Tech content trusted by users in North America and around the world
6,418 Reviews & Articles | 42,802 News Posts
TRENDING NOW: NVIDIA acquires Valve, announces Half-Life 3 release for 2016

TweakTown News

Refine News by Category:

Hacking & Security Posts - Page 83

Lavabit founder explains why he shut down service after Snowden leaks

Lavabit founder Ladar Levison recently opened up about why he was forced to shutter his secure email service following the fallout of former NSA contractor Edward Snowden. The Lavabit email service had 410,000 users, Snowden included, and with Levison rejecting U.S. government access to encrypted email accounts, he was found in contempt of court.

 

lavabit_founder_explains_why_he_shut_down_service_after_snowden_leaks_01

 

When federal investigators wanted private encryption keys and user passwords of Lavabit users, Levison immediately rejected the idea. It only took a few weeks of legal proceedings that would ultimately lead to the company unraveling, and then eventually shuttering.

 

Here is what Levison said in an op-ed posted by The Guardian: " If my experience serves any purpose, it is to illustrate what most already know: courts must not be allowed to consider matters of great importance under the shroud of secrecy, lest we find ourselves summarily deprived of meaningful due process. If we allow our government to continue operating in secret, it is only a matter of time before you or a loved one find yourself in a position like I did - standing in a secret courtroom, alone, and without any of the meaningful protections that were always supposed to be the people's defense against an abuse of the state's power.

eBay's user records have been hacked, change your passwords ASAP

This morning, eBay announced that its internal and customer databases were compromised earlier this year. Sometime between February and March of 2014, hackers managed to compromise a number of employee accounts and were able to obtain log-in credentials that allowed them to access eBay's internal and customer databases. eBay says that the security breach remained undetected until just two weeks ago.

 

ebay_s_user_records_have_been_hacked_change_your_passwords_asap_1

 

Customer information was stolen, and included log-in information, email addresses, encrypted passwords, physical addresses, phone numbers and date of birth information. Fortunately, the database that stores customer financial information was not compromised, and all of that information remains secure. eBay is however urging every account holder to change their passwords as soon as possible, and personally, I would suggest changing your PayPal password as well even though it was not part of the breach.

Continue reading 'eBay's user records have been hacked, change your passwords ASAP' (full post)

Avast: 75% of users unaware of threat Heartbleed continues to pose

Despite widespread media attention, 75 percent of users remain unaware of Heartbleed and its potential threat to user security, according to a survey of 268,000 conducted by security company AVAST. Furthermore, 41 percent of respondents aware of Heartbleed didn't want to change passwords, saying they didn't believe they were affected.

 

avast_75_of_users_unaware_of_threat_heartbleed_continues_to_pose_01

 

At the very least, security experts recommend changing passwords now, with most major websites already fixing the vulnerability. Security companies continually urge users have multiple passwords, and recommend utilizing a password manager instead of trying to memorize - or write passwords down on paper - to stay secure.

 

Heartbleed garnered significant attention among casual users, with local newspapers and TV stations covering the vulnerability - but that still didn't ultimately change how users reacted. Earlier this month, it was estimated at least 300,000 servers were still vulnerable to Heartbleed, while the Department of Homeland Security even stepped up to offer security tips.

Edward Snowden to become a comic book hero in graphic biography

National Security Agency (NSA) whistleblower Edward Snowden now has his very own comic book, "Beyond: Edward Snowden," focusing on his life and decision to reveal massive surveillance programs by the U.S. and U.K. governments. The comic will be released on May 21, in both print and digital formats.

 

edward_snowden_to_become_a_comic_book_hero_in_graphic_biography_01

 

The narration begins when Snowden is 19 years old, a high-school dropout, before he turned into one of the most recognizable names in the world. Marvel Comics writer Valerie D'Orazio and Dan Lauer teamed up to create the comic book and wants to focus on "the man behind the headlines," in which he drew international media attention.

 

It has been a whirlwind ride for Snowden since he stepped forward as the NSA whistleblower, as he is now safely tucked away in Russia. Although many U.S. politicians believe Snowden is "under Russian influence," and German authorities wish to speak with him, the 30-year-old only turns up via Internet chats or video conferences.

CryptoLocker increases attack levels, using spear-phishing techniques

The CryptoLocker ransomware continues to plague PC users in the United States and throughout the western world, with spear-phishing techniques now used to spread the payload. Specifically, companies with CraigsList postings that receive emails with attached files are being compromised, as CryptoLocker is infecting company executives, company owners, or human resources personnel.

 

cryptolocker_increases_attack_levels_using_spear_phishing_techniques_01

 

CryptoLocker has proven to be extremely successful for cybercriminals, with forty percent of those affected reportedly paying the ransom. Unfortunately, simply removing the malware once it has been installed doesn't work - CryptoLocker is installed, but the encrypted files remain in control of the criminals.

 

Here is what Stu Sjouwerman, KnowBe4 CEO, said in a statement: "These methods pose a high risk for companies looking to hire as well as for individual Internet users. The cybergangs running these Crypto-variants will try any number of things to outdo each other and extort your hard earned money. Since the weakest point in any security model is the person who touches the keyboard, it is vital to educate users what to look for. Stepping them through effective Security Awareness Training will make them think twice before clicking on a link, or open a possibly infected attachment."

McAfee announces free instant protection scan for mobile apps

In an effort to help keep mobile users more secure, McAfee today announced the newest version of the McAfee Mobile Secure program that gives Google Android users a way to check apps that use data collection techniques. There is a growing need to try and keep mobile devices secure, especially with users granting access to a wide variety of personal information when installing apps.

 

mcafee_announces_free_instant_protection_scan_for_mobile_apps_01

 

Around 80 percent of mobile apps used today collect user location information, 82 percent know device ID information, and 57 percent track when devices are used, according to the McAfee Consumer Mobile Security Report. After a scan is complete, users are informed regarding how much information each app accesses and shares, and ranks the apps by privacy sensitivity.

 

"The personal data some apps collect can be beneficial to enhancing your mobile experience, however many apps are collecting more information than they need, putting your privacy and personal security at risk," noted Gary Davis, McAfee VP of consumer marketing, in a press statement. "McAfee Mobile Security is empowering users by letting them know exactly what information their apps are accessing, and helps them safeguard their identity and personal information."

Facebook teams up with Trend Micro to better defend online threats

No. 1 social media site Facebook and leading security vendor Trend Micro have teamed up to make Trend Micro HouseCall available to all Facebook users, giving them the chance to scan and remove malware from hijacked accounts. If an infected user is identified, Facebook will contact them and provide an option to download a free version of HouseCall.

 

facebook_teams_up_with_trend_micro_to_better_defend_online_threats_01

 

Trend Micro is a well-known security company, while Facebook is keen to try and limit security threats that face its large user base. The service will hopefully give users the chance to operate in a more secure environment and reduce the likelihood of malware infection.

 

Here is what Kevin Simzer, Trend Micro CMO said: "HouseCall will give Facebook users an additional safeguard against the malicious attacks that interacting online can bring. We are pleased to partner with one of the world's leading social media networks to provide a free solution that will help protect the online security and privacy of billions of users."

Symantec's Norton Small Business aims to protect SMBs from threats

Symantec has released another product designed to keep small and midsized businesses (SMBs) secure from cyberthreats, with Norton Small Business marketed for companies with less than 20 employees. The software has 100 percent virus removal assurance and a friendly user interface to make it even easier to utilize in case IT staff aren't available to lend a hand.

 

symantec_s_norton_small_business_aims_to_protect_smbs_from_threats_01

 

The Norton Small Business also has mobile security technology, providing device scanning, remote locate, locking and wiping capability to protect bring your own device (BYOD) supporters. Symantec also has the ability to scan Google Android applications to remove any malicious software, with the majority of mobile malware aimed at Android devices.

 

"According to the Symantec Internet Security Threat Report, small businesses were targeted in 30 percent of all cyberattacks in 2013," noted Brian Burch, Norton VP of Global Consumer and Small Business Marketing. "While the risks are real, small business owners with fewer than 20 employees often wear multiple hats and don't have the time or resources to manage IT needs. Running a small business is hard work, but Symantec wants to make securing it the easy part."

Continue reading 'Symantec's Norton Small Business aims to protect SMBs from threats' (full post)

New phishing scam targets Bank of America Merrill Lynch customers

Another day, another phishing scam targeting online banking users. This time around, cybercriminals are targeting Bank of America Merrill Lynch customers, tricking users to install malware designed to steal personal information. The scam email includes a PDF attachment which has a malware link that initiates a download of a "SecureMessage.zip" file - packaged with the Spyware/Win32.Zbot Trojan.

 

new_phishing_scam_targets_bank_of_america_merrill_lynch_customers_01

 

Similar to other phishing attacks, the "secure message" includes a zip file, and users open the attachment inside of a Web browser. Users end up clicking a Dropbox download link where the malware is installed - another stark reminder for Internet users to be careful when clicking links from unknown users.

 

One-third of phishing attacks are aimed at financial institutions, and because of the large amount of attacks, banks have to follow new guidelines to better defend against distributed denial-of-service (DDoS) attacks.

Cybercriminal investigation leads to 80 arrested in 16 countries

Cybercriminals responsible for creating and using the "BlackShades" malware have been arrested, with police authorities in 16 different countries arresting at least 80 people reportedly involved. The custom malware was sold to thousands of clients, and led to more than 500,000 PCs being infected, giving criminals the ability to remotely access PCs.

 

cybercriminal_investigation_leads_to_80_arrested_in_16_countries_01

 

The criminal operation has been in operation since 2010 and was responsible for the distribution of "malicious software to thousands of cybercriminals throughout the world." Attackers were able to compromise users and had the ability to "access and view documents, photographs and other files ... record all of the keystrokes entered ... steal the passwords to the victim's online accounts and even activate the victim's Web camera to spy on the victim."

 

International police authorities are trying to crack down on organized cybercriminals, but tend to get to those responsible after

Latest News Posts

View More News Posts

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases
Subscribe to our Newsletter
Or Scroll Up Or Down