Tech content trusted by users in North America and around the world
6,515 Reviews & Articles | 43,722 News Posts
TRENDING NOW: NVIDIA GeForce GTX 980 Ti should have 6GB GDDR5, release imminent

TweakTown News

Refine News by Category:

Hacking & Security Posts - Page 13

Official: Cyber doomsday less likely as continued low-level attacks

Even with the rising sophistication of cyberespionage campaigns, US critical infrastructure is less likely to suffer from a single major incident - and faces a higher risk of continued low-to-medium attacks.

 

official-cyber-doomsday-less-continued-low-level-attacks_01

 

"Rather than a 'cyber-Armageddon' scenario that debilitates the entire US infrastructure, we envision something different," said James Clapper, director of national intelligence, in a recent report. "We foresee an ongoing series of low-to-moderate level cyberattacks from a variety of sources over time, which will impose cumulative costs on US economic competitiveness and national security."

 

Clapper's statements were made as part of a report submitted to the Senate committee, with growing concern regarding cybersecurity.

Continue reading 'Official: Cyber doomsday less likely as continued low-level attacks' (full post)

FireEye: Breach detection time is dropping, averages 205 days

FireEye's Mandiant found that the average data breach was discovered in 205 days, dropping from 229 days (2013) and 243 days (2012). Enterprises were only able to self-detect 31 percent of breaches, with third-parties and the government helping identify cybersecurity incidents.

 

fireeye-breach-detection-time-dropping-averages-205-days_01

 

Companies are becoming more vigilant in detecting cybercrime-related activity, such as credit card companies noticing fraudulent behavior.

 

"Over the last several years, organizations like the Federal Bureau of Investigation (FBI) have gotten increasingly involved in notifying US businesses that they have been identified as being compromised," said Ryan Kazanciyan, technical director at Mandiant, in a statement to eWEEK. "The result of the FBI's efforts has led to increasing numbers of victim notifications."

Continue reading 'FireEye: Breach detection time is dropping, averages 205 days' (full post)

Europol cripples Ramnit botnet, helping free millions of hijacked PCs

Europol's European Cybercrime Center is actively dismantling the Ramnit botnet, which relies on up to 3 million malware-infected zombie PCs. Twenty-seven percent of Ramnit infections were identified in India, with Indonesia (18 percent), Vietnam, the United States, Bangladesh and the Philippines also impacted.

 

europol-cripples-ramnit-botnet-taking-aim-3-million-infected-pcs_01

 

Europol didn't say if any arrests were made at this stage of the investigation, but offered this public statement:

 

"This successful operation shows the importance of international law enforcement working together with private industry in the fight against the global threat of cybercrime," said Wil van Gemert, Deputy Director of Operations at Europol. "We will continue our efforts in taking down botnets and disrupting the core infrastructures used by criminals to conduct a variety of cybercrimes."

Continue reading 'Europol cripples Ramnit botnet, helping free millions of hijacked PCs' (full post)

Lizard Squad says it hacked Lenovo website, and emails were taken

In retaliation for loading PCs with Superfish adware, the Lizard Squad hacker group reportedly hacked the Lenovo website on Wednesday. Website visitors saw a slideshow of people singing "Breaking Free" into their webcams, instead of the normal Lenovo website.

 

lizard-squad-hacked-lenovo-website-emails-taken_01

 

"We regret any inconvenience that our users may have if they are not able to access parts of our site at this time," Lenovo said in a statement. "We are actively reviewing our network security and will take appropriate steps to bolster our site and to protect the integrity of our users' information."

 

It has been a terrible month for Lenovo, with the company confirming - and apologizing - for its use of Superfish, and then being hacked by the Lizard Squad. The hacker group reportedly used the Webnic.cc domain name registrar, a Malaysian company, to hijack the website's Domain Name System (DNS).

Continue reading 'Lizard Squad says it hacked Lenovo website, and emails were taken' (full post)

Anthem confirms data breach could hit up to 19 million non-members

Anthem confirmed millions of non-Anthem customers are at risk, and 8.8 million up to 18.8 million customers could be at risk. Following discovery of the breach on Jan. 29, Anthem began contacting customers, but found millions of incomplete data records in its database.

 

anthem-confirms-data-breach-hit-up-19-million-non-members_01

 

The estimate counts 14 million incomplete records:

 

"While Anthem is not able to match incomplete records to a specific member, it does have valid mailing addresses for some of these records," an Anthem spokesperson told ABC News. "Anthem will distribute member notifications to the valid address on file as part of its effort to notify every potentially impacted member."

Continue reading 'Anthem confirms data breach could hit up to 19 million non-members' (full post)

FBI says it is "close" to identifying group behind Anthem data breach

The FBI says it is "close" to identifying the cybercriminal group responsible for breaching Anthem, but didn't confirm if a public announcement would be made. The targeted attack against Anthem, the No. 2 health insurance company in the United States, left up to 80 million members compromised.

 

fbi-close-identifying-group-behind-anthem-data-breach_01

 

China is suspected in the breach, with Beijing reportedly improving its cyberespionage capabilities.

 

"We're close already," said Robert Anderson, head of the FBI's cybercrime branch, during a recent media briefing. "But we're not going to say it until we're absolutely sure. I don't know if it's China or not, by the way."

Continue reading 'FBI says it is "close" to identifying group behind Anthem data breach' (full post)

Mobile security issues open the door to compromise users

Millions of smartphones and mobile devices are vulnerable due to mobile app developers being lackadaisical issuing patches and security updates, according to a report from McAfee Labs.

 

mobile-security-issues-open-door-compromise-users_01

 

Last year, it was discovered that at least 20,000 mobile apps have an easily exploitable SSL vulnerability, according to the Carnegie Mellon University computer emergency response team. McAfee tested the 25 most popular apps listed by Carnegie Mellon, and found that "poor programming practices" were prevalent - putting app users at risk.

 

"A lot of the discussion right now is about the value of data on your device, in this case your cellphone," said Gary Davis, McAfee spokesman, in a statement published by CBC. "Addresses, dates of birth, these are all data elements you'd need to in essence steal somebody's identity, or perhaps conduct insurance fraud, and it's all being made available through different applications."

US offers $3 million bounty for Russian creator of GameOver Zeus

The FBI wants to get its hands on Evgeniy Mikhailovich Bogachev, and has offered a $3 million bounty for the arrest or conviction of the suspected cybercriminal. Bogachev already is featured on the Cyber's Most Wanted list, and is suspected to be in Russia.

 

offers-3-million-bounty-russian-creator-gameover-zeus_01

 

Bogachev allegedly was the administrator of the GameOver Zeus network, starting in 2011, with up to 1 million computers across the world infected - and more than $100 million was reportedly stolen. The Russian citizen was indicted by a federal grand jury in 2012 for conspiracy to violate the Computer Fraud and Abuse Act, aggravated identity theft and bank fraud. A later federal grand jury indicted him for wire fraud, computer fraud and money laundering.

 

Trying to identify and arrest suspected cybercriminals is extremely difficult, but the FBI has a select list of criminals they hope to arrest.

FBI aware of at least 60 state-sponsored cyberthreat groups

The FBI is aware of at least 60 cybercriminal groups with state-sponsored support, according to Joseph Demarest, senior bureau chief and head of the FBI cybercrime division.

 

fbi-aware-60-state-sponsored-cyberthreat-groups_01

 

Demarest also said the FBI was able to trace the Sony Pictures Entertainment hack was tied to North Korea within one month - showing that the unstable country has increasingly sophisticated cyberattack capabilities. State-sponsored cyberespionage is a booming business, with the FBI and other departments suspecting China, Russia, Iran, and other countries of relying on hackers.

 

In addition, the FBI announced a $3 million reward for the arrest or conviction of Evgeniy Bogachev, operator of GameOver Zeus. The bounty is the largest offered for a cybercriminal, and the Russian has been charged with computer hacking, conspiracy, wire fraud, bank fraud and money laundering - and faces a federal charge of bank fraud conspiracy.

LinkedIn offering $1 to previously compromised users

Do you remember when 6.5 million LinkedIn user's passwords were leaked in 2012 by Russian hackers? We leaned that apparently some people log-in to their professional social media with passwords like 'swampass' and 'squirter'.

 

linkedin-offering-1-previously-compromised-users_056

 

A class action lawsuit has seen this company brought to their knees, offering a massive $1 each to the 800,000 Premium Users who joined up the fight. Just in case you were wondering if this might have been a typing error or mistake, it's not - they're giving $1 of cold-hard US dollar to each of the 800,000 Premium Users in which joined this lawsuit.

 

A LinkedIn spokesperson said to the New York Times that the purpose of this move is "to avoid the distraction and expense of ongoing litigation," even though they deny that they are at fault for the breach.

 

If you're thinking that you've missed out on cashing in - think again. A LinkedIn Premium Account will set you back $30 per month and as Gizmodo reports the result of this lawsuit is basically one free day of use.

Continue reading 'LinkedIn offering $1 to previously compromised users' (full post)

Latest News Posts

View More News Posts

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases
Subscribe to our Newsletter
Or Scroll Down