TweakTown NewsRefine News by Category:
May spam email traffic averaged 69.8 percent, a 1.3 percent drop from April, but security experts continue to tell Internet users to be weary of sometimes rather clever spam. There was a large amount of mass mailings for schools and universities, along with "offers" for student loan repayment plans also popular phishing techniques.
Email search sites were the most popular targets (32.2 percent) ahead of social media websites (23.9 percent), and financial and payment organizations were in the No. 3 spot (12.8 percent). Spammers rely on unsuspecting and gullible Internet users to click compromising links that install malware - or otherwise steal credentials.
"Spammers are constantly thinking up new tricks or turning to old favorites to catch out their victims," said Tatyana Shcherbakova, Kaspersky Lab Senior Spam Analyst, in a statement. "It's not just about advertising: this month we came across a number of mass mailings imitating official notifications from various services and companies. The attachments in these emails contained malware from the Andromeda family. This family consist of backdoors that allow attackers to silently control infected computers, which often become part of a botnet."
The rise of hackers and cybercrime are problematic, but national governments maintaining security and political control on the Internet will remain the biggest threat. Specifically, there will be a rise in blocking, filtering, segmentation and balkanization of the Internet, according to a study published by the Pew Research group.
Thirty-five percent of those surveyed said they expected significant changes "for the worse" in regards to accessing and sharing online content by 20125 - a troubling concern as more people begin to access the Internet.
"Governments worldwide are looking for more power over the Net, especially within their own countries," said Dave Burstein, Fast Net News editor, in a statement. "Britain, for example, has just determined the ISPs block sites the government considers 'terrorist' or otherwise dangerous. There will usually be ways to circumvent the obstruction but most people won't bother."
Banks and financial institutions must work through a new generation of malware designed to lurk on Web browsers and only collects data when users access a banking website. Similar to other methods, it all starts with clever social engineering used to compromise victims, which leads to the malware being secretly installed.
The new tactic has led to at least 400 cases, with banking users often unaware of many threats that face them. At the very least, security experts recommend customers never click links in emails that look like something from their bank - but even if users go directly to the bank website, that's when the malware causes mayhem.
"It's going to have graphics and terminology that would make you believe, hey, that sounds pretty legitimate," said JD Sherry, Trend Micro VP of technology and solutions, in a statement. "Once you click on that, you don't have intelligence to basically say that's a bad link. The device is going to download that particular malware."
The 'MiniDuke' hacker group are targeting governments and drug dealers, likely serving as cyber mercenaries working for a paid backer, using malware to compromise users. It's not uncommon to hear government departments, the private sector and public infrastructure being targeted, but focusing on drug dealers seems to be a newer twist.
A total of 23 countries were affected by MiniDuke, with an aim of plucking data and credential information - and the malware is evolving to now include commercial code, as it appears a subdivision could receive funds from law enforcement or rival criminal groups trying to steal drug-related information.
"They are more like underground cybercriminals than a typical nation state," said a Kaspersky Lab researcher. "This is what makes them stand out. They were collecting everything like emails, names, nicknames and handles."
Massachusetts resident Cameron Lacroix, 25, has been charged with attacking tech support company Zendesk, allegedly accessing the company's website in February 2013. Once he gained access, Lacroix reportedly disabled security features so he could view company customer information, U.S. Attorney Melinda Haag said.
Lacroix defaced Twitter feeds for two unidentified companies, after being able to export one million Twitter tech support tickets from Zendesk. If convicted, he faces up to 10 years along with a fine up to $250,000, plus restitution - with Zendesk and Twitter both suffering losses totaling more than $200,000. He also faces a separate federal charge for an unrelated crime.
The federal government has stepped up arrests against suspected hackers, but struggle to prevent the cyberattacks before they happen. However, prosecutors hope to send a message to hackers that they will be targeted and face prison time if convicted of cyber-related crimes.
Following a study of cyberattacks in Q1 2014, it looks like distributed denial-of-service (DDoS) attacks actually dropped, while China remains the country with the largest amount of source attack traffic, the Akamai "State of The Internet Report" indicates. It's a welcome trend considering half of companies last year suffered at least one DDoS attack, with many companies unable to effectively defend against the attacks.
"This decrease accounted for the majority of the difference in attacks compared to previous quarters and might have had a more significant impact on the overall number of attacks if not for an increase in the number of attacks against public sector targets," said Martin McKeay, Akamai senior security advocate, in an interview with SC Magazine.
DDoS attacks remain an affordable, effective tool for cyberattackers trying to disrupt operations of companies and government networks. Almost 60 percent of companies note that DDoS attacks are near the top of the list among security threats, so defense strategy will continue to focus on how to defend against them.
At least one in five websites are blocked in the United Kingdom, with a growing number of legitimate websites getting caught up in the censorship, according to the Open Rights Group.
The Open Rights Grouped tried to access 100,000 websites with default filter settings - or "normal" filtering with nothing set as a default - and there were almost 20,000 different websites blocked. It's a frustrating system that leaves some websites, such as Sherights.com, a blog focusing on violence against women and LGBT rights, blocked and inaccessible.
"We've been surprised to find the default filtering settings are blocking around a fifth of the Alexa top 100K websites," said Jim Killock, ORG Executive Director, in a statement. "That's a lot more than porn, which accounts for around 4 percent of that list."
Following former NSA contractor Edward Snowden discussing surveillance activities by the NSA and its British counterpart, the GCHQ, a number of ISPs in the United States, United Kingdom, South Korea, Netherlands, Germany and Zimbabwe are targeting the GCHQ. Specifically, they say the spy agency used "malicious software" to compromise their networks while collecting data.
The GCHQ said online searches, which it considers "external communications" when routed overseas, don't require a warrant.
"Snowden's revelations have exposed GCHQ's view that independent operators like GreenNet are legitimate targets for Internet surveillance, so we could be unknowingly used to collect data on our users. We say this is unlawful and utterly unacceptable in a democracy," said Cedric Knight, from Dutch-based ISP, GreenNet.
Former NSA contractor Edward Snowden has greatly changed data security after disclosing major surveillance programs targeting U.S. citizens and foreign citizens. This has caused such a shakeup that physical location of data will become irrelevant moving forward, with organizations using a combination of different strategies to stay more secure, according to research firm Gartner.
Gartner lists the following types of data location: physical location, legal location, political location, and logical location. Companies trying to keep data secure will have to find ways to keep data offshore while ensuring encryption keys and other tools are located elsewhere, for example - critically important with cloud computing becoming more important.
"Business leaders must make the decision and accept the residual risk, balancing different types of risk: ongoing legal uncertainty, fines or public outrage, employee dissatisfaction or losing market share due to a lack of innovation, or overspending on redundant or outdated it," according to Gartner.
The Houston Astros baseball team playing in the Major League Baseball (MLB) league recently suffered a data breach, with information posted online. Some of the information includes private conversations related to possible trades with other teams, including the New York Mets and Miami Marlins.
After the team discovered it was compromised, officials alerted the MLB and a FBI-led investigation is currently underway.
"While it does appear that some of the content released was based on trade conversations, a portion of the material was embellished or completely fabricated," according to a statement released by the team.