Tech content trusted by users in North America and around the world
6,631 Reviews & Articles | 45,195 News Posts

TweakTown News

Refine News by Category:

Hacking & Security Posts - Page 49

Social engineering-based attacks raving companies, causing confusion

Launching social engineering attacks, typically using phishing tactics, will remain a success for cybercriminals - and companies struggle to teach their employees how to detect and avoid these attacks. Phishing emails often trick employees to turn over usernames and passwords, or install some type of file with malware.

 

social_engineering_based_attacks_raving_companies_causing_confusion_01

 

"Phishing relies on human mistakes, not technology, so the number one way to combat this particularly effective form of social engineering is to raise awareness enterprise-wide," said Joe Caruso, CEO and CTO of Global Digital Forensics. "Time is your enemy after a cyber breach or incident, so every second counts. The faster the problem is identified and eradicated, the less costly it will be in the long run for the entire organization."

 

As more people embrace mobile devices, such as smartphones and tablets, cybercriminals are adjusting their attack strategies. More employees are using their personal devices for work, and criminals have the opportunity to steal personal and corporate information.

Sony recruits Mandiant to help clean up cybersecurity mess

Sony Pictures Entertainment has tasked cybersecurity firm Mandiant with helping it clean up after a vicious cyberattack that knocked its computer networks offline last week. The "Guardians of Peace" claimed responsibility for the attack, saying they stole terabytes of data from SPE, with SPE's IT team unable to defend against the attack.

 

sony_recruits_mandiant_to_help_clean_up_cybersecurity_mess_01

 

The SPE email system is expected to be restored by end of business tomorrow, while Sony executives remain relatively quiet about the incident.

 

It is a lucrative time to be in cybersecurity, as companies are turning to private sector companies for additional consultations - as cyberattacks are on the rise, with criminals able to steal internal data, disrupt daily work activities, and compromise customers.

North Korea could be behind Sony Pictures hack, investigation underway

Forget China and Russia - Sony Pictures Entertainment is investigating a major cyberattack that could have originated from North Korea. The attack crippled SPE's email and computer systems since Monday, interrupting employee operations throughout the short holiday week. Several movies being promoted by SPE were also impacted, as Twitter feeds were disrupted by the cyberattack.

 

north_korea_could_be_behind_sony_pictures_hack_investigation_underway_01

 

The "Guardians of Peace" group claimed responsibility for the attack, and said it has a large amount of internal Sony data that it has taken. GOP is reportedly preparing a "volume of the data" to the Internet in the immediate future.

 

SPE is the studio behind "The Interview," a geopolitical satire that features James Franco and Seth Rogen as a talk show host and producer turned American operatives tasked with killing Kim Jong Un.

Chip and PIN cards gaining steam in US after year of data breaches

The use of credit cards with magnetic chips in the United States is slowly but surely being replaced by new chip and PIN cards that are more secure. However, retailers need to make sure their employees are properly trained in how to accept payments with chip and PIN cards, especially with some retailers replacing their own magnetic cards with the newer security.

 

chip_and_pin_cards_gaining_steam_in_us_after_year_of_data_breaches_01

 

Target, which suffered a massive breach at the end of 2013, is rolling out support for chip and PIN cards - and other retailers that suffered data breaches are expected to follow suit. But customers are finding checkout to be a tedious process when cashiers are unsure how to handle this new this payment process, however, the growing pains should prove to be worth it.

 

The use of chip and PIN technology will likely begin to transition from large retailers down to smaller businesses, as they discover its added security benefits. "It's about the peace of mind for the consumer, right?" said Shane Cowger, Arvest Bank sales manager, in a statement. "More consumers feel comfortable coming into your store, hopefully the more money they're going to spend in return."

More than 6 million email accounts exposed during past quarter

There have been more than 6 million email accounts and credentials leaked over the past three months, as several major data breaches gave criminals a treasure trove of information. There are typically just 150,000 accounts stolen per month, according to Heimdal Security, so seeing more than 6 million is being seen as an epidemic.

 

more_than_6_million_email_accounts_exposed_during_past_quarter_01

 

"As a security company we only pick up a smaller part of what hackers actually have access to, and you have to remember that the 6 million accounts have only been discovered over the last three months," said Morten Kjaersgaard, Heimdal Security CEO. "The actual number could be 20 times as high or more."

 

The entire year has been a painful lesson in how evolved cybercriminals have become in their craft, as experts believe data breaches - and more compromised information - is likely to happen multiple times in the future.

StealthGenie CEO must pay $500,000, forfeit spyware app source code

Danish citizen Hammad Akbar pleaded guilty for advertising and selling StealthGenie, a spyware application designed to allow customers to snoop on mobile phones. Akbar will have to pay $500,000 and turn over source code, but avoided jail time for marketing the app.

 

stealthgenie_ceo_must_pay_500_000_forfeit_spyware_app_source_code_01

 

StealthGenie allowed users to monitor phone calls, text messages, videos, and other communications on victims' smartphones. The spyware was able to be installed on Apple iPhones, Google Android smartphones, and BlackBerry devices, and was extremely difficult to detect on compromised devices.

 

"Mr. Akbar is the first-ever person to admit criminal activity in advertising and selling spyware that invades an unwitting victim's confidential communication," said Andrew McCabe, FBI Assistant Director in Charge, in a statement. "This illegal spyware provides individuals with an option to track a person's every move without their knowledge. As technology evolves, the FBI will continue to evolve to protect consumers from those who sell illegal spyware."

Panda Security finds more than 20 million new malware samples in Q3

Panda Security collected 20 million new malware samples created worldwide, with an average of 227,747 new samples per day during Q3. The global infection rate increased from 36.87 percent up to 37.93 percent year-over-year, and Trojans are the most common type of malware. Trojans accounted for 78.08 percent of malware types, with viruses (8.89 percent) and worms (3.92 percent) also making an appearance.

 

pandalabs_discovers_more_than_20_million_new_malware_samples_during_q3_01

 

Internet users face a cybersecurity threat from hackers, state-sponsored cybercriminals, and national government spy agencies - and trying to stay secure is rather difficult. China (49.83 percent), Peru (42.38 percent) and Bolivia (42.12 percent) are the three countries most targeted by cyberattacks, with nine European countries in the top ten most secure nations: Norway (23.07 percent), Sweden (23.44 percent), and Japan (24.02 percent) are the top three most secure.

 

"Over recent months cybercrime has continued growing," said Luis Corrons, PandaLabs Technical Director at Panda Security. "Cyber-crooks are still creating malware in order to infect as many computers as possible and access confidential data - but corporate environments have also come under attack. For example, over the last three months large companies have been the subjects of some scandals, such as the infamous 'Celebgate,' in which photos of actresses and models hosted on Apple's iCloud service were leaked, or the theft of Gmail and Dropbox passwords."

Europol launches raid on cybercriminals purchasing airline tickets

Europol is targeting cybercriminals suspected of using stolen debit and credit card information to purchase airline tickets. The large raid took place in 45 countries and 80 airports, with 118 people arrested - and airlines lose more than $1 billion per year due to fraudulently purchased tickets.

 

europol_launches_raid_on_cybercriminals_purchasing_airline_tickets_01

 

"Airlines are fighting credit card fraud on their ticket sales on daily basis," said Meta Backman, a Europol European airline fraud prevention group. "It is clear to the airlines that they are up against organized crime in this fight."

 

The Global Airport Action initiative will rely on better communication between local police, national police, and federal agencies working with airlines and credit card companies to identify suspected fraud. Credit card fraud was reportedly linked to human trafficking and truck trafficking, which will also be investigated by European authorities.

Continue reading 'Europol launches raid on cybercriminals purchasing airline tickets' (full post)

Cybercriminals are fully aware this could be a great time for them

It seems like only a matter of time before another significant data breach hits US consumers, and it could happen before the end of the year. Many retailers don't have appropriate infrastructure in place to defend against cyberattacks, and the criminals are adapting their strategies to ensure they are successful. A recent study found 58 percent of retailers are now less secure than they were within the past year, as criminals can easily surpass firewalls and compromise customer data.

 

cybercriminals_are_fully_aware_this_could_be_a_great_time_for_them_02

 

As more consumers shop online and head to local stores, it's the perfect storm for criminals to seize bulk debit and credit card data in a single breach. Meanwhile, some experts say the cost of expensive next-generation security solutions to be passed down to consumers, according to the study from BitSight Technologies.

 

"Bad guys know that this is a big shopping season," said Bob Ackerman, cybersecurity specialist and managing director of Allegis Capital. "Bad guys are on the prowl, they are active, and they know this is a time of year where there is a lot more fish that their net can capture."

Home Depot spent up to $43M on data breach during just one quarter

Following a massive data breach that left 56 million debit and credit card details stolen, along with 53 million email addresses, the company spent $43 million during Q3 to deal with the aftermath. The company expects to receive $15 million reimbursement as part of a $100 million network liability insurance policy - and must now work to ensure the problem doesn't occur again.

 

home_depot_spent_up_to_43m_on_data_breach_during_just_one_quarter_01

 

Meanwhile, the company faces multiple lawsuits and will "incur significant legal and other professional services expenses" due to the incident. The company's payment card data network was complaint in fall 2013, and was undergoing 2014 certification when the breach occurred, according to an independent auditor.

 

"The forensic investigator working on behalf of the payment card networks may claim the company was not in compliance with those standards at the time of the data breach," Home Depot noted.

Latest News Posts

View More News Posts

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases
Subscribe to our Newsletter
Or Scroll Down