TweakTown NewsRefine News by Category:
The Obama Administration and law enforcement officials want access to encrypted data, arguing the government and law enforcement need to be able to retrieve information. Ideally, the government would receive warrants and conduct a legal and transparent operation, but companies are willing to stand their ground regardless.
Here is what cryptologist Matt Blaze said during a recent event in Washington, DC (per Washington Times):
"I don't think [FBI] Director [James] Comey wants the world that he's asking for," said .... "I think the world in which we build systems with this added constraint of ensuring law enforcement access is going to cause such an increase in the kinds of digital crimes that are going to become more serious that - even if we take all of the things that we disagree about about values and put them aside - we are going to have the things that we agree about get a lot worse, and that really scares me as we rely on those systems more and more."
It looks like the Zimperium mobile security firm may have found the largest Google Android smartphone flaw, with an estimated 950 million phone owners at risk.
There is no user interaction required for the remote code execution vulnerability, and attackers simply need to know your mobile phone number.
"This happens even before the sound that you've received a message has even occurred," said Joshua Drake, cybersecurity researcher at Zimperium, in a statement published by NPR. "That's what makes it so dangerous. [It] could be absolutely silent. You may not even see anything."
It turns out 92 percent of Americans think the US government should take some form of action in retaliation for cyberattacks and data breaches, according to a survey from the Vormetric cybersecurity company. The US government is under attack by cybercriminals, and they are proving to be successful in their efforts to steal data and compromise networks.
The survey found 45 percent of Americans believe the Obama Administration should initiate talks with the suspected country's leaders to stop future breaches. Thirty-six percent say trade sanctions should be created, and 31 percent believe diplomatic sanctions on a nation's representatives located in the United States should take place.
A surprising number of people think there should be more stringent measures, including 25 percent of respondents saying all ties should be cut off with the responsible country - and 10 percent even think a retaliatory cyberattack might help.
Israel understands the importance of building a strong cybersecurity defense, as attacks on its critical infrastructure greatly increased over the past few years.
Israel Electric, responsible for more than 80 percent of Israel's power production and infrastructure, saw cyberattacks increase from a few hundred per hour in 2013 - up to 20,000 per hour in 2014, according to reports. The Israeli government and major businesses are on a cybersecurity hiring spree, trying to help defend against evolving threats.
"You can't be a good defender unless you understand the offense," said Amos Yadlin, former military chief and head of the Tel Aviv University Institute for National Security Studies, in a statement to Bloomberg News. "Therefore, defensive efforts must overlap to some degree with offensive efforts, including those of intelligence collection."
Edward Snowden may have support from a lot of American citizens, but don't count New Jersey Governor Chris Christie as a fan of the former NSA worker.
Recently, Christie described Snowden as a "piece of garbage," and said he "wouldn't send the SEALs in to pick up that piece of garbage," when asked he would send in the special ops unit to retrieve the American.
Just a few months ago, Christie described Snowden's whistleblowing behavior as "treasonous" and that he "should be forced to come home... and face prosecution."
After Anonymous took credit for a data breach targeting the US Census Bureau, the agency is now investigating the incident. The Federal Audit Clearinghouse is responsible for collecting and storing audit information from local and state governments, Indian tribes and non-profit groups.
The Federal Audit Clearinghouse stores non-confidential information, including names, site user names, and organization addresses and phone numbers.
Don't worry, as all internal confidential information remains secure: "That information remains safe, secure and on an internal network segmented apart from the external site and the affected database," said John Thompson, director of the Census Bureau, in a blog post.
As there is a big push for consumers and retailers to adopt contactless payments, there are plenty of cybersecurity headaches that must be addressed.
The Which? Consumer group noted that data from contactless debit and credit cards can be intercepted - and while not all data is taken - it's enough to make fraudulent purchases.
"Using an easily obtainable reader and free software to decode data, we were able to read the card number and expiry date from all 10 cards," said a spokesperson from Which?, in a statement published by Sky News. "We were also able to read limited details of the last 10 transactions, although no cards revealed the CVV security code."
BlackBerry is looking for new business opportunities away from just smartphone handsets, and recently showed off a new line of security products. The company wants to continue its evolution from just a smartphone maker, and has focused more on software and cloud-based offerings.
The full turnaround may take a bit longer than what the company previously predicted, and instead of it taking six months, could take an additional 12 to 18 months.
"I'm pretty satisfied with the progress on the turnaround so far," said John Chen, CEO of BlackBerry, in a statement to Reuters. "I laid out the $500 million software revenue target and I'm still comfortable with that commitment for this fiscal year, it looks good."
It looks like terrorists are communicating about different attack strategies to launch cyberattacks against the United States, according to FBI director James Comey.
"We are picking up signs of increasing content," Comey said during the Aspen Security Forum. "It's a small but potentially growing problem." Comey didn't publicly discuss what types of attacks could take place - and any initial plans are relatively rudimentary - but shows increased concern from the US government.
Cybercriminals have found numerous ways to target US interests online, but there is specific concern of attacks against critical infrastructure. It would seem like organized foreign states, or state-sponsored hackers pose a greater concern, but terrorists could coordinate with hacker mercenaries.
Oops! It looks like a Universal Pictures studio in France may have been responsible for seeding a pirated version of Jurassic World from its office.
Universal submitted a US Digital Millennium Copyright Act (DMCA) takedown notice to Google, asking it to block requests to hosted and linked copies of Jurassic World. One link was http://127.0.0.1:4001/#/fr, indicating it was a "localhost" machine. Movie studios typically use automated scanners to identify sources of their pirated content, and it would seem chaotic that the scanner identified a Universal machine.
It's not surprising that movie pirates have been all over Jurassic World, as it smashed box office records after its release on June 12. A Jurassic World sequel is planned for 2018, as the movie generated so much international box office revenue. In case you missed it, here is the TweakTown review of the film.