TweakTown NewsRefine News by Category:
SplashData has published its list of the most common passwords used on the Internet, compiling data mainly from Internet users in North America and Western Europe. The top 10 worst passwords, per the SplashData list: 123456, password, 12345, 12345678, 1234, baseball, dragon, football.
Simple numerical passwords remain common, with nine of the top 25 passwords consisting of numbers only. However, passwords such as "iloveyou" have disappeared, which was prevalent on the 2013 list, has dropped from the top 25 list for 2014.
"The bad news from my research is that this year's most commonly used passwords are pretty consistent with prior years," said Mark Burnett, an online security expert. "The good news is that it appears that more people are moving away from using these passwords. In 2014, the top 25 passwords represented about 2.2 percent of passwords exposed. While still frightening, that's the lowest percentage of people using the most common passwords I have seen in recent studies."
Not surprisingly, President Barack Obama has sided with UK Prime Minister David Cameron's demand that computer companies provide a backdoor to governments, even of encrypted communications. The US government has relied on a mix of warrants, wiretaps and direct access from technology companies so they have access to phone calls, social media, and other communications.
Simply demanding access to encrypted communication isn't worthwhile, so Obama played to emotions with his justification: "If we find evidence of a terrorist plot... and despite having a phone number, despite having a social media address or email address, we can't penetrate that, that's a problem," Obama recently said.
Obama wants to ensure a way to keep data private from cybercriminals, but not from police authorities and federal investigators.
The FBI and other US government departments want to recruit cybersecurity specialists, while the private sector also is throwing big money at qualified job candidates. To help fill this jobs void, a growing number of universities are creating programs to develop the next wave of security specialists.
Cybersecurity jobs soared 74 percent from 2007 to 2013, and there are a number of appealing opportunities for candidates. With such fierce competition for the current crop of security specialists, universities are broadening security-themed offerings from one or two courses to minor and major programs, or certifications.
"The demand is very high. I've had students get into cyberspace companies with just one security class, never mind an entire major," said Kenneth Knapp, IT management professor at University of Tampa and head of its cybersecurity program. "With all of the high-profile breaches over this last year or so, more focus has been on security than I've ever seen, and I've been doing it since I was 21 years old in the Air Force."
Chinese cybercriminals stole data related to the B-2 stealth bomber, F-22 Raptor, a nuclear submarine, and Australia's new F-35 Lighting II aircraft, according to data taken by former NSA contractor Edward Snowden. The Australian government plans to purchase 58 F-35 fighter jets for $12 billion, which will bring its JSF fleet up to 72 total.
Using a mix of its own research and development, along with data stolen from western political rivals, China continues to develop its own Shenyang J-31 and Chengdu J-20 aircraft. The J-31 is the most advanced Chinese fighter jet, while the J-20 is the country's first effort to develop a stealth fighter.
The Chinese government has been accused on numerous occasions of running sophisticated cyberespionage attacks against the United States - and its key allies - to steal software code, hardware designs, and military technology.
It would appear the National Security Agency (NSA) is responsible for breaching North Korea's computer systems years ago, before North Korea's alleged role in attacking Sony Pictures. With help from select allies, the NSA targeted North Korea's links to the outside world, such as China and Malaysia.
US security officials installed malware so they were able to monitor the online movements of North Korea's Bureau 121 hackers - a group growing in sophistication - as cyberespionage becomes more popular.
When the FBI was so quick to conclude North Korea was responsible for attacking SPE in late 2014, the cybersecurity industry was skeptical. FBI Director James Comey previously said the hackers got sloppy and forgot to mask their IP addresses. "We could see that the IP [Internet protocol] addresses that were being used to post and to send the emails were coming from IPs that were exclusively used by the North Koreans."
Unknown cybercriminals breached the Lizard Squad's LizardStresser distributed denial of service (DDoS) service, which serves customers as an attack-for-hire tool. There are more than 14,000 registered users, with $11,000 collected via bitcoin to help pay for DDoS attacks against thousands of website URLs and IP addresses.
The Lizard Squad reportedly brought down Microsoft Xbox Live and Sony PlayStation Network (PSN) to promote its service.
Lizard Squad appears to have a number of younger members contributing to its cybercriminal operation, though several reported members have been arrested across the world. However, core members of the group still haven't been identified and arrested, so future cyberattacks are expected to continue against higher-profile targets.
Russian hacker Vladimir Drinkman faces a final extradition ruling later this month, where US officials hope he is transferred from a Dutch prison to the United States.
Drinkman and an alleged accomplice in the cybercriminal ring that stole millions of debit and credit card numbers, Dmitriy Smilianets, were arrested while on holiday in Amsterdam. They were part of a group that caused more than $300 million losses to companies, while selling cards for $10, $15, or $50 apiece.
"'Hacker' is an elastic notion," Drinkman told Bloomberg Businessweek. "Now every third person is called a hacker because he has technical skills, and not because he is actually using them."
Moneyhorse, the developer of the Glorious Leader! 2D video game featuring Kim Jong-un from North Korea, was hacked and its Kickstarter campaign page was deleted. The game title collected $16,816 of its hopeful $55,000 goal - not likely to reach the anticipated goal - with mistakes made during its Kickstarter campaign.
The game developer doesn't think the Guardians of Peace (GOP) hacker group played a role in the breach, but admitted it is reevaluating its decision to move forward with the title.
"The hackers destroyed data pertaining to Glorious Leader! And other projects we had in development and locked us out of our own computers and website," according to a Moneyhorse update. "The timing couldn't have been worse as it hampered our ability to attend to the Kickstarter project."
Malware threats continued to grow in 2014, and cybercriminals are working on developing new generations of mobile malware, according to Lookout Security. The company noted a whopping 75 percent jump in Android-based malware threats throughout the year, with criminals shifting focus from SMS scams to new ways to compromise users.
Cybercriminals have found ransomware, though harder to compromise victims, proves more valuable when it comes to return on investment (ROI). End users and business employees are desperate to regain access to compromised devices, so they are more likely to pay a ransom immediately.
Cybersecurity experts recommend mobile users install anti-virus and anti-malware software on their smartphones and tablets, along with being cautious when clicking links and installing apps from unknown sources.
"It could be used for legitimate reasons, right?" was the first thought that went through my head when looking at this website - well that's apparently not the case. If you're looking to seek revenge or hold a grudge and have money to spend - Hackers List will enable you to list up your task and a price - helping you search for the most suitable hacker for your needs.
As described by the New York Times, there are potential clients on here including a Sweedish man offering up $2,000 for someone to hack into his landlord's website and even a lady from California ready to pony up $500 for someone to gain access to his Facebook and Gmail accounts - talk about a healthy relationship!
With over 500 jobs currently listed, everything is completed completely anonymously, with the website working as the 'middle man' when it comes to jobs, correspondence and payment.