Tech content trusted by users in North America and around the world
6,585 Reviews & Articles | 44,660 News Posts

TweakTown News

Refine News by Category:

Hacking & Security Posts - Page 3

Foreign breach of US data exposes 4 million employees

Authorities believe that a breach in US government data was thanks to a "foreign entity" and the Federal Bureau of Investigation has launched a full inquiry into who exactly stole the data on approximately four million workers.

 

foreign-breach-data-exposes-4-million-employees_044

 

This hacking spree took place through the US's Office for Personnel Management (OPM) and began in April 2015, with The Department of Homeland Security concluding that this attack had finished by the beginning of May - announcing the data as compromised.

 

Despite the implementation of EINSTEIN, private information on four million employees was stolen directly from the human resource systems, affecting OPM IT systems as a whole.

Continue reading 'Foreign breach of US data exposes 4 million employees' (full post)

SmartHome aims to keep you safe through technology by ASUS

Computex 2015 - Adding something a little different to the Computex 2015 trade show is the ASUS series of SmartHome devices, designed to keep yourself and your technology safe at home.

 

smarthome-aims-keep-safe-through-technology-asus_065

 

Also winning a BC award as per the ASUS ROG GR6 mini gaming PC, these products are coupled with the tagline "Smart, Simple, Secure" and are aimed at everyone from the general consumer to the complete computer mastermind.

 

Pictured is the black circle-like object named the ASUS Smart Home Gateway, this sets out to let you control your home through one simple app installed on a smartphone or tablet and can work with third-party products - meaning you aren't locked into ASUS branded components only.

Continue reading 'SmartHome aims to keep you safe through technology by ASUS' (full post)

GCHQ says it doesn't have enough manpower to spy on everyone

The NSA and GCHQ continue to face significant backlash of their widespread surveillance activities, largely due to Edward Snowden's spying disclosures. However, the UK intelligence agency is defending itself by saying it couldn't spy on all its citizens in an unlawful manner, even if it actually wanted to.

 

gchq-enough-manpower-spy-everyone_01

 

"One of the things that has almost flippantly been said in our defense is that even if we wanted to do such things we don't have enough people to engage in such unlawful mass intrusion," said Ciaran Martin, director general of cybersecurity for the GCHQ, while speaking at the InfoSecurity conference.

 

The GCHQ has conducted mass collection of user data inside the UK, which was disclosed by Snowden a couple of years ago. Not surprisingly, there has been increased debate - both in the US and UK - regarding the effectiveness of these programs.

Continue reading 'GCHQ says it doesn't have enough manpower to spy on everyone' (full post)

Researchers: Identifying Tor users isn't as hard as many think

Independent researcher George Tankersley and CloudFlare security team member Filippo Valsorda again showed how Tor users are not as secure as they wish.

 

researchers-identifying-tor-users-hard-many-think_01

 

Speaking during the Hack in the Box conference in Amsterdam, the researchers said motivated users can subvert anonymous access to the service. Hackers can identify the original location of users by operating rogue HSDir (hidden service directory) nodes that are required - with two sets of three needed to connect to the hidden service - with four days of operation to be marked as a "trusted" HSDir node.

 

A malicious HSDir instead of an exit node can be used in the process, making it easy to attack hidden service users.

Continue reading 'Researchers: Identifying Tor users isn't as hard as many think' (full post)

'Five Eyes' wanted to corrupt Google Play for snooping purposes

The United States and the rest of the "Five Eyes" group, which also includes the UK, Australia, Canada and New Zealand, aimed to infect apps available in the Google Play store with spyware.

 

five-eyes-wanted-corrupt-google-play-snooping-purposes_01

 

Even though the US and UK are well known for spying on their own citizens, among foreign nationals, it looks like this spying campaign was designed to target non-US residents. The effort reportedly began in late 2011 with an effort to infect the Alibaba-owned UC Browser, which runs on Google Android, Apple iOS, Microsoft Windows Phone, Symbian, Java ME, and BlackBerry.

 

The idea that Five Eyes wanted to spy on users isn't overly surprising, but possible ramifications don't leave users at ease.

Continue reading ''Five Eyes' wanted to corrupt Google Play for snooping purposes' (full post)

The Woz described Edward Snowden as 'a hero to me'

Apple co-founder Steve Wozniak described former NSA contractor Edward Snowden as "a hero," as he "gave up his own life... to help the rest of us." Wozniak previously met with Snowden in Moscow sometime in 2014, though it's unknown what the two men discussed.

 

woz-described-edward-snowden-a-hero-me_02

 

"Total here to me; total hero," Wozniak recently said in an interview with ArabianBusiness. "Not necessarily [for] what he exposed, but the fact that he internally came form his own heart, his own belief in the United States Constitution, what democracy and freedom was about. And now a federal judge has said that NSA data collection was unconstitutional."

 

The Woz obviously is a great fan of technology, but has admitted early innovators "didn't realize that in the digital world there were a lot of ways to use the digital technology to control us." That interview was published by CNN in 2013, before Snowden unveiled a widespread NSA surveillance program.

Continue reading 'The Woz described Edward Snowden as 'a hero to me'' (full post)

IRS still using Windows XP, and has more than 300 cybersecurity staff

The IRS recently suffered a data breach that left thousands of Americans at risk, and more attention is now focused on government mismanaged. Utilizing a $10.9 billion budget, either the agency is greatly mismanaged and/or the IRS just isn't ready to try to protect taxpayer information.

 

irs-still-windows-xp-more-300-cybersecurity-staff_01

 

There seems to be a lot of problems with the IRS, and that has certainly trickled down to its cybersecurity protocols. The agency still uses Microsoft Windows XP - and while the IRS originally paid Microsoft for support - that support has ended. To make matters worse, some fraud identification software is almost 20 years old.

 

The IRS previously had 410 cybersecurity team personnel, but that has been slashed down to 363 workers. The idea that IRS personnel are unable to keep up with identity theft is a huge problem, especially as cybercriminals get cleverer.

Apple scrambles to release fix for widespread iMessage glitch

It didn't take long for Apple to provide a temporary fix for a bug that allows users to crash an iPhone, iPad or Apple Watch via text message. The company was reportedly working on a fix anyway, but had to speed things up when users started sharing details about the problem on YouTube and social media outlets.

 

apple-scrambles-release-fix-widespread-imessage-glitch_01

 

The problem stemmed from the way Arabic text is rendered by an iOS device, and the device's RAM ends up full, forcing a restart.

 

iOS users can have Siri read unread messages, and have Siri respond to the malicious message. Once that is done, users can open Messages again. Once in messages, users must swipe left to delete the entire conversation thread - or tap, hold, and delete the malicious message.

United States tried a Stuxnet-like attack targeting North Korea

The United States reportedly attempted to launch a Stuxnet-like cyberattack aimed at the nuclear weapons program in North Korea, but the cyberespionage attempt failed. Launched at the same time when Stuxnet hit Iran in 2009 and 2010, the US wanted to also set North Korea's nuclear efforts back, according to a recent Reuters report.

 

united-states-tried-stuxnet-attack-targeting-north-korea_01

 

US cybersecurity specialists couldn't directly access systems responsible for controlling nuclear ambitions in Pyongyang - and the reclusive country's extreme secrecy and isolation helped make the attack more difficult. Similar to Iran, North Korea likely uses Microsoft Windows to power the PCs, which use control software from Siemens AG.

 

Cyberespionage among nations is nothing new, with nations specifically concerned regarding the nuclear ambitions of Iran, North Korea, and other nations. However, North Korea - which extremely limits access to the Internet - reportedly has an increasingly sophisticated cyberespionage program that can be used to target South Korea, the US, and other political rivals.

UN report: Encryption backdoors violate the human rights of Web users

Encryption is vital to free speech and government efforts to install backdoors prove to be a violation of human rights against Internet users. The UN report says encryption and Internet anonymity allow for a privacy buffer so they can share their views without the fear of being censored.

 

un-report-encryption-backdoors-violate-human-rights-web-users_01

 

There is an effort by the United States, UK and other governments to create backdoors - which could also allow cybercriminals to access information - in an effort to aid law enforcement. If an agency needs to view and monitor encrypted messages, it should only be done on a "case-by-case" basis, and shouldn't be required for the majority of users.

 

The report will be presented in front of the UN Human Rights Council sometime next month.

Continue reading 'UN report: Encryption backdoors violate the human rights of Web users' (full post)

Latest News Posts

View More News Posts

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases
Subscribe to our Newsletter
Or Scroll Down