Archive

Category Archives for "Network World Security"

U.S. convicts Russian hacker in credit card theft scheme

Jurors in a U.S. federal court have convicted a Russian hacker of stealing and selling more than 2 million credit card numbers.On Thursday, the jury in Seattle found Roman Valerevich Seleznev guilty of charges related to his hacking of point-of-sale systems.Seleznev was arrested in 2014 after U.S. authorities accused him of installing malicious software on point-of-sale systems in U.S. restaurants .From 2009 to 2013, Seleznev used this scheme to steal credit card data from businesses and send it back to his servers in Ukraine and McLean, Virginia. The stolen data was then sold on the black market, with Seleznev promising that buyers could make fraudulent purchases with them.To read this article in full or to leave a comment, please click here

Apple patches iOS security flaws found in spyware targeting activist

To spy on a human rights activist, hackers allegedly connected to a Middle Eastern government used three previously unknown vulnerabilities in Apple’s iOS.The claims -- from research at Toronto-based Citizen Lab and mobile security firm Lookout -- focus on spyware that targeted Ahmed Mansoor, an activist in the United Arab Emirates.Earlier this month, Mansoor received an SMS text message on his iPhone claiming to offer “new secrets” about tortured detainees in his country. However, inside the message was a link that, once clicked, can infect an iPhone with spyware, using three zero-day exploits of iOS, the research found.To read this article in full or to leave a comment, please click here

Apple patches iOS against potent zero-day spyware attack

Apple is issuing patches for three iOS zero-day vulnerabilities known as Trident that have been exploited for years by an Israel-based spyware vendor against a human rights activist, an investigative journalist and others.The attack, called Pegasus, is flexible, letting attackers steal a broad range of data from iPhones and iPads, according to the firms that discovered it.“In this case, the software is highly configurable: depending on the country of use and feature sets purchased by the user, the spyware capabilities include accessing messages, calls, emails, logs, and more from apps including Gmail, Facebook, Skype, WhatsApp, Viber, FaceTime, Calendar, Line, Mail.Ru, WeChat, SS, Tango, and others,” according to a blog post by Lookout Security, which, along with Citizen Lab, unearthed the vulnerabilities and Pegasus.To read this article in full or to leave a comment, please click here

So your company’s been hacked: How to handle the aftermath

After a company has been hacked and the hack has been discovered to be a harmful one, top executives and IT leaders normally huddle in a room to assess the loss.It's usually not a pretty scene.It's not as if heads are exploding. It is more like what some might call a tense "come to Jesus" moment."It's not good," said cyber security expert Tyler Cohen Wood. She's participated in post-hack forensics sessions at companies and has witnessed the faces of panicked executives firsthand. Inspired eLearning Tyler Cohen Wood is cyber security advisor to elearning company Inspired eLearning, and was previously a Defense Intelligence Agency cyber deputy division chief.To read this article in full or to leave a comment, please click here

Cisco starts patching firewall devices against NSA-linked exploit

Cisco Systems has started releasing security patches for a critical flaw in Adaptive Security Appliance (ASA) firewalls targeted by an exploit linked to the U.S. National Security Agency.The exploit, dubbed ExtraBacon, is one of the tools used by a group that the security industry calls the Equation, believed to be a cyberespionage team tied to the NSA.ExtraBacon was released earlier this month together with other exploits by one or more individuals who use the name Shadow Brokers. The files were provided as a sample of a larger Equation group toolset the Shadow Brokers outfit has put up for auction.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Hack the vote: How attackers could meddle in November’s elections

Political action committees aren’t the only entities attempting to influence the upcoming U.S. presidential election. Supposedly, Russia wants a say in who should lead the country. At least that’s the opinion you could form after reading the many news stories that allege Russia is behind the recent hacks targeting the Democratic National Committee and the Democratic Congressional Campaign Committee.Attack attribution aside (I shared my thoughts on that topic in last month’s blog), these data breaches raise the question of whether attackers could actually impact an election’s outcome.To read this article in full or to leave a comment, please click here

