TweakTown NewsRefine News by Category:
Iranian hackers are targeting U.S. private sector defense companies and Iranian dissidents. The Iranian-based Operation Saffron Rose has evolved from simple website defacement to a sophisticated cyberespionage operation utilizing advanced persistent threats (APTs) attacking US defense companies.
Security researchers are increasingly concerned about the Iranian government's growing cyberwar ambitions, which will largely be used to target the United States. Social engineering techniques, which are continually being improved upon, also leads to an increased number of western Internet users infected with malware.
Here is what FireEye said in a statement: "There is an evolution underway within Iranian-based hacker groups that coincides with Iran's efforts at controlling political dissent and expanding its offensive cyber capabilities," said Nart Villeneuve, senior threat intelligence researcher at FireEye. "We have witnessed not only growing activity on the part of Iranian-based threat actors, but also a transition to cyber-espionage tactics. We no longer see these actors conducting attacks to simply spread their message, instead choosing to conduct detailed reconnaissance and control targets' machines for longer-term initiatives."
Google account owners are being targeted by a new round of phishing attack, with cybercriminals targeting uniform resource identifiers (URIs) that helps display data in Google Chrome. The attack is mainly targeted at Chrome users, but has also reportedly succeeded against Mozilla Firefox users as well, according to security researchers.
The initial introduction email mimics something sent from Google, with email subjects of "New Lockout Notice" or "Mail Notice" in the subject line. The email itself is written poorly, with bad grammar and odd capitalizations, though that hasn't stopped users from being tricked due to the email.
"With access to users' Google accounts, hackers can buy apps on Google Play, hijack Google+ accounts and access confidential Google Drive documents," said Catalin Cosoi, Bitdefender chief security strategist, in a statement to Infosecurity. "The scam starts with an email allegedly sent by Google, with 'Mail Notice' or 'New Lockout Notice' as a subject."
Following months of investigation, Dutch and Belgian police authorities have arrested 12 members of an organized crime ring operating a voice-phishing operation.
In the scam, Belgian Internet users received an initial email that asked for personal information. During the second step, criminals in the Netherlands would call the victims via telephone to collect additional personal information. Millions of dollars were stolen from Belgian victims during the scam, authorities note.
"This case is another example of organized cybercriminals setting up teams to act like legitimate representatives of established businesses, who then lure innocent victims into disclosing personal information," said Troels Oerting, head of the European Cybercrime Center (EC3), noted in a press statement. "The criminals misuse this harvested information to steal the victims' identities or money."
Europol warns Internet users of these types of scams, which are becoming more sophisticated - involving direct phone calls to victims - and recommend customers call or visit a bank if any problems arise.
In an effort to infect as many smartphones and tablets as possible, cybercriminals are increasingly targeting Google Android-powered devices. It's not a big surprise as security researchers continually note that the majority of mobile malware is aimed towards Android, with F-Secure pegging the number about 99 percent.
Blue Coat Systems specializes in business security, and has a team specifically designed to hunt down malware and other threats, trying to find ways to neutralize security issues.
"It's more like watching a bank of video security cameras focused on a high-crime area," said Andrew Brandt, Blue Coat Systems Director of Threat Research, when speaking to CNET. "I had downloaded an unrelated app a few hours earlier. [Out of nowhere], I get a text message on the phone thanking me for subscribing [to a $4-a-month service]."
As both hardware and software developers attempt to boost Android security, it's important to know about the most prevalent threats in the wild.
The past year has seen a drastic increase in credit and debit card breaches, which is why fraud is the top security concern Americans face, according to the 2014 Unisys Security Index. The survey found that 59 percent of Americans are "extremely or very concerned" about people obtaining and using credit or debit card details from cybercriminals.
"In today's hyper-connected world, people are wary of losing their financial and personal data to cybercrime, and it is crucial that businesses review and enhance their security measures on a continuous basis," said Dave Frymier, Unisys CIO, in a press statement. "Organizations that ignore the risk of data breaches do so at their peril, as brand reputation and customer loyalty often depend on a company's ability to protect personal information."
Consumers are becoming increasingly angry as retailers are doing a fairly poor job trying to keep data secure from potential cybercriminals.
A 16-year-old teenage "swatter" is in trouble and now faces 60 charges for his rude and reckless behavior, charged with crimes such as intent to harm, uttering death threats, mischief to property and public mischief. He also made at least 30 swatting calls against residents in both the United States and Canada.
Swatting remains a popular tactic typically used to send police and emergency responders to celebrities, though this Canadian teenager solicited Twitter users to recommend potential targets. Additional charges could be filed against the teenager, police confirmed.
"This is a fairly new phenomenon for Ottawa,"said Staff Sgt. Rick Baldwin-Ooms, an Ottawa police authority. "These irresponsible incidents have created real fear in people, put public safety at risk, and disrupted entire communities where these events have occurred."
Phishing attempts from criminals are again targeting bank members, with United Bank of Union customers falling prey to a continued phone scam. Criminals are using an automatic phone dialing program aimed at both landlines and mobile phones, with a warning message that customer bank cards are no longer functional.
Criminals behind the scam are somewhat clever, with victims either receiving automated calls - or in-person "support staff" calls - and debit card numbers and PIN numbers would be required. Furthermore, other victims were asked to provide their Social Security numbers to help "verify" personal information.
"Several people fell victim to this fraud and gave up their information to the answering machine," said Mike Elliott, United Bank of Union President, in a statement to local media. "Community Banks do not phone call for customer card numbers, PIN numbers or Social Security Numbers."
Fallout from the University of Pittsburgh Medical Center (UPMC) data breach hasn't taken long, with a recently filed class-action lawsuit representing those affected. Both UPMC and HR software maker Ultimate Software Group have been sued due to the security breach and identity theft suffered by employees.
"We find it extremely troubling that when UPMC first confirmed the identity thefts in February, it claimed that only about 20 workers were affected," said Benjamin Sweet, an attorney leading the legal case against UPMC. "Now, UMPC has admitted that the personal and financial information of more than 27,000 workers has been compromised, and that at least 788 of those have already been the victims of tax fraud."
Ultimate Software is verifying if it even handles UPMC as a client, as the company could have been wrongly implicated, company president Mitchell Dauerman told local media.
Anyone trying to visit the popular Demonoid file sharing website now gets a warning letter from Google, informing visitors that the site has been flagged for reportedly spreading malware. Mozilla Firefox also has automatically blocked the site, and the malware infections are being blamed on a third-party advertiser, according to Demonoid officials.
Demonoid reportedly was flagged for suspicious activity two times in the past 90 days, with Google adding the following: "Of the 75 pages we tested on the site over the past 90 days, 4 page(s) resulted in malicious software being downloaded and installed without user consent. The last time Google visited this site was on 2014-05-10, and the last time suspicious content was found on this site was on 2014-05-07."
Internet piracy is a perfect way for cybercriminals to infect users with malware, and will remain a popular target moving forward.
Former NSA contractor Edward Snowden's disclosure of widespread government snooping, especially by the United States and United Kingdom, has political leaders on both sides of the pond angry. In addition to damning proof against the NSA, there was data related to spying from the GCHQ British intelligence agency.
"Unfortunately, the insidious use of language such as 'mass surveillance' and 'Orwellian' by many of Mr. Snowden's supporters to describe the actions of Western agencies blurs, unforgivably, the distinction between a system that uses the state to protect the people, and one that uses the state to protect itself against the people," said Malcolm Rifkind, Intelligence and Security Committee chairman, during a public speech. "It is ironic that Mr. Snowden, in the name of privacy and the rule of law, chose China and Russia from which to launch his attack on the United States."
Rifkind also said his staff only has "noble motivations," which many Internet users likely wouldn't believe at this stage. British authorities said criminals and terrorists have altered behavior to adjust to spying operations from the U.S. and U.K. intelligence communities.