TweakTown NewsRefine News by Category:
Cybercriminals are targeting ATMs in Russia and Eastern Europe with the Tyupkin malware, compromising the cash dispensing machines. More than 50 ATMs were running with the malware, but it has spread to the United States, France, India, China, Israel and Malaysia.
The ATMs need to be physically accessed by the criminals, with a bootable CD containing the malware deployed - with those responsible infecting the ATMs on Sunday and Monday nights, ensuring their faces are covered.
"The Tyupkin malware is an example of the attackers taking advantage of weaknesses in the ATM infrastructure," said Vicente Diaz, Kaspersky Lab Global Research and Analysis Team principal researcher. "We strongly advise banks to review the physical security of their ATMs and network infrastructure and consider investing in quality security solutions."
Reports from the Chinese state media indicate the Chinese military plans to further improve its cybersecurity efforts, while also putting an emphasis on domestic software development. There is concern that the Internet and current cybersecurity is dominated by Western countries, and not enough is being done in China to promote development.
Major Chinese universities have highly educated students, and they will be called upon to help develop domestic software.
"Information security must be considered an underlying project in military battle preparedness," said the People's Liberation Army Daily. "We will strongly advance the domestic and independent building of programs, and strengthen the foundations of our information security."
Millions of network-connected electricity meters used in Spain are susceptible to cyberattack by hackers, according to security researchers. The vulnerabilities could lead to electricity being terminated - or billing fraud - if hackers are able to access the smart meters.
The Spanish government has relied on these electricity meters to improve national energy efficiency, but didn't put a large enough emphasis on security efforts. The memory chips in the smart meters are reprogrammable and include flawed code, though the researchers won't outline what they did specifically until the problems are fixed.
"Oh wait? We can do this? We were really scared," said Javier Vazquez Vidal, a security expert involved in the smart meter research. "We started thinking about the impact this could have. What happens if someone wants to attack an entire country?"
Actress Jennifer Lawrence is still extremely upset about the celebrity hacking scandal in which pictures of multiple actresses were leaked online. Lawrence recently told Vanity Fair that the cybercriminal activity, which targeted Apple iCloud accounts, is a "sex crime."
"It is not a scandal. It is a sex crime. It is a sexual violation. It's disgusting. The law needs to be changed, and we need to change. That's why these websites are responsible."
The stolen photos were posted on Reddit and 4chan, and quickly went viral among other websites. Poor judgment aside, that still doesn't necessarily mean celebrities deserved to have their personal photos stolen - but is yet another warning to regular users to be careful about where these types of photos or videos are stored.
The Chinese government is on the top of the list of foreign groups targeting the United States with cyberattacks, according to a recent statement issued by FBI director James Comey. Cyber espionage allows Chinese companies to copy and steal technologies so they do not need to innovate themselves, as the number of daily cyberattacks only increases.
"Well, I don't want to give you a complete list," Comey recently said in his interview with CBS News. "But I can tell you the top of the list is the Chinese. As we have demonstrated with the charges brought earlier this year against five members of the People's Liberation Army. They are extremely aggressive and widespread in their efforts to break into American systems to steal information that would benefit their industry."
It's not a surprise that China is a top threat that the U.S. government is watching - but is a strong signal that after years of burying their heads in the sand, officials understand they must improve critical infrastructure to reduce data breaches from state-sponsored cybercriminals.
Children and teenagers are a bit more naïve and lackadaisical when handing out information online, which could pose a risk, according to former head of the British MI6 intelligence agency. The technology world is changing at a rapid pace and the environment has caught some parents off-guard in keeping their children protected, according to Sir John Scarlett.
Sir John is most concerned of tracking technology and devices, with teenagers susceptible of apps and online conversations potentially giving up their location - and other personal information.
"You've got to know what your children are doing," Scarlett recently noted. "It's very difficult to know exactly what they're doing in particular when they're on a tablet or something they've got and you've got to have some kind of idea. They are extremely vulnerable, everybody is, to a whole range of things. Clearly when they're young children they're particularly vulnerable to predators."
Russian president Vladimir Putin will not restrict Russian Internet access following an increase in cyberattacks against the country. Following a rise in organized cyberattacks - which began after the Russia-Ukraine crisis - privacy and free speech experts were concerned Moscow would tighten Internet use in Russia.
"We do not intend to limit access to the Internet, to put it under total control, to nationalize the Internet," Putin recently said in front of a Security Council meeting. "We are not even considering this. Media freedoms, the right of people to receive and disseminate information - these are basic principles of any democratic state and society. They must be strictly adhered to."
Security Council secretary general Nikolai Patrushev said the Russian infrastructure has encountered 57 million cyberattacks during the first six months of 2014 - with many blamed on foreign governments and anti-Russian government extremists.
The U.S. Justice Department announced four accused members of the "Xbox Underground" hacker group have been charged for their roles in launching attacks against the U.S. military, Microsoft, and other game studios.
Two of the members, Sanadodeh Nesheiwat, 28, and David Pokora, 22, have pleaded guilty to one count of conspiracy to commit computer fraud and copyright infringement. They both face up to five years in prison when they are sentenced in early 2015.
As part of the 18-count indictment that was recently unsealed, Nathan Leroux, 20, and Austin Alcala, 18, also contributed to the hacking activities - which included stealing more than $100 million of software and data related to military pilot training and Xbox gaming information. Xbox Underground also took pre-release copies of Call of Duty: Modern Warfare 3 and Gears of War 3 as part of their criminal activities.
Supermarket chain Supervalu and Albertsons confirmed it was hit in yet another data breach this year, with customer data at risk all over again. This most recent attack took place sometime in late August or early September, with the malware installed to target payment card transactions at retail grocery stores.
"We care greatly about our customers, and the safety of their personal information will continue to be a top priority for us," said Sam Duncan, SuperValu CEO and President, in a press statement. "We've taken measures to install enhanced protective technology that we believe significantly limited the ability of this malware to capture payment card data and we will continue to make these investments going forward."
Evolving point-of-sale (POS) malware is proving difficult for retailers to defend against, as significant data breaches continue to rack up. Some cybersecurity previously warned retailers that aren't quick to make changes could be the victim of follow-up attacks, as cybercriminal groups are aware they are susceptible to attack.
The little-known Lizard Squad hacker group recently disrupted online servers of Destiny and Call of Duty: Ghosts, as the group continues to rack up victims. This is more troubling for Destiny, one of the most anticipated game launches of the year, as it was only released on Sept. 9 and has a large following. Lizard Squad has been relatively dormant the past few weeks, staying out of the headlines as it prepared distributed denial-of-service (DDoS) attacks against Destiny and CoD: Ghosts servers.
Following its initial introduction to the world, the group received a large amount of criticism from gamers, game industry officials, and fellow hackers. After the group issued a fake bomb threat against an American Airlines flight carrying a Sony executive, many wondered how much longer the group would be able to operate.