Tech content trusted by users in North America and around the world
6,418 Reviews & Articles | 42,804 News Posts
TRENDING NOW: NVIDIA acquires Valve, announces Half-Life 3 release for 2016

TweakTown News

Refine News by Category:

Hacking & Security Posts - Page 2

Slack rolling out two-factor authentication after data breach

The business communication platform Slack confirmed a data breach which left users vulnerable - with usernames, email addresses, passwords, phone numbers, Skype logins, and other information compromised.

 

slack-rolling-two-factor-authentication-data-breach_01

 

It's unknown if the cybercriminals actually decrypted any of the passwords, with no payment information accessed. "We are very aware that our service is essential to many teams," Slack said in a blog post. "We deeply regret this incident and apologize to you, and to everyone who relies on Slack, for the inconvenience."

 

Slack has added two-factor authentication today, and users will need to enter a verification code along with their traditional password. It's recommended all users begin using it immediately.

Continue reading 'Slack rolling out two-factor authentication after data breach' (full post)

North Korea denies hacking South Korean nuclear power company

Despite South Korea blaming North Korea for hacking its nuclear power operator, officials in Pyongyang have denied their involvement. In a data breach in late 2014, hackers were able to steal employee personal information, physical designs and manuals of the Korea Hydro and Nuclear Power Co.

 

north-korea-denies-hacking-south-korean-nuclear-power-plants_01

 

The Korean Central News Agency said Seoul fabricated evidence saying Internet protocol addresses were linked to the north - even though the recent data breaches were "believed to have been caused by an [unidentified] group of North Korean hackers."

 

North Korea is believed to have a budding cyberespionage program, with most of its efforts targeted at South Korean banks and other critical infrastructure.

US government wants companies to step up and fight cybercrime

The US government wants additional help from private sector companies in a growing effort to fight cyberattacks.

 

government-companies-step-up-fight-cybercrime_01

 

Financial institutions and healthcare firms face a significant threat, and there needs to be a better strategy to incorporate cybersecurity to keep employees and users safe. Cyberattacks are a global problem that can create legal headaches for businesses once they have been breached by cybercriminals.

 

"Each of us must recognize this risk is perhaps the most pressing operational risk of our time," said US Deputy Treasury Secretary Sarah Bloom Raskin, when speaking at the CityWeek conference in London. "We now need to develop consensus around ways to respond to this threat."

Continue reading 'US government wants companies to step up and fight cybercrime' (full post)

Millions of Google Android users at risk from vulnerability

The Google Android mobile operating system is vulnerable to a new flaw that allows criminals to hijack the Android Package File (APK) and replace it with apps the criminals choose. Hackers are able to quietly gain unlimited permissions, and trick users into possibly installing malware instead of a third-party app.

 

millions-google-android-users-risk-vulnerability_01

 

The Palo Alto Networks security firm posted details of the issue, which affects almost half of all current Android users - and can be used to steal user data, distribute malware, and compromise smartphones and tablets.

 

"This Android vulnerability means users who think they're accessing legitimate applications with approved permissions may instead be exposed to data theft and malware," said Ryan Olson, Intelligence Director of Palo Alto Networks' Unit 42 research wing. "We urge users to take advantage of the diagnostic application provided by Palo Alto Networks to check their devices, and we thank Google, Samsung and Amazon for their cooperation and attention."

Twitch was hacked and some user data may have been compromised

Twitch reportedly suffered a cyberattack and some user data may have been breached, and an investigation is currently underway.

 

twitch-hacked-user-data-compromised_01

 

The company sent an email to potentially affected users, though did say that debit and credit card payment information is safe. Twitch noted that usernames, passwords, email addresses, physical mailing addresses, phone numbers, and dates of birth could have been accessed in the incident.

 

"We are writing to let you know that there may have been unauthorized access to some Twitch user account information," the company confirmed on its blog. "For your protection, we have expired passwords and stream keys and have disconnected accounts from Twitter and YouTube. As a result, you will be prompted to create a new password the next time you attempt to log into your Twitch account."

More advanced ransomware attacks could pop up in 2015

Ransomware attacks, relying on custom malware able to encrypt files, continues to pose a significant threat to business users.

