The U.S. Congress has a small window of time to stop proposed changes in federal court rules that will expand the FBI's authority to hack into computers during criminal investigations, a senator said Thursday.The rule changes allowing expanded FBI searches of computers, approved by the Supreme Court in April, go into effect in December unless Congress votes against them, and getting Congress to move in a contentious election year will be difficult, said Senator Ron Wyden, an Oregon Democrat and a critic of the changes.To read this article in full or to leave a comment, please click here
Over the past year the number of machines hit by ransomware that encrypts all or part of the hard drive is five-and-a-half times what it was the year before, according to Kaspersky Lab.The number in 2014-2015 was 131,111 compared to 718,536 in 2015-2016, according to the company’s report Ransomware in 2014-2016.+ ALSO ON NETWORK WORLD: Finally reason to hope in fight against ransomware | 5 things to know about ransomware +To read this article in full or to leave a comment, please click here
LizardStresser, the DDoS malware for Linux systems written by the infamous Lizard Squad attacker group, was used over the past year to create over 100 botnets, some built almost exclusively from compromised Internet-of-Things devices.LizardStresser has two components: A client that runs on hacked Linux-based machines and a server used by attackers to control the clients. It can launch several types of distributed denial-of-service (DDoS) attacks, execute shell commands and propagate to other systems over the telnet protocol by trying default or hard-coded credentials.The code for LizardStresser was published online in early 2015, giving less-skilled attackers an easy way to build new DDoS botnets of their own. The number of unique LizardStresser command-and-control servers has steadily increased since then, especially this year, reaching over 100 by June, according to researchers from DDoS mitigation provider Arbor Networks.To read this article in full or to leave a comment, please click here
In this episode of Security Sessions, CSO Editor-in-Chief Joan Goochild speaks with Ted Harrington from Independent Security Evaluators about how vulnerable hospitals are in protecting patient health.
If your autonomous car has to decide who lives -- you or the people it's heading for on the highway -- who should it save? Executive Editor Ken Mingis, Senior Writer Lucas Mearian and Multimedia Editor Keith Shaw drive the conversation.
A database described by some as a "terrorism blacklist" has fallen into the hands of a white-hat hacker who may decide to make it accessible to the public online.The database, called World-Check, belongs to Thomson Reuters and is used by banks, governments and intelligence agencies to screen people for criminal ties and links to terrorism.Security researcher Chris Vickery claims to have obtained a 2014 copy of the database. He announced the details on Tuesday in a post on Reddit."No hacking was involved in my acquisition of this data," he wrote. "I would call it more of a leak than anything, although not directly from Thomson Reuters."To read this article in full or to leave a comment, please click here
The number of users infected with mobile ransomware is skyrocketing, as hackers try to expand the number of potential victims they can target.Compared with a year ago, almost four times as many users are being attacked by mobile ransomware, security firm Kaspersky Lab said on Wednesday.It's a troubling trend. Ransomware has typically targeted PCs by encrypting all the information that is inside the targeted machines, and then holding the data hostage in exchange for money.To read this article in full or to leave a comment, please click here
The ancient Chinese military strategy guide The Art of War says that if you want to have a chance of prevailing in battle, you need to know your enemy. It’s good advice for the battlefield, and it's also good advice if you want to beat hackers in their constant attempts to take over your network.But in order to know these hackers you need to understand their motivations, and in many cases those motivations may not be what you expect. That's according to Dan Kaminski, the security expert who discovered a fundamental flaw in the Internet's Domain Name System (DNS) protocol in 2008 and who discovered flaws in the widely used SSL protocol a year later. Kaminski is a frequent speaker at Black Hat Briefings, and now works as Chief Scientist at White Ops, a security firm specializing in detecting bot and malware fraud.To read this article in full or to leave a comment, please click here
The infrastructure used by an Iranian cyberespionage group to control infected computers around the world has been hijacked by security researchers.Researchers from Palo Alto Networks came across the group's activities earlier this year, but found evidence that it has been operating since at least 2007. Its main tool is a custom malware program dubbed Infy, which was repeatedly improved over the years.The researchers have worked with domain registrars to seize the domains used by the attackers to control Infy-infected computers and to direct victims' traffic to a sinkhole server -- a server the researchers controlled.Control of the server was then transferred to the Shadowserver Foundation, an industry group that tracks botnets and works with ISPs and other parties to notify victims.To read this article in full or to leave a comment, please click here
The American Civil Liberties Union has filed a lawsuit challenging a 30-year-old hacking-crimes law, with the civil liberties group saying the law inhibits research about online discrimination.The ACLU on Wednesday filed a lawsuit challenging the Computer Fraud and Abuse Act on behalf of a group of academic researchers, computer scientists, and journalists. The CFAA limits online research because of its "overbroad criminal prohibitions," the ACLU said.The group of plaintiffs in the lawsuit want to investigate online discrimination in areas like housing and employment, "but they often can't," the ACLU said in a blog post. Courts have interpreted a provision of the CFAA prohibiting people from exceeding authorized access to a computer to include violations of website terms of service, the ACLU said.To read this article in full or to leave a comment, please click here
A Google security researcher has found high severity vulnerabilities in enterprise and consumer products from antivirus vendor Symantec that could be easily be exploited by hackers to take control of computers.Symantec released patches for the affected products, but while some products were updated automatically, some affected enterprise products could require manual intervention.The flaws were found by Tavis Ormandy, a researcher with Google's Project Zero team who has found similar vulnerabilities in antivirus products from other vendors. They highlight the poor state of software security in the antivirus world, something that has been noted by researchers.To read this article in full or to leave a comment, please click here
