TweakTown
Tech content trusted by users in North America and around the world
6,140 Reviews & Articles | 39,465 News Posts
Weekly Giveaway: Win an Antec Case, PSU and Cooler (Global Entry!)

TweakTown News

Refine News by Category:

Hacking & Security Posts - Page 71

Possible security threat coming to a touch-enabled device near you

A new proof-of-concept malware targeting touchscreen devices shows a potential security threat in which user finger swipes could be used to see exactly how consumers interact with their devices, according to security firm Trustwave.

 

TweakTown image news/3/5/35123_01_possible_security_threat_coming_to_a_touch_enabled_device_near_you.jpg

 

Specifically, the malware is able to log the X and Y coordinates of touch swipes on a device, along with capturing screenshots to help record touch coordinates. The proof-of-concept also allows the cyber criminal to only capture screenshots when a user enters a specific app, and a full demonstration and disclosure will be made at the RSA security conference next month.

 

"The more interesting thing is, if you get a screenshot and then overlay the touch events, you're looking at a screenshot of what the user is seeing, combined with dots, sequentially, where the user is touching the screen," according to Neal Hindocha, Trustwave senior security consultant.

 

It seems if this security threat hit the wild, it would be used against specific targeted users and companies, and won't end up becoming a widespread threat to the average smartphone or tablet user.

Edward Snowden concerned U.S. government might try to kill him

Edward Snowden, the former National Security Agency (NSA) IT contractor now hiding in Russia, is worried about the U.S. government trying to retaliate against him. Following his initial revelations starting last May, a number of rather shady NSA-related spying tactics have popped up, including efforts to snoop on foreign citizens and government leaders.

 

TweakTown image news/3/5/35122_01_edward_snowden_concerned_u_s_government_might_try_to_kill_him.jpg

 

"There are clear threats, but I'm not losing any sleep over them," Snowden recently told foreign journalists.

 

If Snowden remains under the protection of the Russian government, it seems less likely the U.S. government would try to launch a covert operation to silence him. However, if he ends up seeking amnesty in a Central or South American nation, personal security must be a significant concern to the U.S. citizen.

 

Meanwhile, Russia isn't in a big hurry to try and send Snowden out of the country, with officials noting he's welcome to stay as long as he feels comfortable. The 30-year-old also said he wouldn't receive a fair trial in the U.S., and his lawyer wants a guarantee of amnesty before he tries to head home again.

NSA uses insecure mobile apps to view and collect user information

The National Security Agency (NSA) and British spies use popular mobile games such as Angry Birds to covertly collect information on player location, age, sex and additional personal details, recent documents indicate.

 

TweakTown image news/3/5/35101_01_nsa_uses_insecure_mobile_apps_to_view_and_collect_user_information.jpg

 

The NSA and the Government Communications Headquarters (GCHW) also accessed address books, phone logs, and embedded geographic information during their joint efforts.

 

As more personal information is posted and shared online, with users accessing the Internet from PCs, laptops, smartphones, tablets, and a variety of other devices - this is a significant problem that will plague users in the future - because the NSA and other spy agencies aren't going to suddenly stop their invasive activities.

 

Following months of continued public backlash, President Obama said NSA reform will take place, though critics still don't believe it's enough.

Craft store Michaels investigating possible credit card data breach

Arts and crafts store Michaels is the latest to suffer a data breach, with the Secret Service now lending a hand in the follow-up investigation, the store confirmed over the weekend. Suspected cyber criminals have stolen credit and debit card numbers, immediately sharing news of the breach once it was confirmed.

 

TweakTown image news/3/5/35087_01_craft_store_michaels_investigating_possible_credit_card_data_breach.jpg

 

At least four financial institutions have identified fraudulent activity for card holders after recently shopping at Michaels.

 

"We are concerned there may have been a data security attack on Michaels that may have affected our customers' payment card information and we are taking aggressive action to determine the nature and scope of the issue," said Chuck Rubin, Michaels CEO, in a statement. "While we have not confirmed a compromise to our systems, we believe it is in the best interest of our customers to alert them to this potential issue so they can take steps to protect themselves, for example, by reviewing their payment card account statements for unauthorized charges."

 

There are a growing number of companies working their way through significant data breaches, which open up customers to possible credit fraud. High-end boutique retailer Neiman Marcus confirmed a data breach impacting 1.1 million customers, while Target is still dealing with fallout from a data breach affecting more than 70 million shoppers. The FBI noted that these type of attacks targeting brick and mortar retail stores will likely only increase in the future, so shoppers need to be vigilant in monitoring bank account statements.

U.S. court system also plagued by cyber attacks, as threat risk grows

An organized denial-of-service attack recently targeted the U.S. federal court system, temporarily stopping access to government websites, according to media reports. Specifically targeting uscourts.gov and other federal court websites, lawmakers were unable to access and upload legal documents, according to someone in the Administrative Office of the U.S. Courts.

 

TweakTown image news/3/5/35076_02_u_s_court_system_also_plagued_by_cyber_attacks_as_threat_risk_grows.jpg

 

The U.S. Justice Department and Department of Homeland Security didn't confirm the cyber attack, though U.S. government agencies are under continued attacks. The U.S. federal court, which handles its own cyber security, didn't disclose where the cyber attacks originated from. Additional details of the brief cyber attack remain unknown, in yet another incident that disrupts U.S. activity.

 

There is growing concern, especially from foreign-based cyber threats, as the U.S. infrastructure is increasingly targeted.

