TweakTown NewsRefine News by Category:
Salesforce, a company specializing in enterprise CRM, warned that its customers are being targeted with the Dyreza malware designed to steal data and credentials. Specifically, Dyreza was known to target financial institutions, and aims for larger companies. Salesforce was careful to ensure its customers that this isn't a security vulnerability within its platform.
"We currently have no evidence that any of our customers have been impacted by this, and we are continuing our investigation," Salesforce said in a statement. "If we determine that a customer has been impacted by this malware, we will reach out to them with next steps and further guidance."
To counter this threat, Salesforce urged customers to deploy IP range restrictions from corporate networks and VPNs only - along with using two-factor authentication to ensure only approved users are accessing CRM databases. As more information is stored - and accessible - in the cloud, security concerns such as this incident can make it even more difficult for businesses to keep data secure.
The U.S. Army has steadily improved its Army Cyber Command abilities, and needs to double the amount of cyber-related positions in the next two years. Each cyber team is about the same size of a traditional platoon, with combat missions slightly larger. The teams consist of enlisted soldiers, NCOs, warrant officers, officers and Army civilian employees.
"These soldiers are so unique, and they're so skilled and they're so few," said Command Sgt. Major. Rodney Harris, Army Cyber Command, recently noted. "The chief of staff of the Army has asked us to focus hard on what we're doing for talent management..."
It's difficult to accurately determine what foreign militaries are doing to staff their cyber-related positions - but with select countries using their military to help launch cyberattacks - this is a major initiative for the U.S. military. As weapon systems are increasingly connected to systems that open up the possibility of cyberattacks, the military's cyber teams will be responsible for ensuring they aren't accessed by foreign enemies.
Following all of the attention Apple's iCloud service has received since a 4chan member posted stolen nude photos of celebrities, cybercriminals are now launching another wave of Apple ID phishing attacks. Apple has improved iCloud security, along with allowing users to see when their accounts have been accessed, but customers will have to stay on their toes to avoid being phished.
The criminals behind this phishing attack currently operate the Kelihos/Waledac botnet, as they expand their digital activities. The phishing email mimics an Apple website which users access by clicking a fraudulent email - and once the username and password has been submitted, the data is likely harvested.
"It is possible that the timing of the [phishing] campaign is not a coincidence and the controllers of the botnet are attempting to exploit public fears about the security of Apple IDs to lure people into surrendering their credentials," Symantec researchers recently noted.
The HealthCare.gov website was hacked by cybercriminals, but no data was taken, according to the Obama Administration when it informed Congress. The incident was simply described as "an intrusion on a test server" related to HealthCare.gov. The security breach took place in July and wasn't discovered until late August.
It seems the test server was using a default password that was never changed - and shouldn't have been connected to the Internet in the first place. To make matters even worse, regularly scheduled security scans never occurred as they should have by administrators. The Department of Homeland Security (DHS) and other federal investigators are now trying to determine who is responsible.
"Our review indicates that the server did not contain consumer personal information, data was not transmitted outside the agency and the website was not specifically targeted," said Aaron Albright, Centers for Medicare and Medicaid Services spokesperson. "We have taken measures to further strengthen security."
The use of social engineering, typically leading to phishing attacks, remains a major threat against enterprise networks, according to the McAfee Labs Threats Report: August 2014. Using its own McAfee Phishing Quiz, 80 percent of participants were unable to identify at least one of seven phishing emails - and the human resources and finance departments scored poorly.
Stolen data from compromised websites, especially following Heartbleed, shows how vulnerable unpatched websites can be - only serving as a treasure trove for cybercriminals. In addition, there were a number of new malware attacks and network threats that companies struggle to defend against.
"One of the great challenges we face today is upgrading the Internet's core technologies to better suit the volume and sensitivity of traffic it now bears," said Vincent Weafer, McAfee Labs SVP. "Every aspect of the trust chain has been broken in the last few years - from passwords to OpenSSL public key encryption and most recently USB security."
Goodwill issued a public update regarding a data breach that was uncovered in late July, with no evidence of malware on retail store point-of-sale (POS) systems. However, a third-party vendor was affected and that opened the door to customer names, payment card numbers, and expiration dates to be accessed by cybercriminals.
The forensics investigation said the malware attack took place between February 10, 2013 to August 14, 2014 - and there appears to be very little fraudulent activity noticed by customers.
"We continue to take this matter very seriously," said Jim Gibbons, Goodwill CEO and president, in a public statement. " We took immediate steps to address this issue, and we are providing extensive support to the affected Goodwill members in their efforts to prevent this type of incident from occurring in the future."
The celebrity photo scandal that took the Internet by storm over the weekend likely was caused by computer forensics technology used by the police. Using the Elcomsoft Phone Password Breaker (EPPB) software, designed for police and government agencies, people who purchase the software can snag photos from iCloud backups.
Instead of using iBrute to steal a user's iCloud login and password, using EPPB allows criminals to download an iPhone or iPad backup into a single folder - in addition to photos and videos, they can access application data, text messages, contacts, and other data. Apple released a carefully worded statement that said its iCloud and Find My Phone services were not hit by a data breach.
The use of Elcomsoft's software, along with Oxygen, Cellebrite and other similar programs have given cybercriminals the ability to compromise users in an easier, streamlined manner. EPPB is available for $399 - and doesn't require any government or police credentials - and can also be found on piracy websites.
Apple says that hackers did not breach its iCloud and Find My Phone services to steal nude photographs of celebrities, including Jennifer Lawrence, Kate Upton, Kaley Cuoco, and others. It might be a clever spin, as Apple didn't necessarily deny that the images originated from iCloud or the Find My iPhone apps.
It's possible the images were taken from iCloud backups instead of iCloud photos, though some of the images came from non-Apple smartphones.
"None of the cases we have investigated has resulted from any breach in any of Apple's systems including iCloud," Apple said in a recently released statement. "We are continuing to work with law enforcement to help identify the criminals involved."
Home Depot is now working with banks and law enforcement to investigate a data breach that led cybercriminals to steal customer payment information, including debit and credit card data. The Home Depot breach could have started in April or May, and reportedly affected a large number of customers. The data made its way to an underground forum and was called "American Sanctions," reportedly in response to further U.S. and European sanctions against Russia.
"Protecting our customers' information is something we take extremely seriously, and we are aggressively gathering facts at this point while working to protect customers," said Paula Drake, Home Depot spokesperson.
Consumers are urged to use cash or credit card payments in retail stores - debit card payments can be risky, forcing shoppers to closely track their bank statements. Hackers taking a political stance, trying to retaliate against the U.S. for further sanctions in a tense situation between Russia and the Ukraine, adds another layer of chaos to data breaches.
The FBI is now investigating the celebrity hacker that posted numerous photos of celebrities on the Internet over the weekend. Many of the images, originally posted on 4chan and later shared on Reddit, Twitter and Imgur, featured celebrities such as Jennifer Lawrence, Kate Upton, Jenny McCarthy, and Mary Winstead.
Here is what the FBI noted: "The FBI is aware of the allegations concerning computer intrusions and the unlawful release of material involving high profile individuals, and is addressing the matter," said Laura Eimiller, FBI spokesperson, in a statement. "Any further comment would be inappropriate at this time."
Apple also is investigating the incident, as many of the images were reportedly stored online using its iCloud service.