Tech content trusted by users in North America and around the world
6,411 Reviews & Articles | 42,725 News Posts

TweakTown News

Refine News by Category:

Hacking & Security Posts - Page 6

Anthem confirms data breach could hit up to 19 million non-members

Anthem confirmed millions of non-Anthem customers are at risk, and 8.8 million up to 18.8 million customers could be at risk. Following discovery of the breach on Jan. 29, Anthem began contacting customers, but found millions of incomplete data records in its database.

 

anthem-confirms-data-breach-hit-up-19-million-non-members_01

 

The estimate counts 14 million incomplete records:

 

"While Anthem is not able to match incomplete records to a specific member, it does have valid mailing addresses for some of these records," an Anthem spokesperson told ABC News. "Anthem will distribute member notifications to the valid address on file as part of its effort to notify every potentially impacted member."

Continue reading 'Anthem confirms data breach could hit up to 19 million non-members' (full post)

FBI says it is "close" to identifying group behind Anthem data breach

The FBI says it is "close" to identifying the cybercriminal group responsible for breaching Anthem, but didn't confirm if a public announcement would be made. The targeted attack against Anthem, the No. 2 health insurance company in the United States, left up to 80 million members compromised.

 

fbi-close-identifying-group-behind-anthem-data-breach_01

 

China is suspected in the breach, with Beijing reportedly improving its cyberespionage capabilities.

 

"We're close already," said Robert Anderson, head of the FBI's cybercrime branch, during a recent media briefing. "But we're not going to say it until we're absolutely sure. I don't know if it's China or not, by the way."

Continue reading 'FBI says it is "close" to identifying group behind Anthem data breach' (full post)

Mobile security issues open the door to compromise users

Millions of smartphones and mobile devices are vulnerable due to mobile app developers being lackadaisical issuing patches and security updates, according to a report from McAfee Labs.

 

mobile-security-issues-open-door-compromise-users_01

 

Last year, it was discovered that at least 20,000 mobile apps have an easily exploitable SSL vulnerability, according to the Carnegie Mellon University computer emergency response team. McAfee tested the 25 most popular apps listed by Carnegie Mellon, and found that "poor programming practices" were prevalent - putting app users at risk.

 

"A lot of the discussion right now is about the value of data on your device, in this case your cellphone," said Gary Davis, McAfee spokesman, in a statement published by CBC. "Addresses, dates of birth, these are all data elements you'd need to in essence steal somebody's identity, or perhaps conduct insurance fraud, and it's all being made available through different applications."

US offers $3 million bounty for Russian creator of GameOver Zeus

The FBI wants to get its hands on Evgeniy Mikhailovich Bogachev, and has offered a $3 million bounty for the arrest or conviction of the suspected cybercriminal. Bogachev already is featured on the Cyber's Most Wanted list, and is suspected to be in Russia.

 

offers-3-million-bounty-russian-creator-gameover-zeus_01

 

Bogachev allegedly was the administrator of the GameOver Zeus network, starting in 2011, with up to 1 million computers across the world infected - and more than $100 million was reportedly stolen. The Russian citizen was indicted by a federal grand jury in 2012 for conspiracy to violate the Computer Fraud and Abuse Act, aggravated identity theft and bank fraud. A later federal grand jury indicted him for wire fraud, computer fraud and money laundering.

 

Trying to identify and arrest suspected cybercriminals is extremely difficult, but the FBI has a select list of criminals they hope to arrest.

FBI aware of at least 60 state-sponsored cyberthreat groups

The FBI is aware of at least 60 cybercriminal groups with state-sponsored support, according to Joseph Demarest, senior bureau chief and head of the FBI cybercrime division.

 

fbi-aware-60-state-sponsored-cyberthreat-groups_01

 

Demarest also said the FBI was able to trace the Sony Pictures Entertainment hack was tied to North Korea within one month - showing that the unstable country has increasingly sophisticated cyberattack capabilities. State-sponsored cyberespionage is a booming business, with the FBI and other departments suspecting China, Russia, Iran, and other countries of relying on hackers.

 

In addition, the FBI announced a $3 million reward for the arrest or conviction of Evgeniy Bogachev, operator of GameOver Zeus. The bounty is the largest offered for a cybercriminal, and the Russian has been charged with computer hacking, conspiracy, wire fraud, bank fraud and money laundering - and faces a federal charge of bank fraud conspiracy.

LinkedIn offering $1 to previously compromised users

Do you remember when 6.5 million LinkedIn user's passwords were leaked in 2012 by Russian hackers? We leaned that apparently some people log-in to their professional social media with passwords like 'swampass' and 'squirter'.

 

linkedin-offering-1-previously-compromised-users_056

 

A class action lawsuit has seen this company brought to their knees, offering a massive $1 each to the 800,000 Premium Users who joined up the fight. Just in case you were wondering if this might have been a typing error or mistake, it's not - they're giving $1 of cold-hard US dollar to each of the 800,000 Premium Users in which joined this lawsuit.

 

A LinkedIn spokesperson said to the New York Times that the purpose of this move is "to avoid the distraction and expense of ongoing litigation," even though they deny that they are at fault for the breach.

 

If you're thinking that you've missed out on cashing in - think again. A LinkedIn Premium Account will set you back $30 per month and as Gizmodo reports the result of this lawsuit is basically one free day of use.

Continue reading 'LinkedIn offering $1 to previously compromised users' (full post)

Yahoo clashes with NSA regarding encryption backdoor demands

The National Security Agency (NSA) still has a fragile relationship with Silicon Valley companies, and both sides are trading shots at one another. In the most recent incident, a Yahoo executive challenged the NSA regarding its demand for encryption backdoors.

 

yahoo-clashes-nsa-regarding-encryption-backdoor-demands_01

 

"If we're going to build defects, backdoors or golden master keys for the US government, do you believe we should do so for the Chinese government, the Russian government, the Saudi Arabian government, the Israeli government, the French government?" said Alex Stamos, CISO of Yahoo.

 

NSA Director Adm. Michael Rogers initially tried to deflect the question, and then offered the following answer: "I think that we're lying that this isn't technically feasible - now, it needs to be done within a framework. I'm the first to acknowledge that," Adm. Rogers said.

Continue reading 'Yahoo clashes with NSA regarding encryption backdoor demands' (full post)

Companies hiring hackers to help test their network cybersecurity

Companies nervous about their cybersecurity defenses are relying on white hat hackers to test systems and help identify security flaws. Offering a bounty allows additional skilled users outside of a company's software and IT team to help track down anything that may have unknowingly fallen through the cracks.

 

companies-hiring-hackers-help-test-network-cybersecurity_01

 

"We're curious, we want to test our skills, we want to help these companies," said Mike Santillana, white hat hacker for Bugcrowd, in a statement published by CBS News. "I've found several bugs where you can completely compromise another user's account."

 

Additional companies are paying security experts and programmers as part of increasingly lucrative bug bounty programs. These hackers enjoy the monetary incentive and the challenge of identifying security flaws that could pose problems for companies and their customers.

Study: Medical identity theft increased 22 percent in 2014

Medical identity theft increased 22 percent in 2014, causing 2.4 million adults in the United States to suffer from a complicated and costly mess, according to The Ponemon Institute. To make matters worse, it takes three months on average before someone realizes they've been victimized, with 30 percent of victims still unaware.

 

study-medical-identity-theft-increased-22-percent-2014_01

 

Just 10 percent of victims said they ended up with "completely satisfactory" resolution of a medical identity theft-related issue - 65 percent of victims report they were forced to pay, a whopping average of $13,453.

 

Since criminals have access to names, addresses, birth dates, Social Security numbers and account ID numbers, they are able to create fake identities. Sometimes, this leads to hospital and emergency room visits, pharmacy prescriptions, and other activities that rack up fraudulent charges.

Continue reading 'Study: Medical identity theft increased 22 percent in 2014' (full post)

Snowden regrets not coming forward sooner about NSA surveillance

Former NSA contractor Edward Snowden would have liked to come forward sooner regarding NSA surveillance, but had to wait until the appropriate time.

 

snowden-regrets-coming-forward-sooner-nsa-surveillance_01

 

"I would have come forward sooner... [but] these programs would have been a little less entrenched, and those abusing them would have felt a little less familiar with and accustomed to the exercise of those powers," Snowden said during a Reddit "Ask Me Anything" session. "This is something we see in almost every sector of government, not just in the national security space, but it's very important. Once you grant the government some new power or authority, it becomes exponentially more difficult to roll it back."

 

Snowden knowingly sacrificed himself to help reveal NSA surveillance and spying activities, which has opened an international debate. In addition, Apple, Google and other companies are modifying their behaviors, including adding encryption and other technologies, to help keep user data more secure from outside snooping.

Latest News Posts

View More News Posts

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases
Or Scroll Up Or Down