TweakTown NewsRefine News by Category:
The Chinese government believes U.S. officials intentionally fabricated evidence and riled up other Asian governments in an effort to "stir up trouble" over an island land dispute. Earlier this month, the U.S. Department of Justice filed charges against five Chinese Army officers, accusing them of cyberespionage charges.
The current relationship between the United States and China continues to be turbulent, with both countries slinging cyber accusations at one another. The U.S. is investigating "retaliatory options" against Chinese cybercrime, though U.S. spies are now targeting Chinese politicians, businesses, and mobile users.
"In the field of Internet technology and infrastructure, the U.S. is blessed with an advantage, so fabricating some so-called 'evidence' is certainly no hardship," according to a post on the Chinese defense ministry.
America First Credit Union bank employees noticed suspicious activity on customer debit cards, with 20,000 members affected in the security breach. The breach was discovered after each affected card had up to three suspicious transactions on each card, which was an immediate red flag.
It appears customers had their debit card information stolen with a skimming device, though the compromised retailer wasn't named. However, one victim said the information likely was taken sometime between October 2013 and February 2014 - and victims won't likely know until credit card company Visa launches an investigation.
"There were multiple occurrences," noted Rex Rollo, America First executive VP and chief financial officer. "We were on the early end of this one."
As the situation grew more tense in the Ukraine and Russia over the annexing of Crimea, so did malicious activity between the two states in cyberspace.
According to a new report from security company FireEye, by looking at malware "callbacks" - where communications from compromised machines go back to the attacker's first stage server- increased dramatically over the period. Although the reasons cannot be known for sure, FireEye says it sees a "likely correlation" between the number of callbacks to Russia and Ukraine and the intensification of the crisis.
For 2013, Russia was seventh place in the amount of malware callbacks but in March 2014 it jumped to third place - at the same time its parliament authorized the use of force in Ukraine and Putin incorporated Crimea into the Russian Federation.
We have mentioned this week that a rash of hacking attacks against Apple devices like the iPhone, iPad, and Mac computers have been reported. Users of these devices are being hacked and their devices are being locked, as you would do if your device was lost or stolen. Apple has said that no breach of iCloud has occurred along with these attacks and suggested that people change their passwords and usernames.
The hacks up to this point have been in Australia. That has changed with hacks no spreading to users and devices in New Zealand. People who are victims of the hacks in NZ are getting a message with demands to pay the hacker to have their devices unlocked.
Iranian-backed hackers have continued a three-year cyberespionage campaign focused against U.S. officials, in an effort to steal data and learn more about political issues, according to iSight Partners. In addition to the United States, these Iranian cyberattackers also targeted the U.K., Syria, Iraq and Saudi Arabia, using social engineering to compromise users.
Security experts have noticed Iran focusing more on cyberattacks, especially trying to target infrastructure and military institutions. In this attack, hackers use social media and pose as U.S.-based media to trick users into providing personal data, according to the study.
"It is such a complex and broad-reaching, long-term espionage campaign for the Iranians," noted Tiffany Jones, iSight Senior VP, in a statement. "What they lack in technical sophistication, they make up in creativity and persistence."
U.S. Secretary of State John Kerry is no fan of former NSA contractor Edward Snowden, and had harsh words for the American currently holed up in Russia. In response to Snowden's recent interview with NBC News anchor Brian Williams, Kerry invited Snowden to return to the United States.
"Edward Snowden is a coward," Kerry told MSNBC. "He's a traitor. And he has betrayed his country. And if he wants to come home tomorrow to face the music, he can do so."
Kerry also said that Snowden's disclosures have hurt U.S. national security and allowed terror groups to change their behaviors. It's a rather bizarre strategy aimed at antagonizing Snowden, though it's unlikely he'd return to the United States, especially with the current administration still in office.
Former NSA contractor Edward Snowden says he was trained as a spy and worked for the NSA, Central Intelligence Agency (CIA), and Defense Intelligence Agency during his tenure as a government computer specialist. Snowden is currently stranded in Russia, despite his desire to try and fly to South America, before his passport was revoked.
Meanwhile, Snowden's name continues to appear regularly in the headlines, and he remains a polarizing figure. U.S. politicians still want Snowden to answer for his actions - and while he could be working for the Russian FSB - it's doubtful he'll return to the United States anytime soon.
"I was trained as a spy in sort of the traditional sense of the word - in that I lived and worked undercover, overseas, pretending to work in a job that I'm not - and even being assigned a name that was not mine," Snowden said in a recent interview. "Now, the government might deny these things. They might frame it in certain ways, and say, oh, well, you know, he's a low-level analyst."
The increasing number of connected devices accessing the Internet has revealed enterprise security holes that companies are struggling to solve, according to Internet security company BlueCat Networks. As shown by recent point-of-sale (POS) attacks targeting retailers, the number of security issues that security experts must deal with continues to increase at a rapid pace.
Sophisticated malware often circumvents traditional defense-in-depth, with many anti-virus software solutions unable to defend against malware attacks. As more devices continue to connect to the Internet, it will be even more important to improve network security.
"The explosion of network-connected devices is exposing businesses to new security threats and risks," said Andrew Wertkin, BlueCat CTO, in a statement. "Not only do our customers need to secure traditional devices such as a desktops, laptops, smartphones and tablets, but also non-traditional devices including VoIP, Point-of-Sale systems, security cameras and RFID. The Domain Name System is a critical component of any defense in-depth security strategy."
A recent survey found that nearly one in four security specialists admit that their companies don't update process passwords within 90 days, despite regulations recommending the practice, according to the Lieberman Software survey conducted during RSA Conference 2014.
In addition, 13 percent of survey respondents say they are able to access company data at previous employers. To make matters worse, 20 percent admit that their companies either don't have a rule in place - or don't enforce it - for outgoing employees and contractors to be locked out of the computer network.
"Investments in security for technology, people and processes have been meager, at best, in most organizations for many years," said Philip Lieberman, Lieberman Software CEO, in a statement to SCMagazine.
Hackers are succeeding with their cybercriminal behavior, according to the 12th edition of an annual survey asking U.S. companies, law enforcement, and federal government branches of their cyber experiences. The CSO security magazine, U.S. Secret Service, PwC consulting firm, and Carnegie Mellon University Software Engineering and Institute helped co-sponsor the survey.
A whopping three out of four survey participants said they've noticed at least one breach in the past 12 months, with 135 security issues per company.
"Despite substantial investments in cybersecurity technologies, cyber criminals continue to find ways to circumvent these technologies in order to obtain sensitive information that they can monetize," said Ed Lowery, U.S. Secret Service criminal investigative division lead, in a statement.