Security researcher Chris Vickery has a knack for finding unprotected databases, but this time it’s an especially explosive discovery as he came across a “terrorism blacklist” which contains the names of 2.2 million “heightened-risk individuals and organizations.”Vickery asked Reddit if he should share a copy of the Thomson Reuters World-Check database from mid-2014. He wrote, “This copy has over 2.2 million heightened-risk individuals and organizations in it. The terrorism category is only a small part of the database. Other categories consist of individuals suspected of being related to money laundering, organized crime, bribery, corruption, and other unsavory activities.”To read this article in full or to leave a comment, please click here
Security researcher Chris Vickery has a knack for finding unprotected databases, but this time it’s an especially explosive discovery, as he came across a “terrorism blacklist” that contains the names of 2.2 million “heightened-risk individuals and organizations.”Vickery asked Reddit if he should share a copy of the Thomson Reuters World-Check database from mid-2014. He wrote, “This copy has over 2.2 million heightened-risk individuals and organizations in it. The terrorism category is only a small part of the database. Other categories consist of individuals suspected of being related to money laundering, organized crime, bribery, corruption, and other unsavory activities.”To read this article in full or to leave a comment, please click here
The Flash Keyboard app has been downloaded more than 50 million times -- but is capable of some extremely dangerous behaviors."It looked like it was a convenient keyboard that had some nice features," said Bill Anderson, chief product officer at mobile security company OptioLabs. "The marketing copy in the app store looked great."For a while, the app was in the top 20 downloads for the Google Play Store, he added.MORE ON NETWORK WORLD: 6 simple tricks for protecting your passwords
"The problem was that it asked for just about every permission that an app could ask for," he said. "It was an especially long list. And surprisingly, most people said yes. But the permissions were so excessive that it turned this thing into a potentially marvelous way to hack phones."To read this article in full or to leave a comment, please click here
Hackers are stealing credit card information in Europe with malware that can spoof the user interfaces of Uber, WhatsApp and Google Play.The malware, which has struck Android users in Denmark, Italy and Germany, has been spreading through a phishing campaign over SMS (short message service), security vendor FireEye said on Tuesday.Once downloaded, the malware will create fake user interfaces on the phone as an “overlay” on top of real apps. These interfaces ask for credit card information and then send the entered data to the hacker.To read this article in full or to leave a comment, please click here
Before you throw away that old hard drive, make sure you purge the memory clean. A new study has found that most users are accidentally giving up photos, social security numbers and financial data, by failing to properly delete the files on their recycled hard drives.
Blancco Technology Group, which specializes in data erasure, conducted the study by randomly buying 200 secondhand PC storage drives from eBay and Craigslist. Their goal was to see if the company could recover any of the old data saved inside.
In most cases, it could. 78 percent of the drives contained residual data that could be recovered.To read this article in full or to leave a comment, please click here
A U.S. senator has stalled an intelligence budget bill over concerns that it would expand surveillance while limiting oversight of it.Senator Ron Wyden, an Oregon Democrat, has placed a hold on the 2017 Intelligence Authorization Act, saying the bill would allow the FBI, without a court order, to demand U.S. residents' email and Internet records from ISPs and other communications providers.The bill would allow the FBI to obtain new records through the controversial National Security Letter program, which allows the FBI to collect phone and financial records through administrative subpoenas.To read this article in full or to leave a comment, please click here
Attackers have compromised more than 25,000 digital video recorders and CCTV cameras and are using them to launch distributed denial-of-service (DDoS) attacks against websites.One such attack, recently observed by researchers from Web security firm Sucuri, targeted the website of one of the company's customers: a small bricks-and-mortar jewelry shop.The attack flooded the website with about 50,000 HTTP requests per second at its peak, targeting what specialists call the application layer, or layer 7. These attacks can easily cripple a small website because the infrastructure typically provisioned for such websites can handle only a few hundred or thousand connections at the same time.To read this article in full or to leave a comment, please click here
Over 25,000 hacked internet-connected CCTV cameras are being used for a denial-of-service botnet, according to researchers from the security firm Sucuri.The discovery came after Sucuri mitigated a DDoS attack against a jewelry store site; it had been generating 35,000 HTTP requests per second. But after bringing the website back up, researchers said the attacks increased to nearly 50,000 HTTP requests per second. When the attack continued for days, the researchers discovered the attack botnet was leveraging only IoT CCTV devices, which were located across the globe.Although this is not the first CCTV-based DDoS botnet discovered (900 had been used in attacks last year), it is the largest yet to be discovered.To read this article in full or to leave a comment, please click here
A move in the Senate to provide enhanced surveillance powers to the FBI through the use of National Security Letters met a hurdle Monday after Senator Ron Wyden placed a hold on the 2017 Intelligence Authorization bill over the controversial provisions.Wyden’s hold is a a measure by which a senator or group of senators can prevent a motion from reaching a vote.Tech companies and industry and civil rights groups are opposed to what is seen as a wider push by the Senate to increase the scope of the NSLs, which would allow the government to collect Internet records such as browsing history, email metadata, and location information through administrative orders and without court approval.To read this article in full or to leave a comment, please click here