 

more-advanced-ransomware-attacks-pop-up-2015_01

 

New ransomware types are popping up, including Crypto Wall and Torrent Locker, being distributed via email spam, watering hole attacks, and malvertising. Due to the financial benefit of compromising victims, hackers are always on the lookout for new methods to infect victims.

 

"One researcher likens it to turning on the kitchen light and having the cockroaches scatter," said Andrew Conway, research analyst at Cloudmark, in a statement published by Baseline. "Now, instead of one ransomware package, there are three or four of them out there. Occasionally, there will be a bug on ransomware that will enable people to get their data back. But, if you don't have another copy of that data, pay the ransom if you need [the data]."

Healthcare breaches taking center stage in 2015, and could get worse

Hackers want to steal the personal information of US residents, and are finding healthcare companies especially vulnerable to attack. Both Anthem and Premera have suffered data breaches so far in 2015, and experts are concerned the problem will only get worse.

 

healthcare-breaches-taking-center-stage-2015-worse_01

 

Since 2009, more than 1,100 separate data breaches led to personal data of more than 120 million people to be stolen, according to the Department of Health and Human Services (HHS).

 

"We are certainly seeing a rise in the number of individuals affected by hacking/IT incidents," said Rachel Seeger, spokesperson for the HHS's Office for Civil Rights. "These incidents have the potential to affect very large numbers of health care consumers, as evidenced by the recent Anthem and Premera breaches."

Continue reading 'Healthcare breaches taking center stage in 2015, and could get worse' (full post)

Greatfire.org anti-censorship group in China suffers major DDoS attack

Greatfire.org, a Chinese non-profit group designed to help users circumvent the "Great Firewall of China," endured a distributed denial-of-service (DDoS) attack. The group is facing charges up to $30,000 per day for bandwidth from traffic related to the cyberattack, it says.

 

greatfire-org-anti-censorship-group-china-suffers-major-ddos_01

 

The group's website reported traffic 2,500 times higher than usual - and while it's unknown who is behind the attack - it wouldn't be surprising if the Chinese government was found to be responsible. Greatfire.org has received public criticism from China, which is notorious for strict control of access for its growing number of Internet users.

 

To help keep its services online, Greatfire.org has hosted websites on major tech companies, such as Amazon, which would receive far too much public criticism if they started censoring data.

Continue reading 'Greatfire.org anti-censorship group in China suffers major DDoS attack' (full post)

Chinese military rejects accusations it hacked Register.com

Web.com's Register.com was reportedly victimized by a coordinated cyberattack, and the Chinese military was reportedly responsible, according to a story published by the Financial Times. The hackers had access for around one year, though it doesn't appear client data was taken or there was a significant disruption to day-to-day activities.

 

chinese-military-rejects-accusations-hacked-register-com_01

 

However, Chinese officials deny being linked to the attack: "The relevant criticism that Chinese military participated in Internet hacking is to play the same old tune, and is totally baseless," according to a statement released to the Chinese Defense Ministry, submitted to Reuters.

 

The Chinese government has a sophisticated cyberattack program, and enjoys launching a number of cyberespionage campaigns against the United States and other western targets. Meanwhile, the Chinese government reports being a victim of international cyberattack, including many attacks that reportedly originate from the United States.

Target customers might have hard time collecting class-action payout

Target may have agreed to a $10 million class-action lawsuit settlement, but trying to actually collect payment could be rather difficult. Consumers trying to cash in will need to submit documentation of fraudulent losses, which can be rather hard to prove.

 

target-customers-hard-time-collecting-class-action-payout_01

 

Many fraudulent charges are caught by a bank or credit card company - and even if a charge isn't caught - the bank or credit card company typically takes care of fraud-based purchases.

 

"The law generally does not compensate consumers for their hassle," the USA Today learned. "In terms of being able to document that and say, I as a consumer have suffered legal damages, that's a very tough putt for a consumer."

Continue reading 'Target customers might have hard time collecting class-action payout' (full post)

Latest News Posts

View More News Posts

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases
Subscribe to our Newsletter
Or Scroll Up Or Down