Hacking, Security & Privacy News - Page 87

Security experts like to point fingers at various sources of cyberattacks and malware creation, and quite a bit of attention is focused on Russia and Eastern Europe. The most recent example comes as German security firm G Data Security blames the Russian government for creating the "Uroburos" malware.

G Data Security blog author "MN" believes the Russian government was behind the malware due to its sophistication - Uroburos is a rootkit that has a driver and encrypted virtual file system, with the rootkit hijacking infected machines while running commands anonymously.

"According to all indications we gathered from the malware analyses and the research, we are sure of the fact that attacks carried out with Uroburos are not targeting John Doe but high profile enterprises, nation states, intelligence agencies and similar targets," the company's blog reads.

During his RSA Conference 2014 keynote last week, FireEye COO Kevin Mandia again said the Chinese government is a "nation-state sponsoring intrusions into businesses in the U.S.," continuing an increasingly popular tactic used by governments.

China is notorious for using cyberattacks to try and gain trade secrets and private information which can then be used in China. In addition to rogue hacker groups, the Chinese government has been accused of secretly paying hackers to conduct cyber surveillance of networks and servers.

Of note, the Chinese government's Unit 61398, part of the national military, has launched more than 1,000 organized cyberattacks against select Western targets, according to security firm Mandiant. Following a break in the attacks, it appears the Chinese government is again attacking US government, military, banks, and other critical infrastructure on a near-daily basis.

After deciding not to release a security update in six months, it looks like Apple might not bother keeping its OS X Snow Leopard users secure, according to recent reports.

The OS is only four years old, so Apple trying to retire it so seen is a bit of a surprise, though Apple might want to avoid the need of continually supporting older OSes, which Microsoft has routinely done in the past.

If Apple is truly turning its back on Snow Leopard, that means the company also is leaving behind 19 percent of current Mac users - and cybercriminals, licking their chops over the upcoming Microsoft Windows XP end of support next month - could shift attention towards Snow Leopard. Apple has done a good job of keeping its products secure, but there is still belief that Apple products are fully secure, and this overconfidence could plague home users and businesses.

Edward Snowden leaked new documents which shows that a UK spy agency GCHQ were exploring a way to use Microsoft Kinect camera to conduct mass surveillance. It was revealed that GCHQ ran a program called 'Optic Nerve' which would target 1.8 million Yahoo users and mass collect their webcam images.

According to the news report, Optic Nerve project started with a prototype in 2008 and started by using Yahoo webcam to collect images. It also contained information about GCHQ considered using Kinect for a similar form of surveillance. Though the concept never came into play, many documents indicated that Kinect camera can provide 'fairly normal webcam traffic' as a part of Optic Nerve Program.

GCHQ was also involved in a controversy earlier when they disrupted an IRC network that belonged to anonymous individuals by DDoSing the servers. There were documents which pointed out GCHQ's 'social manipulation' plan to discredit 'enemies' via propaganda.

Just 48 percent of those surveyed during the RSA Conference 2014 in San Francisco believe the NSA overstepped boundaries with its widespread spying activities, according to account management company Thycotic Software.

Most of the focus during the conference was on vendors showing off their software and hardware security solutions - but it was inevitable to hear former NSA contractor Edward Snowden's name - and constant conversations around the NSA booth in the Moscone South Expo hall.

"Regardless of where you stand on the issue, the attention around Edward Snowden's alleged disclosures last year has raised major concerns worldwide around the risk posed by insiders who have access to privileged account passwords," said Jonathan Cogley, Thycotic Software founder in CEO, in a press statement. "Regardless of intention, data breaches always have the potential to devastate a company's reputation and create a significant drain on resources."

A computer virus reportedly took down a Formula 1 race car team was supposed to be on the track, helping mechanics and drivers lock things down. Instead, the Marussia team was downed for almost an entire day of driving due to an unexplained computer virus that will be investigated to prevent future issues.

"It started off with the first disaster, which was a computer Trojan-type virus in the racks, which cost us the best part of the day," Marussia team principal John Booth recently told AUTOSPORT. "So that set the tone for the week."

Modern Formula 1 cars have a large amount of electronics, with team managers able to carefully track vehicle performance during practice laps and throughout a race.

Either just bad luck or a cruel practical joke, it turns out the RSA Conference 2014 mobile app designed to help attendees get through the show mistakenly had a security hole potentially exposing user data.

IOActive found that there were two major vulnerabilities in the app, including a flaw that reveals name, surname, job title, employer, and nationality of the mobile app users. The second flaw opened up the door to man-in-the-middle attackers able to inject code into the app's login, so login credentials could be exposed.

"The RSA Conference 2014 application downloads a SQLite DB file that is used to populate the visual portions of the app (such as schedules and speaker information) but, for some bizarre reason, it also contains information of every registered user of the application - including their name, surname, title, employer, and nationality," said Gunter Ollmann, IOActive CTO, in a blog post.

Popular retailer Target is still dealing with continued fallout from a data breach in late 2013 that left more than 70 million customers affected. The malware targeting Target's point-of-sale solutions should have raised immediate alarm bells for other retailers trying to prevent similar attacks.

Target is now being sued by a handful of smaller banks that accuse the store of not doing a good job of protecting customer data.

"So far, seven financial institutions have filed class action suits against Target alleging the retailer didn't adequately protect customer data," according to the Wall Street Journal's Joel Schectman. Other banks could join the class action suit, accusing one of the largest U.S. brick and mortar retailers of not boosting its security defenses when warned of possible malware threats.

Third-party applications are responsible for 76 percent of vulnerabilities now plaguing the 50 most popular programs, according to IT security firm Secunia. The company's research looked at the top 50 programs used on private PCs - including solutions approved and maintained by IT experts - with vulnerabilities largely stemming from non-Microsoft applications.

Of the 1,208 total vulnerabilities found in 2013, 76 percent were sourced to third-party applications - even though they account for just 34 percent of the top 50 programs.

Despite continually improving security, many users still blame Microsoft for a wide variety of security loopholes - but Secunia's research indicates it's these downloaded and installed third-party apps that continue to cause problems.

Alleged British hacker Lauri Love is accused of hacking into US Federal Reserve computers, and his lawyers will "vehemently oppose" all attempts to extradite him. If convicted in the United States, Love faces up to 12 years in federal prison, according to FBI officials anxious to have him land on U.S. soil.

The UK national Crime Agency also is looking into Love's alleged hacking behavior, though the UK court system wants to see the "sophisticated hacker" stay in the UK.

"If there is an extradition request from the United States it will be vehemently opposed," said Karn Todner, Love's legal advisor, in a statement to the BBC. "We believe that if Mr. Love is to face charges that they should be, and will be, in the UK."