TweakTown
Tech content trusted by users in North America and around the world
6,252 Reviews & Articles | 40,834 News Posts

TweakTown News

Refine News by Category:

Hacking & Security Posts - Page 74

Tesla packs technology into vehicles, but needs to improve security

Tesla vehicles have generated a large amount of interest and controversy across the United States, though is in the headlines for a rather unexpected reason: a potential cybersecurity issue with the Tesla S vehicle.

 

TweakTown image news/3/6/36678_01_tesla_packs_technology_into_vehicles_but_needs_to_improve_security.jpg

 

The iPhone app for Tesla vehicles, which allows owners to control door locks, braking system, sunroof and other car functions, uses only a one-factor authentication system.

 

"The point here (and subsequent attack vectors) is that Tesla needs to implement an authentication mechanism that is beyond 1-factor," said Nitesh Dhanjani, security researcher, in a statement. "Attackers shouldn't be able to use traditional and well known attack vectors like phishing to remotely locate and unlock a $100K+ car built-in 2014."

Continue reading 'Tesla packs technology into vehicles, but needs to improve security' (full post)

UK launches cyber response team to defend against cyberattacks

Launched today, the UK Computer Emergency Response Team (CERT-UK) will help the British government coordinate against sophisticated cyberattacks, and respond to any cybersecurity issues that target the country's infrastructure.

 

TweakTown image news/3/6/36675_01_uk_launches_cyber_response_team_to_defend_against_cyberattacks.jpg

 

The CERT team stemmeed from a National Cyber Security Strategy meeting hosted in 2012, in which other nations discussed their programs - or intention to open a national cybersecurity team - and has grown from there.

 

"The cyber hacker needs to succeed only once, but those protecting us must be successful all the time; around the clock, day after day, week after week," said Francis Maude, Cabinet Officer Minister, when announcing the program. "And of course, nothing in the digital world ever stands still. It's forensic and painstaking work and it's absolutely relentless. I have a very high level of confidence that we can achieve this."

Continue reading 'UK launches cyber response team to defend against cyberattacks' (full post)

Banks withdraw from class-action lawsuit against Trustwave

Less than one week after two banks hit Target and credit card security service company Trustwave with a class-action lawsuit, the banks have pulled the lawsuit.

 

TweakTown image news/3/6/36674_01_banks_withdraw_from_class_action_lawsuit_against_trustwave.jpg

 

It seems Trustwave was inaccurately noted as a Target IT security contractor, which doesn't appear true - interestingly, the class-action lawsuit aims to try and expand responsibility of the data breach away from just Target.

 

"Contrary to the misstated allegations in the plaintiffs' complaints, Target did not outsource its data security or IT obligations to Trustwave," said Robert McCullen, Trustwave CEO, in a public statement. "Trustwave did not monitor Target's network, nor did Trustwave process cardholder data for Target.

Continue reading 'Banks withdraw from class-action lawsuit against Trustwave' (full post)

Philips smart HDTVs don't have good security, researchers warn

Security researchers from ReVuln recently published a video demonstrating how cybercriminals can compromise certain Philips smart HDTVs, giving criminals the ability to remotely control the TV and conduct other actions.

 

TweakTown image news/3/6/36655_01_philips_smart_hdtvs_don_t_have_good_security_researchers_warn.jpg

 

"The main problem is that Miracast uses a fixed password, doesn't show a PIN number to insert and, moreover, doesn't ask permission to allow the incoming connection," said Luigi Auriemma, ReVuln CEO and security researcher, in an interview with SCMagazine. "So basically you just connect directly to the TV via Wi-Fi, without restrictions. Miracast is enabled by default and the password cannot be changed."

 

When the TV owner browses the Web using their HDTV, criminals are able to view cookies and browsing history, researchers noted.

Continue reading 'Philips smart HDTVs don't have good security, researchers warn' (full post)

International ATM skimming operation leads to 17 indicted by feds

Criminals operating an alleged money laundering scheme have been busted, with 17 defendants involved in an operation to use ATM and debit card numbers - and PIN numbers - to withdraw money from victims' accounts.

 

TweakTown image news/3/6/36653_01_international_atm_skimming_leads_to_17_indicted_by_feds.jpg

 

The criminal operation occurred from May 2011 to September 2012, with criminals targeting debit card and PIN numbers stolen throughout Europe - stealing hundreds of thousands of dollars, according to the DoJ.

 

These charges are the result of the hard work of dedicated law enforcement personnel both here and abroad to address a transnational crime problem that can affect virtually anyone with a bank account and carries significant financial consequences," said Robert Holley, FBI Chicago Office Special Agent-In-Charge. "Cooperation with international law enforcement agencies was crucial to the investigation, and we are grateful for the assistance that led to these arrests."

Continue reading 'International ATM skimming operation leads to 17 indicted by feds' (full post)

Former president Jimmy Carter would consider pardoning Edward Snowden

Former president Jimmy Carter recently said he would give former NSA contractor Edward Snowden a pardon if he was convicted in the United States.

 

TweakTown image news/3/6/36645_01_jimmy_carter_would_consider_pardoning_edward_snowden.jpg

 

"If he was found guilty and sentenced to death, I would certainly consider pardon," Carter recently said in an interview, though admitted he doesn't have "the information President Obama has about what damage has been done to our security apparatus."

 

Carter has shown his displeasure regarding the NSA's snooping behavior in the past, even saying he mails letters via U.S. Postal Service if he wants to correspond with someone privately.

Continue reading 'Former president Jimmy Carter would consider pardoning Edward Snowden' (full post)

Visa and Target say breach hasn't led to a large amount of fraud

Despite more than 40 million credit and debit card accounts stolen by cybercriminals inside of Target's network, the amount of real-world fraud has been minimal, Target and Visa recently stated. Specifically for Visa accounts, there has been $2 million in fraud, according to Target officials, as the company promised to undergo internal reform.

 

TweakTown image news/3/6/36643_01_visa_and_target_say_breach_hasn_t_led_to_a_large_amount_of_fraud.jpg

 

Target continues to suffer backlash following the breach, especially after reports that the company ignored warnings from its internal IT team.

 

"As long as we continue to have a guest lens and use that data for the value of our guest, we're in a good place," said John Mulligan, Target Chief Financial Officer, in an interview. "We need to continue to invest and make it better. That's the challenge for us."

 

Despite Visa and Target reporting a low number of actual fraud cases, the retailer has been hit with class-action lawsuits from customers and banks.

KnowBe4: Human error still compromises companies, despite security

Companies are desperate to try and keep employee data and customer records safe from cybercriminals, with varying levels of success, as sophisticated cyberattacks continue to target corporations.

 

TweakTown image news/3/6/36641_01_knowbe4_human_error_still_compromises_companies_despite_security.jpg

 

Although companies are increasingly taking security awareness training seriously, human error remains a major threat, even if IT security is properly implemented.

 

"The human factor is a leading source of security threats for today's IT manager," said Stu Sjouwerman, founder and CEO of KnowBe4, in a press statement. "To maintain security, every company should adopt the 'defense-in-depth' strategy and create a strong first layer that includes up-to-date security policies, procedures and security awareness training as this affects every aspect of an organization's security profile."

 

Although cybercriminals enjoy targeting end-users with malware - to compromise their personal information - stealing data from businesses can yield employee information, customer data, and large amounts of valuable data in a short amount of time.

Continue reading 'KnowBe4: Human error still compromises companies, despite security' (full post)

Smartphone theft prevention act debate rages on in California

The debate regarding a mandatory smartphone kill switch, proposed by Sen. Mark Leno (D-San Francisco), with support from San Francisco District Attorney George Gascon, has ignited a debate among consumers and security researchers.

 

TweakTown image news/3/6/36629_01_smartphone_theft_prevention_act_debate_rages_on_in_california.jpg

 

SB 962 is designed to help clamp down on the market for stolen devices in California, though smartphone manufacturers have been against similar efforts. If passed in California, the legislation could have major ramifications for other states trying to battle against the growing black market for stolen smartphones and tablets.

 

Although some are fighting the effort, some security experts and consumers approve of such legislation. Here is what Brent Hutfless, IT director for Austal USA, said in a recent blog post published via Tripwire:

 

"The premise of the bill is sound, the desire to reduce violence is both commendable and desirable, and despite carrier reluctance this technology already exists to some degree through current mobile device management solutions. Beyond the obvious benefit of reducing consumer costs associated with replacement devices, there is a potentially huge security implication, as this better positions the cell phone as a form of personal identity."

Medical identity theft amounted to 43% of identity theft cases in 2013

A rather shocking 43 percent of identity theft cases last year can be traced back to medical identity theft, as security experts and healthcare providers struggle to keep up with security challenges, according to a recent study.

 

TweakTown image news/3/6/36627_01_medical_identity_theft_amounted_to_43_of_identity_theft_cases_in_2013.jpg

 

Unfortunately, medical records are significantly more lucrative to cybercriminals, meaning it's a popular target for attacks.

 

"Despite concerns about employee negligence and the use of insecure mobile, 88 percent of organizations permit employees and medical staff to use their own mobile devices such as smartphones or tablets to connect to their organization's networks or enterprise systems such as email," according to the Ponemon Institute's Fourth Annual Patient Privacy and Data Security report.

 

Many healthcare companies and hospitals embrace "bring your own device," but don't require any type of anti-virus or anti-malware security software - an alarming rate when 88 percent of companies rely on employees to use their own smartphones on the job.

Latest News Posts

View More News Posts

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases