TweakTown
Tech content trusted by users in North America and around the world
6,203 Reviews & Articles | 40,074 News Posts

TweakTown News

Refine News by Category:

Hacking & Security Posts - Page 53

F-Secure: Majority of mobile malware designed for Google Android

A whopping 99 percent of mobile threats during the first three months of 2014 targeted the Google Android platform, with 275 total Android threat families and variants, according to security firm F-Secure Labs. Compared to Q1 of 2013, Android faced 149 new threat families, as cybercriminals perfect their craft in an effort to compromise smartphones and tablets.

 

TweakTown image news/3/7/37401_01_f_secure_majority_of_mobile_malware_designed_for_google_android.jpg

 

"These developments give us signs to the direction of malware authors," said Mikko Hypponen, F-Secure Chief Research Officer, in a press statement. "We'll very likely see more of these in the coming months. For example, mobile phones are getting more powerful, making it possible for cybercriminals to profit by using them to mine for cryptocurrencies."

 

The private sector has taken great interest in developing Android security - along with hardware manufacturers using the open source platform - but there is still a lot of work left to do. Companies also have found they need to do a better job speaking with Android users, alerting them of security threats, while teaching them how to remain more secure.

Russian sanctions might lead to increased cyberattacks against U.S

United States security officials are concerned that Russian-based hackers could retaliate for stricter sanctions, launching cyberattacks against the U.S. government and large corporations. Whether directly from the Russian government, or splinter support groups, there will continue to be an increased urgency to defend US infrastructure from foreign attack.

 

TweakTown image news/3/7/37376_01_russian_sanctions_might_lead_to_increased_cyberattacks_against_u_s.jpg

 

"A cyberattack is a real concern that we all need to have," said Paul Smocer, head of the industry Financial Services Roundtable, in a statement to the press. "Nation states' ability to launch the cyberattacks is certainly real nowadays, and so in any conflict, I think that the possibility exists as we worry about escalation."

 

The political situation between Russia and Ukraine already has led to cyberattacks, with the Kremlin being attacked in retaliation for targeted attacks against Ukrainian infrastructure. Unfortunately, the U.S. Department of Homeland Security has greatly struggled to try and recruit cybersecurity experts, while other government branches have voiced similar concerns.

Microsoft scrambles to patch browser attacks, but not for XP users

Microsoft is currently working to patch a security bug that leaves users of Internet Explorer 6 to 11, which accounts for 55 percent of the Internet browser search market right now, exposed to targeted attacks from cybercriminals.

 

TweakTown image news/3/7/37348_01_microsoft_scrambles_to_patch_browser_attacks_but_not_for_xp_users.jpg

 

"It's a campaign of targeted attacks seemingly against U.S.-based firms, currently tied to defense and financial sectors," said Vitor De Souza, FireEye spokesman, in a statement to Reuters. "It's unclear what the motives of this attack group are, at this point. It appears to be broad-spectrum intel gathering."

 

FireEye didn't disclose which cybercriminals groups are reportedly behind "Operation Clandestine Fox," and didn't say which companies might have been compromised. As expected, following the April 8 end of support deadline, Windows XP users won't receive an update for the IE bug. It's believed 15 to 25 percent of PCs currently use XP, so cybercriminals have a large pool of exposed PCs they can target.

The University of Pittsburgh Medical Center hit by data breach

Personal information of almost 27,000 University of Pittsburgh Medical Center (UPMC) employees has been exposed in a data breach first reported in February. For all employees with their Social Security Numbers stolen, they have received an advisory letter informing them that personal information is at risk.

 

TweakTown image news/3/7/37346_01_the_university_of_pittsburgh_medical_center_hit_by_data_breach.jpg

 

"As of today, 788 employees have been the victims of tax fraud," according to Gloria Kreps, UPMC spokesperson. "We want to assure our patients that no patient information was breached. We are continuing to work with the IRS, Secret Service and FBI to determine the source of the breach. We continue to urge our employees to register with LifeLock as an important step to deter any additional fraudulent activity."

 

A previous UPMC statement reported just 322 affected employees following the breach, though that number is expected to go up. It's still unsure how the information was stolen, though criminals did find success filing fraudulent tax returns for UPMC workers.

Android mobile security still developing, as private sector steps up

Mobile security solutions designed to protect smartphones and tablets continues to evolve, and consumers should make use of such solutions, researchers point out. The Google Android platform, which is extremely popular worldwide, also has been targeted by cybercriminals trying to compromise devices.

 

TweakTown image news/3/7/37345_01_android_mobile_security_still_developing_as_private_sector_steps_up.jpg

 

Companies such as Samsung, which relies heavily on Android for its smartphones and tablets, has worked to ensure hardware boosts Android security efforts. Meanwhile, security companies are ramping up production of security software designed to keep users safer from malware, viruses, and other threats.

