TweakTown NewsRefine News by Category:
After Anonymous took credit for a data breach targeting the US Census Bureau, the agency is now investigating the incident. The Federal Audit Clearinghouse is responsible for collecting and storing audit information from local and state governments, Indian tribes and non-profit groups.
The Federal Audit Clearinghouse stores non-confidential information, including names, site user names, and organization addresses and phone numbers.
Don't worry, as all internal confidential information remains secure: "That information remains safe, secure and on an internal network segmented apart from the external site and the affected database," said John Thompson, director of the Census Bureau, in a blog post.
As there is a big push for consumers and retailers to adopt contactless payments, there are plenty of cybersecurity headaches that must be addressed.
The Which? Consumer group noted that data from contactless debit and credit cards can be intercepted - and while not all data is taken - it's enough to make fraudulent purchases.
"Using an easily obtainable reader and free software to decode data, we were able to read the card number and expiry date from all 10 cards," said a spokesperson from Which?, in a statement published by Sky News. "We were also able to read limited details of the last 10 transactions, although no cards revealed the CVV security code."
BlackBerry is looking for new business opportunities away from just smartphone handsets, and recently showed off a new line of security products. The company wants to continue its evolution from just a smartphone maker, and has focused more on software and cloud-based offerings.
The full turnaround may take a bit longer than what the company previously predicted, and instead of it taking six months, could take an additional 12 to 18 months.
"I'm pretty satisfied with the progress on the turnaround so far," said John Chen, CEO of BlackBerry, in a statement to Reuters. "I laid out the $500 million software revenue target and I'm still comfortable with that commitment for this fiscal year, it looks good."
It looks like terrorists are communicating about different attack strategies to launch cyberattacks against the United States, according to FBI director James Comey.
"We are picking up signs of increasing content," Comey said during the Aspen Security Forum. "It's a small but potentially growing problem." Comey didn't publicly discuss what types of attacks could take place - and any initial plans are relatively rudimentary - but shows increased concern from the US government.
Cybercriminals have found numerous ways to target US interests online, but there is specific concern of attacks against critical infrastructure. It would seem like organized foreign states, or state-sponsored hackers pose a greater concern, but terrorists could coordinate with hacker mercenaries.
Oops! It looks like a Universal Pictures studio in France may have been responsible for seeding a pirated version of Jurassic World from its office.
Universal submitted a US Digital Millennium Copyright Act (DMCA) takedown notice to Google, asking it to block requests to hosted and linked copies of Jurassic World. One link was http://127.0.0.1:4001/#/fr, indicating it was a "localhost" machine. Movie studios typically use automated scanners to identify sources of their pirated content, and it would seem chaotic that the scanner identified a Universal machine.
It's not surprising that movie pirates have been all over Jurassic World, as it smashed box office records after its release on June 12. A Jurassic World sequel is planned for 2018, as the movie generated so much international box office revenue. In case you missed it, here is the TweakTown review of the film.
Four men in the United States and Israel have been arrested for their alleged participation in a massive JPMorgan Chase data breach that took place last summer. It was originally believed the hackers were after financial data, but it looks like operators were more interested in a pump-and-dump stock operation.
In March, federal authorities said they were a step closer to identifying - and apprehending - suspects behind the breach. The four have been tied to fraudulent investment schemes throughout the world, and haven't been charged with email theft or hacking. Instead, they likely wanted to use the email addresses to identify victims for their penny stock scam.
Yuri Lebedev and Anthony Murgio, living in Florida, have been charged with operating an unauthorized money-transfer operation that laundered bitcoins into hard currency for criminals. Information regarding those arrested in Israel remains scarce.
Following news that cybersecurity researchers were able to remotely hack an operational Jeep, it looks like Fiat Chrysler has issued a 1.4 million vehicle voluntary safety recall. This is the first time any automaker in the United States has issued a recall because of a cybersecurity threat - after hackers used the infotainment system to gain access to the vehicle.
The security recall will include upgraded vehicle software that has enhanced security features able to resolve the problem. However, it looks like political leaders in Washington want a more proactive response, as more connected vehicles hit the road:
"There are no assurances that these vehicles are the only ones that are this unprotected from cyberattack," said Sen. Ed Markey (D-Mass), as he called upon the National Highway Traffic Safety Administration (NHTSA) to launch a full investigation. "A safe and fully-equipped vehicle should be one that is equipped to protect drivers from hackers and thieves. Both automakers and NHTSA should immediately take steps to verify that other similar vulnerabilities do not exist in other models that are on the road."
Edward Snowden remains in Moscow, Russia, unable to find a new temporary home - and afraid of serious charges awaiting him in the United States. However, Snowden has said on multiple occasions that he would like to return home in the future, but only if he's treated fairly.
"Edward loves America and he would definitely like to return home," said Anatoly Kucherena, Snowden's attorney in Russia, in a statement to the media. "But it is our position, and a very simple one, that as long as his case is politicized and commented on as it is by politicians of all levels, that his return to his motherland is impossible."
Snowden is holed up in Russia, and while he didn't disclose information to the Russian government, he also didn't defect to the country. Instead, Snowden released damning data to the public "as an act of conscience," Kucherena said.
The growth of infotainment and other connected features in vehicles are designed to provide drivers with more control - but there is growing risk of cybersecurity vulnerabilities. It's not a new discussion, but one that drivers should be paying more attention to, cybersecurity researchers warn.
"If consumers don't realize this is an issue, they should, and they should start complaining to carmakers. This might be the kind of software bug most likely to kill someone," said Charlie Miller, after demonstrating how a Jeep can be remotely hacked.
The Senate Commerce Committee hearing related to the Internet of Things (IoT) yielded new interest in legislation designed to keep vehicle and driver data secure. The National Highway Traffic Safety Administration (NHTSA) and Federal Trade Commission (FTC) should be responsible for leading this effort.
Auto manufacturers are anxious to pack as much infotainment as they can into new vehicles, but that is opening the door to potential security risks. The NCC Group recently informed the BBC they were able to use digital audio broadcasting (DAB) radio signals to launch attacks - a tactic that could be utilized to interfere with how a vehicle's brakes operate.
Chrysler had to release a patch to resolve an issue reported by security researchers, able to demonstrate remote takeover of a vehicle - by sending data to the infotainment and navigation system. Not surprisingly, Chrysler was quick to offer a statement regarding connected vehicle security:
"[Fiat Chrysler Automobiles] has a program in place to continuously test vehicle systems to identify vulnerabilities and develop solutions," a Chrysler spokesperson told Wired. "FCA is committed to providing customers with the latest software updates to secure vehicles against any potential vulnerability."