TweakTown NewsRefine News by Category:
Malware linked back to cybercriminals in Algeria and Kuwait was disrupted when Microsoft named several parties in a civil suit accused of creating malicious code that infected millions of victims. The strategy is a unique new method by Microsoft, attempting to disrupt communication channels used by cybercriminals and the infected PCs they've compromised.
The foreign nationals, Naser Al Mutairi and Mohamed Benabdellah, along with the Vitalwerks Internet Solutions domain hosting company - almost 94 percent of compromised machines used Vitalwerks servers so the criminals were able to control the machines - in a rather clever method to try to stay under the radar.
Meanwhile, Vitalwerks claims millions of Internet users have suffered disrupted service because of the legal proceedings. Microsoft didn't directly say Vitalwerks was involved in the cybercriminal activities, but said the company didn't do enough to prevent it.
Companies are familiar what to do during a cybersecurity incident, and how to defend against phishing and social engineering tactics, but tend to only learn lessons the hard way. Fifty four percent of respondents to a recent survey said they were not hacked or experienced a data breach in the past 12 months, according to TrainAce, a cybersecurity training organization.
For companies that did suffer a data breach, 70 percent found a Trojan on a PC or on theur network - and 20 percent of those hacked don't have a cybersecurity incident plan ready.
"The findings we've compiled suggest that while most companies are employing best practices when it comes to cybersecurity, there is still a way to go before adoption is universal," said Ralph Sita, TrainACE CEO and President, in a press statement. "All companies have different reasons and needs when it comes to cybersecurity, but it's troublesome to learn that many still don't have the basics in place, such as a cyber incident plan or set of updates guidelines."
A whopping 58 percent of healthcare vendors scored a "D" when it came to data security and privacy standards, as cyberattacks trying to steal medical records become more common, according to security risk management firm Corl Technologies. To put together the report, everything from security incidents, security and privacy policies, and quality of security team in place helped calculate scores.
"[The] majority of health care vendors lack minimum security practices, well short of HIPAA standards," according to the report. "Health organizations are often unaware of how many of their vendors have access to protected information."
It's unfortunate that healthcare vendors earned such a low score, as patient medical records are a valuable asset for cybercriminals. As such, medical identity theft amounted to 43 percent of identity theft cases in 2013, according to a study released by the Ponemon Institute - and HIPAA laws are scrambling to catch up to the current rash of healthcare-related cyberattacks.
Following new technology trends, cybercriminals are always-on the lookout for new methods to launch successful attacks to compromise information. There has been an uptick in attackers hosting botnets and malware in the cloud, successfully remotely controlling criminal behaviors remotely in the cloud.
Recently, criminals were found to be using DropBox to issue command and control instructions, in an effort to get malware and botnets around firewalls deployed by corporations, according to the Trend Micro security firm.
"At the end of the day, cybercriminals are business people," said Christopher Budd, Trans Micro Global Threat Communications Manager, in a statement. "The same logic that drives business people to using cloud-based services is driving the bad guys to use the cloud too."
U.S. threat intelligence company Norse has unveiled a real-time animated map that shows the obnoxious amount of cyberattacks being carried out around the world. Many of the attacks are launched by automated bots, aimed at finding vulnerabilities to steal personal information, banking data, and other sensitive information that can be valuable on the black market.
In 45 minutes, the United States suffered 5,840 cyberattacks - 27 times the number that the second most targeted country, Thailand, faced with just 220 cyberattacks in 45 minutes.
China launched the most amount of attacks, accounting for 2,513 attacks in 45 minutes, while the United States was No. 2 on the list with 1,550 attacks. Many of the U.S. attacks targeted computer networks inside of the country, while others tend to attack foreign targets.
Even though hacking and cyberespionage talks between the United States and China have stalled, it's an effort that U.S. lawmakers want to open up again. U.S. officials hope to see both sides begin discussions during the U.S.-China Security and Economic Dialogue scheduled to take place in Beijing next month.
Talks temporarily halted after the U.S. government indicted five Chinese Army officers for cyberespionage, a move that angered Beijing.
"That's an economic problem as well as a bilateral problem and that kind of behavior risks undermining the support for the U.S.-China relationship among the U.S. and international business community," said Daniel Russel, U.S. Assistant Secretary of State, during a recent interview. "That's a problem and it's a problem we believe the Chinese must can address."
Researchers from the European Space Agency (ESA) have developed software that is now being used to help detect online bank fraud. Former ESA consultant Paulo Marques, founder of Feedzai, sought a need for a sophisticated solution for communications via the Internet.
Fraud detection demands large amounts of information to be analyzed in real-time, with thousands of banking transactions taking place per second. Unlike space technology, bank fraud software must be able to learn the behaviors of each individual and company - and the software has the ability to store information up to four years, helping create personal spending profiles.
In Portugal, every electronic purchase uses the sophisticated software, with Feedzai screening $229 billion worth of purchases and payments per year. An important task with cybercriminals targeting banks and financial instructions, with $11.4 billion lost in credit card fraud each year.
Verizon has lost a valuable business partner because the German government pulled the plug on its current contract, angry about the National Security Agency (NSA) snooping on German politicians. Government officials were extremely angry when Edward Snowden mentioning eavesdropping on Chancellor Angela Merkel.
"The pressures on networks as well as the risks from highly developed viruses or Trojans are rising," the German Interior Ministry said in a statement. "Furthermore, the ties revealed between foreign intelligence agencies and firms in the wake of the U.S. National Security Agency (NSA) affair show that the German government needs a very high level of security for its critical networks."
This is good timing for the German government, because Deutsche Telekom and other European wireless providers comply with data protection laws in the European Union (EU).
The United States and China are reportedly trying to increase discussions related to cybercrime, but leaders in Washington and Beijing are continuing to find it difficult. It seems the U.S. government charging five Chinese Army officers with cyberespionage led to the timeout, as both sides try to work things out.
Even though both China and the United States blame one another for state-sanctioned activities - and China is blamed for allowing groups to target western companies - both sides want to find some type of political middle ground they can agree on.
Organized Chinese hacker groups are targeting western defense companies, with Chinese officials typically turning a blind eye. Meanwhile, there hasn't been a decline in cyberattacks stemming from China, cybersecurity experts warn, showing that there is still a lot of work that must be done.
ThreatTrack Security recently released ThreatAnalyzer 5.1, the company's latest version of a dynamic malware analysis solution aimed for the enterprise. The new tool allows security teams to detect and remove malicious code, along with learning how malware runs on their networks.
Users are able to recrate their 32-bit and 64-bit environments, including virtual machines, with custom malware determination rules and integrated threat intelligence.
"Uncertainty is one of the biggest challenges to enterprise cybersecurity, and it is paralyzing incident response teams," said Julian Waits, ThreatTrack Security President and CEO, in a statement. "Enterprises know they are under attack from breaches caused by advanced malware, but most lack the tools necessary to identify advanced threats and accurately quantify their exposure to those risks."