TweakTown NewsRefine News by Category:
The Obama administration wants to help utilities, banks and other important industries better defend themselves from cyber attack, launching voluntary cyber security guidelines as reference. The White House didn't want to offer direct requirements in an effort to allow companies to determine what would work best in their own business environment.
"While I believe today's framework marks a turning point, it's clear that much more work needs to be done to enhance our cybersecurity," said Obama, in a statement from the White House. "Our critical infrastructure continues to be at risk from threats in cyberspace, and our economy is harmed by the theft of our intellectual property."
Although the Obama administration worked on the recommendations based on analysis and industry-offered input, it's unlikely to be effective in preventing future attacks.
The US government and military learned in recent years that cyber threats cannot be ignored, especially with many criminal groups operating out of China, Russia, and other political rivals.
You would expect the president of one of the largest financial institutions in the US to have a very robust personal security plan in effect to ensure that his identity or financial information was not stolen, but it appears that is not the case with PayPal's President, David Marcus. This morning Marcus revealed that one of his credit card numbers was stolen during a recent trip to Europe and then used on a large spending spree.
Marcus says that he thinks that his card was skimmed at the hotel he was staying at or at one of the several merchants he swiped the card in question at. Marcus said that despite the card having an EMV chip that is supposes to make it more secure against this sort of attack, the EMV technology did nothing to prevent his card's number from being stolen and used on a fraudulent spending spree. Marcus did take the opportunity to inject a little promotion for PayPal, saying that if the merchant had accepted PayPal then none of this would have happen as PayPal's payment solutions do not share any credit card numbers with the merchant excepting payment.
Former NSA analyst Will Ackerly and his brother, John Ackerly, are the co-founders of Virtru, a startup security company helping users encrypt e-mails and digital communications. Unlike other encryption solutions, Virtru allows users to encrypt information - and send it - and has an extremely easy user interface to ensure neither user needs to be overly tech savvy.
The Virtru plugin easily and quickly encrypts e-mails and other contents using AES 256 encryption standard, and senders must have the plugin installed. However, recipients only need to authenticate their identity with an e-mail address, and Virtru holds the decryption key.
"What we've tried to do - and what's different from what a lot of encrypted communication tools out there have done - is really spend time to integrate the encryption technology directly into Gmail, Yahoo, Outlook.com," John Ackerly, Virtru CTO, in a statement to the media.
Virtru currently has plugin extensions for Google Chrome and Mozilla Firefox, with customized versions for Internet Explorer and Safari expected soon. For mobile devices, Virtru is available for iOS 7, and will be available for Google Android sometime in the near future.
Following the continued controversy of former NSA analyst Edward Snowden's widespread snooping documents, consumers are increasingly worried about government spying.
Thousands of visitors attending and participating in the 2014 Winter Olympics in Sochi, Russia, landed directly in the city located alongside the Black Sea. 3D camera technology company Artec Group is helping Russian security forces with a new system pairing 3D cameras with facial recognition software - and the security could find its way to the United States and European Union (EU) nations soon.
Artec's software can accurately distinguish between twins, can accurately work despite disguises - though security experts are already about potential privacy concerns. Artec Group also has plans to open a showroom and 3D printing location in a town near its headquarters in Silicon Valley.
Securities using sophisticated software and hardware are important for keeping the Olympics safe, as it has been a popular terror target in the past. However, this type of software could be used for national defense purposes, an active ability to quickly check visitors through crime and terror databases.
The FBI believes cyber criminals have successfully targeted Target, Neiman Marcus, and other major retailers using security holes that could have been blocked by retailers.
Target suffered the most significant data breach of recent companies, with more than 70 million customers affected, as the company still deals with public backlash. The Target breach reportedly is tied to a third-party HVAC contractor, and Target likely thought there were no security holes present, but the card data shouldn't have been available in the same corporate network locations.
Security experts warn of similar point-of-sale - and Internet-based threats - should raise alarm bells, especially with a few businesses that haven't come forward. The FBI didn't disclose which major retailers haven't come forward, though "remote management software" was related to cyber crimes carried out against the company.
Former NSA contractor Edward Snowden used customized web crawler software to steal at least 200,000 government secrets, according to a new report published in the New York Times.
The NSA is helping try to protect federal agencies from foreign-based cyber attacks, but Snowden's method to steal data was surprisingly simplistic - and extremely successful. If Snowden was based at the NSA's main headquarters, it's likely he would have been detected, but the NSA contractor didn't have policies as stringent.
Snowden is accused of scraping "data out of our systems" as he continued his daily job duties, a senior intelligence official told the Times. "We do not believe this was an individual sitting at a machine and downloading this much material in sequence."
The NSA and U.S. lawmakers continue to show disgust with Snowden's actions over the past year - and citizens are more aware of the NSA's questionable activity - with friction expected in the foreseeable future.
In the continued battle against cyber warfare, the FBI recently opened the door to security experts willing to share information about malware. Specifically, the Investigative Analysis Unit (IAU) wants to create "global awareness of the malware threat" in anticipation of what lies ahead in the future. The request for quote (RFQ) is a unique effort to purchase malware so the FBI intelligence services are able to try and reverse-engineer the security threats.
The FBI is currently seeking security firms to submit malware samples for federal computer teams to learn more about how the malicious software is made and distributed. Executive files, digital media files, exploited code, and Office documents will be collected, though security experts are welcome to try and stump the FBI with select malware.
Sophisticated malware continues to plague desktop and mobile users, with malware targeting Microsoft Windows, Linux, and Apple OS X/iOS.
The 2014 Winter Olympic Games are currently underway from Sochi, Russia, where the Russian government and cyber criminal groups are reportedly compromising smartphones, tablets, laptops, and other consumer electronics. Even after a recent NBC News report that indicated its reporters were quickly digitally compromised, research firm Gartner also reminds users that they face security risks everywhere they go with their devices.
As the media loves attention-grabbing headlines, such as Russian FSB and criminals can't wait to hack western mobile devices during the Olympics, cyber security threats are daily occurrences for many users. The Gartner blog published by Paul Proctor, VP Distinguished Analyst, also called out NBC for not carefully wording the published story - a bit of fear mongering an anti-Russian spying sentiment helped NBC with page views, though didn't offer a 100 percent genuine look at cyber threats.
Furthermore, many of the attacks focusing Sochi guests aren't geographically dependent, and the same security limitations and phishing attacks plague users every day at the local coffee shop, library, or shopping center.
The threat of domestic terrorism and attacks by Al Qaida are pressing matters to national security, but many U.S. government officials are instead focused on former NSA contractor Edward Snowden. A recent official said Snowden has done 'profound damage' to future U.S. security efforts, supporting a previous lawmaker that said Snowden is a traitor and criminal.
"What Snowden has stolen and exposed has gone way, way beyond his professional concerns with so-called domestic surveillance programs," said James Clapper, Director of National Intelligence, during a recent Senate committee hearing. "As a result, we've lost critical foreign intelligence collection sources, including some shared with us by valued partners."
U.S. citizens, foreign leader, and Silicon Valley executives are upset with the NSA's spying practices, which continually trampled over Internet users. However, many U.S. lawmakers remain unhappy with Snowden, and demand he returns government documents without any further disclosures.
Meanwhile, Rep. Marc Thornberry, a Texas Republican, said Snowden's security leaks will "certainly cost billions to repair" moving forward.
U.S. retailer Target is still working its way through a massive security breach that impacted more than 70 million in-store customers, a major issue that was first reported late last year. Additional details made available indicate a serious security overhaul will need to take place within Target, and other major retailers should closely follow suit.
Although it appears sophisticated malware targeted point-of-sale (POS) machines in Target stores, it appears some blame is being thrown towards a heating, ventilation and refrigeration third-party contractor. Cyber criminals behind the Target breach may have used the HVAC contractor's stolen account information to gain access, which led to easier access to Target's internal network.
The HVAC company, rumored to be Fazio Mechanical Services from Pennsylvania, confirmed it was recently visited by Secret Service investigators looking into the Target breach.
Target Chief Financial Officer John Mulligan recently appeared before a U.S. Senate Judiciary Committee, apologizing for the retailer's massive data breach.