TweakTown NewsRefine News by Category:
Chinese mobile manufacturer Coolpad is building backdoors into high-end Google Android-powered smartphones, according to Palo Alto Networks' Unit 42. The "CoolReaper" backdoor has been found on a variety of ROMs that were downloaded by security researchers. Coolpad is the No. 6 largest smartphone manufacture in the world, No. 3 inside of China, so this is an extremely troubling development.
CoolReaper is able to download, install, or activate Android applications without needing owner consent or notification. It can also clear user data, uninstall applications, and disable system applications. Researchers also found that it can dial arbitrary phone numbers and send SMS or MMS messages from the phone.
"CoolReaper is the first malware we have seen that was built and operated by an Android manufacturer," according to the Palo Alto Networks' Unit 42 blog. "The changes Coolpad made to the Android OS to hide the backdoor from users and anti-virus programs are unique and should make people think twice about the integrity of their mobile devices."
There is concern that the cybercriminals responsible for compromising Sony Pictures Entertainment, and then leaking stolen information, cannot face justice if being protected by North Korea, according to US officials. If North Korea sponsored the attack, likely recruiting hackers outside of the country to lend a hand, it would be difficult for them to face justice in the United States, according to an unnamed U.S. official.
Trying to accurately identify and detain hackers has been difficult for the United States and other western nations - as extradition for cybercrimes only happens in extreme cases. Even if the FBI and cybersecurity companies identify those responsible, they should be able to hide and remain safe.
"The Interview" will still launch on Christmas Day next week, but it's unknown how many theaters will actually show the movie following threats against theaters. Expect the Guardians of Peace to release more data stolen from Sony, as they were reportedly able to steal 100 terabytes of information from Sony's networks.
The hacker group reportedly behind a major cyberattack against Sony Pictures Entertainment is getting what they want - as Sony tells theaters they don't need to show "The Interview" due to terror threats. The movie is scheduled for release on Christmas, Dec. 25, and it would appear some theaters have already said they won't show the controversial film.
Movie theaters that decide to still show the film plan to use additional security - even if there has been no credible evidence a plot is in place - with AMC, Cinemark, Regal and Carmike all suffering a drop in stock values because of the threat.
"Somebody is playing mind games with [Sony]," said Richard Clarke, cybersecurity expert and former White House counter-terrorism lead, in a statement published by Good Morning America. "I think North Korea has little or no capability to do any physical attacks, commando activity, or terrorism in the U.S. By saying it's coming, however, they hope to keep people from the theaters and, thereby, hurt Sony's revenue."
The "Guardians of Peace" hacker group threatened attacks against movie theaters that will show "The Interview," but the US Department of Homeland Security (DHS) hasn't found any credible threats. Police in Los Angeles and New York City said they are taking extra precautions due to the GOP statement.
"We are still analyzing the credibility of these statements, but at this time there is no credible intelligence to indicate an active plot against movie theaters within the United States," according to a DHS official.
If nothing else, the hacker group is causing further financial damage to Sony - as some movie theaters already promised to pull the movie.
Sony Pictures Entertainment is being sued by two former employees, being blamed for not doing enough to keep employee personal information safe. The lawsuit was filed in the U.S. District Court for the Central District of California, with the former employees seeking monetary damages and class-action status.
"Sony failed to secure its computer system, servers and databases, despite weaknesses that it has known about for years, because Sony made a business decision to accept the risk of losses associated with being hacked," according to the lawsuit.
Considering SPE was reportedly told that its network wasn't fully secure, it's not too shocking to hear they have been targeted by one lawsuit. Former employee Michael Corona worked for the company from 2004 to 2007, while Christina Mathis worked there from 2000 to 2002. Corona and Mathis both had their personal information compromised.
Millions of Internet users have changed their Internet behavior and are doing more to keep their own personal data secure from possible surveillance, according to a survey from the Center for International Governance Innovation (CIGI). The survey revealed 64 percent of respondents have increased privacy worries over just one year ago, as the NSA, GCHQ, and other organized surveillance programs target Web users.
Following former NSA contractor Edward Snowden's leaks, 39 percent have done more to increase their privacy protections.
"But it is absolutely extraordinary that 750 million people are disturbed enough about their online privacy that they will represent to a survey-taker that they did something about it," said Bruce Schneier, a security expert, in a statement published by BBC.
The ongoing drama for Sony Pictures Entertainment took a dark turn on Tuesday, with the hacker group responsible issuing a terrorist threat when 'The Interview' hits theaters. It would seem the threat is working, as some movie theater operators are considering pulling the movie.
"We will clearly show it to you at the very time and places 'The Interview' [will] be shown, including the premiere, how bitter fate those who seek fun in terror should be doomed to," the hackers said in a statement. "Soon all the world will see what an awful movie Sony Pictures Entertainment has made. The world will be full of fear. Remember the 11th of September 2001."
The group also recommended people stay away from theaters after the movie is released.
Google has blacklisted 11,000 domains because of a new malware campaign targeting compromised WordPress websites. It's possible that the SoakSoak campaign has hit more than 100,000 WordPress-powered websites, the Sucuri Web security company noted.
"The biggest issue is that the RevSlider plugin is a premium plugin, it's not something everyone can easily upgrade, and that in itself becomes a disaster for website owners," Sucuri noted in a blog post. "Some website owners don't even know they have it, as it's been packaged and bundled into their themes. We're currently remediating thousands of sites, and when engaging with our clients, many had no idea the plugin was even within their environment."
Sucuri has a free site scanner that will be able to determine if your WordPress website is compromised. If compromised, site operators must locate code added to wp-includes/template-loader.php and purge suspicious looking code.
Re-gifting is a common practice, especially during the Christmas holiday season, and opens consumers up to potential security problems, according to identity protection company Protect Your Bubble. Consumers need to be fully aware of potential risks when they give PCs, laptops, smartphones and tablets to a family member or friend - many users forget about email addresses and social networking sites they are auto-logged into, financial details available on the storage drive, and other personal information.
"Identity theft has received a lot of awareness in the news media over the last few years, especially around the holidays," said David Anderson, Protect Your Bubble Director of Product. "However, someone's digital and personal footprint can still be acquired any number of ways outside the cash register or Internet shopping cart."
At a time when data breaches and identity theft are continually in the headlines, remembering to disable apps, uninstall programs, and delete financial information is important.
Cybercriminals are compromising US consumers and business workers on a large scale, able to steal personal information and payment details in bulk. Home Depot was compromised and 56 million payment card numbers and 53 million email addresses were taken in a single breach alone, along with Target, Neiman Marcus, and a number of retailers also falling victim.
However, trying to make use of stolen information forces cybercriminals to act quickly - if 10,000 cards are compromised, only around 100 could cash out, with an estimated 10 cars actually working, according to Alex Holden, from Hold Security.
"Cybercriminals don't have enough resources to monetize stolen data in big volumes," said Andrew Komarov, IntelCrawler CEO, in a statement to PCWorld. "It really has a small margin, and it is pretty complicated to resell it in big amounts."