TweakTown NewsRefine News by Category:
Network hardware and cloud company Barracuda Networks announced the Threatglass website, an online tool designed for security specialists to browse, share and analyze website malware.
The website is designed to help show visitors detailed information of activities on malicious websites, and also includeds screenshots of the browser, e-mails sent, and number of domains and objects requested.
"'Good sites gone bad' is a daily problem for popular websites targeted by attackers and used to serve malware to their unsuspecting visitors," said Dr. Paul Judge, Barracuda Networks chief research officer, in a press statement. "Threatglass was designed for both casual users and the research community to provide a way to document and better understand this ongoing problem."
In a time of continued cyber threats, the Barracuda Threatglass resource will prove to be an interesting place to view infection incident reports. Visitors have the ability to view the most recent group of compromised sites, and screenshots are hidden until users choose to view them - because quite a few compromised websites have pornography or other adult content.
Australian Foreign Minister Julie Bishop's official Twitter account was recently hacked, with Bishop confirming the breach. The fake tweets:
Bishop responded by saying ,"Yes my Twitter account has been hacked/compromised." Not surprisingly, the fake tweets were quickly deleted, passwords reset, and Bishop will be able to continue her job normally.
Typically just an annoyance when a high-profile figure is publicly hacked, though the fake links posted on Bishop's page led to a replicated Twitter login page. The links are no longer active, but it's unknown how many users mistakenly entered username and password information.
Creative cybercriminals use hacked accounts to try and phish followers, or steal personal information, which is easier to do when a Twitter user is high-profile - and has a large number of followers - which means users must always keep vigilant.
Cybercriminals plague regular consumers and businesses, impacting millions of users and costing companies billions, but even they aren't immune from attack.
One of the Rescator websites, which was one of two websites used to help sell bulk credit cards from the Target breach, had the following message to greet potential customers: "Hi subhumans and miscreants, your fraud site is gone now. Go away."
The websites are now back online.
Rescator has been responsible as a clearinghouse to sell stolen credit and debit card information from Target, Sally Beauty Supply, Neiman Marcus, and other compromised retailers. The website domains point towards websites based in the former Soviet Union, Colombia, and Cocos Islands.
Sally Beauty said less than 25,000 customer records were compromised during a data breach the store recently confirmed.
The company is still waiting for Verizon to continue its forensic investigation before releasing full details of the breach, though the company said customers are its top priority and will continue to provide updates following the breach.
"We take this criminal activity very seriously,"the company said in a press statement. "We continue to work diligently with Verizon on this investigation and are taking necessary actions and precautions to mitigate and remediate the issues caused by this security incident.
The retailer also is working with the U.S. Secret Service to investigate the data breach - as the FBI and Secret Service have been frequently tasked with helping to investigate security breaches.
Security researchers see a large volume of daily phishing attacks each day, but a recent phishing attempt to compromise Google Docs users has sent up red flags, according to a blog recently published by Symantec.
The e-mail has a title of "Documents" and tricks users to view "an important document" via Google Docs by clicking an included link. Instead of going to the traditional Google Docs login page, a convincing fake Google Docs login page is where users end up. Even worse, the phishers are running the fake page on Google servers with SSL support, and when a user enters information, a compromised server receives the PHP script.
Following a compromised user logging in, a redirected page takes users to an authentic Google Docs file - a very convincing phishing effort.
Cybercriminals created the phony page using a folder inside a Google Drive account, which was set to public, then uploaded a file. Compromised Google credentials provide access to Gmail, Google Play, and other Google accounts, so this is a major security issue that users need to be aware of.
The battle against fake and malicious mobile apps is a global effort, with the United States, Japan, South Korea, and a few other nations dealing with advanced fake apps.
Researchers from RiskIQ found that malicious apps in the Android Google Play store increased by almost 400 percent from 2011 to 2013.
In Japan, fake business apps are unknowingly installed, then are updated so they are able to steal personal information and user credentials. Drugstore chain Matsumotokiyoshi has had to deal with a fake app, dubbed e! Matsumotokiyoshi, used the company's logo sending users to the company's official website - but the malicious app accepts user payments to place orders, with financial data stolen.
South Korea, where smartphone penetration has reached 70 percent of the population, researchers are finding increasingly advanced fraud tactics used to steal information and frustrate users.
Mobile phone metadata is more valuable than the National Security Agency (NSA) tries to imply, and it's possible to find sensitive information with phone metadata, using social media, and pattern matching, according to Stanford University researchers.
Computer science graduate students learned, using 546 volunteers, that 57 percent of volunteers made at least one medical-related call, with 40 percent calling financial services. In total, the callers made 33,688 unique numbers and were able to make corroborations related to medical conditions and firearm ownership.
"At the outset of this study, we shared the same hypothesis as our computer science colleagues - we thought phone metadata could be very sensitive," the researchers found.
Several public NATO websites were hit by cyberattacks that temporarily crippled them, though there was no risk to classified or sensitive information. Early indications point towards pro-Russian sympathizers and Vladimir Putin supporters, though it hasn't been confirmed if the attacks originated in Russia.
"It doesn't impede our ability to command and control our forces," a NATO official said following the attack. "At no time was there any risk to our classified networks."
A Crimea referendum website, referendum2014.ru, also has suffered cyberattacks from a likely Russian source, according to security experts.
The rising political tension in Crimea has led to a series of cyberattacks, with Russia interrupting Ukrainian infrastructure - and hacker groups attacking the Kremlin. Cyberattacks have been successful in gaining media attention and serving as an annoyance for those targeted.
Financial exchange operators are increasingly worried about cyber threats while hackers are becoming more organized and launching sophisticated attacks.
At least half of the world's major financial exchanges faced cyberattacks during 2012, a report from the World Federation of Exchanges Office revealed. To counter this, exchanges and financial institutions are trying to reinforce security methods to keep attacks from easily compromising networks and stealing information.
"We are worried a lot and we are far more worried now than we were just a couple of years ago," said Magnus Bocker, Singapore Exchange CEO, during a recent panel discussion.
Broadband and phone provider BT is being investigated by the UK data regulator following accusations that spammers were compromising its email accounts.
Last May, BT dropped Yahoo! Mail and went with Critical Path, and that relationship worked until Critical Path was purchased by Openwave Messaging - and a company employee informed the UK Information Commissioner's Office that BT customers were affected.
"BT takes the security of all products very seriously," a BT spokesperson told British media. "And in the process of developing new services with partners, we rigorously audit and test for security, and fix any identified issues before going into live service."