TweakTown NewsRefine News by Category:
aFederal agencies aren't seriously defending against data breaches and personal identifiable information (PII) is increasingly finding its way into the hands of cybercriminals, according to a recent report published from the Government Accountability Office (GAO).
The number of government data breaches increased up to 25,566, twice the amount as reported in 2010 - and affected companies often are unfamiliar with how to respond properly.
The GAO has criticized federal government branches, specifically the Department of the Army, IRS, SEC, and a few other agencies, falling short of mandating information security programs and being lackadaisical about security efforts.
There is a shifting strategy to try and fight Internet piracy, with the old strategy of targeting individual users eliminated in favor of shutting down organized piracy rings.
There are three emerging strategies to target piracy: force ISPs to block subscribers from accessing sites with pirated content, shut down advertising streams on pirated sites, and trying to pressure search engines to not index and show links to sites with pirated content.
"Disrupting the money unlawful websites make from advertising could make a real difference to the fight against copyright infringement," said Ed Vaizey, creative industries minister, in a statement. "It is an excellent example of what can be achieved through industry, government and law enforcement working together."
Credit bureau Experian is now facing a multi-state investigation following a data breach that left almost 200 million people at risk of data theft.
"We are investigating," according to a spokeswoman for Illinois Attorney General Lisa Madigan, in a statement to Reuters. "It's part of a multi-state investigation."
Vietnamese citizen Hieu Minh Ngo pleaded guilty for his part in the theft, in which he sold stolen information to a large number of cybercriminals.
It shouldn't be surprising to hear there is a thorough investigation into the breach - not only was the company compromised using clever social engineering - Experian is a leading credit bureau in the United States.
Yahoo is the latest Silicon Valley tech giant moving to increase security because of government spying, announcing that traffic moving between the Yahoo data centers is now encrypted.
In addition, Yahoo Mail already uses HTTPS by default, and all mail sent between Yahoo servers also is encrypted. The company is now using 2048-bit RSA encryption for its Mail, Homepage and Digital Magazines portions of the site.
"Hundreds of Yahoos have been working around the clock over the last several months to provide a more secure experience for our users and we want to do even more moving forward," said Alex Stamos, Yahoo Chief Information Security Officer, in a blog post. "Our goal is to encrypt our entire platform for all users at all time, by default. One of our biggest areas of focus in the coming months is to work with and encourage thousands of our partners across all of Yahoo's hundreds of global properties to make sure that any data that is running on our network is secure."
Two members of an international cybercrime, identity theft and credit card fraud ring pleaded guilty to one count of wire fraud conspiracy and one count of conspiracy to commit access device fraud and identity theft, the Department of Justice announced.
Robert Dubuc, 40, from Massachusetts along with Oleg Pidtergerya, 49, of New York, used information stolen from more than 12 banks, payroll processing companies, brokerage firms and government agencies - in their effort, more than $15 million in funds have been reportedly stolen.
"Both Dubuc and Pidtergerya were asked by leaders of the conspiracy to participate in a scheme to 'cash out' bank accounts and pre-paid debit cards opened in the names of others," according to the DoJ press release.
Millions of users will remain on Microsoft Windows XP following the OS end of support deadline on April 8, with security experts providing input to try and keep users safe from increased security threats.
Research firm Gartner offers several steps for companies still running XP, though recommends having a plan to migrate to Windows 7 or Windows 8/8.1 as the most pressing step. Furthermore, user rights on XP machines should be restricted and only a select few applications should be available, with critical applications migrated to a newer platform.
"Even in organizations without Windows XP, a user that puts an unpatched Windows XP machine on the network can introduce problems," noted Michael Silver, Gartner VP and distinguished analyst, in a recent blog post.
Law enforcement agencies trying to clamp down on the vast underground market for child pornography are now attempting to find methods to track criminals down without being accused of snooping.
Former NSA contractor Edward Snowden, and his countless cases of US and British snooping, have made companies and Internet providers "wary" of cooperating with the government, according to British politicians.
"The Snowden affair has made the industry wary of government interference," said Damian Green, British Minister of State for Police and Criminal Justice, during a recent conference. "That is why I emphasize to the industry that they should treat child abuse images as a separate case from anything else."
Former Mt. Gox CEO Mark Karpeles has been ordered to the United States by U.S. Bankruptcy Judge Stacey Jernigan, in an effort to get him appear to discuss Mt. Gox's current bankruptcy case.
Following news the bitcoin exchange lost $400 million of customers' bitcoins, the company shuttered, while customers believe the money was stolen by company officials. As Mt. Gox goes through the bankruptcy court, Judge Jernigan is curious to hear what happened to the bitcoin currency.
"If he avails himself of this court, my God, he is going to get himself over here," Judge Jernigan said.
In early March, it was discovered that Sally Beauty Store became the latest retailer to suffer a data breach, with an unknown number of customers compromised.
Shortly after, Sally Beauty said less than 25,000 customers were affected, though has more recently changed its mind and said a larger number were hit.
Although the company didn't disclose an exact number yet, it is believed to be higher than 25,000, with debit and credit card information exposed. "As we have said previously, we will not speculate on the scope of our recent data security incident until the forensic review progresses because experience with such incidents at other retailers has taught that it is difficult to ascertain the extent of a data breach incident until the required forensic review is complete."
Prior to former contractor Edward Snowden disclosing the NSA's mass surveillance efforts, many people turned to the Tor Web browser for anonymous Internet searching. However, the free and popular tool is no longer as secure, with law enforcement agencies also able to identify users they suspect of criminal activities.
"There's not a magic way to trace people [through Tor], so we typically capitalize on human error, looking for whatever clues people leave in their wake," said James Kilpatrick, Homeland Security Investigations agent, in a statement.
It was only a few years ago when law enforcement and federal agencies believed they couldn't crack Tor, but multi-agency efforts led to better data collection and social engineering patterns.