TweakTown
Tech content trusted by users in North America and around the world
5,976 Reviews & Articles | 38,612 News Posts

TweakTown News

Refine News by Category:

Hacking & Security Posts - Page 12

UK government blocks 1 out of every 5 websites in censorship uproar

At least one in five websites are blocked in the United Kingdom, with a growing number of legitimate websites getting caught up in the censorship, according to the Open Rights Group.

 

TweakTown image news/3/8/38832_01_uk_government_blocks_1_out_of_every_5_websites_in_censorship_uproar.jpg

 

The Open Rights Grouped tried to access 100,000 websites with default filter settings - or "normal" filtering with nothing set as a default - and there were almost 20,000 different websites blocked. It's a frustrating system that leaves some websites, such as Sherights.com, a blog focusing on violence against women and LGBT rights, blocked and inaccessible.

 

"We've been surprised to find the default filtering settings are blocking around a fifth of the Alexa top 100K websites," said Jim Killock, ORG Executive Director, in a statement. "That's a lot more than porn, which accounts for around 4 percent of that list."

Continue reading 'UK government blocks 1 out of every 5 websites in censorship uproar' (full post)

International ISPs targeting GCHQ because of spying activities

Following former NSA contractor Edward Snowden discussing surveillance activities by the NSA and its British counterpart, the GCHQ, a number of ISPs in the United States, United Kingdom, South Korea, Netherlands, Germany and Zimbabwe are targeting the GCHQ. Specifically, they say the spy agency used "malicious software" to compromise their networks while collecting data.

 

TweakTown image news/3/8/38831_01_international_isps_targeting_gchq_because_of_spying.jpg

 

The GCHQ said online searches, which it considers "external communications" when routed overseas, don't require a warrant.

 

"Snowden's revelations have exposed GCHQ's view that independent operators like GreenNet are legitimate targets for Internet surveillance, so we could be unknowingly used to collect data on our users. We say this is unlawful and utterly unacceptable in a democracy," said Cedric Knight, from Dutch-based ISP, GreenNet.

Continue reading 'International ISPs targeting GCHQ because of spying activities' (full post)

Snowden shakes things up, physical data location becoming irrelevant

Former NSA contractor Edward Snowden has greatly changed data security after disclosing major surveillance programs targeting U.S. citizens and foreign citizens. This has caused such a shakeup that physical location of data will become irrelevant moving forward, with organizations using a combination of different strategies to stay more secure, according to research firm Gartner.

 

TweakTown image news/3/8/38814_01_snowden_shakes_things_up_physical_data_location_becoming_irrelevant.jpg

 

Gartner lists the following types of data location: physical location, legal location, political location, and logical location. Companies trying to keep data secure will have to find ways to keep data offshore while ensuring encryption keys and other tools are located elsewhere, for example - critically important with cloud computing becoming more important.

 

"Business leaders must make the decision and accept the residual risk, balancing different types of risk: ongoing legal uncertainty, fines or public outrage, employee dissatisfaction or losing market share due to a lack of innovation, or overspending on redundant or outdated it," according to Gartner.

Continue reading 'Snowden shakes things up, physical data location becoming irrelevant' (full post)

Houston Astros MLB team hacked, trade information, other content taken

The Houston Astros baseball team playing in the Major League Baseball (MLB) league recently suffered a data breach, with information posted online. Some of the information includes private conversations related to possible trades with other teams, including the New York Mets and Miami Marlins.

 

TweakTown image news/3/8/38813_01_houston_astros_mlb_team_hacked_trade_information_other_content_taken.jpg

 

After the team discovered it was compromised, officials alerted the MLB and a FBI-led investigation is currently underway.

 

"While it does appear that some of the content released was based on trade conversations, a portion of the material was embellished or completely fabricated," according to a statement released by the team.

Continue reading 'Houston Astros MLB team hacked, trade information, other content taken' (full post)

Norway ends e-voting experiment due to security concerns

Norway has conducted e-voting tests during local and national elections in 2011 and 2013, with the government pulling the blog, citing voter fears. During a test run in 2013, 70,000 Norwegians tested e-voting - but there was concern because prior to the election, when the encryption software was compromised.

 

TweakTown image news/3/8/38811_01_norway_ends_e_voting_experiment_due_to_security_concerns.jpg

 

There was a political controversy and the e-voting process didn't generate additional interest to draw voters to the polls, according to the government. A small number of voters, just 0.75 percent of all voters, managed to double vote due to a glitch in the system.

 

"In order to push both the trustworthiness and transparency of the procedure, the source code for this year's e-voting system was put into the public domain, and anyone can now download and study the source code used from the e-voting project webpage," said Stig Oyvann.

Continue reading 'Norway ends e-voting experiment due to security concerns' (full post)

Symantec uncovers 'Dragonfly' group targeting western energy companies

Western energy companies are under attack by cybercriminals located in Eastern Europe, compromising industrial control system software updates. The attackers, known as "Dragonfly," are able to spy on energy sector targets, and could have damaged or disrupted energy service to customers, according to security firm Symantec.

 

TweakTown image news/3/8/38787_01_symantec_uncovers_dragonfly_group_targeting_western_energy_companies.jpg

 

In addition, Dragonfly utilizes a large library of malware and other cyberattack tools capable of causing damage to targets. Along with infecting industrial control systems, the group is responsible for sending out spam emails to target select companies. The U.S. government wants a stronger stance on cybersecurity, and often points towards the financial and energy infrastructure as two sectors that need to adhere to strict security protocols.

 

"This campaign follows in the footsteps of Stuxnet, which was the first known major malware campaign to target ICS systems," according to the Symantec report. "While Stuxnet was narrowly targeted at the Iranian nuclear program and had sabotage as its primary goal, Dragonfly appears to have a much broader focus with espionage and persistent access as its current objective with sabotage as an optional capability if required."

Edward Snowden leak damage manageable, new NSA chief says

Former NSA contractor Edward Snowden generated anger among politicians and military leaders when he revealed organized surveillance programs. However, it's not causing the new head of the National Security Agency (NSA) to panic, saying the damage done is manageable and hasn't led him to believe "the sky is falling."

 

TweakTown image news/3/8/38803_01_edward_snowden_leak_damage_manageable_new_nsa_chief_says.jpg

 

When responding to damage caused by Snowden, the new director, Adm. Michael S. Rogers, said the risk was manageable: "You have not heard me as the director say, 'Oh, my God, the sky is falling.' I am trying to be very specific and very measured in my characterizations."

 

Similar to a handful of lawmakers, they claim Snowden's information has led to terrorists changing tactics, but refuse to indicate which groups have altered their tactics - while citizens remain frustrated about such organized snooping practices.

Apple two-stage iCloud authentication system launches

Apple is currently testing a way to make its iCloud system more secure by using two-step verification. Before the new system went into testing, all people needed was a simple password to gain access to iCloud.com. Using only a password makes access easier to gain by nefarious hackers.

 

TweakTown image news/3/8/38800_8_apple_two_stage_icloud_authentication_system_launches.jpg

 

iCloud now uses Apple's normal two-factor authentication system with users logging in using a password and a four-digit verification code. That four-digit verification code has to be sent to a trusted device.

 

Once that four-digit code is entered, iCloud apps are unlocked and can be accessed normally. The only iCloud app that can be accessed without the verification code is the Find my iPhone button. Find My iPhone is not secured with two-factor authentication to allow you to find your device if it is lost or stolen and is your trusted device.

US companies facing DDoS attacks that prove to be very effective

Cybercriminals are finding success launching distributed denial of service (DDoS) attacks against companies, causing disruptions and sometimes halting organizations during business days. Forty one percent of organizations across the world were targeted, with 78 percent hit at least two or more times in the past 12 years, according to BT.

 

TweakTown image news/3/8/38783_01_us_companies_facing_ddos_attacks_that_prove_to_be_very_effective.jpg

 

"DDoS attacks have evolved significantly in the last few years and are now a legitimate business concern," said Mark Hughes, BT Security President, in a press statement. "They can have a damaging effect on revenues and send an organization into full crisis mode. Reputations, revenue and customer confidence are on the line following a DDoS attack. Finance, e-commerce companies and retailers in particular suffer when their websites or businesses are targeted."

 

DDoS cyberattacks were up 43 percent during Q4 2013, according to security company Akamai - and the problem only seems to be intensifying. Due to the increase in DDoS attacks, 78 percent of US organizations are increasingly concerned about the popular cyberattack method used by hackers.

Microsoft battles against malware crime groups in Algeria, Kuwait

Malware linked back to cybercriminals in Algeria and Kuwait was disrupted when Microsoft named several parties in a civil suit accused of creating malicious code that infected millions of victims. The strategy is a unique new method by Microsoft, attempting to disrupt communication channels used by cybercriminals and the infected PCs they've compromised.

 

TweakTown image news/3/8/38786_01_microsoft_battles_against_malware_crime_groups_in_algeria_kuwait.jpg

 

The foreign nationals, Naser Al Mutairi and Mohamed Benabdellah, along with the Vitalwerks Internet Solutions domain hosting company - almost 94 percent of compromised machines used Vitalwerks servers so the criminals were able to control the machines - in a rather clever method to try to stay under the radar.

 

Meanwhile, Vitalwerks claims millions of Internet users have suffered disrupted service because of the legal proceedings. Microsoft didn't directly say Vitalwerks was involved in the cybercriminal activities, but said the company didn't do enough to prevent it.

Continue reading 'Microsoft battles against malware crime groups in Algeria, Kuwait' (full post)

Latest Tech News Posts

View More News Posts
Check out TweakTown Polls on LockerDome on LockerDome

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases