TweakTown NewsRefine News by Category:
In an effort to help keep mobile users more secure, McAfee today announced the newest version of the McAfee Mobile Secure program that gives Google Android users a way to check apps that use data collection techniques. There is a growing need to try and keep mobile devices secure, especially with users granting access to a wide variety of personal information when installing apps.
Around 80 percent of mobile apps used today collect user location information, 82 percent know device ID information, and 57 percent track when devices are used, according to the McAfee Consumer Mobile Security Report. After a scan is complete, users are informed regarding how much information each app accesses and shares, and ranks the apps by privacy sensitivity.
"The personal data some apps collect can be beneficial to enhancing your mobile experience, however many apps are collecting more information than they need, putting your privacy and personal security at risk," noted Gary Davis, McAfee VP of consumer marketing, in a press statement. "McAfee Mobile Security is empowering users by letting them know exactly what information their apps are accessing, and helps them safeguard their identity and personal information."
No. 1 social media site Facebook and leading security vendor Trend Micro have teamed up to make Trend Micro HouseCall available to all Facebook users, giving them the chance to scan and remove malware from hijacked accounts. If an infected user is identified, Facebook will contact them and provide an option to download a free version of HouseCall.
Trend Micro is a well-known security company, while Facebook is keen to try and limit security threats that face its large user base. The service will hopefully give users the chance to operate in a more secure environment and reduce the likelihood of malware infection.
Here is what Kevin Simzer, Trend Micro CMO said: "HouseCall will give Facebook users an additional safeguard against the malicious attacks that interacting online can bring. We are pleased to partner with one of the world's leading social media networks to provide a free solution that will help protect the online security and privacy of billions of users."
Symantec has released another product designed to keep small and midsized businesses (SMBs) secure from cyberthreats, with Norton Small Business marketed for companies with less than 20 employees. The software has 100 percent virus removal assurance and a friendly user interface to make it even easier to utilize in case IT staff aren't available to lend a hand.
The Norton Small Business also has mobile security technology, providing device scanning, remote locate, locking and wiping capability to protect bring your own device (BYOD) supporters. Symantec also has the ability to scan Google Android applications to remove any malicious software, with the majority of mobile malware aimed at Android devices.
"According to the Symantec Internet Security Threat Report, small businesses were targeted in 30 percent of all cyberattacks in 2013," noted Brian Burch, Norton VP of Global Consumer and Small Business Marketing. "While the risks are real, small business owners with fewer than 20 employees often wear multiple hats and don't have the time or resources to manage IT needs. Running a small business is hard work, but Symantec wants to make securing it the easy part."
Another day, another phishing scam targeting online banking users. This time around, cybercriminals are targeting Bank of America Merrill Lynch customers, tricking users to install malware designed to steal personal information. The scam email includes a PDF attachment which has a malware link that initiates a download of a "SecureMessage.zip" file - packaged with the Spyware/Win32.Zbot Trojan.
Similar to other phishing attacks, the "secure message" includes a zip file, and users open the attachment inside of a Web browser. Users end up clicking a Dropbox download link where the malware is installed - another stark reminder for Internet users to be careful when clicking links from unknown users.
One-third of phishing attacks are aimed at financial institutions, and because of the large amount of attacks, banks have to follow new guidelines to better defend against distributed denial-of-service (DDoS) attacks.
Cybercriminals responsible for creating and using the "BlackShades" malware have been arrested, with police authorities in 16 different countries arresting at least 80 people reportedly involved. The custom malware was sold to thousands of clients, and led to more than 500,000 PCs being infected, giving criminals the ability to remotely access PCs.
The criminal operation has been in operation since 2010 and was responsible for the distribution of "malicious software to thousands of cybercriminals throughout the world." Attackers were able to compromise users and had the ability to "access and view documents, photographs and other files ... record all of the keystrokes entered ... steal the passwords to the victim's online accounts and even activate the victim's Web camera to spy on the victim."
International police authorities are trying to crack down on organized cybercriminals, but tend to get to those responsible after
Cisco CEO John Chambers has written a letter to President Barack Obama urging him to curtail spying by the National Security Agency (NSA), in an effort to rebuild bridges and stop eroding trust. Former NSA contractor Edward Snowden turned the security world upside down when he disclosed organized mass surveillance against U.S. and foreign citizens.