Data lakes security could use a life preserver

As big data initiatives gain steam at organizations, many companies are creating “data lakes” to provide a large number of users with access to the data they need. And as with almost every type of new IT initiative, this comes with a variety of security risks that enterprises must address.Data lakes are storage repositories that hold huge volumes of raw data kept in its native format until it’s needed. They’re becoming more common as organizations gather enormous amounts of data from a variety of resources.The growing business demand for analytics is helping to fuel the move to large repositories of data. And data lakes are likely to take on even more significance with the growth of the internet of things (IoT), in which companies will gather data from and about countless networked objects.To read this article in full or to leave a comment, please click here

New collision attacks against triple-DES, Blowfish break HTTPS sessions

There is now a practical, relatively fast attack on 64-bit block ciphers that lets attackers recover authentication cookies and other credentials from HTTPS-protected sessions, a pair of French researchers said. Legacy ciphers Triple-DES and Blowfish need to go the way of the broken RC4 cipher: Deprecated and disabled everywhere.Dubbed Sweet32, researchers were able to take authentication cookies from HTTPS-protected traffic using triple-DES (3DES) and Blowfish and recover login credentials to be able to access victim accounts, said the researchers, Karthikeyan Bhargavan and Gaëtan Leurent of INRIA in France. The attack highlights why it is necessary for sites to stop using legacy ciphers and upgrade to modern, more secure ciphers.To read this article in full or to leave a comment, please click here

Experts challenge Skyhigh’s patent for cloud-based encryption gateway

Skyhigh announced today that it has received a patent for its technology, which moves that encryption gateway into a hosted environment.Enterprises looking to protect sensitive data stored in cloud services can funnel user traffic through on-premises encryption gateways that allow them to keep control of their encryption keys. Moving the encryption process to Skyhigh's servers allows for easier access by remote employees, mobile users, business partners, or customers, said Rajiv Gupta, Skyhigh's CEO. He says the company offers these encryption gateways in various locations, allowing customers to comply with data residency and privacy laws.To read this article in full or to leave a comment, please click here

Facebook, Google, Twitter lax on terrorists’ misuse of their sites, say UK MPs

A panel of U.K. lawmakers has described as “alarming” that social networking companies like Facebook, Twitter and Google's YouTube have teams of only a few hundred employees to monitor billions of accounts for extremist content.“These companies are hiding behind their supranational legal status to pass the parcel of responsibility and refusing to act responsibly in case they damage their brands,” said a report released early Thursday in the U.K. by the Home Affairs Committee appointed by the House of Commons.To read this article in full or to leave a comment, please click here

Passwords stolen from Mail.Ru were old, the company says

The 25 million account passwords stolen from Mail.Ru in a recently discovered hack were old and invalid, the Russian internet company said Wednesday.“The security of our users wasn’t compromised in any way,” a Mail.Ru spokeswoman said in an interview.The hack targeted forums for game projects that the company has acquired over the years. These include subdomains at cfire.mail.ru, parapa.mail.ru and tanks.mail.ru. Hackers stole passwords of users who participated in the forums.However, the company said the stolen passwords were legacy data. None of them were related to current email accounts or other Mail.Ru services.To read this article in full or to leave a comment, please click here

This Android botnet relies on Twitter for its commands

Twitter users aren’t the only ones checking the microblogging service for important updates. Android malware is starting to do so, too.One maker of Android malware is using Twitter to communicate with infected smartphones, according to security firm ESET.The company discovered the feature in a malicious app called Android/Twitoor. It runs as a backdoor virus that can secretly install other malware on a phone.Typically, the makers of Android malware control their infected smartphones from servers. Commands sent from those servers can create a botnet of compromised phones and tell the malware on all the phones what to do.The makers of Android/Twitoor decided to use Twitter instead of servers to communicate with the infected phones. The malware routinely checks certain Twitter accounts and reads the encrypted posts to get its operating commands.To read this article in full or to leave a comment, please click here

When your government hacks you

There was a time when Cisco routers were unstoppable, and their deviations into proprietary protocols and constructions were accepted because Cisco could do no wrong. They were the smartest kids in networking protocols.But there is a crack in their armor, a glitch in the Teflon. Cisco may not be the only networking infrastructure vendor to now face an attack ostensibly from their own government, just the largest.Just as the U.S. government has taken Huwaei to task for an accusation of hidden code benefiting the Chinese government, other governments across the planet now know that their Cisco infrastructure can be cracked open—and no, it’s not easy, and requires an additional step of having hacked in from some place else.To read this article in full or to leave a comment, please click here

Hackers tap vBulletin vulnerability to break into 27 million more accounts

A vulnerability in a widely-used internet forum software is becoming a go-to method for hackers to steal data.Hackers recently targeted 11 different sites, many of them from Russia, and stole information from more 27 million Internet accounts, according to LeakedSource, a repository for data breaches.  About 25 million accounts of those accounts were from cfire.mail.ru, parapa.mail.ru, and tanks.mail.ru, all of them Russian language games. Another 1 million were tied to gaming titles from Funcom, including The Secret World and Age of Conan. The stolen data includes email addresses and hashed passwords that can be easily cracked.To read this article in full or to leave a comment, please click here

Telegram’s encryption stymies French police but pleases their bosses

French government officials have been revealed as fervent users of Telegram, a messaging app that is frustrating their interior minister with its end-to-end encryption.Telegram's fans include the current head of the French judicial police, Christian Sainte, and his predecessor, Frédéric Péchenard. The app's security has also won over a number of legislators, including the French finance minister, who encourages his team to use it, according to Wednesday's edition of French newspaper Le Canard Enchainé.Telegram claims over 100 million monthly users of its secure messaging app, but it was the action of just one of them -- Normandy church attacker Adel Kermiche -- that prompted French interior minister Bernard Cazeneuve to call on Tuesday for investigators to be allowed to eavesdrop on Telegram users' conversations.To read this article in full or to leave a comment, please click here

French submarine builder’s documents leak: A case of hacking for economic espionage?

DCNS, a French submarine builder, has allegedly been hacked – potentially for economic espionage reasons – and 22,400 pages of “secret” documents pertaining to its Scorpene-class submarine have been leaked.The Australian published redacted portions of the leaked documents, claiming to have seen thousands of pages outlining highly sensitive details about systems, sensors, specifications, tech manuals, stealth capabilities, antennae models, electromagnetic and infrared data, conditions under which the periscope can be used and more. The leaked documents reportedly detail “the entire secret combat capability of the six Scorpene-class submarines that French shipbuilder DCNS has designed for the Indian Navy.”To read this article in full or to leave a comment, please click here

Startup IDVector anonymizes like Tor

A pair of former defense industry cyber security contractors is launching IDVector, a service that creates encrypted connections through an anonymizing network to shield users’ locations and to protect their machines from internet-borne attacks.IDVector Network passes customer traffic through a multi-node encrypted path before dropping it onto the open internet at locations removed from customers’ actual geographical locations.That tunneling makes it difficult for eavesdroppers to snoop content and identify where customers are located, making it possible for customers to use public Wi-Fi safely, say the company’s founders, CEO Ben Baumgartner and CTO Andrew Boyce.To read this article in full or to leave a comment, please click here

What you need to do to stop data from leaving with exiting employees

It may come as a surprise, but more likely than not, when employees leave a company they’re taking company data with them. While it’s not always out of malicious intent, the amount of unprotected company information that walks out the door can result in bigger losses in the future.Biscom’s national study around data in the workplace revealed that more than one in four employees leave their job with company data. The study spotlights employees as a big security vulnerability to business data. To help prevent this, Bill Ho, CEO of Biscom, offers a few tips to minimize this threat.1. Establish clear employee policies on handling company data and informationTo read this article in full or to leave a comment, please click here

19% of shoppers would abandon a retailer that’s been hacked

Nearly a fifth of shoppers would avoid at a retailer that has been a victim of a cybersecurity hack, according to a survey.The 2016 KPMG Consumer Loss Barometer report surveyed 448 consumers in the U.S. and found that 19% would abandon a retailer entirely over a hack. Another 33% said that fears their personal information would be exposed would keep them from shopping at the breached retailer for more than three months.The study also looked at 100 cybersecurity executives and found that 55% said they haven't spent money on cybersecurity in the past yearand 42% said their company didn't have a leader in charge of information security.To read this article in full or to leave a comment, please click here

1 151 152 153 154 155 319