 

"The main task of a mobile security solution is to secure user data from cybercriminal actions and prevent the device from turning into a source of spam or other cyberattacks," said Viktor Chebyshev, Kaspersky Lab Mobile Threat Research Group Manager, in a press statement. "When a user chooses a solution, its impact on the device's performance often becomes a major factor. So it is important that a security product for smartphones and tablets ensures high-level protection against cyberthreats and, at the same time, does not affect the user experience."

McAfee: Online gambling provides method to commit money laundering

An increase in the popularity of online gambling has created a successful underground market for money laundering, according to a new McAfee study.

 

TweakTown image news/3/7/37343_01_mcafee_online_gambling_provides_method_to_commit_money_laundering.jpg

 

To make matters worse, Internet anonymity and such a wide variety of payment options gives criminals the chance to exchange stolen funds, bitcoins, and currency.

 

"As a result, illegal proceeds can be laundered by wagering them on one end of a transaction and receiving the payouts as gambling wins on the other end," according to the McAfee report. "Gambling wins can also be exchanged as payment for illegal goods or services changing hands elsewhere."

Continue reading 'McAfee: Online gambling provides method to commit money laundering' (full post)

Department of Homeland Security struggling to increase cybersecurity

The United States government and military face a hiring shortage of skilled cybersecurity experts, at a time when improving security on PCs and networks from foreign threat is a major effort. The Department of Homeland Security (DHS) is struggling due to complicated layers of bureaucracy that the government is notorious for installing.

 

TweakTown image news/3/7/37341_01_department_of_homeland_security_struggling_to_increase_cybersecurity.jpg

 

"It's self-inflicted damage, it's not that they need something from Congress," said Alan Paller, co-chairman of a board designed to recommend how the DHS can improve its cybersecurity methods. "I called this out as a key issue or critical issue, which I don't think is solved."

 

Cybersecurity experts often find the private sector to be more lucrative, and tend to find it easier and more efficient to hire new staff. A Senate Homeland Security and Governmental Affairs Committee said the DHS will receive a streamlined ability to hire workers, but that in itself has proven to be a difficult task to work through.

Continue reading 'Department of Homeland Security struggling to increase cybersecurity' (full post)

Android malware that mines for bitcoin found on Google Play store

While the bitcoin cryptocurrency remains popular among supporters, trying to mine bitcoins effectively has proven difficult. However, cybercriminals are hijacking everything from smartphones and tablets to servers in their effort to cash in on distributed computing and mining. And these hijacked apps are now being found in the Google Play store, with users downloading these apps before they are spotted.

 

TweakTown image news/3/7/37328_01_android_malware_that_mines_for_bitcoin_found_on_google_play_store.jpg

 

Security experts recommend all mobile users utilize some type of anti-malware and anti-virus software solutions, though that is especially true for users suffering from battery life problems.

 

Cybercriminals are finding Android's open source architecture - and the Google Play store - great assets in their effort to steal information and compromise users. A recent Iowa State University (ISU) data breach, which opened up to 30,000 to potential identity theft, was caused by criminals trying to hijack servers to mine for bitcoins.

Continue reading 'Android malware that mines for bitcoin found on Google Play store' (full post)

Smartphone kill switch dead in the water, thanks to California senate

After an extended discussion on the Senate floor, California legislators shot down mandatory smartphone kill switch legislation pushed by Sen. Mark Leno and San Francisco District Attorney George Gascon. Leno plans to ask the Senate to vote on the bill again in the near future, hoping to sway a few more lawmakers before the second vote.

 

TweakTown image news/3/7/37325_01_smartphone_kill_switch_dead_in_the_water_thanks_to_california_senate.jpg

 

The bill received 19 votes in favor, falling short of the 21 necessary from the 40-member Chamber in Sacramento. Lawmakers remain concerned that mandatory legislation would be too strict and prevent companies from opening up shop in California.

 

Smartphone manufacturers and wireless carriers have been hesitant to embrace kill switches, though have agreed to offer voluntary solutions starting after July 2015. The addition of smartphone kill switches would help consumers save up to $2.6 billion per year, with metropolitan areas continuing to see a rise in smartphone robbery and theft.

Organizations unable to keep up, and cybercriminals are winning

Cybercriminals have a large arsenal of different methods and tools to compromise users and corporations, but 92 percent of 100,000 security incidents analyzed by Verizon can be traced to nine basic attack patterns.

 

TweakTown image news/3/7/37324_01_organizations_unable_to_keep_up_and_cybercriminals_are_winning.jpg

 

"After analyzing 10 years of data, we realize most organizations cannot keep up with cybercrime - and the bad guys are winning," said Wade Baker, Data Breach Investigations Report principal author, in a press release. "But by applying big data analytics to security risk management, we can begin to bend the curve and combat cybercrime more effective and strategically."

 

The following are listed as the nine most typical threat patterns: miscellaneous errors such as sending an email to the wrong person; crimeware (various malware aimed at gaining control of systems); insider/privilege misuse; physical theft/loss; Web app attacks; denial of service attacks; cyberespionage; point-of-sale intrusions; and payment card skimmers.

Continue reading 'Organizations unable to keep up, and cybercriminals are winning' (full post)

Latest News Posts

View More News Posts

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases