TweakTown NewsRefine News by Category:
In an attempt to attack North Korean nuclear facilities, the South Korean government wants to develop cyberwar weapons to target critical infrastructure. Similar to the Stuxnet software aimed towards Iran, South Korean wants to use software to disrupt its neighbors to the north, even with military analysts hesitant to condone significant attacks.
Earlier in the month, U.S. and South Korean officials held continued meetings regarding cybersecurity efforts to protect both nations from prying eyes in China, North Korea, and other locations. There is continued concern regarding North Korea's nuclear ambitions, and excluding an actual military strike, cyberattacks are believed to be the next option as diplomatic efforts have struggled.
The South Korean government also plans to increase funding for home-grown startups, with software and cyber development expected to be a major effort. The United States and western allies would be able to share information with South Korea, offering a unique perspective into functional cyber weapons.
However, there will be mounting concern that a physical cyberattack could harm infrastructure that wasn't initially targeted.
Mobile app infections in the Google Play app store have increased almost 400 percent from 2011 to 2013, according to online security group RiskIQ. Just three years ago, there were around 11,000 malicious apps available in the store, but that drastically increased to at least 42,000 by 2013, with Google trying to continue to fight back.
Around 12.7 percent of apps in the store are said to be compromised, with less than a quarter of the apps removed. The following categories were targeted the most: personalization, entertainment, education/books, media/audio video, and sports apps, according to RiskIQ.
"The explosive growth of mobile apps has attracted a criminal element looking for new ways to distribute malware that can be used to commit fraud, identity theft and steal confidential data," said Elias Manousos, RiskIQ CEO, in a press statement. "Malicious apps are an effective way to infect users since they often exploit the trust victims have in well known brands and companies they do business with like banks, insurance companies, healthcare providers and merchants."
The Android OS has seen continued adoption on multiple smartphones and tablets - but security issues have given security companies the opportunity to release next-generation security platforms.
The recent security breach at Target stores across the US has certainly hit consumers hard, but the real pain is being felt at the banks and financial institutions who hold the accounts of those consumers. A new report is suggesting that the damage done to Banks is upwards of $200 million and counting with no end in sight.
The security breach saw more than 40 million credit card numbers stolen, and only about half of those cards have been replaced by bankers, leaving the other half still venerable to fraudulent use. This means that that $200 million estimate could grow to more than a half billion dollars before this is all over. In total more than 110 million customers in the US were affected by the breach and saw not only their credit card numbers stolen, but other personal information such as names, mailing addresses, email addresses and more. Target has began offering affected customers a year of free credit monitoring to help ease the pain some.
The Syrian Electronic Army is back on its hacking spree, this time taking one million user credentials from Forbes.com. The hacking group posted multiple messages to its Twitter account, where it claimed responsibility for the attack.
The SEA even posted a screenshot of the site's publishing system, showing off that it had accessed a Forbes employee's account to do so. Forbes has acknowledged and confirmed the attack, asking users to change their passwords and be aware that there could be an increase in targeted phishing attacks.
The site itself has returned to normal, with Forbes in contact with law enforcement agencies to find out exactly what happened.
Hackers are targeting nursing homes in an attempt to compromise electronic medical records and payment information, according to a recent report, with a focus also on hospitals and individual doctors' offices.
A recent investigation by the Wall Street Journal found information from the Bronx Center for Rehabilitation & Healthcare center, Campbell Hall Rehabilitation Center and Glengariff Healthcare Center, all in New York, where hackers reportedly uploaded information about how to access each facility.
One facility saw passwords from 2007 posted, which were changed after a new database was implemented, while the Bronx Center previously migrated to a new security vendor. Even though it looks like older and outdated information was posted, it's still a chilling wakeup call to all companies trying to protect patient confidentiality, especially as more records are stored off-site in the cloud.
Hackers find older citizens to be an easy target, as many don't frequently check banking or credit card statements, have available cash on-hand, and can be easily manipulated to steal information.
Recent costly data breaches targeting brick and mortar retailers have led to an uptick in insurance coverage focused on data breaches, including when customer data is lost or stolen. Almost one in three companies have some form of insurance coverage to aid in cyber threats - and cyber insurance policies jumped 20 percent in 2013, according to a New York insurance company.
However, the increased insurance prices will lead to higher consumer prices, even if it doesn't lead to an easier time for customers with stolen information to work through the layers of bureaucracy. The insurance policies help cover data loss costs, including Target's decision to hire forensic investigators, along with providing credit monitoring and public relations efforts to salvage public perception.
Following the Target breach, in which more than 70 million customers were affected, there has been a drastic increase in cyber insurance, according to industry officials.
Google recently acquired an Israel based startup called 'SlickLogin', which indicates that the company is making plans to replace passwords and even two-factor authentication methods with an inaudible sound unique to your phone and Google login.
SlickLogin has a patented technology where your passwords and two-factor authentication setups can be replaced with a unique and inaudible sound. Once enabled, the website's login page would typically listen to this inaudible sound via your phone and then granting access to your account. This could solve a lot of problems and overcome the possibility of your email account being hacked by someone. All you have to do is hold your smartphone near your PC with the website's login page, and the access will be granted.
Following recent high-profile security breaches of U.S. retailers, the Securities and Exchange Commission (SEC) plans to host a roundtable discussion next month focused on cybersecurity. As cyber threats become more common place, lawmakers also are concerned a standardized customer notice system isn't in place for retailers to follow.
Retailers and financial institutions argue over which side should be held responsible for fraud activity on customer accounts. There are now trade groups teaming up to try and help work through the issue together, though cyber money crimes contribute to a booming multi-billion-dollar industry.
Following the Target and Neiman Marcus breaches specifically, consumers are increasingly frustrated by sometimes lackadaisical security practices. The Obama Administration recently released cybersecurity guidelines for select industries, though didn't make it mandatory to implement any of the ideas.
American attorneys were caught up with the NSA's global surveillance program, as an unnamed U.S. law firm representing an overseas client currently in a bitter legal battle with the U.S. government. Specifically, the Australian and U.S. governments agreed to share information on a law firm that was retained by the Indonesian government - and information protected under attorney-client privilege was likely included.
Attorney-client privilege isn't protected from NSA eavesdropping, though the American Bar Association demands attorneys to "make reasonable efforts" so confidential information isn't shared with others.
There has been growing concern that governments conducting spying and surveillance could breach attorney-client privilege with little recourse.
The controversial NSA surveillance program has shown frightening sophisticated practices, with U.S. residents, foreign citizens, government leaders, and others being spied on. Former NSA IT worker Edward Snowden, currently in Russia on temporary asylum, has greatly informed the public of spying behavior in the digital age.
The CyberPatriot VI tournament, designed as a youth cyber defense competition, will host 26 teams of U.S. high school students alongside two middle school teams in March. The schools are broken down into certain categories, such as public and private schools, Junior ROTC units, and other go through a series of tests for the groups to compete against one another.
"We don't teach hacking, we don't teach offensive techniques, but we very much teach defending against those things - that's the whole purpose of the competition," said retired Brig. Gen. Bernie Skoch, commissioner of the CyberPatriot effort, when speaking to the Air Force Times.
Skoch also added that he believes there will be around 330,000 unfilled cyber security jobs worldwide in 2015, despite a higher payday and job availability.
There is increased interest in continued improvement of cyber security efforts, especially for government agencies and critical infrastructure. The Obama Administration recently released security guidelines for utilities, banks, and other select industries, though the recommendations aren't necessarily a set of requirements that must be followed.