TweakTown NewsRefine News by Category:
Cybercriminals responsible for creating and using the "BlackShades" malware have been arrested, with police authorities in 16 different countries arresting at least 80 people reportedly involved. The custom malware was sold to thousands of clients, and led to more than 500,000 PCs being infected, giving criminals the ability to remotely access PCs.
The criminal operation has been in operation since 2010 and was responsible for the distribution of "malicious software to thousands of cybercriminals throughout the world." Attackers were able to compromise users and had the ability to "access and view documents, photographs and other files ... record all of the keystrokes entered ... steal the passwords to the victim's online accounts and even activate the victim's Web camera to spy on the victim."
International police authorities are trying to crack down on organized cybercriminals, but tend to get to those responsible after
Cisco CEO John Chambers has written a letter to President Barack Obama urging him to curtail spying by the National Security Agency (NSA), in an effort to rebuild bridges and stop eroding trust. Former NSA contractor Edward Snowden turned the security world upside down when he disclosed organized mass surveillance against U.S. and foreign citizens.
"We simply cannot operate this way, our customers trust us to be able to deliver to their doorsteps products that meet the highest standards of integrity and security," Chambers said in the letter.
Cisco believes Internet security is absolutely paramount, and wants to ensure its customers and users that nothing is being done to deceive its customers. In a previous company blog post, Mark Chandler, Cisco General Council, had this to say regarding the company's business practices, noting that Cisco does "not work with any government, including the United States government, to weaken our products. When we learn of a security vulnerability, we respond by validating it, informing our customers, and fixing it."
The U.S. Justice Department has filed charges against five members of the Chinese Army, saying they are responsible for launching cyberattacks to compromise American companies. This is a notable announcement, as it's the first time charges have been issued against foreign countries. Furthermore, industries targeted include nuclear, solar and steel companies, with hackers trying to give a competitive advantage to Chinese companies.
"The range of trade secrets and other sensitive business information stolen in this case is significant and demands an aggressive response," said Eric Holder, U.S. Attorney General, during a press conference this morning. "Success in the global marketplace should be based solely on a company's ability to innovate and compete, not on a sponsor government's ability to spy and steal business secrets."
President Obama's administration has long accused the People's Liberation Army of launching cyberattacks targeting western companies, in an effort to steal intellectual property. Security experts are quick to point their fingers at China as the top foreign-based threat of organized cyberattacks against the United States.
Former NSA contractor Edward Snowden made U.S. and British enemies stronger and likely provided Russia with intelligence, according to government politicians still angry at the whistleblower. Snowden reportedly has made it significantly more difficult for intelligence agencies to try and conduct surveillance against al-Qaeda and other terror groups, which have changed their tactics.
"Obviously, they wouldn't have given him asylum if they had not obtained certain information," said Senator Saxby Chambliss (R-GA), the top ranking Republican member of the Senate intelligence company. "He has access to some information that's undoubtedly been given to the Russians and some of it is definitely something that is likely to cost the lives of Americans and the lives of some of our allies."
Meanwhile, German authorities are considering trying to arrange a video interview - or sending a delegation to Moscow - to speak with Snowden regarding U.S. spying activities against Germany. U.S. lawmakers previously showed concern that Snowden is likely under "Russian influence," as he remains somewhere in Russia, living there with temporary asylum.
Consumers have a wide variety of appealing smartphones and tablets to choose from, though must be aware of the security risks that they must deal with. Unfortunately, many users don't bother to keep their phone password-protected, and ignore any type of security risks - greatly opening up the likelihood of being infected by cybercriminals.
"Mobile devices have become an attractive target for cybercriminals," said Roberto Martinez, Kaspersky Lab researcher from the global research and analysis team, in a statement to TweakTown. "Currently, some of the greatest mobile threats are malicious applications or malware, lost or stolen devices and insecure Wi-Fi connections. These threats can cause the loss of personal or financial information."
Kaspersky Lab also gave TweakTown an inside look into basic security tips for smartphone users, trying to keep their mobile devices secure. There is a special emphasis in Google Android smartphone and tablet security, as 99 percent of mobile threats target Android-powered devices.
Email users at the University of Hawaii are being targeted by cybercriminals using phishing attacks, with the school's Information Technology Services office recently sending out a notice to current and former students. UH officials sent out a notice to email account owners, warning them to alert their credit card services if they turned over any personal information.
In an email sent to UH email users, security officials warned that "the attackers took elements from legitimate campus announcements or communications to make the messages look authentic." Specifically, the fraudulent email used a legitimate Google form, which has been removed by Google, with a warning that the university doesn't send unsolicited messages that ask for any type of user personal information.
Universities are popular targets for cybercriminals, either trying to phish users, or steal bulk amounts of personal information that can be later sold or traded. A data breach at Iowa State University could affect up to 30,000 students, and the University of California at San Francisco and University of Pittsburgh Medical Center were both hit by data breaches - with growing concern that university officials are too slow to inform students and faculty of data breaches.
The Chinese government must work to boost Internet security due to "overseas hostile forces" that are launching efforts to "attack, slander and spread rumors," according to Wang Xiujun. Since President Xi Jinping went into office last year, and he has led several crackdowns on Internet freedom for Chinese users - and wants to push his country into a "cyber power."
"Now, overseas hostile forces are using the Internet as a main channel to penetrate and destroy (us)," said Xiujin, China National Internet Information Office deputy director, to Chinese media. "Using the name of 'Internet freedom' to repeatedly attack, slander and spread rumors in an effort to undermine our country's stability and national security."
The Chinese government is well known for limiting Internet usage - and cracking down on dissidents - though is developing its own cyberattack abilities. Along with Russia and Eastern European-linked hacker groups, China has been routinely blamed for launching attacks against western targets.
A participant in the Carder.su cyber fraud ring, David Ray Camez, 22, has been found guilty of one count of conspiracy to participate in a racketeer influenced corrupt organization (RICO) and one count of participating in the criminal group. Camez already is serving a seven-year sentence for similar fraud-related behaviors.
The Carder.su group was responsible for selling stolen credit card information and counterfeit identifications and fake credit cards, including narcotics and money laundering charges - with 39 total accomplices charged. So far, seven have pleaded guilty, two will be going to trial soon, and the remaining members currently on the run from police.
This case marks the first time that racketeering laws were used against a cybercriminal, as the federal government tries to crack down against data theft.
Minnesota has become the first state to make kill switches mandatory, following Governor Mark Dayton's decision to sign the bill into law last week. The new law will go into effect on July 1, 2015, and all smartphones sold in Minnesota must have some type of antitheft - or kill-switch technology - pre-installed on phones sold to consumers.
The California Senate recently passed a smartphone kill switch bill, which must be approved by Governor Jerry Brown, as the smartphone industry is still unsure of kill switches.
Police authorities throughout the United States have called for some type of smartphone theft legislation - around 1 in 3 robberies in the United States led to smartphone loss, the Federal Communications Commission noted. However, officials from the CTIA-The Wireless Association said mandatory laws aren't necessary due to voluntary kill switch initiatives that wireless carriers and smartphone manufacturers have agreed to.
Mobile security is a major effort from handset manufacturers, wireless carriers, and security companies, though many smartphone and tablet users remain blissfully unaware. A lot of users don't have any type of additional security software on their devices, or conduct activities which open themselves up to additional threats, researchers previously noted.
To help share methods on how users can keep themselves better protected, TweakTown asked Roberto Martinez, a Kaspersky Lab researcher with the Global Research and Analysis Team: "There are several ways that the users can be protected. It's recommended to not perform procedures of 'rooting' or 'jailbreaking' in devices because this eliminates protection features of the operative systems. It's also recommended to regularly update any OS and applications."
In addition to avoiding jailbreaks, there are other tips and techniques for users to avoid being compromised: "Users should be very careful with the applications that are installed in devices, especially those that are offered for free and don't come from reliable sources. Additionally, users should be careful when connecting to public Wi-Fi networks, and if applicable, use VPN tools instead. And of course, always use anti-malware and encryption protection tools."