TweakTown NewsRefine News by Category:
The Lizard Squad hacker group launched cyberattacks against Sony PlayStation Network, Battle.net, League of Legends and Microsoft Xbox Live over the weekend, and now has focused on attacking Twitch. The attack was halted after several high-profile Twitch users wrote "Lizard Squad" on their foreheads yesterday. Some critics say the hackers are working on borrowed time, as it seems like only a matter of time before they are caught for their antics.
The FBI became interested when John Smedley, Sony Online Entertainment president, was targeted by Lizard Squad tweeting a bomb hoax to American Airlines. The high-profile attacks against Sony, Microsoft and other companies would have drawn federal interest, but a fake bomb report should only expedite the FBI's investigation.
Reading through tweets on the Lizard Squad page reveals sometimes entertaining - and rather obnoxious tweets - including mentions of the Islamic State of Iraq and the Levant (ISIS) terrorist group fighting in Syria and Iraq.
Swann Security unveiled the Digital Wireless Security System, a camera and monitor utilizing motion triggered recording, designed to be a plug and play wireless surveillance system. The $249.99 system is available at HH Greg, B&H, Meijer and Petra.
The camera is 720p and can record video up to 165 feet away, able to record during daytime or nighttime using 20 infrared LEDs. The system can record audio up to 16 feet away, with owners able to receive updates to smartphones or tablets if the motion sensors are triggered.
"We continuously listen to user feedback, developing new products based on our customers' needs," said Jeremy Steweart, Swann Global Marketing VP, in a press statement. "More and more, consumers want to manage their own home security, whether it's setting up their own security systems or monitoring them remotely. The Swann Digital Wireless Security System provides these advantages while also enhancing technology, resulting in a truly exceptional product."
There has been a decrease in consumer confidence when it comes to online financial transaction security, as we've all seen a large number of point-of-sale (POS) data breaches in the past year. Forty-nine percent of survey respondents said they felt vulnerable when shopping online, with 42 percent saying they would use online payment more if they were better protected, according to security firm Kaspersky Lab and B2B International.
Consumers are becoming more aware of online threats, and cyber fraud detection is an important consideration for shoppers. However, users are still not doing a good job of protecting themselves, but 60 percent of survey respondents said it's up to banks and shops alike to ensure payment information is kept secure.
"Many users still feel safer paying cash or using their bank card at a physical point-of-sale, rather than purchasing online with their computer or mobile device, and this reluctance hampers the development of the online payment market," said Ross Hogan, Kaspersky Lab global head of fraud prevention, in a press statement. "To encourage people to start using electronic payment services more actively, banks, online stores and e-pay systems need to reassure users that they are safe from cyber fraudsters."
It's not uncommon to hear news of a successful cyberattack that causes financial losses and major headaches from government departments or the private sector. However, cyberattacks targeting the financial market could cause significant problems, highlighted by the large volume of attacks targeting banks, credit card companies and retailers.
Regulators and governments are uncertain how to defend against these attacks, with a global "toolbox" in the works to help identify information security procedures. Evidenced by the US Securities and Exchange Commission trying to study cyber resilience, it's going to be hard to clamp down on cyberattacks.
"The issue of cyber resilience is a bit of a sleeper issue, and one that we have to be proactive [about] in terms of making sure the risk management approach is robust," said Greg Medcraft, International Organization of Securities Commission (Iosco), told FT. "Cybercrime has a huge potential impact on markets."
Companies are having a hard enough time trying to keep data secure from cybercriminals overseas, but insider threats leave organizations helpless. A lack of proper training and budget constraints make it difficult, with more than 60 percent of IT and security experts saying they couldn't respond to a real insider attack, according to the SpectorSoft security firm.
Respondents from the United States, Europe and Latin America said a lack of training (55 percent) and budget problems (51 percent) are problematic, with 34 percent saying insider threats aren't currently a priority. There has been an estimated $2.9 trillion of employee fraud losses worldwide every year, as employee theft and fraud can be extremely difficult to detect.
"These statistics paint a bleak picture when it comes to securing company data against insider threats," said Rob Williams, SpectorSoft chief marketing officer. "With so many data breaches happening, C-level executives are coming to the realization that their jobs could be on the line if company data isn't protected. Proper defense must include a comprehensive security solution, and with humans involved, education is just as key. The market is ripe for a new approach to internal security."
Cybercriminals recently targeted JPMorgan Chase customers with a curious phishing attack designed to steal banking credentials and infect PCs so other usernames and passwords could be collected. JMorgan is the No. 1 bank in the United States based on assets, and confirmed the "Smash and Grab" cyberattack targeting its customers.
It seems spam filters stopped a large portion of the attacks, but the phishing scam looks authentic, so it likely did compromise customers. In addition to stealing JPMorgan Chase credentials, attached malware also targets Bank of America, Royal Bank of Scotland and Citigroup customers.
Financial institutions are struggling to try to defend customers from cyberattacks - and the use of social engineering is rising, with cybercriminals simply tricking users into providing the data. However, it's rather curious that these spammers are including malware that steals credentials of other banks, because it's more likely to be detected.
Information security spending will reach $71.1 billion in 2014, a 7.9 percent year-over-year growth rate, according to the Gartner research group. The data loss prevention sector will have the fastest growth, amounting to 18.9 percent, with security spending to rise 8.2 percent in 2015 up to $76.9 billion.
There is great interest in improving security, especially among companies with customer and client data at risk, as retailers, financial institutions, and healthcare in the private sector try to boost their defenses. Cybercriminals are improving their malware and malicious software, which can be found online for a relatively low price to anyone willing to pay.
"This Nexus of Forces is impacting security in terms of new vulnerabilities," said Lawrence Pingree, Gartner research director, in a press statement. "It is also creating new opportunities to improve effectiveness, particularly as a resule of better understanding security threats by using contextual information and other security intelligence. This has led to increased awareness among organizations that would have traditionally treated security as an IT function and a cost center."
The Department of Homeland Security (DHS) noted that a single point-of-sale malware, dubbed "Backoff," could be responsible for infecting Target, UPS and more than 1,000 U.S. businesses in the past year alone. DHS officials are urging companies scan their networks to ensure they were not infected by Backoff or some other malware variant.
Seven POS service providers have found malware on their systems, as cybercriminals are interested in selling and purchasing customer personal information on the black market.
Target, Neiman Marcus, Supervalu, P.F. Chang's, UPS Store, and other retailers have been hit by data breaches, as the problem became prevalent following the Target breach. There has been a stronger call for U.S. banks and credit card companies to release new cards that have embedded microchips providing security that scrambles data during transactions.
There's one pissed off hacking group right now, which has not only taken down the PlayStation Network, but through Twitter, the group sent a bomb threat on an American Airlines flight that John Smedley was on. Smedly is the president of Sony Online Entertainment, and has confirmed he was indeed on the flight, and that it was diverted for security reasons.
Smedley tweeted: "Something about security and our cargo". An American Airlines spokesperson confirmed that Flight 362 was diverted for security reasons, and that the FBI was investigating the threat. Before all of the bomb threat hoopla, the hacking group took to Twitter to tweet a threat to American Airlines' Twitter account. While the plane was in the air, the group tweeted an image showing the e-Ticket for Smedley's flight, a confirmation number, and then asking if Smedley and Sony were indeed on the flight.
During the flight itself, the hackers continued to tweet threats. American Airlines Flight 363 was diverted from its patch to San Diego, into Phoenix. There were some 179 passengers and six crew on-board, all safe.
All hackers need to compromise traffic lights is a laptop and a radio connected to it, with researchers able to alter traffic lights from a vehicle.
The traffic light controllers often aren't encrypted and have default usernames and passwords that are posted online. The traffic light controllers are linked by an induction loop that is hidden underground, with cameras able to provide traffic light colors to the controller. It only takes a minimal amount of research before hackers are essentially given the blueprints.
"There's an assumption that these devices are secure," said Branden Ghena, University of Michigan computer science PhD student and study lead researcher. "We all just trust them so much. This is critical infrastructure. We were shocked that was going on."