TweakTown NewsRefine News by Category:
LivingSocial, the company that helps users get better deals, announced that they have been hacked. The company notes that the hackers did not gain access to any credit card information. As a precaution, LivingSocial is sending out an e-mail to 50 million of its users informing them of the hack.
LivingSocial hasn't detailed how the hack occurred, but they have said that names, birthdays, e-mail addresses, and encrypted passwords were compromised. Given enough time and the correct tools, those encrypted passwords can be decrypted. Combine the password with the e-mail and the hackers could gain access to other sites.
If you use the same e-mail/password combination on any other sites, you're encouraged to change your passwords right away.
Cyberthreats are the new way of slowly removing citizens' privacy, and now the Department of Homeland Security (DHS) is preparing to deploy a very powerful new version of their EINSTEIN intrusion-detection system that is built to detect attacks and malware, especially when it comes to e-mail.
But because this new version of EINSTEIN is able to read electronic content, it is raising privacy concerns. DHS has recognized this, and have just issued a "privacy impact assessment" on what they're calling EINSTEIN 3 Accelerated, the intrusion detection and prevention system that is expected to be made available as a managed security service from ISPs to monitor the ".gov" traffic to and from civilian agencies and Executive Branch departments.
The DHS has said that EINSTEIN 3 might be able to collect "personally identifiable information" (PII) in some instances where this network security system will not just monitor but also prevent threats by clocking traffic in order to detect a cyberthreat or potential cyberthreat.
This afternoon some alarming news emanated from the Associated Press' Twitter account that stated the White House had been bombed and President Obama had been injured.
With recent events, this news spread across the web via social media within minutes. Fortunately, the report was 100% false - the President and the White House are safe and sound.
AP reporter Matt Moore took to his Twitter account to debunk the false report and confirm that the trusted news organization's Twitter account had indeed been hacked. The official source of the hack is unknown, but the hacker group Syrian Electronic Army appears to be claiming responsibility.
This morning TechSpot broke news that during 2011 and 2012 over 2700 servers hosted with HostGator were compromised when an employee installed backdoors on the machines. Prosecutors say that 29 year old Eric Gunnar Gisse of Texas was responsible for the inside hacking.
Gisse was employed by the company between September of 2011 and February 2012 as a medium level systems administrator. HostGator says that Gisse went to great lengths to hide the backdoor as a common Unix admin tool, which he renamed "pcre", which is a common system file.
No evidence was presented as to whether or not Gisse ever used the backdoor to access any of the servers remotely, but as the meme goes, "One simply does not install a backdoor onto 2700 servers without the intent to use them."
Gisse is scheduled to be arraigned next month. It's unclear if he has entered a plea as of this writing. He is being held on $20,000 bond at the Harris County Jail in Houston, TX.
Microsoft is pushing out a major upgrade to Microsoft account security by offering the option of two-step verification. As of late, many different online services have started to offer two-step or two-factor authentication to help keep online accounts more secure.
Two-step verification usually takes a bit longer to allow access to an account, but it makes it much more difficult for a hacker to brute-force your password. To login after two-step verification is enabled, you'll be required to enter your password and a code that was sent to either an e-mail or cell phone on file.
You'll be able to enable two-step verification at Microsoft's website, though the option might not be immediately available. For more information about Microsoft's two-step implementation, check out their blog post.
Gottfrid Svartholm, one of the co-founders of everyone's favorite torrent website The Pirate Bay, has been indicted on charges of hacking along with three others. Svartholm is said to be the mastermind behind a series of cyber intrusions into Nordea Bank and the Swedish federal tax agency.
In a statement, prosecutor Henrik Olin had the following to say:
"A large amount of data from companies and agencies was taken during the hack, including a large amount of personal data, such as personal identity numbers of people with protected identities."
These charges come completely independent of a recent sentence of one year in prison that was passed down to Svartholm after a series of shady happenings where Cambodian authorities managed to deport him back to Sweden. These new charges carry a much longer sentence than just one year.
Android looks like its the OS of choice for malware developers, with mobile security vendor NQ finding that Android devices infected with malware grew exponentially last year alone.
NQ found that Android devices with malware infections grew from 10.8 million in 2011 to 32.8 million, meaning a triple of infections year-over-year. They also found that nearly 95% of malware detected in 2012 was designed specifically for Google's mobile OS, which means that Android is the main target for cybercriminals.
Most Android malware infections happen in China, India and Russia - so while this might seem like some frightening numbers at first, InfoWorld's Brian Katz does make us feel all a little better. Katz also writes that most mobile malware can be avoided if Android users "download apps only from known sources", such as the Google Play Store. My advice? Don't click ads, don't open suspicious links, don't join random or weird Facebook groups that want all of your info.
North Korea are the subject of yet another attack by Anonymous, this time taking down a North Korean news and information site. Uriminzokkiri.com has been taken down, with a timeout error appearing when someone tries to access the site.
Anonymous didn't stop there, as they also attacked minjok.com, jajusasang.com and paekdu-hanna.com. These sites were hacked to display images mocking North Korean supreme leader, Kim Jong-un. This also isn't the first time Anonymous have hacked North Korea, as earlier this month the hacking collective gained access to the North Korean Twitter feed.
With access to NK's Twitter feed, they posted tweets to images poking fun at Kim Jong-un, condemning him for "threatening world peace with ICBMs and nuclear weapons" and "wasting money while his people starve".
In the past 48 hours, life has been pretty stressful for those invested in the virtual currency Bitcoin. On Wednesday the Bitcoin exchange Mt. Gox experienced a massive crash that led to the Bitcoin losing half of it's value. Then yesterday Mt. Gox announced a 12 hour suspension in trading to upgrade servers, and let investors calm down over the crash.
This morning we got word that before yesterday's shutdown, Mt. Gox was also attacked by hackers when it experienced a massive DDOS attack. This is the second large cyber-attack on the exchange in less than a week, which should fuel speculation about the security of investing in a yet-to-be vetted virtual currency.
Skeptics of Bitcoin will be quick to point out the fact that it will be hard to validate the new currency until the market is secure from such attacks, and measures are implemented to prevent such massive sell-offs.
Anonymous are in the news again, this time for their claims of a cyberattack against the Israeli government and their various Web sites, which has caused billions of dollars in damages. Israeli officials have said that there has been no serious disruptions.
Anonymous have claimed to have hacked over a dozen website, including the Israel Police, the Prime Minister's Office, the Israel Securities Authority, the Immigrant Absorption Ministry, and the Central Bureau of Statistics. Anonymous estimates that #OpIsrael has caused over $3 billion in damages, after hacking over 100,000 websites, 40,000 Facebook accounts, 5,000 Twitter accounts and 30,000 Israeli bank accounts.