 million mark, growing at a steady rate of almost 40,000 new threats a day," said Catalin Cosoi, global security strategist of Bitdefender. "But it's not only the sheer number of malware that poses an immediate risk to nonprofits across the United States. Some of these viruses now specialize in extorting businesses by encrypting data and then asking for money in return... for the decryption key."

Continue reading 'Nonprofit groups must be aware of ransomware attacks, as threats rise' (full post)

Blame IoT, data breaches will be worse in 2015 than last year

High-profile cyberattacks and data breaches in 2014 indicated the serious need for improved security efforts, but 2015 could be even worse, noted Cisco CEO John Chambers. Data breaches sometimes take months to detect, and improving security remains a difficult process that causes headaches for business leaders and IT staff.

 

blame-iot-data-breaches-worse-2015-last-year_01

 

Of specific concern is the growing number of connected devices now access the Internet, with cybercriminals interested in exploiting these products.

 

"There is no data center or network in the world that hasn't been hacked," said Chambers, speaking to CNBC during the World Economic Forum. "If you watched the number of attacks, they're going up exponentially this year, this year's going to be much worse than last year."

SPE computers still not functioning normally after data breach

Sony will delay releasing its third quarter earnings report because of Sony Pictures continuing to struggle with repair of its crippled computer systems. Company officials want to release Sony's earnings report on March 31, and have asked regulators for additional time to get its IT situation sorted.

 

spe-computers-still-functioning-normally-data-breach_01

 

It will take until early February until SPE systems are fully restored and operational because of the "amount of destruction and disruption that occurred, and the care necessary to avoid further damage by prematurely restarting functions," according to Sony.

 

Despite The Interview bringing it close to $50 million from the box office, online rentals and sales, it has been a constant headache for the film studio. During CES, Sony CEO Kazuo Hirai said current and former employees suffered "one of the most vicious and malicious" cyberattacks to target a company - and applauded them for their continued resolve.

Cybersecurity a 'daunting operational challenge' for companies

Companies suffered relentless cyberattacks and data breaches in 2014, and that trend is expected to continue in 2015. Business leaders need to streamline their efforts to improve cybersecurity protocols to prevent outside breaches, along with defending accidental and intentional insider threats posed by employees.

 

cybersecurity-daunting-operational-challenge-companies_01

 

"Because of the multitude and sophistication of both internal and external attack vectors, cybersecurity is perhaps the most daunting operational challenge facing organizations today," said JF Roy, CTO of TIBCO LogLogic, in a statement to TweakTown.

 

As companies and government departments scramble to fix potential security problems, they are throwing money at the problem - but that can be a futile effort if they don't understand why these incidents occurred in the past.

Continue reading 'Cybersecurity a 'daunting operational challenge' for companies' (full post)

Writer with ties to Anonymous sentenced to 5 years for threatening FBI

Barrett Brown, a writer and activist linked to the Anonymous hacker group, has been sentenced to five years in prison for sharing stolen data and threatening an FBI agent. Brown pleaded guilty to obstructing the execution of a search warrant, accessory to an unauthorized access of a protected computer and making Internet threats.

 

writer-ties-anonymous-sentenced-5-years-threatening-fbi_01

 

Brown's tweets and posted YouTube videos helped generate unwanted attention by federal investigators, and the 33-year-old was blamed for sharing data stolen from the Stratfor private defense contractor. He originally could have faced more than 100 years if convicted - and after time served in custody already - must serve three more years.

 

"If I criticize the government for breaking the law, but then break the law myself in an effort to reveal their wrongdoing, I should expect to be punished just as I've called for the criminals at government-linked firms to be punished," Brown said before he was sentenced. "When we start fighting crime by any means necessary, we become guilty of the same hypocrisy as law enforcement agencies throughout the history that break the rules to get the villains, and so become villains themselves."

Madonna thanks police for arresting hacker accused of stealing songs

Police in Israel have reportedly arrested a hacker accused of stealing unfinished songs from Madonna's latest album. Adi Lederman, a 38-year-old Israeli, will face charges related to intellectual property theft and aggravated fraud, and has allegedly stolen and sold other music online.

 

madonna-thanks-police-arresting-hacker-accused-stealing-songs_01

 

Madonna's album "Rebel Heart" is scheduled for release in March, but songs were leaked online in December. Not surprisingly, the musician asked fans not to listen to the stolen songs, pleading to music fans that the song theft was the equivalent of a personal and professional violation.

 

"I am profoundly grateful to the FBI, the Israeli Police investigators and anyone else who helped lead to the arrest of this hacker," Madonna wrote on her Facebook page. "I deeply appreciate my fans who have provided us with pertinent information and continue to do so regarding leaks of my music. Like any citizen, I have the right to privacy. This invasion into my life - creatively, professionally, and personally remains a deeply devastating and hurtful experience, as it must be for all artists who are victims of this type of crime."

Latest News Posts

View More News Posts

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases
Or Scroll Up Or Down