TweakTown
Tech content trusted by users in North America and around the world
5,682 Reviews & Articles | 36,158 News Posts
Weekly Giveaway: Fractal Design Arc Cases Contest (Global Entry!)

TweakTown News

Refine News by Category:

Hacking & Security Posts - Page 6

EFF urges websites to use HSTS protocol to be more secure

Not enough websites and Internet browsers utilize the HTTP Strict Transport Security (HSTS) policy to keep Internet users secure, according to the Electronic Frontier Foundation (EFF).

 

TweakTown image news/3/6/36819_01_eff_urges_websites_to_use_hsts_protocol_to_be_more_secure.jpg

 

HSTS forces encryption by opening HTTPS sessions instead of just HTTP, so information to and from the website is encrypted. Using HSTS, websites never allow Internet users to interact with an HTTP session, with everything automatically converted.

 

The EFF believes not enough web developers know about HSTS, while browser support has also only increased slowly but surely. Google Chrome, Mozilla Firefox, and Opera have long-supported HSTS, while Microsoft said it will use the Web standard with Internet Explorer 12.

Continue reading 'EFF urges websites to use HSTS protocol to be more secure' (full post)

Banks must work to mitigate against DDoS attacks, new rule orders

The Federal Financial Institutions Examination Council (FFIEC) recently released a security notice of required steps that must be followed by banks and financial institutions operating in the United States. All banks under federal government regulation have to beef up security and pay attention to distributed denial of service (DDoS) attacks which plague bank servers.

 

TweakTown image news/3/6/36813_01_banks_must_work_to_mitigate_against_ddos_attacks_new_law_orders.jpg

 

Specifically, these companies need to try and mitigate DDoS attacks to the best of their ability, to keep subscribers more secure.

 

"In the latter half of 2012, an increased number of DDoS attacks were launched against financial institutions by politically motivated groups," according to the FFIEC statement. "These DDoS attacks continued periodically and increased in sophistication and intensity. These attacks caused slow website response times, intermittently prevented customers from accessing institutions' public websites, and adversely affected back-office operations."

Continue reading 'Banks must work to mitigate against DDoS attacks, new rule orders' (full post)


One-third of phishing attacks aimed at financial institutions

One-third of all phishing attacks launched in 2013 targeted global financial institutions, and the attempts are getting even better, according to security company Kaspersky Lab.

 

TweakTown image news/3/6/36811_01_one_third_of_phishing_attacks_aimed_at_financial_institutions.jpg

 

Customer information is a valuable commodity to cybercriminals, with the ability to steal identities, transfer money from accounts, and financially ruin victims. Cybercriminals enjoy using the brand names and logos of well-known companies, making it easier to lure users into clicking fraudulent links.

 

"Phishing attacks are so popular because they are simple to deploy and extremely effective," said Sergey Lozhkin, Kaspersky Lab Senior Security Researcher, in a press statement. "It is often not easy for even advanced Internet users to distinguish a well-designed fraudulent site from a legitimate page, which makes it even more important to install a specialized protection solution."

Continue reading 'One-third of phishing attacks aimed at financial institutions' (full post)

Former CIA analyst Ray McGovern says Edward Snowden is no traitor

Former CIA intelligence analyst Ray McGovern believes Edward Snowden isn't a traitor to the United States, nor is he a hero.

 

TweakTown image news/3/6/36809_01_former_cia_analyst_ray_mcgovern_says_edward_snowden_is_no_traitor.jpg

 

McGovern discussed how Snowden didn't appreciate a "clear violation of the 4th Amendment to the Constitution," which is one of the reasons the data disclosures were made public. Also, the former CIA analyst noted that National Intelligence Director James Clapper didn't face punishment for lying under oath in front of Congress.

 

"He's a patriot," McGovern recently said during a speech at Missouri Southern State University. "He took his oath seriously. He took the Constitution seriously."

Continue reading 'Former CIA analyst Ray McGovern says Edward Snowden is no traitor' (full post)

Music copyright holders sue Russian social networking site for piracy

The top social media network in Russia is now being sued by Sony Music, Warner Music and Universal Music, with vKontakte accused of "deliberately facilitating piracy on a large scale."

 

TweakTown image news/3/6/36807_01_music_copyright_holders_sue_russian_social_networking_site_for_piracy.jpg

 

Each of the top three music labels filed individual suits against vKontakte, spearheaded by the International Federation of the Phonographic Industry (IFPI). In 2012, the social media site made $172 million in advertising revenue, but didn't pay the IFPI for copyrighted music shared through the site.

 

vKontakte says it allows copyright holders to submit removal requests of any content that violates copyright rules, but IFPI officials noted the process is too cumbersome. Both the US government and copyright holders have believed vKontakte provides large-scale music piracy - originally launched in 2006, vKontakte has 143 million global users, and 88 million Russian members.

Continue reading 'Music copyright holders sue Russian social networking site for piracy' (full post)

Power plants, oil refineries face lingering security problems

Security bugs in software could leave power plants, oil refineries, and similar infrastructure vulnerable to cyberattacks from foreign-based hackers, according to recent research.

 

TweakTown image news/3/6/36805_01_power_plants_oil_refineries_face_lingering_security_problems.jpg

 

To make matters worse, around 7,600 plants worldwide have software that a cybercriminals with the "lowest skill in hacking" could still be successful. The Yokogawa Centum CS 3000, released in 1998 and designed for Microsoft Windows 98, while companies need to evaluate if they should make immediate software improvements.

 

"We went from zero to total compromise," said Juan Vazquez, security researcher with Rapid7, told BBC. "If you are able to exploit the vulnerabilities we have identified you get control of the Human Interface Station. That's where the operator sits or stand and monitors operation details. If you have control of that station as an attacker you have the same level of control as someone standing on the plant floor wearing a security badget."

ATM gives $37,000 to homeless man using cash advance feature 53 times

A homeless man in Maine used his ATM card at a TD Bank branch to collect more than $37,000 in cash advances, receiving $700 separated into 53 transactions.

 

TweakTown image news/3/6/36803_01_atm_gives_37_000_to_homeless_man_using_cash_advance_feature_53_times.jpg

 

Initially, the man had just $100 in his checking account, but the malfunctioning ATM allowed him to receive multiple cash advances before he was stopped by police.

 

"We got a call that he was sleeping in the [ATM] vestibule, and we had to move him along," said Lt. Todd Bernard, from the South Portland Police Department, in a statement to local media. "Then at around 5:30 a.m., we got another call that he was back there and taking an unusually long time at the ATM by a who was trying to use it. She thought it seemed suspicious."

Continue reading 'ATM gives $37,000 to homeless man using cash advance feature 53 times' (full post)

European companies boosting security to prevent NSA-type snooping

European companies are responding to the NSA's spying activities by tightening control over data, boosting encryption, and promising to do a better job of protecting user rights.

 

TweakTown image news/3/6/36790_01_european_companies_boosting_security_to_prevent_nsa_type_snooping.jpg

 

"For Israeli companies, the new rules may appear to be onerous, but there could be a great business opportunity for many of them in Europe as a result," said Patrick Van Eecke, legal expert specializing in cybersecurity, in a statement to Israeli media. "There are many companies around the world that specialize in collecting data, but they are not clear on the implications of Europe's new policies - and as a result, there is opportunity for companies from Israel, many of which do understand the policies."

 

In addition of concerns related to snooping, there are expectations of cyberattacks between national governments and splinter hacker groups. Growing global cyber threats allow countries to find yet another outlet to torment one another - Russia is reportedly launching cyberattacks to disrupt Ukrainian infrastructure, while Ukrainian hackers retaliated by hitting the Kremlin.

Continue reading 'European companies boosting security to prevent NSA-type snooping' (full post)

Government agencies don't do enough after suffering data breaches

aFederal agencies aren't seriously defending against data breaches and personal identifiable information (PII) is increasingly finding its way into the hands of cybercriminals, according to a recent report published from the Government Accountability Office (GAO).

 

TweakTown image news/3/6/36788_01_government_agencies_don_t_do_enough_after_suffering_data_breaches.jpg

 

The number of government data breaches increased up to 25,566, twice the amount as reported in 2010 - and affected companies often are unfamiliar with how to respond properly.

 

The GAO has criticized federal government branches, specifically the Department of the Army, IRS, SEC, and a few other agencies, falling short of mandating information security programs and being lackadaisical about security efforts.

Continue reading 'Government agencies don't do enough after suffering data breaches' (full post)

Copyright holders shifting focus to attack pirates making money

There is a shifting strategy to try and fight Internet piracy, with the old strategy of targeting individual users eliminated in favor of shutting down organized piracy rings.

 

TweakTown image news/3/6/36762_01_copyright_holders_shifting_focus_to_attack_pirates_making_money.jpg

 

There are three emerging strategies to target piracy: force ISPs to block subscribers from accessing sites with pirated content, shut down advertising streams on pirated sites, and trying to pressure search engines to not index and show links to sites with pirated content.

 

"Disrupting the money unlawful websites make from advertising could make a real difference to the fight against copyright infringement," said Ed Vaizey, creative industries minister, in a statement. "It is an excellent example of what can be achieved through industry, government and law enforcement working together."

Continue reading 'Copyright holders shifting focus to attack pirates making money' (full post)

Latest Tech News Posts

View More News Posts

Latest Downloads

View More Latest Downloads

TweakTown Web Poll

Question: Did EA kill the Battlefield franchise with the terrible BF4 issues?

Yes, Battlefield is doomed

No, Battlefield will live on strong

I'm not sure, but I know EA needs to improve its game

or View the Results

View More Polls

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases
Get TweakTown updates via Facebook!
Just click the "Like" button below