After Heartbleed, 'Cupid' could hit Wi-Fi routers & Android devices

Tamlin Magee | Hacking, Security & Privacy | May 30, 2014 7:27 PM CDT

Weeks after it became evident Heartbleed was one of the biggest security threats to the internet ever, one security researcher has released a proof of concept that could deploy the same vulnerability over Wi-Fi.

Luis Grangeia has called his concept 'Cupid', and it would operate in a similar way to Heartbleed. But rather than being hidden on the web, it would run over Wi-Fi and take data from routers or Android devices. Android Jelly Bean 4.1.1 devices are particularly vulnerable.

There's not quite cause for panic over this vulnerability just yet, as although there's a proof of concept the attack would have to be carried out over Wi-Fi range, which would limit potential targets, the Verge reports.

Continue reading: After Heartbleed, 'Cupid' could hit Wi-Fi routers & Android devices (full post)

UK PM's adviser urges Google to do more to curb online piracy

Tamlin Magee | Internet & Websites | May 30, 2014 7:14 PM CDT

The British Prime Minister's intellectual property adviser has said Google should do more to curb online piracy, and has urged the search giant to lead the charge in curbing the trend.

In a new report, member of parliament Mike Weatherley suggested it is up to search engines to take the fight to copyright theft, putting the indomitable market leader Google in the crosshairs.

His recommendations, the Guardian reports, will be presented to British business secretary Vince Cable - and one idea is to stop advertising cashflow for websites that appear to be making a profit on piracy.

Continue reading: UK PM's adviser urges Google to do more to curb online piracy (full post)

Wireless payments struggle, as near field communication interest grows

Michael Hatamoto | Hacking, Security & Privacy | May 30, 2014 6:45 PM CDT

Near Field Communication (NFC) is common in Europe and Asia, but still has struggled to gain mainstream acceptance in the United States. Security remains a major concern, but continued growth in trusted service management (TSM) provides companies interested in wireless payments the opportunity to become more inventive. The TSM market is expected to jump from $280 million in 2014 up to $550 million in 2015, according to Frost & Sullivan, as more vendors utilize it for NFC-related transactions.

Almost 25 percent of U.S. consumers will carry a smartphone with NFC technology by 2016, according to Forrester Research, which will give banks, credit card companies, and payment startups a unique opportunity.

Moving forward, phone manufacturers are expected to embrace NFC built directly into new smartphones, as the technology becomes more common place in the United States. Apple has rejected NFC for quite some time now, though that could change with the iPhone 6, according to reports.

Continue reading: Wireless payments struggle, as near field communication interest grows (full post)

Whopping 47% of Americans have been hit by hackers in past 12 months

Michael Hatamoto | Hacking, Security & Privacy | May 30, 2014 3:46 PM CDT

Hackers have successfully compromised around 110 million Americans in the past 12 months alone, nearly half of all adults in the country, as companies struggle to keep up with growing cyber threats. It's hard to identify exact numbers, with larger companies not providing precise data of affected users following a large-scale data breach.

The compromised information typically includes various forms of personal information, including names, addresses, phone numbers, Social Security numbers, debit and credit card information, or bank account numbers. Companies such as Target and eBay suffered massive data breaches, while other companies are compromised to a smaller degree.

Collecting a lot of information about an individual is more valuable [for attackers]," said Larry Ponemon, Ponemon Institute head, in a statement to SCMagazine. "They'll take the data, and wait patiently. Then, two or three years after the breach, [the impacted] become the victim of identity theft."

Continue reading: Whopping 47% of Americans have been hit by hackers in past 12 months (full post)

TrueCrypt reportedly developers jump ship, free tool reportedly done

Michael Hatamoto | Hacking, Security & Privacy | May 30, 2014 3:16 PM CDT

The open source and free TrueCrypt full-disk encryption project is likely over after developers jumped ship, abruptly ending what was a popular asset for PC users. There are rumors circulating that TrueCrypt was compromised, though that hasn't been confirmed and still seems rather unlikely at this point in time.

In what was a rather cheeky way to throw in the towel, the truecrypt.org website redirects users to sourceforge.net, and current TrueCrypt users are being transitioned to BitLocker. This message also was posted:

"WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues" -

Continue reading: TrueCrypt reportedly developers jump ship, free tool reportedly done (full post)

We get some hands-on time with the shrunken In Win D-Frame Mini

Anthony Garreffa | Cases, Cooling & PSU | May 30, 2014 6:39 AM CDT

Computex 2014: When we reviewed In Win's amazing D-Frame chassis last year, we gave it 96% - which is nearly as good as it gets. Well, In Win is back with what seems like yet another hit with its shrunken down chassis, the D-Frame Mini.

We were hands-on today at the In Win factory tour, where we got some video footage (that you can watch above) and a slew of pictures for you to drool over. The new D-Frame Mini supports mini-ITX motherboards, which should see some interesting builds in the chassis. On the front of the D-Frame Mini, we have two USB 3.0 ports, something that has slid on over from the bigger brother, as well as two HD audio ports.

Continue reading: We get some hands-on time with the shrunken In Win D-Frame Mini (full post)

Red Dead Redemption described as a permanent franchise by Take-Two CEO

Shane McGlaun | Gaming | May 30, 2014 6:00 AM CDT

Fans of the video game Red Dead Redemption have been clamoring for a sequel to that game for a long time now. There seemed to be some concern that a sequel wouldn't be made. Considering the original Red Dead sold 13 million units, the fear of no follow up to the original seems out of place.

Take-Two CEO Strauss Zelnick has made some comments recently that seem to indicate that a sequel to the game is in the works. He described the Red Dead franchise as being permanent and sitting alongside Grand Theft Auto and Borderlands. Those are two of Take-Two's most popular franchises putting Red Dead in good company.

Zelnick also mentioned during the conference where he talked about Red Dead that his company uses a selective approach to releasing games. He says Take-Two doesn't want to flood the market with games. Rather than giving consumers more, he says they want better games.

Continue reading: Red Dead Redemption described as a permanent franchise by Take-Two CEO (full post)

Owner and operator of BlackShades pleads not guilty, faces 15 years

Michael Hatamoto | Hacking, Security & Privacy | May 30, 2014 12:17 AM CDT

The owner and operator of BlackShades has plead not guilty to computer hacking charges, for his role in selling malware software. Alex Yucel, 24, was arrested last November and extradited to the United States, and now faces up to 15 years if convicted of conspiring to commit access device fraud and access to device fraud, among other charges.

The group reportedly sold its Remote Access Tool (RAT) to thousands of customers across the world since 2010, authorities noted.

Recently, authorities announced 100 people have been arrested in multiple countries for their participation in BlackShades. Federal authorities are trying to clamp down on cybercrime groups, though tend to only make arrests following major incidents - and have been largely unable to stop groups before they compromise users.

Continue reading: Owner and operator of BlackShades pleads not guilty, faces 15 years (full post)

Microsoft reportedly ready to jump into crowded smartwatch market

Michael Hatamoto | Wearable Computing & Fashion | May 29, 2014 11:41 PM CDT

Microsoft is gearing up to release a smartwatch that will be compatible with its Windows Phone OS, along with support for Google Android and Apple iOS devices. Using technology refined by Kinect engineers, the watch will have two days of battery life and support continuous heart rate monitoring. A product announcement and launch date have not been released, though it could be available to consumers later this summer.

Throughout much of its dominant era, Microsoft didn't put a lot of effort into cross-platform compatibility, though including support for Android and iOS makes smart business sense. Both the iPhone and Android-powered smartphones currently control the market, and excluding users would greatly hurt potential sales.

It is an exciting time for the smartwatch market, with Samsung, Fitbit, Nike, Jawbone, and other companies already deeply involved - with Microsoft, Apple, and other companies expected to release their own devices. However, continuous heart rate monitoring would be a valuable asset for Microsoft, providing a better overall health analysis of watch owners.

Continue reading: Microsoft reportedly ready to jump into crowded smartwatch market (full post)

FireEye suggests link between malware growth and Ukraine conflict

Tamlin Magee | Hacking, Security & Privacy | May 29, 2014 2:02 PM CDT

As the situation grew more tense in the Ukraine and Russia over the annexing of Crimea, so did malicious activity between the two states in cyberspace.

According to a new report from security company FireEye, malware "callbacks" - where communications from compromised machines go back to the attacker's first stage server- increased dramatically over the period. Although the reasons cannot be known for sure, FireEye says it sees a "likely correlation" between the number of callbacks to Russia and Ukraine and the intensification of the crisis.

For 2013, Russia was seventh place in the amount of malware callbacks but in March 2014 it jumped to third place - at the same time its parliament authorized the use of force in Ukraine and Putin incorporated Crimea into the Russian Federation.

Continue reading: FireEye suggests link between malware growth and Ukraine conflict (full post)