TweakTown NewsRefine News by Category:
Businesses struggle to keep their data secure, but find it even harder to deal with data breaches once they already happen. Companies that try to bury their heads in the sand and keep breaches secret could be harming themselves more than anything else, and should be more transparent.
Some companies try hiding data breaches or only confirm the news after security incident details are released. That can lead to major problems from shareholders, customers, and law enforcement officials.
"It's brought it to a point now where businesses have to pay attention," said Al Pascual, Javelin Strategy & Research senior analyst, in an interview with journalists. "Before, it was more of a concern for folks in the back office. They may have had some minor concerns about regulators or government officials, but now they have to worry about being punished by their shareholders, being punished by consumers who are pretty likely not to come back or to reduce their patronage."
Medical company Medtronic said it was breached by cyberattacks in separate incidents last year, with some patient records compromised. A number of medical records in the diabetes business unit was taken, but the company didn't disclose how many patients were affected, or what information was at risk.
Medtronic is the biggest standalone medical device maker in the world, and is a significant problem that rivals should pay attention to.
"Medtronic, along with two other large medical device manufacturers, discovered an unauthorized intrusion to our systems that was believed to originate from hackers in Asia," Medtronic confirmed in a filing to the Securities and Exchange Commission (SEC).
The Record Industry Association of America (RIAA) has been busy submitting reporting pirate links for removal on Google, recently topping its 50 millionth URL. The RIAA and music studios report millions of links each month - most of them directed to Google - with the filestube.com search engine receiving two million requests alone.
Google acts quickly to remove infringing links from the massive search engine's index, but the RIAA has voiced numerous complaints about the process. It's a difficult battle to deal with for the RIAA, because foreign websites ignore takedown notices, or slightly alter the URL and go back online immediately.
Just a few months ago, the RIAA take down requests number sat at 10 million, with the trade group always scanning for online music piracy locations.
The Motion Picture Association of America (MPAA), the leading movie copyright group in the United States, wants to invest $20,000 in research towards an "unbiased" report focused on online piracy. Following past published reports that claimed piracy harms sales, there was a public backlash that the trade group reportedly wasn't expecting.
"We want to enlist the help of academics from around the world to provide new insight on a range of issues facing the content industry in the digital age," said Chris Dodd, former U.S. Senator and MPAA CEO, in a statement. "We need more and better research regarding the evolving role of copyright in society. The academic community can provide unbiased observations, data analysis, historical context and important revelations about how these changes are impacting the film industry and other IP-reliant sectors."
It's refreshing to hear the MPAA wants to better analyze the current state of online piracy - a shift in strategy, when just a few years ago the MPAA was hesitant to embrace online solutions. However, past efforts to crack down on piracy only led to confusing legal legislation and ineffective, costly strategies.
Former NSA contractor Edward Snowden rejected a request from German officials to sit down and discuss NSA spying activity targeting Germany. The U.S. government reportedly spied on German Chancellor Angela Merkel and several German intelligence agency officials, and former cabinet members, Snowden revealed.
"The [parliamentary] investigation committee must respect Edward Snowden's decision not to make himself available as a witness, even for an informal meeting," Roderich Kiesewetter, committee lawmaker on an eight-member investigation committee, told the media. "It's surprising that Mr. Snowden doesn't want to respond to the investigation committee's questions in detail, but rather just sees his role as one of an expert with specialist knowledge."
It seemed unlikely that Snowden would agree to an in-person meeting, but German officials still hope to chat with him via telephone or video conference.
Mobile app Yo, which only allows members to say "Yo" to one another, was recently hacked, company officials confirmed. Even if users try to delete the app from their devices, user personal information is now located on the company's databases.
"Some of the issues have been fixed and we are still working on the others," said Or Arbel, Yo founder, in a statement. "I cannot reveal any information about the hacks to prevent misuse of this information. We brought in a specialist security team to deal with the issues, and we are taking this very seriously."
Students from Georgia Tech reportedly contacted Arbel about the breach, and received a phone call in return. The students claim they can snag phone numbers and spoof Yo's from other users, along with spamming other users. Other people have reported rather lax security protocols by the mobile app, and that should now be improved by the company.
The addition of the "Activation Lock" on Apple iPhone smartphones, starting with iOS 7 last year, has led to a drop in iPhone thefts and robberies, according to police reports. San Francisco police authorities saw a 38 percent drop in iPhone robberies, while London saw a 24 percent drop, police said.
"The introduction of kill switches has clearly had an effect on the conduct of smartphone thieves," said Eric Schneiderman, New York Attorney General, in an interview with the New York Times. "If these can be canceled like the equivalent of canceling a credit card, these are going to be the equivalent of stealing a paperweight."
A new survey from Lookout found that one in 10 smartphone owners have had devices stolen, and some of the thefts are violent robberies. Smartphone theft has led to a flurry of laws created to force mandatory kill switches, however, manufacturers and wireless carriers were initially hesitant. They gave in due to rising political pressure, able to work with lawmakers and police authorities.
The United States accounted for 23 percent of online banking malware attacks during the first quarter of 2014, according to security company Trend Micro's "TrendLabs 1Q 2014 Security Roundup" report. It's not a surprise to find the U.S. is the most popular target, with a growing number of malware-related bank attacks.
Joining the United States were the following countries: Japan (10 percent), India (9 percent), Brazil (7 percent), Turkey (4 percent), France, Malaysia, Mexico, Vietnam, and Australia all with three percent. Online bankers are warned to make sure they run anti-virus and anti-malware security, along with directly accessing their bank accounts - and to avoid clicking on suspicious emails.
Security experts struggle to keep up with the large volume of overly sophisticated attacks targeting their networks - and customers are increasingly finding themselves in the cross-hairs.
Cybercriminals are spoofing emails from a legitimate company, Berkeley Futures Limited, and the Zbot malware attached is now in the wild, security researchers have discovered. The attached ZIP file is password-protected so it cannot be scanned with anti-virus or anti-malware software until the user unlocks the file.
Users need to be more aware of cybersecurity issues, because an attached password in the body of the email should be an immediate red flag to Internet users. However, the cybercriminals behind it must find success if they are using the same tactic to compromise users.
The attachment has two files, a fake SCR spreadsheet file and a fake invoice in the form of a PDF. The file attachment is really a RAR file and not a ZIP file - a unique twist on compromising users, because many people have programs to attach ZIP files, but not everyone can open RAR files.
Sir Iain Lobban, the chief of British spy agency GCHQ, has publicly attacked the Guardian over its role in publishing information leaked by ex-NSA agent Edward Snowden.
He asserted that GCHQ and its sister agencies in British intelligence are protecting the UK "despite the best efforts of some of the media." According to the Telegraph, Lobban said at the IA14 cyber security conference: "GCHQ has some world-class intellectual property but you'll understand that even in these revelatory times we really do need major parts of that to remain secret. But we are working to share where we can, including contributing it to the open source community to encourage further development."
He went on to claim GCHQ's reputation - despite the role the media has played in exposing its part in the worldwide, online surveillance dragnet - is "helping UK industry." "Allies around the world want to talk to us about cyber security and they want to do business with companies that we can vouch for," he said.