TweakTown
Tech content trusted by users in North America and around the world
6,251 Reviews & Articles | 40,794 News Posts
TRENDING NOW: Cyanogen CEO: "Samsung couldn't build a good OS if they tried"

TweakTown News

Refine News by Category:

Hacking & Security Posts - Page 9

StealthGenie CEO must pay $500,000, forfeit spyware app source code

Danish citizen Hammad Akbar pleaded guilty for advertising and selling StealthGenie, a spyware application designed to allow customers to snoop on mobile phones. Akbar will have to pay $500,000 and turn over source code, but avoided jail time for marketing the app.

 

TweakTown image news/4/1/41553_01_stealthgenie_ceo_must_pay_500_000_forfeit_spyware_app_source_code.jpg

 

StealthGenie allowed users to monitor phone calls, text messages, videos, and other communications on victims' smartphones. The spyware was able to be installed on Apple iPhones, Google Android smartphones, and BlackBerry devices, and was extremely difficult to detect on compromised devices.

 

"Mr. Akbar is the first-ever person to admit criminal activity in advertising and selling spyware that invades an unwitting victim's confidential communication," said Andrew McCabe, FBI Assistant Director in Charge, in a statement. "This illegal spyware provides individuals with an option to track a person's every move without their knowledge. As technology evolves, the FBI will continue to evolve to protect consumers from those who sell illegal spyware."

Panda Security finds more than 20 million new malware samples in Q3

Panda Security collected 20 million new malware samples created worldwide, with an average of 227,747 new samples per day during Q3. The global infection rate increased from 36.87 percent up to 37.93 percent year-over-year, and Trojans are the most common type of malware. Trojans accounted for 78.08 percent of malware types, with viruses (8.89 percent) and worms (3.92 percent) also making an appearance.

 

TweakTown image news/4/1/41547_01_pandalabs_discovers_more_than_20_million_new_malware_samples_during_q3.jpg

 

Internet users face a cybersecurity threat from hackers, state-sponsored cybercriminals, and national government spy agencies - and trying to stay secure is rather difficult. China (49.83 percent), Peru (42.38 percent) and Bolivia (42.12 percent) are the three countries most targeted by cyberattacks, with nine European countries in the top ten most secure nations: Norway (23.07 percent), Sweden (23.44 percent), and Japan (24.02 percent) are the top three most secure.

 

"Over recent months cybercrime has continued growing," said Luis Corrons, PandaLabs Technical Director at Panda Security. "Cyber-crooks are still creating malware in order to infect as many computers as possible and access confidential data - but corporate environments have also come under attack. For example, over the last three months large companies have been the subjects of some scandals, such as the infamous 'Celebgate,' in which photos of actresses and models hosted on Apple's iCloud service were leaked, or the theft of Gmail and Dropbox passwords."

Europol launches raid on cybercriminals purchasing airline tickets

Europol is targeting cybercriminals suspected of using stolen debit and credit card information to purchase airline tickets. The large raid took place in 45 countries and 80 airports, with 118 people arrested - and airlines lose more than $1 billion per year due to fraudulently purchased tickets.

 

TweakTown image news/4/1/41536_01_europol_launches_raid_on_cybercriminals_purchasing_airline_tickets.jpg

 

"Airlines are fighting credit card fraud on their ticket sales on daily basis," said Meta Backman, a Europol European airline fraud prevention group. "It is clear to the airlines that they are up against organized crime in this fight."

 

The Global Airport Action initiative will rely on better communication between local police, national police, and federal agencies working with airlines and credit card companies to identify suspected fraud. Credit card fraud was reportedly linked to human trafficking and truck trafficking, which will also be investigated by European authorities.

Continue reading 'Europol launches raid on cybercriminals purchasing airline tickets' (full post)

Cybercriminals are fully aware this could be a great time for them

It seems like only a matter of time before another significant data breach hits US consumers, and it could happen before the end of the year. Many retailers don't have appropriate infrastructure in place to defend against cyberattacks, and the criminals are adapting their strategies to ensure they are successful. A recent study found 58 percent of retailers are now less secure than they were within the past year, as criminals can easily surpass firewalls and compromise customer data.

 

TweakTown image news/4/1/41535_02_cybercriminals_are_fully_aware_this_could_be_a_great_time_for_them.jpg

 

As more consumers shop online and head to local stores, it's the perfect storm for criminals to seize bulk debit and credit card data in a single breach. Meanwhile, some experts say the cost of expensive next-generation security solutions to be passed down to consumers, according to the study from BitSight Technologies.

 

"Bad guys know that this is a big shopping season," said Bob Ackerman, cybersecurity specialist and managing director of Allegis Capital. "Bad guys are on the prowl, they are active, and they know this is a time of year where there is a lot more fish that their net can capture."

Home Depot spent up to $43M on data breach during just one quarter

Following a massive data breach that left 56 million debit and credit card details stolen, along with 53 million email addresses, the company spent $43 million during Q3 to deal with the aftermath. The company expects to receive $15 million reimbursement as part of a $100 million network liability insurance policy - and must now work to ensure the problem doesn't occur again.

 

TweakTown image news/4/1/41531_01_home_depot_spent_up_to_43m_on_data_breach_during_just_one_quarter.jpg

 

Meanwhile, the company faces multiple lawsuits and will "incur significant legal and other professional services expenses" due to the incident. The company's payment card data network was complaint in fall 2013, and was undergoing 2014 certification when the breach occurred, according to an independent auditor.

 

"The forensic investigator working on behalf of the payment card networks may claim the company was not in compliance with those standards at the time of the data breach," Home Depot noted.

Former GCHQ leader concerned over smartphone biometrics security

Former GCHQ boss Sir John Adye believes current generation biometrics need more control, as he has concerns related to fingerprint scanners used by the Apple iPhone 6 and other devices. Despite believing the use of biometrics is a positive step toward device security, Sir John also is concerned about what happens to people's data when using these devices.

 

TweakTown image news/4/1/41529_01_former_gchq_leader_concerned_over_smartphone_biometrics_security.jpg

 

Sir John called out Apple specifically, with Apple Pay now allowing users to make payments simply with their fingerprint.

 

"I think Apple has done some good things. They appear to have a good system at the moment for protecting their operating system so it's difficult for anyone outside to penetrate it and retrieve data from it. But how long will that last, because the criminals... are very inventive at finding ways in, and although you can protect it in that way on the device itself, what happens if the device is lost or stolen?"

Continue reading 'Former GCHQ leader concerned over smartphone biometrics security' (full post)

Verisign: DDoS attacks grew in size and sophistication during Q3

Cybercriminals are having their way with companies and users, with distributed denial of service (DDoS) attacks growing in size - and sophistication - during Q3, according to reports. DDoS attacks 10 Mbps or above ramped up 38 percent from Q2 to Q3, according to the Verisign Distributed Denial of Service Trends Q3 2014 report, with the media and entertainment verticals most targeted.

 

TweakTown image news/4/1/41525_01_verisign_ddos_attacks_grew_in_size_and_sophistication_during_q3.jpg

 

Average attack size declined from Q2 to Q3, but that was because of an overwhelming number of attacks launched during the second quarter, the report states. "Rather than using volumetric attacks to overwhelm servers, organizations should be wary of cyberattackers targeting crucial ports to thwart legitimate traffic from reaching online destinations," according to the report.

 

Looking ahead to 2015, cybersecurity experts will certainly have their hands full, trying to defend against DDoS, malware, and advanced persistent threats (APTs) - as companies struggle to improve their network security.

Cybersecurity is a confusing, complicated issue for company executives

Company executives should be concerned - and prepared - if their company ends up getting hit by a successful cyberattack, possibly leading to a data breach. However, a general misconception that the IT staff is proactive and ready to defend against cyberattacks often is not the case, especially with overworked IT teams unable to keep up.

 

TweakTown image news/4/1/41518_01_cybersecurity_is_a_confusing_complicated_issue_for_company_executives.jpg

 

Although there are steps to make a data breach preventable, they certainly aren't fool-proof - and every company should have plans in place if a breach occurs.

 

It's also worth noting that cybercrime is done for a number of reasons, and it's not just about stealing personal information, such as debit and credit card data. Although that appears to be the basis of the Target, Home Depot and other retailer breaches, there is a growing worry of cyberespionage targeting companies and their host nation.

Electronic kiosks, ticket vending machines being hit by malware

News of malware attacks targeting point-of-sale (POS) systems became common place in 2014, and the problems are spreading away from retailer checkouts. The d4re|dev1 (daredevil) malware is able to compromise Harmony WinPOS, Figure Gemini POS, OSIPOS Retail Management System, and QuickBooks Point of Sale - able to launch keylogging features and can be used as an advanced backdoor.

 

TweakTown image news/4/1/41517_01_electronic_kiosks_ticket_vending_machines_being_hit_by_malware.jpg

 

Next-generation security measures are needed to help keep POS malware in check, and that doesn't seem to be happening soon enough.

 

"IntelCrawler believes that such kind of devices will become the new target for cybercriminals," the company said in a blog post. "These kiosks and ticket machines don't usually house large daily lots of money like ATMs, but many have insecure methods of remote administration allowing for infections payloads and the exfiltration of payment data in an ongoing and undetected scheme."

Hacker avoids maximum 440-year sentence, hit with misdemeanor instead

The Southern District of Texas offered a misdemeanor plea deal to hacker Fidel Salinas, 28, just a few months after the hacker was charged with 44 felony counts of computer fraud and cyberstalking. Each count had a maximum 10-year prison sentence, totaling a potential 440 years in prison.

 

TweakTown image news/4/1/41511_01_hacker_avoids_maximum_440_year_sentence_hit_with_misdemeanor_instead.jpg

 

Instead, the suspected Anonymous-linked hacker plead guilty to one misdemeanor count of computer fraud and abuse - and must also pay $10,000. He faces up to one year in prison when sentenced on February 2, 2015, and his attorney will argue the monetary restitution is enough.

 

Salinas reportedly tried to access the Hidalgo County administrative website, using a script that racked up more than 14,000 access attempts. The brute force attack led county IT administrators to be locked out of the system themselves.

Latest News Posts

View More News Posts

Forum Activity

View More Forum Posts

Press Releases

View More Press Releases