TweakTown NewsRefine News by Category:
In the continued battle against cyber warfare, the FBI recently opened the door to security experts willing to share information about malware. Specifically, the Investigative Analysis Unit (IAU) wants to create "global awareness of the malware threat" in anticipation of what lies ahead in the future. The request for quote (RFQ) is a unique effort to purchase malware so the FBI intelligence services are able to try and reverse-engineer the security threats.
The FBI is currently seeking security firms to submit malware samples for federal computer teams to learn more about how the malicious software is made and distributed. Executive files, digital media files, exploited code, and Office documents will be collected, though security experts are welcome to try and stump the FBI with select malware.
Sophisticated malware continues to plague desktop and mobile users, with malware targeting Microsoft Windows, Linux, and Apple OS X/iOS.
The 2014 Winter Olympic Games are currently underway from Sochi, Russia, where the Russian government and cyber criminal groups are reportedly compromising smartphones, tablets, laptops, and other consumer electronics. Even after a recent NBC News report that indicated its reporters were quickly digitally compromised, research firm Gartner also reminds users that they face security risks everywhere they go with their devices.
As the media loves attention-grabbing headlines, such as Russian FSB and criminals can't wait to hack western mobile devices during the Olympics, cyber security threats are daily occurrences for many users. The Gartner blog published by Paul Proctor, VP Distinguished Analyst, also called out NBC for not carefully wording the published story - a bit of fear mongering an anti-Russian spying sentiment helped NBC with page views, though didn't offer a 100 percent genuine look at cyber threats.
Furthermore, many of the attacks focusing Sochi guests aren't geographically dependent, and the same security limitations and phishing attacks plague users every day at the local coffee shop, library, or shopping center.
The threat of domestic terrorism and attacks by Al Qaida are pressing matters to national security, but many U.S. government officials are instead focused on former NSA contractor Edward Snowden. A recent official said Snowden has done 'profound damage' to future U.S. security efforts, supporting a previous lawmaker that said Snowden is a traitor and criminal.
"What Snowden has stolen and exposed has gone way, way beyond his professional concerns with so-called domestic surveillance programs," said James Clapper, Director of National Intelligence, during a recent Senate committee hearing. "As a result, we've lost critical foreign intelligence collection sources, including some shared with us by valued partners."
U.S. citizens, foreign leader, and Silicon Valley executives are upset with the NSA's spying practices, which continually trampled over Internet users. However, many U.S. lawmakers remain unhappy with Snowden, and demand he returns government documents without any further disclosures.
Meanwhile, Rep. Marc Thornberry, a Texas Republican, said Snowden's security leaks will "certainly cost billions to repair" moving forward.
U.S. retailer Target is still working its way through a massive security breach that impacted more than 70 million in-store customers, a major issue that was first reported late last year. Additional details made available indicate a serious security overhaul will need to take place within Target, and other major retailers should closely follow suit.
Although it appears sophisticated malware targeted point-of-sale (POS) machines in Target stores, it appears some blame is being thrown towards a heating, ventilation and refrigeration third-party contractor. Cyber criminals behind the Target breach may have used the HVAC contractor's stolen account information to gain access, which led to easier access to Target's internal network.
The HVAC company, rumored to be Fazio Mechanical Services from Pennsylvania, confirmed it was recently visited by Secret Service investigators looking into the Target breach.
Target Chief Financial Officer John Mulligan recently appeared before a U.S. Senate Judiciary Committee, apologizing for the retailer's massive data breach.
Journalists and guests attending the 2014 Winter Olympics shouldn't expect privacy, as a journalist with NBC News reported he was immediately hacked. The Russian FSB and cyber criminal groups are expected to take advantage of electronics, snooping and trying to steal personal information from visitors.
"It doesn't take long here for someone to try to tap into your laptop, cellphone or tablet," said NBC News' Richard Engel, reporting from Sochi, Russia. "In a minute, hackers were snooping around. The same thing happened with my cellphone - it was very fast and very professional."
Engel said it took less than 24 hours before his laptops and mobile phone were invaded from outside sources. For American citizens attending the Olympics, the U.S. State Department warns travelers that they shouldn't expect privacy anywhere they are in Russia.
There is a high-level of security in Sochi, because the Russian government is concerned of threatened attacks by Islamic extremists. However, spying on journalists and foreign visitors is more for intelligence gathering than physical security, analysts said last month.