"We simply cannot operate this way, our customers trust us to be able to deliver to their doorsteps products that meet the highest standards of integrity and security," Chambers said in the letter.
Cisco believes Internet security is absolutely paramount, and wants to ensure its customers and users that nothing is being done to deceive its customers. In a previous company blog post, Mark Chandler, Cisco General Council, had this to say regarding the company's business practices, noting that Cisco does "not work with any government, including the United States government, to weaken our products. When we learn of a security vulnerability, we respond by validating it, informing our customers, and fixing it."
The U.S. Justice Department has filed charges against five members of the Chinese Army, saying they are responsible for launching cyberattacks to compromise American companies. This is a notable announcement, as it's the first time charges have been issued against foreign countries. Furthermore, industries targeted include nuclear, solar and steel companies, with hackers trying to give a competitive advantage to Chinese companies.
"The range of trade secrets and other sensitive business information stolen in this case is significant and demands an aggressive response," said Eric Holder, U.S. Attorney General, during a press conference this morning. "Success in the global marketplace should be based solely on a company's ability to innovate and compete, not on a sponsor government's ability to spy and steal business secrets."
President Obama's administration has long accused the People's Liberation Army of launching cyberattacks targeting western companies, in an effort to steal intellectual property. Security experts are quick to point their fingers at China as the top foreign-based threat of organized cyberattacks against the United States.
Former NSA contractor Edward Snowden made U.S. and British enemies stronger and likely provided Russia with intelligence, according to government politicians still angry at the whistleblower. Snowden reportedly has made it significantly more difficult for intelligence agencies to try and conduct surveillance against al-Qaeda and other terror groups, which have changed their tactics.
"Obviously, they wouldn't have given him asylum if they had not obtained certain information," said Senator Saxby Chambliss (R-GA), the top ranking Republican member of the Senate intelligence company. "He has access to some information that's undoubtedly been given to the Russians and some of it is definitely something that is likely to cost the lives of Americans and the lives of some of our allies."
Meanwhile, German authorities are considering trying to arrange a video interview - or sending a delegation to Moscow - to speak with Snowden regarding U.S. spying activities against Germany. U.S. lawmakers previously showed concern that Snowden is likely under "Russian influence," as he remains somewhere in Russia, living there with temporary asylum.
Consumers have a wide variety of appealing smartphones and tablets to choose from, though must be aware of the security risks that they must deal with. Unfortunately, many users don't bother to keep their phone password-protected, and ignore any type of security risks - greatly opening up the likelihood of being infected by cybercriminals.
"Mobile devices have become an attractive target for cybercriminals," said Roberto Martinez, Kaspersky Lab researcher from the global research and analysis team, in a statement to TweakTown. "Currently, some of the greatest mobile threats are malicious applications or malware, lost or stolen devices and insecure Wi-Fi connections. These threats can cause the loss of personal or financial information."
Kaspersky Lab also gave TweakTown an inside look into basic security tips for smartphone users, trying to keep their mobile devices secure. There is a special emphasis in Google Android smartphone and tablet security, as 99 percent of mobile threats target Android-powered devices.
Email users at the University of Hawaii are being targeted by cybercriminals using phishing attacks, with the school's Information Technology Services office recently sending out a notice to current and former students. UH officials sent out a notice to email account owners, warning them to alert their credit card services if they turned over any personal information.
In an email sent to UH email users, security officials warned that "the attackers took elements from legitimate campus announcements or communications to make the messages look authentic." Specifically, the fraudulent email used a legitimate Google form, which has been removed by Google, with a warning that the university doesn't send unsolicited messages that ask for any type of user personal information.
Universities are popular targets for cybercriminals, either trying to phish users, or steal bulk amounts of personal information that can be later sold or traded. A data breach at Iowa State University could affect up to 30,000 students, and the University of California at San Francisco and University of Pittsburgh Medical Center were both hit by data breaches - with growing concern that university officials are too slow to inform students and faculty of data breaches.