Russia snubs U.S. wishes, not in big hurry to end Snowden's asylum

Former National Security Agency (NSA) IT contractor Edward Snowden could be able to stay in Russia for more than one year, as the Russian government said they don't plan to send him packing.

 

TweakTown image news/3/5/35077_01_russia_snubs_u_s_wishes_not_in_big_hurry_to_end_snowden_s_asylum.jpg

 

Snowden, currently in Russia on a temporary one-year asylum, has offers from Brazil and several Central American countries interested in taking him in - but Alexy Pushkov, the Russian Foreign Affairs Committee legislator, noted that Snowden could stay longer. The 30-year-old American is now free to stay in Russia, working for private Russian companies, until he is ready to return back to the U.S.

 

During a recent online chat, Snowden said he would like to one day return to the United States, but that cannot happen unless he's granted protection under the federal Whistleblower Protection Act - which doesn't apply to former government contractors. Meanwhile, Snowden continues to claim he didn't carry out actions for Russia or any other foreign government, though some U.S. lawmakers still aren't so sure about that.

FBI warns of future cyber attacks targeting retail stores

After a handful of high-profile malware attacks targeting retail point-of-sale, the FBI identified around 20 similar hacking cases over the past 12 months.

 

TweakTown image news/3/5/35061_02_fbi_warns_of_future_cyber_attacks_targeting_retail_stores.jpg

 

Dubbed the "Recent Cyber Intrusion Events Directed Towards Retail Firms," which was dated January 17, and is a shocking wake up call for retailers, credit card and banking executives trying to protect consumers.

 

"We believe POS malware crime will continue to grow over the near term, despite law enforcement and security firms' actions to mitigate it," the FBI noted in a recent report. "The accessibility of the malware on underground forums, the affordability of the software and the huge potential profits to be made from retail POS systems in the United States make this type of financially motivated cyber crime attractive to a wide range of actors."

 

Target continues to combat a public relations nightmare after 70+ million customers were affected, while Neiman Marcus also is battling a recent data breach that has led to fraudulent credit and debit card charges.

Neiman Marcus confirms the obvious: 1.1 million customers compromised

High-end boutique retailer Neiman Marcus confirmed up to 1.1 million credit cards were affected during a security data breach that was disclosed over the 2013 holiday shopping season. Starting in mid-July to late October last year, malware collected credit card and debit card information, with 2,400 cards reportedly used for fraudulent purchases.

 

TweakTown image news/3/5/35050_01_nieman_marcus_confirms_the_obvious_1_1_million_customers_compromised.jpg

 

Customer Social Security numbers, debit card PIN numbers and birth dates weren't disclosed, and online shoppers haven't been affected.

 

"The malware the thieves deployed is more sophisticated and an unusual and a new way of gathering data," said David Robertson, The Nilson Report publisher, when speaking with the media. "In the history of the fight between hackers and retailers and anyone who holds payment data, the attack has occurred at the data center. That's where the largest number of accounts are. That's where the attack occurred because that's the biggest payoff."

 

Retailers already must deal with a number of different online threats, but malware and security risks facing brick and mortar retailers is a newer issue.

Syrian Electronic Army claims latest victim, plagues CNN's accounts

Media giant CNN was recently attacked by the Syrian Electronic Army hacker group, with several social media accounts and one live blog targeted. The official CNN Twitter and Facebook accounts were temporarily defaced before CNN was able to regain control within a few minutes.

 

TweakTown image news/3/5/35051_01_syrian_electronic_army_claims_latest_victim_plagues_cnn_s_accounts.jpg

 

The CNN Twitter feed featured the following tweet, for example: "Syrian Electronic Army Was Here... Stop Lying.... All your reports are fake!"

 

CNN was reportedly targeted for reportedly "viciously lying reporting aimed at prolonging the suffering in Syria," according to the group.

 

The Syrian Electronic Army recently targeted Microsoft's social media accounts, and continues to take aim at high-profile targets. Even if the compromised company is able to reset passwords and delete fraudulent postings, screenshots are quickly shared. The SEA also has hit The New York Times, Associated Press, BBC, Al Jazeera, The Guardian, and other major global news publications during its campaign.

Edward Snowden says he can't get a fair trial if he returns to the US

Edward Snowden, the former National Security Agency (NSA) IT contractor now living in Russia following his high-profile data leak, won't return to the United States until current laws are changed. The federal Whistleblower Protection Act isn't applicable to former government contractors, which means he could face significant legal trouble if he returns to the United States.

 

TweakTown image news/3/5/35049_01_edward_snowden_says_he_can_t_get_a_fair_trial_if_he_returns_to_the_us.jpg

 

"Returning to the U.S., I think, is the best resolution for the government, the public, and myself, but it's unfortunately not possible in the face of current whistleblower protection laws," Snowden said in response to a question about getting a fair shake if he one day returns to the United States.

 

It seems highly unlikely Snowden will return to the U.S. unless he's offered immunity by the U.S. government, which is something the White House hasn't recently discussed publicly. It seems that the NSA and other government agencies would be able to learn from Snowden, but he won't touch U.S. soil just to face possible espionage charges.

 

Snowden is currently in Russia where he was given one-year asylum, and could eventually find his way to a country like Brazil after his stay in Russia ends. There are rumors private Russian companies are interested in hiring Snowden and trying to help him secure permanent residency.

Latest Tech News Posts

View More News Posts

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases