TweakTown NewsRefine News by Category:
While the bitcoin cryptocurrency remains popular among supporters, trying to mine bitcoins effectively has proven difficult. However, cybercriminals are hijacking everything from smartphones and tablets to servers in their effort to cash in on distributed computing and mining. And these hijacked apps are now being found in the Google Play store, with users downloading these apps before they are spotted.
Security experts recommend all mobile users utilize some type of anti-malware and anti-virus software solutions, though that is especially true for users suffering from battery life problems.
Cybercriminals are finding Android's open source architecture - and the Google Play store - great assets in their effort to steal information and compromise users. A recent Iowa State University (ISU) data breach, which opened up to 30,000 to potential identity theft, was caused by criminals trying to hijack servers to mine for bitcoins.
After an extended discussion on the Senate floor, California legislators shot down mandatory smartphone kill switch legislation pushed by Sen. Mark Leno and San Francisco District Attorney George Gascon. Leno plans to ask the Senate to vote on the bill again in the near future, hoping to sway a few more lawmakers before the second vote.
The bill received 19 votes in favor, falling short of the 21 necessary from the 40-member Chamber in Sacramento. Lawmakers remain concerned that mandatory legislation would be too strict and prevent companies from opening up shop in California.
Smartphone manufacturers and wireless carriers have been hesitant to embrace kill switches, though have agreed to offer voluntary solutions starting after July 2015. The addition of smartphone kill switches would help consumers save up to $2.6 billion per year, with metropolitan areas continuing to see a rise in smartphone robbery and theft.
Cybercriminals have a large arsenal of different methods and tools to compromise users and corporations, but 92 percent of 100,000 security incidents analyzed by Verizon can be traced to nine basic attack patterns.
"After analyzing 10 years of data, we realize most organizations cannot keep up with cybercrime - and the bad guys are winning," said Wade Baker, Data Breach Investigations Report principal author, in a press release. "But by applying big data analytics to security risk management, we can begin to bend the curve and combat cybercrime more effective and strategically."
The following are listed as the nine most typical threat patterns: miscellaneous errors such as sending an email to the wrong person; crimeware (various malware aimed at gaining control of systems); insider/privilege misuse; physical theft/loss; Web app attacks; denial of service attacks; cyberespionage; point-of-sale intrusions; and payment card skimmers.
Executives including chief information officers (CIOs) are increasingly concerned about 'bring your own device' (BYOD) security principles, while employees don't tend to care. A recent survey found that 15 percent of employees believe they have minimal responsibility in keeping company data secure if stored on personal smartphones, tablets, or laptops, according to a survey from Centrify.
"It is clear organizations need to continue to educate employees on the dangers and risks of mobile security but also look to solutions that safeguard devices and applications which these employees have access to," said Michael oysterman, Osterman Research principal analyst, in a statement to CIO.
Employees largely don't want to use a personal device and work-issued smartphone, and if they don't take responsibility for corporate information, companies will use intrusive software - and sometimes brick or remotely wipe lost or stolen devices. BYOD will continue to be a complicated matter for companies and employees to try and sort out for a mutual benefit on both sides.
The Chinese government is routinely blamed for cyberattacks, especially against U.S. and other western nations, and the country is still the top source for attacks, according to a report from Akamai. China amounted for 43 percent of attack traffic, which is an astonishing lead ahead of the United States at 19 percent, research found.
The Akamai report found cyberattacks from IP addresses in 188 countries worldwide, with China and the United States joined by Canada (10 percent), Indonesia (5.7 percent) and Taiwan (3.4 percent) at the top of the list. Furthermore, distributed denial-of-service (DDoS) attacks also saw a drastic increase during Q4 2013, with cybercriminals benefiting from cheaper, more sophisticated attacks.
However, not all attacks from Chinese-based IP addresses are likely from cyberattackers within the country - since the nation has seen an explosion in mobile and PC Internet use, many hijacked systems are compromised from hackers located elsewhere.
Xapo, the company best known for creating bitcoin vaults, also has introduced a new bitcoin debit card, in an effort to attract more consumers to the popular cryptocurrency. Instead of debiting money from a checking account, however, the Xapo card takes money from bitcoins - a digital card is free, but consumers wanting a physical card will have to pay $15.
"We are focused on making bitcoin more secure and safer and making it easier to use, the debit card is something that our customers have requested," said Wences Casares, Xapo founder and CEO, in a statement to the Wall Street Journal.
The cards should ship within two months, and Xapo is partnering with banks in the U.S. and Europe, using Visa and MasterCard networks.
An employee at Coordinated Health had a password-protected laptop stolen from a vehicle in Pennsylvania, and now 700 patients are at risk. A total of 733 victims are at risk, with names, addresses, birthdates, insurance information, and Social Security numbers exposed - with law enforcement made aware of the breach.
Coordinated Health also is providing identity protection from Experian for free, as a forensic investigator to conduct a full review of the content that was available on the laptop.
It seems ridiculous how frequently stories are published where sensitive information is found on a flash drive, external HDD, or laptop - even if password-protected - which is later lost or stolen while outside of a company building. The exact role of the employee is unknown, though it seems unlikely that many people should have access to sensitive patient information away from the office.
Cybercriminals are having a field day compromising PCs and servers, but have found ways to plague a wide variety of business sectors and industries. Recently, hackers have taken to the open seas, having their way with the shipping industry, including infecting PCs on ships.
In one case, it reportedly took 19 days before a ship could be cleared for duty, with computer malware that had to be removed. A different example was when hackers were able to breach an oil rig and actually tilt it - and Somali pirates, as they continue to target foreign ships near Somali waters, use the Internet to access navigational data.
"Increasingly, the maritime domain and energy sector has turned to technology to improve production, cost and reduce delivery schedules," a think tank recently said in a report. "These technological changes have opened the door to emerging threats and vulnerabilities as equipment has become accessible to outside entities."
Tony Colston-Hayter, dubbed the "Acid House King," has been sentenced to five and a half years in prison for his part in a "sophisticated cyberattack" that stole $2.1 million from UK banks. Hayter worked alongside nine others used a clever Trojan to make transfers from Barclays and Santander bank branches, along with stealing credit and debit card account information of other victims.
The criminals used the stolen money to splurge on a rather lifestyle, including purchasing Rolex watches, high-end designer clothing, jewelry, and electronics.
"You were once a very successful and noted businessman, and once even appeared on the Jonathan Ross show," said Judge Juliet May QC, during the court hearing. "But it all went wrong - your marriage fell apart and you suffered from health issues before taking class A drugs such as crystal meth - although I gather you have taken every mind altering drug over the years."
Insurance company AIG will expand its current cyber insurance offering to include property damage and bodily injury exposures, providing customers an enhanced layer of protection. The CyberEdge PC is designed for companies that sometimes suffer equipment failure, physical harm to personnel, or physical damage to property, as hackers breach a larger scope of technologies.
Hackers have reportedly breached everything from heart rate monitors and pacemakers to traffic lights and connected devices - and there is significant risk to U.S. infrastructure - which AIG hopes to help clients avoid by expanding insurance coverage.
"Cyber risk goes well beyond data privacy concerns covered by standalone cyber insurance offerings prevalent in the market," said Tracie Grella, AIG Global Head of Professional Liability, in a press statement. "The physical risk of a cyberattack or cyber event to property and people is very real, and it can now be specifically and unambiguously addressed with expanded cyber insurance coverage that dovetails with existing insurance."