TweakTown
Tech content trusted by users in North America and around the world
5,683 Reviews & Articles | 36,177 News Posts
Weekly Giveaway: Fractal Design Arc Cases Contest (Global Entry!)

TweakTown News

Refine News by Category:

Hacking & Security Posts - Page 4

Phishing cybercriminals find most success with midweek attacks

The majority of phishing emails are sent during the work week, amounting to 93 percent of activity, with the most popular day Wednesday, according to cybersecurity company Mandiant. The use of clever social engineering techniques, in which cybercriminals create unique attack methods to compromise unsuspecting users, continues to be a leading strategy that helps find success.

 

TweakTown image news/3/7/37002_01_phishing_cybercriminals_find_most_success_with_midweek_attacks.jpg

 

Mandiant studied clients in more than 30 different business industries, with 15 percent of attacks hitting the financial market, with 13 percent aimed towards media and entertainment, according to the company.

 

Companies trying to protect employees must teach them the basic threats that phishers use, especially in financial intuitions, which receive one-third of all phishing attempts.

Universities struggle to keep personal data safe from theft

It seems likely colleges and universities could face a higher number of cyberattacks and data breaches, as security vulnerabilities and other challenges remain a problem, according to HALOCK Security Labs.

 

TweakTown image news/3/6/36995_01_universities_struggle_to_keep_personal_data_safe_from_theft.jpg

 

University IT staff need to prioritize their networking and security budgets to address the most glaring security threats - and separating sensitive systems from public systems can be a good start. PCs and servers with sensitive information can be supervised by IT staff, while student employees can manage public systems, according to HALOCK.

 

"Universities in general have limited budgets for information security, and therefore struggle to comply with the numerous laws and regulations regarding the data in their custody," said Terry Kurzynski, HALOCK Senior Partner, in a press statement.

Continue reading 'Universities struggle to keep personal data safe from theft' (full post)


Members of the 'Jabber Zeus Crew' indicted by Department of Justice

Nine men behind the "Jabber Zeus Crew" have been indicted for charges including conspiracy to participate in racketeering activity, multiple counts of bank fraud, conspiracy to commit computer fraud and identity theft, and aggravated identity theft.

 

TweakTown image news/3/6/36993_01_members_of_the_jabber_zeus_crew_indicted_by_department_of_justice.jpg

 

The group allegedly used the Zeus Trojan to collect bank account numbers, account passwords, PIN numbers, and other significant information. Conviction could lead to a monetary fine that would total at least $70,000,000, the DOJ said in its indictment.

 

"It was further part of the conspiracy that [defendants] used 'money mules' residents of the United States who received funds transferred over the Automated Clearing House ('ACH') network or through other interstate wire systems from victims' bank accounts into the money mules' own bank accounts, and then withdrew some of those funds and wired the funds overseas to conspirators," the indictment stated.

Continue reading 'Members of the 'Jabber Zeus Crew' indicted by Department of Justice' (full post)

Department of Homeland Security offers advice to fight 'Heartbleed'

The recent revelation of the "Heartbleed" OpenSSL bug has made it an extremely hectic week for Internet users, technology companies, banks, and the U.S. government. The Department of Homeland Security (DHS) recently issued a public advisory about "working together to mitigate cybersecurity vulnerabilities."

 

TweakTown image news/3/6/36992_01_department_of_homeland_security_offers_advice_to_fight_heartbleed.jpg

 

The DHS offers this advice to Internet users: verify the website has patched the vulnerability, then change passwords; closely monitor email, bank and social media accounts to spot suspicious activity; and become more vigilant to ensure websites are using HTTPS for all data exchanges.

 

"While there have not been any reported attacks or malicious incidents involving this particular vulnerability confirmed at this time, it is still possible that malicious actors in cyberspace could exploit unpatched systems," the DHS noted in a recent news release. "That is why everyone has a role to play to ensuring our nation's cybersecurity. We have been and continue to work closely with federal, state, local and private sector partners to determine any potential impacts and help implement mitigation strategies as necessary."

Hackers hit South Korea users, stealing credit card data on customers

Cybercriminals have compromised at least 200,000 credit card owners in South Korea, with forged credit cards and fraudulent charges being reported. South Korean police authorities have identified more than 250 cases of fraudulent charges, and expect that number to increase as customers are notified to look for suspicious activity.

 

TweakTown image news/3/6/36988_01_hackers_hit_south_korea_users_stealing_credit_card_data_on_customers.jpg

 

The hacker successfully breached a company in South Korea responsible for managing card payment processing terminals, collecting credit card numbers, expiration dates, and loyalty card passwords, according to the Financial Supervisory Service (FSS).

 

The FSS found credit information from three credit card companies and one bank were leaked, with two of the credit card companies already publicly punished for significant data breaches. Earlier in the year, more than 100 million South Korean credit card and bank accounts were compromised, with bank officials resigning and facing heavy scrutiny from government officials.

'Heartbleed' vulnerability found in Cisco, Juniper Networks routers

Security experts recently issued a statement saying the Heartbleed computer bug doesn't just hit Internet web servers, and can be found on PCs, email servers, mobile phones, and firewalls. To date, both Cisco and Juniper Networks noted that they are working to ensure their products are secure.

 

TweakTown image news/3/6/36975_01_heartbleed_vulnerability_found_in_cisco_juniper_networks_routers.jpg

 

Unfortunately, it can be a difficult task to fix security issues with networking equipment, and Cisco has to test dozens of products to verify they are secure. Meanwhile, Juniper is busy also trying to check security and release patches as needed:

 

"A subset of Juniper's products were affected by the Heartbleed vulnerability including certain versions of our SSL VPN software, which presents the most critical concern for customers," a Juniper spokesperson said in a statement. "We issued a patch for our SSL VPN product on Tuesday and are working around the clock to provide patched versions of code for our other affected products."

Continue reading ''Heartbleed' vulnerability found in Cisco, Juniper Networks routers' (full post)

Regulators tell US Banks to plug 'Heartbleed' vulnerability

Banks and financial institutions recently received a memo urging them to fix the security hole that is exploited by "Heartbleed," and they should consider upgrading encryption software and changing passwords, according to the Federal Financial Institutions Examination Council.

 

TweakTown image news/3/6/36961_01_regulators_tell_us_banks_to_plug_heartbleed_vulnerability.jpg

 

"Attackers could potentially impersonate bank services or users, steal login credentials, access sensitive email, or gain access to internal networks," the memo states.

 

Amazon, Yahoo, Netflix, and other major websites were quick to fix security holes, and users can change passwords on those sites.

Continue reading 'Regulators tell US Banks to plug 'Heartbleed' vulnerability' (full post)

Proposed law would make retailers responsible for data breaches

The California Legislature is now mulling over AB 1710, a bill aimed at forcing retailers to be held liable for damages stemming from data breaches. Following the Target breach, in which millions of customers were exposed to potential data theft, banks and credit unions have been forced to reissue debit and credit cards - and consumers were largely left in the dark until contacted by banks.

 

TweakTown image news/3/6/36947_01_proposed_law_would_make_retailers_responsible_for_data_breaches.jpg

 

However, AB 170 would force companies to be more forthcoming in regards to consumer protections and awareness due to data breaches. The bill changes current laws relating to customer data stored by businesses, consumer cost reimbursement, consumer identity theft mitigation, and notification time following a breach.

 

"Consumers need increased protection from the large data breaches that are occurring across the country," said Assemblyman Roger Dickinson (D-Sacramento), the AB 1710 co-author. "By improving the way sensitive information is retained and how consumers are alerted when breaches occur, AB 1710 will better protect customers' personal information."

Continue reading 'Proposed law would make retailers responsible for data breaches' (full post)

bitcoin money laundering case underway in Florida

There is a legal case in Florida that could set an important precedent in the United States: how criminal law can deal with bitcoins and other forms of cryptocurrency being used by criminals to commit money laundering.

 

TweakTown image news/3/6/36925_01_bitcoin_money_laundering_case_underway_in_florida.jpg

 

Two men, described as bitcoin "enthusiasts," were arrested trying to purchase bitcoins with money related to the Target malware hacking breach, according to the US Secret Service and Miami Beach Police Department.

 

Pascal Reid, 29, and Michell Espinoza, 30, face up to 25 years in prison if they are convicted of money laundering and for running an unlicensed money service business. The first transactions started around $500, but progressed up to a proposed $30,000 cash-for-bitcoin swap, according to federal investigators.

Continue reading 'bitcoin money laundering case underway in Florida' (full post)

Threat of ATM cash-outs alarms banks, security experts

Local law enforcement and federal authorities are trying to find methods to clamp down on organized criminals stealing personal information and later using ATMs to cash-out with stolen information.

 

TweakTown image news/3/6/36923_01_threat_of_atm_cash_outs_alarms_banks_security_experts.jpg

 

Cybercriminals often use malware or phishing techniques to first compromise users, and migrate to opening new lines of credit - or stealing bank information which leads to fraudulent ATM transactions.

 

The Federal Financial Institutions Examination Council (FFIEC) recently said that banks must work harder to mitigate cyberattacks - and there are continually new stories about cybercriminals either compromising ATMs, or stealing identities and cashing out later.

Continue reading 'Threat of ATM cash-outs alarms banks, security experts' (full post)

Latest Tech News Posts

View More News Posts

Latest Downloads

View More Latest Downloads

TweakTown Web Poll

Question: Did EA kill the Battlefield franchise with the terrible BF4 issues?

Yes, Battlefield is doomed

No, Battlefield will live on strong

I'm not sure, but I know EA needs to improve its game

or View the Results

View More Polls

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases
Get TweakTown updates via Facebook!
Just click the "Like" button below