TweakTown NewsRefine News by Category:
Four men in the United States and Israel have been arrested for their alleged participation in a massive JPMorgan Chase data breach that took place last summer. It was originally believed the hackers were after financial data, but it looks like operators were more interested in a pump-and-dump stock operation.
In March, federal authorities said they were a step closer to identifying - and apprehending - suspects behind the breach. The four have been tied to fraudulent investment schemes throughout the world, and haven't been charged with email theft or hacking. Instead, they likely wanted to use the email addresses to identify victims for their penny stock scam.
Yuri Lebedev and Anthony Murgio, living in Florida, have been charged with operating an unauthorized money-transfer operation that laundered bitcoins into hard currency for criminals. Information regarding those arrested in Israel remains scarce.
Following news that cybersecurity researchers were able to remotely hack an operational Jeep, it looks like Fiat Chrysler has issued a 1.4 million vehicle voluntary safety recall. This is the first time any automaker in the United States has issued a recall because of a cybersecurity threat - after hackers used the infotainment system to gain access to the vehicle.
The security recall will include upgraded vehicle software that has enhanced security features able to resolve the problem. However, it looks like political leaders in Washington want a more proactive response, as more connected vehicles hit the road:
"There are no assurances that these vehicles are the only ones that are this unprotected from cyberattack," said Sen. Ed Markey (D-Mass), as he called upon the National Highway Traffic Safety Administration (NHTSA) to launch a full investigation. "A safe and fully-equipped vehicle should be one that is equipped to protect drivers from hackers and thieves. Both automakers and NHTSA should immediately take steps to verify that other similar vulnerabilities do not exist in other models that are on the road."
Edward Snowden remains in Moscow, Russia, unable to find a new temporary home - and afraid of serious charges awaiting him in the United States. However, Snowden has said on multiple occasions that he would like to return home in the future, but only if he's treated fairly.
"Edward loves America and he would definitely like to return home," said Anatoly Kucherena, Snowden's attorney in Russia, in a statement to the media. "But it is our position, and a very simple one, that as long as his case is politicized and commented on as it is by politicians of all levels, that his return to his motherland is impossible."
Snowden is holed up in Russia, and while he didn't disclose information to the Russian government, he also didn't defect to the country. Instead, Snowden released damning data to the public "as an act of conscience," Kucherena said.
The growth of infotainment and other connected features in vehicles are designed to provide drivers with more control - but there is growing risk of cybersecurity vulnerabilities. It's not a new discussion, but one that drivers should be paying more attention to, cybersecurity researchers warn.
"If consumers don't realize this is an issue, they should, and they should start complaining to carmakers. This might be the kind of software bug most likely to kill someone," said Charlie Miller, after demonstrating how a Jeep can be remotely hacked.
The Senate Commerce Committee hearing related to the Internet of Things (IoT) yielded new interest in legislation designed to keep vehicle and driver data secure. The National Highway Traffic Safety Administration (NHTSA) and Federal Trade Commission (FTC) should be responsible for leading this effort.
Auto manufacturers are anxious to pack as much infotainment as they can into new vehicles, but that is opening the door to potential security risks. The NCC Group recently informed the BBC they were able to use digital audio broadcasting (DAB) radio signals to launch attacks - a tactic that could be utilized to interfere with how a vehicle's brakes operate.
Chrysler had to release a patch to resolve an issue reported by security researchers, able to demonstrate remote takeover of a vehicle - by sending data to the infotainment and navigation system. Not surprisingly, Chrysler was quick to offer a statement regarding connected vehicle security:
"[Fiat Chrysler Automobiles] has a program in place to continuously test vehicle systems to identify vulnerabilities and develop solutions," a Chrysler spokesperson told Wired. "FCA is committed to providing customers with the latest software updates to secure vehicles against any potential vulnerability."
Anonymous has posted a list of accounts suspected of aiding the Islamic State, typically by spreading propaganda and opening up dialogue with possible recruits. Some members are being spammed, while others have been suspended or removed from Twitter.
In addition to Twitter, Anonymous wants to identify Facebook pages, websites, blogs, and the Web proxies used by the Islamic State. One such tactic is using images of the "ISIS-Chan" anime character and using search engine optimization to influence how the accounts are found.
The United States has struggled against the Islamic State's massive social media campaign, with Google and other companies pledging to step up. However, trying to clamp down on 50,000 accounts sending out around 100,000 daily Islamic State-themed tweets will be no easy task.
Ashley Madison has been hacked, with some 37 million accounts hacked, including financial records, private details of the users, and more. Noel Biderman, the CEO of Avid Life Media, the company which runs Ashley Madison, has confirmed the site has been hacked. Biderman said: "We're not denying this happened".
A hacker group going by the name of The Impact Team has taken responsibility behind the back, with the team holding ALM ransom with the information it has. The hacking group sayd that it will release "all customer records, including profiles with all the customers' secret sexual fantasies and matching credit card transactions, real names and addresses, and employee documents and emails". The Impact Team will keep the information it has in its possession, if ALM and the other sites it runs - Cougar Life and Established Men - is taken offline in all forms.
The Impact Team has said it's taken a high moral stance, taking a stab at ALM's business practices, and the users that are on these sites by cheating on their partners. Where things get interesting, is that The Impact Team says that the "full delete" option that Ashley Madison offers for $19 - which reportedly deletes your payment and address details from their records - is a "complete lie". The hacking group says: "Full Delete netted ALM $1.7mm in revenue in 2014. It's also a complete lie. Users almost always pay with credit card; their purchase details are not removed as promised, and include real name and address, which is of course the most important information the users want removed".
FBI Director James Comey recently spoke in front of lawmakers, again saying encryption is making things difficult for law enforcement. Silicon Valley wants to keep user data secure, and many services provide encryption and enhanced security measures - but it hasn't made the FBI and other agencies happy.
"Our job is to look at a haystack the size of this country to find needles that are increasingly invisible to us because of end-to-end encryption," Comey told the US Senate Committee on the Judiciary. "People watch TV and think the FBI as a way to break that encryption... we do not."
Of course, the federal government wants a backdoor to access private user data, while tech companies and privacy advocates argue about security and privacy issues.
Julian Assange, founder of WikiLeaks, won't be leaving the Ecuadorian embassy in London to head to France, after President Francois Hollande refused to give him asylum. Assange's attorneys say he never requested official asylum, but was asked to visit the country by Justice Minister Chistiane Taubira and members of a French civil rights group.
"France cannot act on his request. The situation of Mr. Assange does not present an immediate danger," President Hollande's office said in an official statement. "Furthermore, he is subject to a European arrest warrant."
Assange will remain in the embassy in London, where he has been for three years, as he tries to avoid extradition to Sweden. Although he maintains his innocence in alleged rape and sexual assault cases, he fears the possibility Sweden will extradite him to the United States.
French Justice Minister Christiane Taubira said it's not up to her, but she "wouldn't be surprised" if WikiLeaks founder Julian Assange and former NSA contractor Edward Snowden were offered asylum in France. Ultimately, it'd be up to French Prime Minister Manuel Valls and President Francois Hollande to make a final determination - however, trying to get both men to France would be a rather unique logistical challenge.
"If France decides to offer asylum to Edward Snowden and Julian Assange, I wouldn't be surprised. It's a possibility," Taubira recently told BFMTV.
Snowden is wanted by US authorities for espionage and numerous other charges after leaking NSA documents to the public. Meanwhile, Assange has taken up residence in the Ecuadorian consulate in London, in an effort to avoid extradition to Sweden on alleged sexual assault charges. He's afraid if extradited back to Sweden, he'd be sent to the United States.