TweakTown NewsRefine News by Category:
The western world is closely watching North Korea's military ambitions, with government leaders in Pyongyang investing a large amount of research into cyberwarfare capabilities, the US government recently warned.
Although not sophisticated as cyber arsenals from China or Russia, North Korea can still find partners to help foster its cyberattack capabilities. If matured further, the attacks will likely focus on South Korea, the United States and Japan, military advisors warned in the past.
"North Korea brings risk to the world's fastest-growing economic region, which is responsible for 25 percent of the world's [gross domestic product] and home to our largest trading partners," said Army Gen. Curtis Scaparrotti, in a Department of Defense press release. "Against this real threat, our nation is committed to the security of South Korea and to our national interests."
Former NSA contractor Edward Snowden stirred an international debate about privacy rights, with 80 percent of those polled recently saying Congress should reign in NSA snooping, according to a new Harris Interactive survey.
However, over half also said the NSA-related snooping helps reduce the likelihood of terrorism, while believing Internet companies should cooperate with the US government. Ironically, two out of three respondents said ISPs betrayed them while working with the NSA secretly, as a growing number of users aren't trusting of ISPs and other major tech companies.
"People clearly are thinking more about the relationship between privacy and security," said Stephen Cobb, Eset Senior Security Research, in a statement. "What the Snowden revelations have done is to surface the unresolved tension over this issue. People would like, on the one hand, to think the surveillance is necessary. But there is push back against unnecessary surveillance."
Ransomware is becoming a major business for cybercriminals, and users can expect sophisticated attacks that go beyond just Cryptolocker, according to Web security company KnowBe4.
Cybercriminals are developing next-generation malware designed to infect users and steal information, or hijack the computer with ransom demands to unlock affected machines.
"There is furious competition between cybergangs," said Stu Sjouwerman, KnowBe4 CEO, in a press statement. "They did their test-marketing in countries like the UK, Canada and Australia and are now targeting the US. CryptoDefense doesn't seem to be a derivative of CryptoLocker as the code is completely different, confirming this is a competing criminal gang."
Not enough websites and Internet browsers utilize the HTTP Strict Transport Security (HSTS) policy to keep Internet users secure, according to the Electronic Frontier Foundation (EFF).
HSTS forces encryption by opening HTTPS sessions instead of just HTTP, so information to and from the website is encrypted. Using HSTS, websites never allow Internet users to interact with an HTTP session, with everything automatically converted.
The EFF believes not enough web developers know about HSTS, while browser support has also only increased slowly but surely. Google Chrome, Mozilla Firefox, and Opera have long-supported HSTS, while Microsoft said it will use the Web standard with Internet Explorer 12.
The Federal Financial Institutions Examination Council (FFIEC) recently released a security notice of required steps that must be followed by banks and financial institutions operating in the United States. All banks under federal government regulation have to beef up security and pay attention to distributed denial of service (DDoS) attacks which plague bank servers.
Specifically, these companies need to try and mitigate DDoS attacks to the best of their ability, to keep subscribers more secure.
"In the latter half of 2012, an increased number of DDoS attacks were launched against financial institutions by politically motivated groups," according to the FFIEC statement. "These DDoS attacks continued periodically and increased in sophistication and intensity. These attacks caused slow website response times, intermittently prevented customers from accessing institutions' public websites, and adversely affected back-office operations."
Customer information is a valuable commodity to cybercriminals, with the ability to steal identities, transfer money from accounts, and financially ruin victims. Cybercriminals enjoy using the brand names and logos of well-known companies, making it easier to lure users into clicking fraudulent links.
"Phishing attacks are so popular because they are simple to deploy and extremely effective," said Sergey Lozhkin, Kaspersky Lab Senior Security Researcher, in a press statement. "It is often not easy for even advanced Internet users to distinguish a well-designed fraudulent site from a legitimate page, which makes it even more important to install a specialized protection solution."
Former CIA intelligence analyst Ray McGovern believes Edward Snowden isn't a traitor to the United States, nor is he a hero.
McGovern discussed how Snowden didn't appreciate a "clear violation of the 4th Amendment to the Constitution," which is one of the reasons the data disclosures were made public. Also, the former CIA analyst noted that National Intelligence Director James Clapper didn't face punishment for lying under oath in front of Congress.
"He's a patriot," McGovern recently said during a speech at Missouri Southern State University. "He took his oath seriously. He took the Constitution seriously."
The top social media network in Russia is now being sued by Sony Music, Warner Music and Universal Music, with vKontakte accused of "deliberately facilitating piracy on a large scale."
Each of the top three music labels filed individual suits against vKontakte, spearheaded by the International Federation of the Phonographic Industry (IFPI). In 2012, the social media site made $172 million in advertising revenue, but didn't pay the IFPI for copyrighted music shared through the site.
vKontakte says it allows copyright holders to submit removal requests of any content that violates copyright rules, but IFPI officials noted the process is too cumbersome. Both the US government and copyright holders have believed vKontakte provides large-scale music piracy - originally launched in 2006, vKontakte has 143 million global users, and 88 million Russian members.
Security bugs in software could leave power plants, oil refineries, and similar infrastructure vulnerable to cyberattacks from foreign-based hackers, according to recent research.
To make matters worse, around 7,600 plants worldwide have software that a cybercriminals with the "lowest skill in hacking" could still be successful. The Yokogawa Centum CS 3000, released in 1998 and designed for Microsoft Windows 98, while companies need to evaluate if they should make immediate software improvements.
"We went from zero to total compromise," said Juan Vazquez, security researcher with Rapid7, told BBC. "If you are able to exploit the vulnerabilities we have identified you get control of the Human Interface Station. That's where the operator sits or stand and monitors operation details. If you have control of that station as an attacker you have the same level of control as someone standing on the plant floor wearing a security badget."
A homeless man in Maine used his ATM card at a TD Bank branch to collect more than $37,000 in cash advances, receiving $700 separated into 53 transactions.
Initially, the man had just $100 in his checking account, but the malfunctioning ATM allowed him to receive multiple cash advances before he was stopped by police.
"We got a call that he was sleeping in the [ATM] vestibule, and we had to move him along," said Lt. Todd Bernard, from the South Portland Police Department, in a statement to local media. "Then at around 5:30 a.m., we got another call that he was back there and taking an unusually long time at the ATM by a who was trying to use it. She thought it seemed suspicious."