As the world prepares for the 2014 Winter Olympic Games in Sochi, Russia, security concerns are rightfully focused more on preventing any types of terrorism. However, cyber security experts are worried about the great potential for Russian federal authorities to snoop on athletes, journalists, and visitors to the country throughout Russia.
Both the Russian government, which gives wide-sweeping ability to spy on visitors, Russian cyber criminal groups also are expected to be active during the event.
"It's the same as during the Beijing Games - the host government, private enterprise and individuals pose a big threat to people traveling to the Sochi Games, in respect to monitoring conversations on cell phones and intercepting texts and e-mails," an Olympic security contractor recently noted.
The Russian Federal Security Service (FSB) will focus on snooping related to terrorist activity, mainly, but also can snoop on regular visitors - and the cyber criminals will focus on stealing personal data, passwords, and anything they can sell.
The United States Secret Service and Royal Canadian Mounted Police (RCMP) recently seized an offset printing press that has reportedly printed millions of dollars in fake currency. The counterfeit bills would have been impossible to detect with a quick glance, and ideal for regions of the world where a counterfeit detector pen or machine aren't used by cashiers.
During a previous raid in 2012 by the Secret Service and RCMP, $1 million in fake non-sequential numbered bills were seized.
Counterfeiting currency has become increasingly difficult with the Secret Service actively investigating counterfeiting cases - and due to technological security defenses - but occasionally people are able to successfully print fake funds. As home printers, toner technology and ink jet products become better, there is concern that counterfeiting will remain a lucrative underground effort.
For many years now, Malwarebytes has been a staple in many Windows users anti-virus / anti-malware toolbox. It gained this position not only because it works so well, but because it was a powerful solution that was completely free. Today the company announced that Malwarebytes 2.0 will
be moving away from its free to download model be moving away from a lifetime licence model, and will instead move to an annual subscription licensing model.
The company says that Malwarebytes 2.0 will cost users $24.95 per year with a licensing covering three separate PCs, a fee that is much cheaper than many of the big-name anti-virus programs on the market. "As more and more people have come to rely on us for malware protection and cleanup, our costs in bandwidth, hosting fees, infrastructure, salaries of our researchers, QA department, and more have grown immensely," explained Kleczynski, CEO of Malwarebytes. "Though our company is about more than just making money, we are a company and we do have to make money to pay our staff to continue doing what they love, which is fighting malware. The subscription model will help us to be sustainable for the future while staying true to our roots that we will always make malware cleanup free for everyone"
Malwarebytes says that its customers who have already purchased lifetime licenses will not need to pay the annual subscription fee, and the company will continue to offer lifetime licenses for a short period to ease the transition for those users who have wanted to take the lifetime plunge, but have yet to do so. What do you think about Malwarebytes moving to
a paid version only model to a annual subscription over lifetime license model, and will you be jumping in to grab one of the few lifetime licenses left?
A point-of-sale malware designed to steal debit and credit card information has been found on systems in 11 different countries, according to security company RSA. Dubbed ChewBacca, the malware was first discovered in late October, and has been found on in-store POS, directly blamed for stealing at least 49,000 account numbers to date.
The Tor-based malware threat communicates with the Command and Control (C&C) server using the anonymous Internet network - protecting the IP addresses of controllers. ChewBacca has proven successful in encrypting traffic and slipping through network-level detection, despite being a relatively simple piece of malware.
In-store POS threats, typically malware to steal customer information, typically go unnoticed, but consumers are becoming more aware of current threats. Criminals want to do whatever is necessary to steal data that they can either use, trade, or sell to other criminals - at the expense of retailers and consumers.
U.S. officials are still trying to come to terms with former NSA analyst Edward Snowden's spying disclosures, with James Clapper, the Director of the National Intelligence, demanding his journalist "accomplices" return leaked documents.
Clapper didn't place blame on specific "accomplices," but reporters at The Guardian, for example, would likely be an obvious choice.
Clapper's spokespeople later clarified and said the U.S. official "was referring to anyone who is assisting Edward Snowden to further threaten our national security through the unauthorized disclosure of stolen documents related to lawful foreign intelligence collection programs."
Snowden may have recently been nominated for a Nobel Peace Prize, but government officials would still like to see him face espionage-related charges. Trying to equate journalists to accomplices clearly is a long stretch for a government administration desperate to make sure similar whistle blower actions don't take place in the future.