TweakTown
Tech content trusted by users in North America and around the world
6,134 Reviews & Articles | 39,394 News Posts

TweakTown News

Refine News by Category:

Hacking & Security Posts - Page 48

bitcoin money laundering case underway in Florida

There is a legal case in Florida that could set an important precedent in the United States: how criminal law can deal with bitcoins and other forms of cryptocurrency being used by criminals to commit money laundering.

 

TweakTown image news/3/6/36925_01_bitcoin_money_laundering_case_underway_in_florida.jpg

 

Two men, described as bitcoin "enthusiasts," were arrested trying to purchase bitcoins with money related to the Target malware hacking breach, according to the US Secret Service and Miami Beach Police Department.

 

Pascal Reid, 29, and Michell Espinoza, 30, face up to 25 years in prison if they are convicted of money laundering and for running an unlicensed money service business. The first transactions started around $500, but progressed up to a proposed $30,000 cash-for-bitcoin swap, according to federal investigators.

Continue reading 'bitcoin money laundering case underway in Florida' (full post)

Threat of ATM cash-outs alarms banks, security experts

Local law enforcement and federal authorities are trying to find methods to clamp down on organized criminals stealing personal information and later using ATMs to cash-out with stolen information.

 

TweakTown image news/3/6/36923_01_threat_of_atm_cash_outs_alarms_banks_security_experts.jpg

 

Cybercriminals often use malware or phishing techniques to first compromise users, and migrate to opening new lines of credit - or stealing bank information which leads to fraudulent ATM transactions.

 

The Federal Financial Institutions Examination Council (FFIEC) recently said that banks must work harder to mitigate cyberattacks - and there are continually new stories about cybercriminals either compromising ATMs, or stealing identities and cashing out later.

Continue reading 'Threat of ATM cash-outs alarms banks, security experts' (full post)

Heartbleed OpenSSL security bug plagues millions of Internet users

The "Heartbleed" security vulnerability discovered by the security company Codenomicon found that the OpenSSL bug has opened up millions of Internet users to security risk. Although OpenSSL is designed to help keep sensitive information secure, Heartbleed may have led to website visitors susceptible to spying, according to researchers.

 

TweakTown image news/3/6/36920_01_heartbleed_openssl_security_bug_plagues_millions_of_internet_users.jpg

 

Heartbleed targets any OpenSSL version over the past two years (OpenSSL 1.0.1 up to 1.0.1f), and cybercriminals are able to access the server's system memory, and encrypted information such as usernames, passwords, debit and credit card information is up for grabs.

 

Here is what Codenomicon noted:

 

"We have tested some of our own services from attacker's perspective. We attacked ourselves from outside, without leaving a trace. Without using any privileged information or credentials we were able to steal from ourselves the secret keys used for our X.509 certificates, usernames and passwords, instant messages, emails and business critical documents and communication."

Cybercriminals greatly benefit from launching "mega breaches"

Cybercriminals are continually changing their strategy to compromise PCs and networks, with an increased shift towards well-researched, sophisticated attacks instead of simple attacks, according to the latest Symantec Internet Security Threat Report.

 

TweakTown image news/3/6/36889_01_cybercriminals_greatly_benefit_from_launching_mega_breaches.jpg

 

There was a 62 percent year-over-year increase in data breaches at the end of 2012, Symantec said, with more than 550 million identities exposed to potential theft. In addition to lost productivity, companies also risk public reputation - with the top eight data breaches in 2013 yielding large sums of personal information compromised.

 

"One mega breach can be worth 50 smaller attacks," noted Kevin Haley, Symantec Security Response director, in a press release. "While the level of sophistication continues to grow among attackers, what was surprising las year was their willingness to be a lot more patient - waiting to strike until the reward is bigger and better. Nothing breeds success like success - especially if you're a cybercriminal. The potential for huge paydays means large-scale attacks are here to stay. Companies of all sizes need to re-examine, re-think and possibly re-architect their security posture."

US Attorney General Eric Holder says DoJ hesitant of bitcoin

The United States government is worried that the bitcoin cryptocurrency can be used by criminals to help commit money laundering, and will take creative strategy by lawmakers, according to US Attorney General Eric Holder.

 

TweakTown image news/3/6/36892_01_us_attorney_general_eric_holder_says_doj_hesitant_of_bitcoin.jpg

 

Some investors have embraced bitcoin as a viable digital currency, though the demise of Mt. Gox and other exchange services have alarmed lawmakers. Bitcoin exchange operators are under close federal scrutiny, as the government continues to look at new methods criminals might use to move funds quietly.

 

"The department is committed to innovating alongside this new technology in order to ensure our investigations are not impeded by any improvement in criminals' ability to move funds anonymously," Holder said during a recent House Judiciary Committee. "Virtual currencies can pose challenges for law enforcement given the appeal they have among those seeking to conceal illegal activity. This potential must be closely considered."

Continue reading 'US Attorney General Eric Holder says DoJ hesitant of bitcoin' (full post)

Medicaid agencies face "high-risk" security threats, HHS report finds

As many as 10 state Medicaid agencies faced "high-risk" security issues, found while studying audits conducted from 2010 to 2012, according to the Department of Health and Human Services' (HHS) Inspector General's Office.

 

TweakTown image news/3/6/36879_01_medicaid_agencies_face_high_risk_security_threats_hhs_report_finds.jpg

 

The report didn't identify the Medicaid programs, so the affected programs didn't suffer further attack. A mix of access control problems, network operation controls, and entity-wide controls were found in programs spread across 10 states - with 79 confirmed security problems noted.

 

Employers aren't encrypting information, keeping patches updated, or taking basic steps to keep information secure. The Government Accountability Office (GAO) recently said government agencies don't do enough after suffering data breaches, and this report further confirms the problem.

Continue reading 'Medicaid agencies face "high-risk" security threats, HHS report finds' (full post)

Leading website compromised, turns users into "DDoS zombies"

A major global website was recently hit by cybercriminals, with the hacked website turning visitors into "zombies" that in turn launched distributed denial of service (DDoS) attacks. A Persistent XSS vulnerability gave cybercriminals the chance to embed malicious JavaScript code, according to enterprise security company Incapsula.

 

TweakTown image news/3/6/36867_01_leading_website_compromised_turns_users_into_ddos_zombies.jpg

 

Each user that views a compromised profile image with the malicious code then ends up sending a GET request to targeted websites. The group responsible also posted comments on large quantities of other videos, to ensure the profile image was viewed as many times as possible.

 

"As a result, each time a legitimate visitor landed on that page, his browser automatically executed the injected JavaScript, which in turn injected a hidden with the address of the DDoSer's C&C domain," according to Incapsula. "Obviously one request per second is not a lot. However, when dealing with video content of 10, 20 and 30 minutes in length, and with thousands views every minute, the attack can quickly become very large and extremely dangerous."

Avast: Smartphone owners are too careless about security

Smartphone users face a growing list of security problems, and many of them are simply ignoring the risks, according to a recent study completed by security company Avast.

 

TweakTown image news/3/6/36858_01_avast_smartphone_owners_are_too_careless_about_security.jpg

 

Men are more likely than women to face vulnerabilities on their smartphones, 36 percent compared to 32 percent, with more than one-third surveyed saying they don't use any type of anti-theft or security software.

 

"The findings suggest an ongoing disconnect people have with their phone and computer when it comes to security protection," Avast said in a blog post. "Many smartphone users have not yet grown accustomed to thinking of their devices as small computers that store valuable, sensitive, and often priceless data. One can now perform the same functions on their phone as the trust PC or laptop, but the majority of people are still learning about the necessary to protect their phones from viruses and hacking."

Continue reading 'Avast: Smartphone owners are too careless about security' (full post)

Eight people charged with identity theft, using AT&T customer files

Eight defendants have been charged with one count of conspiracy for their role in a sophisticated identity theft fraud scheme using stolen information from AT&T. In total, there are 22 counts in the indictment, with some defendants charged with access device fraud and aggravated identity theft.

 

TweakTown image news/3/6/36850_01_eight_people_charged_with_identity_theft_using_at_t_customer_files.jpg

 

One of the defendants charged, Couman Emily Syrilien, 25, from Lauderdale Lakes, Florida, worked for Interactive Response Technologies (IRT), an outsourced call center that provided sales and customer support for AT&T.

 

If convicted of the conspiracy charge, each defendant faces a maximum sentence of 20 years, while the access device fraud charge carries a 10-year max sentence, and each aggravated identity theft charge carries two years.

Continue reading 'Eight people charged with identity theft, using AT&T customer files' (full post)

North Korea wants to join in global cyberattack fun

The western world is closely watching North Korea's military ambitions, with government leaders in Pyongyang investing a large amount of research into cyberwarfare capabilities, the US government recently warned.

 

TweakTown image news/3/6/36824_01_north_korea_wants_to_join_in_on_global_cyberattack_fun.jpg

 

Although not sophisticated as cyber arsenals from China or Russia, North Korea can still find partners to help foster its cyberattack capabilities. If matured further, the attacks will likely focus on South Korea, the United States and Japan, military advisors warned in the past.

 

"North Korea brings risk to the world's fastest-growing economic region, which is responsible for 25 percent of the world's [gross domestic product] and home to our largest trading partners," said Army Gen. Curtis Scaparrotti, in a Department of Defense press release. "Against this real threat, our nation is committed to the security of South Korea and to our national interests."

Continue reading 'North Korea wants to join in global cyberattack fun' (full post)

Latest Tech News Posts

View More News Posts

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases