Hacking, Security & Privacy - Page 46

Prior to former contractor Edward Snowden disclosing the NSA's mass surveillance efforts, many people turned to the Tor Web browser for anonymous Internet searching. However, the free and popular tool is no longer as secure, with law enforcement agencies also able to identify users they suspect of criminal activities.

"There's not a magic way to trace people [through Tor], so we typically capitalize on human error, looking for whatever clues people leave in their wake," said James Kilpatrick, Homeland Security Investigations agent, in a statement.

It was only a few years ago when law enforcement and federal agencies believed they couldn't crack Tor, but multi-agency efforts led to better data collection and social engineering patterns.

The United States military is boosting its cyber capabilities as the Defense Department has almost 1,800 employees as part of its Cyber Mission Force. By the end of 2016, that staffing figure is expected to increase up to 6,000 before the end of 2016, while the US government continues to support in cyberattacks.

To try and increase the staffing level in such a short amount of time, military officials hope to recruit current military personnel - Silicon Valley cybersecurity specialists are unlikely to leave behind high-paying jobs to join the government's new programs.

"We spent a lot of time in the last two years in particular figuring out what the [recruiting] model would be,"a senior defense official recently told reporters. "Initially sometimes people will think about recruiting highly skilled people from the outside, and that is one option... but quite honestly, the way we're going to be most successful is using people within the force [including those with no cyber background] and giving them the training."

Less than one week after two banks hit Target and credit card security service company Trustwave with a class-action lawsuit, the banks have pulled the lawsuit.

It seems Trustwave was inaccurately noted as a Target IT security contractor, which doesn't appear true - interestingly, the class-action lawsuit aims to try and expand responsibility of the data breach away from just Target.

"Contrary to the misstated allegations in the plaintiffs' complaints, Target did not outsource its data security or IT obligations to Trustwave," said Robert McCullen, Trustwave CEO, in a public statement. "Trustwave did not monitor Target's network, nor did Trustwave process cardholder data for Target."

A rather shocking 43 percent of identity theft cases last year can be traced back to medical identity theft, as security experts and healthcare providers struggle to keep up with security challenges, according to a recent study.

Unfortunately, medical records are significantly more lucrative to cybercriminals, meaning it's a popular target for attacks.

"Despite concerns about employee negligence and the use of insecure mobile, 88 percent of organizations permit employees and medical staff to use their own mobile devices such as smartphones or tablets to connect to their organization's networks or enterprise systems such as email," according to the Ponemon Institute's Fourth Annual Patient Privacy and Data Security report.

Android had a greatly successful year in 2013, capturing around 87 percent of the international smartphone market - but during the same year, the Android community had to deal with a large amount of malware and security threats.

Ninety-seven percent of current mobile malware targets Android, and users will continue to face a large amount of threats moving forward.

Security company F-Secure recommends sticking to the Google Play Store to download apps, as one in every 1,000 apps might have had malware - while purchasing or downloading apps from other sources can easily lead to malware infection.

The "Coinkrypt" malware is making its rounds, infecting Google Android devices, letting cybercriminals mine Litecoin, Casinocoin and Dogecoin courtesy of hijacked devices.

Most malware today is designed to either steal information or create some type of financial incentive for criminals - and Coinkrypt follows that same strategy, but with a rather unique twist.

Although it isn't prevalent at the moment, security researchers want users to be aware of the potential ramifications if they are infected - including potentially causing batteries to drain faster - or eventually leads to overheating.

In a double whammy, the Fareit Trojan targeting Microsoft Windows PCs also has been found to spread the Cribit ransomware, as security researchers transition to defend against sophisticated cyber threats.

There are two versions of Cribit in the wild - one version encrypts files on the infected PC and shows an English ransom, while the other version has messages also available in Chinese, French, Arabic and Spanish, researchers note.

"After all, cybercriminals are after one goal: to get a person's money," said Christopher Budd, Trend Micro threat communications manager, in a statement to SC Magazine. "Returning/decrypting a victim's files won't certainly be a priority or major concern for these people. Additionally, paying the ransom may encourage and help expand the operations of cybercriminals."

We all know by now that the FBI, CIA and NSA request information on us from big tech giants such as Apple, Microsoft, Facebook and Google, but did you know that Microsoft sends a massive invoice every time it gives away your private information? A newly released document shows that at least in one incident, Microsoft billed the government as much as $15,600 for information that was requested.

The Syrian Electronic Army hacker group has just leaked details that show Microsoft billing the US government more than $350,000 on September 5th of 2013. The invoice appears to show that more than 78 invoices for request were sent to the government, with the highest being shown set at a whopping $15,600.00.

The government agency in question is the FBI's Digital Intercept Technology Unit. The leaked documents show that Microsoft was billing the FBI more than $100,000 per month on average between 2012 and 2013, and that each individual request cost the FBI $100 during 2012 and into 2013 until Microsoft raised the price to $200 per request.

The recent Google Android bug discovered by security researcher Ibrahim Balic reveals a common technique could compromise the popular OS due to memory corruption - resulting in the device crashing.

In extreme cases, it appears memory code corruption vulnerability could be boosted and lead to arbitrary code execution, with users at risk of operating a rooted device.

"Although it's true that this vulnerability is capable of crashing Android mobile devices, it's important to point out that at this time there are no known instances or infections of this particular vulnerability 'in the wild,'" said Ryan Smith, Mojave Networks Lead Threat Engineer, in a statement. "Mobile malware distributors are typically motivated by money and information, and are therefore unlikely to use their established distribution channels to disseminate malware an app that simply crashes the device and doesn't gain them anything."

Microsoft Windows XP remains an extremely popular and well-liked operating system, but the security benefits alone of Windows 7 and 8/8.1 haven't been enough to get users to migrate. However, Microsoft and security experts are strongly urging both users and companies to upgrade, or potentially face harmful cyberattacks.

Pure Hacking has a few tips regarding XP: Disable what users don't need on the OS, replace XP with Windows 7, segregate legacy installations, and implement application whitelisting control.

"Across Australia there are tens of thousands of machines still running Windows XP - just think POS terminals, let alone all those SMBs," said Gordon Maddern, Pure Hacking CTO, in a statement. "Anyone still on XP will be wide open to attack. All new vulnerabilities - and countless numbers of these are likely - will no longer be fixed by Microsoft. I cannot stress enough, it's time to migrate, migrate, migrate."

Time Warner Cable processed almost 12,000 government requests in 2013, with 82 percent subpoenas, 12 percent court-ordered incidents, 4 percent were search warrants, 2 percent were emergency requests, and 0.3 percent were wiretap orders.

TWC says the company received between 0 and 249 National Security Orders, though cannot identify an exact number. The company wants to become more open about customer information requests, especially after Edward Snowden's spying disclosures made last year.

We will issue future Transparency Reports on a semi-annual basis," TWC said in a statement. "We have also provided answers to frequently asked questions related to the practices we follow to strengthen protections for the privacy of customer information."

The malicious BlackOS software package has been updated and is now available on the cybercriminal underground for $3,800 per year.

As noted by Trend Micro, the updated software is better suited to process and manage website exploitation, providing a great return-on-investment for cybercriminals. A custom Web interface allows for better web traffic management and access to features that lead to redirected traffic and iframes injection.

"They do a mass attack, there are no specific targets as these websites are just a launch pad to perform their malicious attacks," said Chris Budd, Trend Micro threat communications manager, in a statement to SC Magazine. "They are usually looking for an easy access, once they are inside they will try to level up the privileges to gain root access on the machine and therefore be able to [make] use of the BlackOS features, which is inject a malicious IFrames in all web pages."

An online predator group targeting children as young as three years old utilizing Tor was recently busted by the US Department of Homeland Security. So far, 14 members accused of leading the child pornography website were arrested and face charges related to conspiracy to operate an organized child exploitation enterprise.

Operating from June 2012 to June 2013, the group had more than 27,000 members across the world, with access to at least 2,000 videos.

"These indictments represent a strong coordinated strike - by Homeland Security, the U.S. Postal Inspection Service, and several U.S. Attorney's Office around the country - against child pornography and those who allegedly seek to harm our most vulnerable citizens, our young children," said Kenneth Allen Polite, Jr., U.S. Attorney, in a press statement.

Following years of burying their heads in the sand, lawmakers in the United States are finally taking cybercrimes seriously. As noted in the "Gangs Beyond Borders: California and the Fight Against Transnational Organized Crime" report released by California Attorney General Kamala Harris.

The state of California led all states in organized attacks, with computer systems under threat from malware.

"With the rise of a global society connected by the Internet, criminal rings organized to commit hacking, fraud, pirating and other high-tech crimes across borders have rapidly profilerated," the report notes. "These rings operate frequently from Eastern Europe, but also from places as diverse as West Africa and China, and specifically target the citizens, computer networks, and companies of prosperous countries like the U.S."

The NSA wants to be engaged in the continued global discussion of security and secrecy in the digital age, forced to the table following countless complaints of violating user privacy, according to NSA deputy director Richard Ledgett.

The NSA continues to face pressure from Internet users, foreign citizens, political leaders and tech companies, forcing the intelligence agency to go on the defensive. To help try and appear more transparent, there is a current proposal for the NSA to release transparency reports helping give insight into NSA operations.

Ironically, Ledgett said the NSA wanted to share a public point of view during TED to help counter the "half-truths and distortions" made public by Snowden. Ledgett also said Snowden put lives at risk, showing "the bad guys" some of the NSA's cybersecurity and snooping methods.

Convicted teenage hacker Jared James Abrahams has been sentenced to 18 months in federal prison following two years of compromising online accounts of women he later blackmailed. The 19 year old pleaded guilty last November to one count of unauthorized access of a computer and three counts of extortion, and reportedly broke into around 150 online accounts.

Abrahams grabbed headlines after he compromised Miss Teen USA 2013 winner Cassidy Wolf, in which he accessed her computer and used their webcams to photograph them.

"As digital devices, email accounts, and social media accounts now contain the most intimate details of the public's daily lives, the impact of this type of hacking and extortion becomes more pronounced, troubling, and far-reaching," the U.S. Department of Justice noted. "In some cases, this type of criminal behavior can be life-changing for the victims - especially for vulnerable victims who may feel it is impossible to rebuild their tarnished reputations."

Edward Snowden has changed the world with his revelations of the NSA spying on virtually everyone, where Down Under, multiple Australian law enforcement agencies and the Australian Security Intelligence Organization (ASIO) have submitted proposals asking the Australian Senate for more surveillance power.

State police have even gone as far as asking the government to log citizens' Web browsing history. After the Snowden leaks on the NSA's spying programs and Australia's cooperation in sharing information with other countries, the Australian Senate opened an inquiry on whether Australia's Telecommunications (Interception and Access) Act of 1979 should be revised, in order to better protect Australian citizens' privacy.

Since then, ASIO as well as multiple state police, submitted commentary asking for even more data retention, but offering no added protection for citizens' data. ASIO added that the Snowden leaks will make it harder for the organization to gather meaningful data about a person, so it thinks it should have more power to perform its surveillance duties.

Edward Snowden's latest leak is quite interesting, with the NSA whistleblower talking about the US spy agency's MYSTIC voice interception program, which is capable of collecting the entire nation's "every single" phone call, storing the voice recordings for a month.

MYSTIC began back in 2009, with the NSA developing a RETRO tool that is capable of accessing any voice call from the selected nation, for a period of 30 days. The first nation to have their phone calls recorded by MYSTIC and RETRO started in 2011, with as many as six more countries possibly being spied upon. The Washington Post was asked by US officials to note reveal which countries MYSTIC was operating on.

The program was quite successful, with the NSA bringing in "high-stakes intelligence that would not have existed under traditional surveillance programs in which subjects were identified for targeting in advance," according to The Washington Post. "Unlike most of the government's public claims about the value of controversial programs, [highly classified] briefings supply names, dates, locations and fragments of intercepted calls in convincing detail."

Mobile phone metadata is more valuable than the National Security Agency (NSA) tries to imply, and it's possible to find sensitive information with phone metadata, using social media, and pattern matching, according to Stanford University researchers.

Computer science graduate students learned, using 546 volunteers, that 57 percent of volunteers made at least one medical-related call, with 40 percent calling financial services. In total, the callers made 33,688 unique numbers and were able to make corroborations related to medical conditions and firearm ownership.

"At the outset of this study, we shared the same hypothesis as our computer science colleagues - we thought phone metadata could be very sensitive," the researchers found.

Both consumers and business users face a tremendous amount of security threats, despite next-generation security solutions trying to keep PCs and mobile devices protected.

Malware is increasingly sophisticated and slipping by traditional anti-virus software, with software creators finding low risk and high reward for their behaviors.

"As often as not, malware gets into your systems become you invited it by clicking a link without thinking," said Bruce Campbell, VP of Marketing at Clare Computer Solutions, in a statement to TweakTown. "Take the dreaded CryptoLocker ransomware... most commonly, it was introduced as an attachment to an e-mail that said it was from UPS. The attachment looked like a PDF file and the e-mail said - Track Information, see attached."