TweakTown NewsRefine News by Category:
The UK government must do more to help educate consumers about cybercriminal behavior, as political leaders haven't carried out much mainstream messaging, according to security firm Kaspersky Lab. Many national governments are struggling with their own security efforts to defend against cybersecurity, so it might be difficult to try to promote initiatives to the public.
"I'd like to see the government doing more to get the message out to mainstream citizens and individuals because that's the bone in which the industry is growing; the individuals with ideas," said David Emmm, Kaspersky security researcher, during a recent tech roundtable. "If you look at it, the recent Cyber Street Wise campaign aside, I don't think the government is doing very much in terms of mainstream messaging and I would certainly like to see it do more."
The UK government is on a long list of western nations struggling to improve cybersecurity so attacks can be better defended against. The Cyber Street Wise marketing campaign helped drive interest in larger cities, but wasn't well received by many UK residents located in smaller towns.
During its annual QuakeCon LAN party and PC video game convention, id Software and Bethesda Software unveiled the newest Doom video game to attendees. Instead of calling the title Doom 4, however, developers decided to just call it Doom - and it will be available for the PC, Microsoft Xbox One, and Sony PlayStation 4 game consoles.
It has been more than 10 years since the release of Doom 3, and while gamers long expected a fourth title, no one held their breath. The title runs using the id Tech 6 game engine and can run 1080p with 60 fps, described as an "origin game." It appears to be an old school shooter and while it will be graphically pretty, looks like the id team decided to go back to its development roots.
The demonstrations during QuakeCon revealed large weapons with major ass-kicking power, and a load of monsters, both big and small, promising to be a rather enjoyable experience.
One in 10 of all attacks stopped by security company Kaspersky Lab's software are phishing attacks from Facebook accounts, as cybercriminals continue to target the No. 1 social networking website. Despite a drop from 22 percent of all user blocks in 2013 - with the number currently at 11 percent - it is still the second most likely attack source, behind Yahoo.
Many of the phishing messages originate from fake accounts created by cybercriminals, in an effort to compromise as many users as possible. The use of social engineering and phishing tactics to compromise users remains a popular method by cybercriminals - as many people aren't vigilant when clicking links shared by email, social media, or instant messaging.
"Fraudsters often lur their victims by promising them interesting content," said Nadezhda Demidova, Kaspersky Lab Web content analyst. "When users follow the link provided, they land on a fake login page that contains a standard message asking them to log in before viewing the page. If users don't become suspicious and enter their credentials, their data will immediately be dispatched to cybercriminals."
The United States and British governments were left angry and embarrassed after former NSA contractor Edward Snowden revealed mass surveillance programs aimed at citizens and foreign nationals. However, there are other governments accused of "rubber-stamping" mass surveillance programs, according to the UN human rights watchdog.
The constant stream of new revelations shows how disturbingly little we really know about the precise nature of surveillance," said Navi Pillay, UN High Commissioner for Human Rights. Pillay also said Snowden should be appreciated for his decision to publish details regarding NSA and GCHQ spying behaviors.
Although many users are upset with government spying, with Pilay's office saying it's "neither necessary nor proportionate," it's a common practice with communications taking place over mobile phones and via the Internet. The more information that is collected, however, the more governments need to try to justify the behavior - and to limit it to avoid too much personal intrusion.
Former NSA contractor Edward Snowden has revealed widespread spying and surveillance, but there has been a large amount of other revelations made by the American. Snowden recently said it's not uncommon for NSA workers to share "intimate nude photos of someone in a sexually compromising situation," including intercepted sexts sent among phone users.
"You've got enlisted guys 18-22 years old," Snowden said. They've suddenly been thrust into a position of extraordinary responsibility where they now have access to all your private records. During the course of their work, they stumble across something that is completely unrelated to their work in any sort of necessary sense, for example, an intimate nude photo of someone in a sexually compromising situation. But they're extremely attractive. So what do they do? They turn around in their char and show a coworker who says, 'Hey that's great. Send that to Bill down the way.' Then Bill sends it to George, who sends it to Tom."
An NSA official didn't deny the activities occurs, but said the organization "has zero tolerance for willful violations" of professional conduct and would address "credible allegations of misconduct." If true, it's not necessarily surprising to hear that this type of behavior happens, though certainly is inappropriate.
The highest ranking official of the United Nations humans rights department says former NSA contractor Edward Snowden should be celebrated and not hunted. The U.S. and British governments relying on mass surveillance is a "dangerous habit" with very little oversight, even following Snowden's whistleblowing activities.
Snowden is facing espionage charges in the United States, accused of theft of government property, wilful communication of classified communications and unauthorized communication of national defese information. If Snowden did return to the United States, he noted he's not necessarily afraid of a possible trip to Guantanamo Bay - but wants to face a jury trial - something that the federal government probably wouldn't agree to.
"Those who disclose human rights violations should be protected: we need them," said Navi Pillay, UN high commissioner for human rights, during a recent press conference. "I see some of it here in the case of Snowden, because his revelations go to the core of what we are saying about the need for transparency, the need for consultation. We owe a great deal to him for revealing this kind of information."
Hackers were enjoying the 2014 World Cup from Brazil, with cybercriminal activity dropping during the Germany-Argentina championship match, according to security company Imperva. Web attacks were higher during the quarterfinal and semifinal matches, however, but that traffic dropped during the finals.
Cybercriminals exploited security researchers distracted during the World Cup to launch attacks in an effort to compromise networks while no one was looking. Since the finals were on Sunday, that could have also led to a drop in hacker activity.
"We were surprised," noted Barry Shteiman, Imperva director of security strategy. "We thought that the attacks would be the same or even during the final. With a lot of attacks over the past few years... attackers [take advantage] of everyone turning from security operations to watching the game instead of the incoming attacks. They're not focused..."
Former NSA contractor Edward Snowden wants professionals to utilize data protection and encryption to communicate, and is reportedly working on some type of "encryption tools" to help protect sources. Remaining in Russia, with his asylum status extended, it's mainly unknown what the American has been doing with his spare time.
Snowden also is working on funding for the project, which will be used to keep communications between journalists and their anonymous sources secure from government spying.
"Journalists have to be particularly conscious about any sort of network signaling, any sort of connection, any sort of license-plate reading device that they pass on their way to a meeting point, any place they use their credit card, any place they take their phone, any email contact they have with the source because that very first contact, before encrypted communications are established, is enough to give it all away," Snowden recently said in an interview.
Suspected Russian hackers successfully breached NASDAQ in 2010, with malware reaching the company's servers. The FBI first noticed unusual network traffic originating from NASDAQ's systems in 2010, and the code was well written and designed to launch attacks.
Not surprisingly, Russian Embassy spokesperson Yevgeniy Khorishko said putting blame on Russia is "pure nonsense" and that the topic "is not even worth commenting on," though that is a typical response when Russia is blamed for cyberespionage efforts.
"We've seen a nation-state gain access to at least one of our stock exchanges, I'll put it that way, and it's not crystal clear what their final objective is," said Rep. Mike Rogers (R-MI), in a statement. "The bad news of that equation is, I'm not sure you will really know until that final trigger is pulled. And you never want to get to that."
Compromised Japanese pornography websites are being used to share the Win32/Aibatook banking Trojan, designed to steal banking credential information and hosting provider account credentials. The Trojan monitors where users are going inside of Web browsers, redirects Web pages, and tracking data that is inputted into online forms, according to ESET researchers.
Despite the Trojan being identified late last year, cybercriminals updated it a few months ago to target Japanese banks and other companies. Microsoft Internet Explorer remains the most popular Web browser in Japan - and despite great security improvements than previous versions - vulnerabilities are still being found and exploited.
"The exploitation success ratio is probably high enough for the Aibatook's operators," said Joan Calvet, ESET malware researcher, in a statement to SCMagazine. "Using a more powerful exploit pack and targeting other Web browsers would be the next logical step for the operators in order to increase the number of potential victims."