TweakTown NewsRefine News by Category:
Accused Russian hacker Evgeniy Bogachev, known as "lucky12345" and "slavik," has been accused of committing cybercrimes that led to more than $100 million in fraud. Leading a group of cybercriminals, Bogachev helped infect thousands of computers with malware, compromising users by stealing usernames and passwords.
Most of the hackers involved are from the United Kingdom, Russia and the Ukraine, according to U.S. federal investigators.
The U.S. government is increasingly going after cybercriminals, though struggle to try to prevent these types of breaches - and can only respond once hacking and theft has already occurred. Still on the run, the Russian is charged with conspiracy, bank, wire and computer fraud, and money laundering, with one victim, Haysite Reinforced Plastics of Eric named. Bogachev reportedly stole $824,000 from the company's accounts in just one day.
Despite the country's efforts, Sweden has often been considered an unofficial home to file sharing thanks in part to the Pirate Bay, one of the most notorious indexing services. But now Sweden's youth are actually sharing files less than ever before.
According to a report from the Cybernorms group at Sweden's Lund University, a survey of roughly 4,000 Swedes suggested the number of active sharers decreased over the last couple of years - down from 32.8 percent in 2012 to 29 percent in 2014.
There was a steady increase of online sharing in the 15-24 year-old age bracket, but now it looks like more are flocking to legal alternatives.
Cybercriminals still rely on email, social media, and video to help successfully deliver attacks to compromise users, though can be used as stepping stones for multi-phased attacks, according to networking company Palo Alto Networks. Of the applications observed by Palo Alto Networks, 34 percent can use SSL encryption - but IT administrators often are unaware which applications are using unpatched versions of OpenSSL - leading to possible security threats.
To counter these types of threats, administrators should try to control unknown traffic, with smaller networks typically seeing up to 10 percent of unknown traffic on their networks. Identifying and selecting decryption with additional enablement policies can also help keep customers secure.
"Our research shows an inextricable link between commonly-used enterprise applications and cyber threats," said Matt Kell, Palo Alto Netowrks senior research analyst, in a statement. "Most significant network breaches start with an application such as e-mail delivering an exploit. Then, once in the network, attackers use other applications or services to continue their malicious activity - in essence, hiding in plain sight. Knowing how cybercriminals exploit applications will help enterprises make more informed decisions when it comes to protecting their organizations from attacks."
Security company Webroot and audio maker Plantronics have teamed up to bundle the Webroot SecureAnywhere AntiVirus for PC Gamers with the Plantronics GameCom 788 gaming headset. The Webroot cloud-based security software uses less than 4MB of RAM and should be able to quickly scan a PC in less than two minutes, which won't interfere with gameplay.
A free 14-day trial of Webroot SecureAnywhere AntiVirus bundled with the GameCon 788 headset with Dolby 7.1 surround sound is available, in an effort to win over gamers to the benefit of the cloud-based solution.
"Plantronics is committed to providing gamers with an immersive online experience," said Dorothy Ferguson, Plantronics Gaming director of marketing, in a press statement. "Precision audio and the ability to communicate with teammates is key. Where Plantronics GameCom 788 with Dolby 7.1 surround eliminates sound lag when it counts most, Webroot SecureAnywhere AntiVirus enhances security without jeopardizing player performance."
Many Americans don't agree with former NSA contractor Edward Snowden taking government documents, fleeing overseas, and releasing the information to the media. Many users on social media have voiced support for Snowden, though others said he could have found legal ways to release the information.
Not surprisingly, younger Americans have a favorable opinion of Snowden, though older survey respondents tend to disapprove of his actions. Following the RSA conference early in the year, just 48 percent of attendees surveyed think the U.S. security agency overstepped its boundaries.
"I have no relationship with the Russian government at all," Snowden recently said. "I'm not supported by the Russian government."
American film director Oliver Stone will make a movie based on former NSA contractor Edward Snowden, as he journeyed from American spy turned whistleblower.
"This is one of the greatest stories of our time," Stone said in a statement. "A real challenge. I'm glad to have the Guardian working with us."
Choosing Stone to direct the movie is a rather interesting choice, as the 67-year-old is known for being rather unique with the way he uses the truth. However, he's a vocal supporter of Julian WikiLeaks founder Julian Assange, so it will be interesting to see how he directs the movie - and what type of political slant he uses while filming.
Britain's National Crime Agency has taken the unusual step of posting an "urgent alert" for UK netizens - claiming they have "two weeks" to protect against an impending surge of botnet activity, by way of the GoZeuS and Cryptolocker malware.
Through Get Safe Online - the official British web safety group - the organization warned in conjunction with American authorities that this upcoming onslaught is part of "one of the largest industry and law enforcement collaborations attempted to date".
It's thought that pretty much everyone running any kind of Windows OS is at risk. According to the NCA, GoZeuS - AKA Gameover ZeuS - has already pocketed hundreds of millions the world over. What's next is a massive worldwide lockdown using CryptoLocker as ransomware. In fact, according to a recent study, as many as 40 percent of those hit by the ransomware pay the fee.
Despite all the doomsday sooth-saying, there's not quite reason to panic just yet. And actually, these kind of widely pervasive threats can be a boon for IT security - as they provide the rare incentive for backing up important files and keeping antivirus software up to date - which is basically a good habit to get into anyway, at a minimum.
Major websites such as Reddit, Imgur and DuckDuckGo are to take part in the June 5 "Reset The Net" anti-NSA spying online campaign.
They have pledged their support for the day, backed by household-name nonprofits like Amnesty International and Greenpeace, and look like they will promote the effort by offering a splash screen and a push notification that sends users towards a mobile privacy pack. Website owners are being encouraged to begin folding encryption such as SSL, HSTS and PFS into their websites, with a view to making collecting user data more difficult.
The underlying message of the campaign, as described on the official website, is not to "ask for your privacy" but to "take it back".
Lawmakers have struggled to try to keep up with technology, and recent waves of cybersecurity data breaches are difficult to defend against. Companies are losing employee and customer data, while consumers are seeing an increase in credit and debit card theft, loss of personal information, and potential headaches from identity fraud.
The massive Target breach that opened 70 million customers to potential identity theft drew a large amount of media attention. A number of smaller breaches followed over the next few months, and then the recent eBay breach grabbed international headlines last month. Following eBay's disclosure of a major breach, several state investigations have been launched - and the auction house company now faces additional scrutiny from a growing number of European governments.
Unfortunately, companies are struggling to try to keep data secure, and there aren't many regulations that force companies to keep data secure. However, there are growing numbers of people that want to see financial - and possible criminal penalties - in place to keep data breaches under control.
Cyberattacks focus on critical infrastructure such as public utilities, with many companies struggling to keep defenses updated. However, a recent industry analysis noted that major electric utilities received a 751 on a 250 to 900 scale, trailing only behind the financial industry which scored a 782, according to analysis from BitSight Technologies. Investor-controlled utility companies have been able to develop sophisticated security practices to keep their infrastructure better secure from cyber breaches.
"Large investor owned utilities have fairly sophisticated security practices," said Ave Dalva, VP of security science at Stroz Friedberg, in a statement. "Like large financial institutions, they have significant security budgets and cyber risk has executive level visibility."
Public utility companies have largely struggled to maintain cybersecurity efforts - and despite the high score - will have to keep on their toes, as hackers will still focus on attacking public utilities. Fortune 500 companies are scrambling to try to improve security, and paying large salaries and added perks to hire executive-level cybersecurity experts.