Hacking, Security & Privacy News - Page 81

Research indicates a whopping 90 percent of the top 30 most visited Internet piracy websites in the United Kingdom contained some form of malware or "Potentially Unwanted Programs" (PUPs) to compromise user systems.

The piracy sites often rely on social engineering techniques to trick users into clicking fraudulent links: "These fake play buttons, and that sort of thing, are very much driven by the desire of people to download content," said according to the group. "We view it as a kind of social engineering attack on the users who are tricked into downloading stuff."

In an ongoing effort to combat piracy, copyright holders might have more success trying to inform users of the security threats they open themselves up to when downloading content - it would be a unique twist on sometimes rudimentary scare tactics.

United States security officials are concerned that Russian-based hackers could retaliate for stricter sanctions, launching cyberattacks against the U.S. government and large corporations. Whether directly from the Russian government, or splinter support groups, there will continue to be an increased urgency to defend US infrastructure from foreign attack.

"A cyberattack is a real concern that we all need to have," said Paul Smocer, head of the industry Financial Services Roundtable, in a statement to the press. "Nation states' ability to launch the cyberattacks is certainly real nowadays, and so in any conflict, I think that the possibility exists as we worry about escalation."

The political situation between Russia and Ukraine already has led to cyberattacks, with the Kremlin being attacked in retaliation for targeted attacks against Ukrainian infrastructure. Unfortunately, the U.S. Department of Homeland Security has greatly struggled to try and recruit cybersecurity experts, while other government branches have voiced similar concerns.

An increase in the popularity of online gambling has created a successful underground market for money laundering, according to a new McAfee study.

To make matters worse, Internet anonymity and such a wide variety of payment options gives criminals the chance to exchange stolen funds, bitcoins, and currency.

"As a result, illegal proceeds can be laundered by wagering them on one end of a transaction and receiving the payouts as gambling wins on the other end," according to the McAfee report. "Gambling wins can also be exchanged as payment for illegal goods or services changing hands elsewhere."

The Boston Children's Hospital was recently targeted in a wave of cyberattacks trying to bring down its website, though cybercriminals were unsuccessful, and no patient data was taken in the attempted breach.

"Over the weekend and through today, Boston Children's Hospital's website has been the target of multiple attacks designed to bring down the site by overwhelming capacity," said Rob Graham, hospital spokesperson, in a statement.

Hospital officials have reported police authorities and an investigation is currently underway - no hacker or hacker groups have stepped forward to take credit for the attempted breach.

Medical professionals have become victims of identity theft, with Social Security Numbers and other personal information used to help process fraudulent tax returns, according to recent reports. The victims, less than 1,000 total so far, didn't know about the breach until they tried to file their returns and found that someone else already had beaten them to the punch.

Victims were found in the following states: Colorado, Connecticut, Vermont, Massachusetts, Iowa, North Carolina, South Dakota, Maine, Indiana, and New Hampshire. The Indiana State Medical Association (ISMA) sent a memo to healthcare professionals in the state to be aware of the tax scam.

"The DOR is viewing this as a large problem and officials are very concerned," said Julie Reed, ISMA general council, during a recent conversation. "While their investigation has not yet identified the source of the presumed breach, they are tracking all the cases, looking for patterns, and actively investigating and pursuing leads."

NEC Hong Kong is currently developing a new facial recognition technology that can be used by stores, hotels, and other retail establishments to quickly identify customers. Retailers have tried to use smartphones to help monitor customer activity, especially if guests log onto free, open Wi-Fi hotspots, though customers found ways to disable such features.

When most people think of facial recognition, it's in regards to security and possible privacy issues - but NEC and companies have a more unique reasoning behind why stores, hotels, and other establishments might want to adopt the technology:

"Everyone loves to feel special. That's why any organization that can greet a customer by name and start helping them the minute they walk in to a shop, bank or hotel will have a tremendous advantage over one that relies on ID cards or other impersonal procedures," said Elsa Wong, NEC Hong Kong Managing Director, in a press statement.

More than one-quarter of Avast's current Microsoft Windows XP customers don't plan to leave behind the OS that is now no longer supported by Microsoft, according to a recent survey conducted by the security company.

Prior to the end of support date on April 8, XP users were already under increased threat of cyberattacks, and that trend is only expected to continue.

"XP users were not planning on doing anything," said Ondrej Vlcek, Avast Chief Operating Officer, in a blog post. "As Avast users they are protecting themselves since we will continue to support Windows XP users for at least the next three years."

The US Internal Revenue Service (IRS) didn't migrate from Microsoft Windows XP before the April 8 end of support deadline, and will pay millions to Microsoft for extended support.

Microsoft pulled the plug on its popular 13-year-old operating system, urging users to migrate to Windows 7 or 8/8.1. However, millions of PCs are still running XP and haven't been migrated, including many business PCs.

"Now we find out that you've been struggling to come up with $30 million to finish migrating to Windows 7, even though Microsoft announced in 2008 that it would stop supporting Windows XP past 2014," said Rep. Ander Crenshaw (R-Fla), chairman of the House Financial Services and General Government subcommittee, in a statement. "I know you probably wish you'd already done that."

A major global website was recently hit by cybercriminals, with the hacked website turning visitors into "zombies" that in turn launched distributed denial of service (DDoS) attacks. A Persistent XSS vulnerability gave cybercriminals the chance to embed malicious JavaScript code, according to enterprise security company Incapsula.

Each user that views a compromised profile image with the malicious code then ends up sending a GET request to targeted websites. The group responsible also posted comments on large quantities of other videos, to ensure the profile image was viewed as many times as possible.

"As a result, each time a legitimate visitor landed on that page, his browser automatically executed the injected JavaScript, which in turn injected a hidden