TweakTown
Tech content trusted by users in North America and around the world
5,911 Reviews & Articles | 38,070 News Posts

TweakTown News

Refine News by Category:

Hacking & Security Posts - Page 45

Hacker forum selling stolen credit card numbers hacked

Cybercriminals plague regular consumers and businesses, impacting millions of users and costing companies billions, but even they aren't immune from attack.

 

TweakTown image news/3/6/36397_01_hacker_forum_selling_stolen_credit_card_numbers_hacked.jpg

 

One of the Rescator websites, which was one of two websites used to help sell bulk credit cards from the Target breach, had the following message to greet potential customers: "Hi subhumans and miscreants, your fraud site is gone now. Go away."

 

The websites are now back online.

 

Rescator has been responsible as a clearinghouse to sell stolen credit and debit card information from Target, Sally Beauty Supply, Neiman Marcus, and other compromised retailers. The website domains point towards websites based in the former Soviet Union, Colombia, and Cocos Islands.

Sally Beauty Supply said less than 25,000 customers hit in data theft

Sally Beauty said less than 25,000 customer records were compromised during a data breach the store recently confirmed.

 

TweakTown image news/3/6/36381_01_sally_beauty_supply_said_less_than_25_000_customers_hit_in_data_theft.jpg

 

The company is still waiting for Verizon to continue its forensic investigation before releasing full details of the breach, though the company said customers are its top priority and will continue to provide updates following the breach.

 

"We take this criminal activity very seriously,"the company said in a press statement. "We continue to work diligently with Verizon on this investigation and are taking necessary actions and precautions to mitigate and remediate the issues caused by this security incident.

 

The retailer also is working with the U.S. Secret Service to investigate the data breach - as the FBI and Secret Service have been frequently tasked with helping to investigate security breaches.

Phishing attacks aimed at Google Docs, Drive users

Security researchers see a large volume of daily phishing attacks each day, but a recent phishing attempt to compromise Google Docs users has sent up red flags, according to a blog recently published by Symantec.

 

TweakTown image news/3/6/36371_01_phishing_attacks_aimed_at_google_docs_drive_users.jpg

 

The e-mail has a title of "Documents" and tricks users to view "an important document" via Google Docs by clicking an included link. Instead of going to the traditional Google Docs login page, a convincing fake Google Docs login page is where users end up. Even worse, the phishers are running the fake page on Google servers with SSL support, and when a user enters information, a compromised server receives the PHP script.

 

Following a compromised user logging in, a redirected page takes users to an authentic Google Docs file - a very convincing phishing effort.

 

Cybercriminals created the phony page using a folder inside a Google Drive account, which was set to public, then uploaded a file. Compromised Google credentials provide access to Gmail, Google Play, and other Google accounts, so this is a major security issue that users need to be aware of.

Battle against fake, malicious apps a global fight

The battle against fake and malicious mobile apps is a global effort, with the United States, Japan, South Korea, and a few other nations dealing with advanced fake apps.

 

TweakTown image news/3/6/36370_01_battle_against_fake_malicious_apps_a_global_battle.jpg

 

Researchers from RiskIQ found that malicious apps in the Android Google Play store increased by almost 400 percent from 2011 to 2013.

 

In Japan, fake business apps are unknowingly installed, then are updated so they are able to steal personal information and user credentials. Drugstore chain Matsumotokiyoshi has had to deal with a fake app, dubbed e! Matsumotokiyoshi, used the company's logo sending users to the company's official website - but the malicious app accepts user payments to place orders, with financial data stolen.

 

South Korea, where smartphone penetration has reached 70 percent of the population, researchers are finding increasingly advanced fraud tactics used to steal information and frustrate users.

Continue reading 'Battle against fake, malicious apps a global fight' (full post)

Metadata reveals a large amount of information about users: study

Mobile phone metadata is more valuable than the National Security Agency (NSA) tries to imply, and it's possible to find sensitive information with phone metadata, using social media, and pattern matching, according to Stanford University researchers.

 

TweakTown image news/3/6/36354_01_metadata_reveals_a_large_amount_of_information_about_users_study.jpg

 

Computer science graduate students learned, using 546 volunteers, that 57 percent of volunteers made at least one medical-related call, with 40 percent calling financial services. In total, the callers made 33,688 unique numbers and were able to make corroborations related to medical conditions and firearm ownership.

 

"At the outset of this study, we shared the same hypothesis as our computer science colleagues - we thought phone metadata could be very sensitive," the researchers found.

Continue reading 'Metadata reveals a large amount of information about users: study' (full post)

Cyber attack targets NATO websites over growing tension in Crimea

Several public NATO websites were hit by cyberattacks that temporarily crippled them, though there was no risk to classified or sensitive information. Early indications point towards pro-Russian sympathizers and Vladimir Putin supporters, though it hasn't been confirmed if the attacks originated in Russia.

 

TweakTown image news/3/6/36352_01_cyber_attack_targets_nato_websites_over_growing_tension_in_crimea.jpg

 

"It doesn't impede our ability to command and control our forces," a NATO official said following the attack. "At no time was there any risk to our classified networks."

 

A Crimea referendum website, referendum2014.ru, also has suffered cyberattacks from a likely Russian source, according to security experts.

 

The rising political tension in Crimea has led to a series of cyberattacks, with Russia interrupting Ukrainian infrastructure - and hacker groups attacking the Kremlin. Cyberattacks have been successful in gaining media attention and serving as an annoyance for those targeted.

Financial exchange operators worried about cyber security

Financial exchange operators are increasingly worried about cyber threats while hackers are becoming more organized and launching sophisticated attacks.

 

TweakTown image news/3/6/36349_01_financial_exchange_operators_worried_about_cyber_security.jpg

 

At least half of the world's major financial exchanges faced cyberattacks during 2012, a report from the World Federation of Exchanges Office revealed. To counter this, exchanges and financial institutions are trying to reinforce security methods to keep attacks from easily compromising networks and stealing information.

 

"We are worried a lot and we are far more worried now than we were just a couple of years ago," said Magnus Bocker, Singapore Exchange CEO, during a recent panel discussion.

Continue reading 'Financial exchange operators worried about cyber security' (full post)

BT under investigation accused of exposing user credentials

Broadband and phone provider BT is being investigated by the UK data regulator following accusations that spammers were compromising its email accounts.

 

TweakTown image news/3/6/36343_01_bt_under_investigation_accused_of_exposing_user_credentials.jpg

 

Last May, BT dropped Yahoo! Mail and went with Critical Path, and that relationship worked until Critical Path was purchased by Openwave Messaging - and a company employee informed the UK Information Commissioner's Office that BT customers were affected.

 

"BT takes the security of all products very seriously," a BT spokesperson told British media. "And in the process of developing new services with partners, we rigorously audit and test for security, and fix any identified issues before going into live service."

Continue reading 'BT under investigation accused of exposing user credentials' (full post)

Users are first line of PC security defense, but fail miserably

Both consumers and business users face a tremendous amount of security threats, despite next-generation security solutions trying to keep PCs and mobile devices protected.

 

TweakTown image news/3/6/36342_01_users_are_first_line_of_pc_security_defense_but_failing_miserably.jpg

 

Malware is increasingly sophisticated and slipping by traditional anti-virus software, with software creators finding low risk and high reward for their behaviors.

 

"As often as not, malware gets into your systems become you invited it by clicking a link without thinking," said Bruce Campbell, VP of Marketing at Clare Computer Solutions, in a statement to TweakTown. "Take the dreaded CryptoLocker ransomware... most commonly, it was introduced as an attachment to an e-mail that said it was from UPS. The attachment looked like a PDF file and the e-mail said - Track Information, see attached."

Continue reading 'Users are first line of PC security defense, but fail miserably' (full post)

More than 15,000 NYC MTA transit workers at risk after data breach

More than 15,000 current and former New York City Metropolitan Transportation Agency (MTA) employees are at risk following a data breach, according to reports. Personal information was located on a CD that was found by a retailer inside of a refurbished CD drive, and an MTA investigation is underway to determine how and why the information was on a CD that hit the streets.

 

TweakTown image news/3/6/36341_01_more_than_15_000_nyc_mta_transit_workers_at_risk_after_data_breach.jpg

 

"While we do not suspect nor have seen any evidence of misuse of the data, every precaution is being taken to ensure that this is the case," said Sidney Gellineau, MTA CIO, in a recent letter.

 

Only salaried workers were exposed, with no hourly employees at risk, according to the MTA statement.

Continue reading 'More than 15,000 NYC MTA transit workers at risk after data breach' (full post)

Latest Tech News Posts

View More News Posts

TweakTown Web Poll

Question: Facebook's acquisition of Oculus VR will...

Improve Oculus Rift Development

Hamper Oculus Rift Development

Completely destroy Oculus Rift Development

Let's wait and see, I'm not sure

or View the Results

View More Polls

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases