TweakTown
Tech content trusted by users in North America and around the world
6,203 Reviews & Articles | 40,049 News Posts
TRENDING NOW: Samsung wants the US government to block GeForce GPU shipments

TweakTown News

Refine News by Category:

Hacking & Security Posts - Page 6

Pew research finds many users don't trust Internet privacy anymore

Online privacy is something that most Americans believe they have lost control of, as governments and companies collect and use even more personal information, according to a survey from the Pew Research Internet Project.

 

TweakTown image news/4/1/41073_01_pew_research_finds_many_users_don_t_trust_internet_privacy_anymore.jpg

 

"It's a bundle of concerns," said Lee Rainie, a Pew researcher involved in the project. "It's party surveillance, it's partly tracking, and this generalized sense that I'm losing control of my identity and my data."

 

The survey also found that 91 percent of adults "agree" or "strongly agree" that consumers no longer have control over how their personal information is collected and used by companies - and with the government collecting even more data about citizen phone calls and Internet communications, 80 percent of adults "agree" or "strongly agree" that Americans should be concerned about the government monitoring.

Companies struggle against attacks, while criminals enjoy themselves

Cybercriminals are compromising users with sophisticated code and clever social engineering attacks, with private companies, enterprises, and government agencies under attack. Cybersecurity is now the No. 1 threat to the United States, ahead of terrorism, and at least $10 billion is being invested each year in security efforts - that don't seem effective.

 

TweakTown image news/4/1/41055_01_companies_struggle_against_attacks_while_criminals_enjoy_themselves.jpg

 

It's an unfortunate time for customers and private citizens, as their personal information is valuable to hackers - and companies seem to be unable to keep information secure.

 

Marc Maiffret, a former hacker turned cybersecurity specialist and co-founder of Beyond Trust cybersecurity firm, explained why today is more frightening than previous years: "There's also a much bigger allure to use these skills to make money, in a criminal sense." It's true that rogue hacker groups and state-sponsored hackers are finding lucrative opportunities and easy access to sensitive data.

Survey finds 77 percent feel 'confident' in their security controls

Even with a drastic increase in significant data breaches, 77 percent of IT professional and executives in the retail, energy and financial services in the United States and UK feel "confident" of their basic security controls, according to a recent survey. Meanwhile, 10 percent of respondents said they feel "very confident" in their patch management efforts, while 47 percent feel "confident" in their current configurations of routers, firewalls and modems.

 

TweakTown image news/4/1/41051_02_survey_finds_77_percent_feel_confident_in_their_security_controls.jpg

 

In the past 12 months alone, more than 100 million records have been stolen from retailers via malware infecting point of sale (POS) devices - and JPMorgan Chase's networks were breached - indicating there is still a significant amount of work that must be done.

 

"It's not surprising that IT and security professionals have confidence in foundational security controls," said Jane Holl Lute, Council on CyberSecurity president and CEO. "The Controls are instrumental in defending against common cyberattacks and lay the foundation for effective defense against more sophisticated intrusions. But to be effective they must be implemented consistently across the entire enterprise."

Major US Postal Service breach hits millions of employees, customers

The United States Postal Service confirmed a data breach that affected more than 800,000 employees and customers that called its data center from January to August 2014. The compromised employee data includes names, dates of birth, addresses, Social Security numbers, employment timeline and emergency contact information, but the data intrusion was relatively "limited in scope."

 

TweakTown image news/4/1/41034_01_major_us_postal_service_breach_hits_millions_of_employees_customers.jpg

 

The unknown attackers wanted to breach the USPS network - and used a sophisticated cyberattack - but it appears credit card data and identity theft weren't the goals of the breach. However, the USPS is a lucrative target for foreign-based hackers, as there is a significant amount of information available, security experts say.

 

Here is what the USPS said in a statement: "Postal Service transactional revenue systems in Post Offices as well as on usps.com where customers pay for services with credit and debit cards have not been affected by this incident. There is no evidence that any customer credit card information from retail or online purchases such as Click-N-Ship, the Postal Store, PostalOne!, change of address or other services was compromised."

Apple iOS security flaw leaves most devices vulnerable

The Apple iOS mobile operating system has a major security flaw that leaves a large portion of iPhones and iPads vulnerable to security breaches by cybercriminals looking to hijack devices and steal sensitive information.

 

TweakTown image news/4/1/41033_01_apple_ios_security_flaw_leaves_most_devices_vulnerable.jpg

 

The "Masque Attack" exploits the Apple enterprise/ad-hoc provisioning system, and is a powerful vulnerability that cybercriminals can easily exploit. Apple is working to fix the bug after being informed by cybersecurity experts in July, FireEye said.

 

Here is what the FireEye blog notes: "Masque Attacks can pose much bigger threats than WireLurker. Masque Attacks can replace authentic apps, such as banking and email apps, using attacker's malware through the Internet. That means the attacker can steal user's banking credentials by replacing an authentic banking app with malware that has identical UI."

Companies fear data breaches, but not doing enough to prevent them

Companies from small and medium businesses to enterprise organizations are aware how damaging a data breach could be, but still aren't doing enough to prevent them. Analyzing everything from how files are saved and stored, evaluating third-party providers, and real-time security monitoring are all important steps to keeping data more secure, whether on-prem or in the cloud.

 

TweakTown image news/4/1/41015_01_companies_fear_data_breaches_but_not_doing_enough_to_prevent_them.jpg

 

To make matters worse, targeted attacks are expected to rise in 2015 - as organized groups test network security procedures, and then compromise vulnerable companies as they see fit.

 

"Hackers have so many things working their favor, from anonymous currencies and "Dark Web" sites which allow them an easy way to turn stolen information into real cash, to the nightmare it is to not only find them, but to have any real success in prosecution and recovery due (to) the global nature of the problem and the tangled mess of foreign jurisdictions," said Joe Caruso, Global Digital Forensics (GDF) CEO and CTO.

Consumers aware of retailer data breaches, urged to use credit cards

Millions of consumers in the United States have been affected by retailer data breaches, as cybercriminals compromise in-store point of sale (POS) terminals. It seems consumers are so used to hearing about data breaches that some of them simply ignore the news, and don't want to change their behaviors to help keep their personal information secure.

 

TweakTown image news/4/1/41019_01_consumers_aware_of_retailer_data_breaches_urged_to_use_credit_cards.jpg

 

In addition to using a credit card when possible, frequently checking online banking accounts help find any discrepancies - with some financial industry experts recommending the use of a monitoring tool.

 

"Remaining alert to the risk of fraud and choosing a secure payment method reduce potential consequences of security breaches," said Nick Bryan, President of OpenSky. "Credit cards continue to remain one of the most secure ways to shop because of the power of financial institutions behind them to protect funds and personal information."

Cybercriminals taking interest in targeting Apple iOS, Mac OS X

The recent report from Palo Alto Networks that disclosed the WireLurker malware targeting Apple iOS and Mac OS X was a sudden wakeup call to users. Even though it was isolated to China, and Apple has blocked the malware, cyberattackers are finding new ways to compromise iPhones and Mac OS systems. The company has done a great job to keep its software ecosystem secure, especially if devices aren't jailbroken, but cybercriminals are becoming more sophisticated in their research strategies.

 

TweakTown image news/4/1/41018_01_cybercriminals_taking_interest_in_targeting_apple_ios_mac_os_x.jpg

 

Here is what Ryan Olson, Palo Alto Networks intelligence director, recently told eWeek: "We will continue to see new malware for both Mac OS X and iOS, and they will incrementally get better and better. I would be most worried about high-value targets," with a focus on government officials and political rivals.

 

Cyberattacks targeting Google Android and Microsoft Windows will remain more prevalent, but Apple users - many of them used to being relatively secure - could also be caught off guard when major security issues are released in the wild.

Edward Snowden emerges from exile to put FBI director on blast

Former NSA contractor Edward Snowden has been vocal regarding the current state of surveillance, with governments increasingly using technology to snoop on users. Snowden said FBI director James Comey's statement regarding using front-door, legal intelligence gathering as nothing more than "rhetoric, noting "there is no real difference."

 

TweakTown image news/4/1/41010_01_edward_snowden_emerges_from_exile_to_put_fbi_director_on_blast.jpg

 

"One of the most significant things that was not well understood about the events of last year was that it's not entirely about surveillance," Snowden said. "We have seen a trend towards governments that are affording themselves, in secret, greater powers and more and more authority without the consent or awareness of the public."

 

The FBI, NSA and GCHQ believe they need to be proactive - using questionable tactics against a wide net of Internet users - and that will continue to upset many privacy experts and regular Internet users.

Apple blocks WireLurker malware that has victimized users in China

Just a couple days after Palo Alto Networks spilled the beans on the WireLurker malware targeting Apple iOS and Mac OS devices, Apple has blocked infected apps so they will be unable to run on devices. The company didn't provide specifics into how the malware is being blocked, but did recommend users run anti-malware security software - and only download apps from the official Apple App Store.

 

TweakTown image news/4/1/41004_01_apple_blocks_wirelurker_malware_that_has_victimized_users_in_china.jpg

 

The company confirmed it is "aware of malicious software available from a download site aimed at users in China, and we've blocked the identified apps to prevent them from launching."

 

WireLurker is the first known malware that spread to a large number of users that didn't jailbreak their devices - and shows cybercriminals are just as anxious to compromise Apple products as Google Android and Microsoft Windows.

Latest News Posts

View More News Posts

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases