Welcome Guest | Sign In
Antique Kernel Flaw Opens Door to New Dirty Cow Exploit
October 25, 2016
A Linux security vulnerability first discovered more than a decade ago once again poses a threat, Red Hat warned last week, as an exploit that could allow attackers to gain enhanced privileges on affected computers has turned up in the wild. Users need to take steps to patch their systems to prevent the exploit, known as "Dirty Cow," from granting access to unprivileged attackers.
DDoS Attack Causes Waves of Internet Outages
October 22, 2016
Hundreds of websites -- including those of biggies such as Netflix, Twitter and Spotify -- on Friday fell prey to massive DDoS attacks that cut off access to Internet users on the East Coast and elsewhere in the U.S. Three attacks were launched over a period of hours against Internet performance management company Dyn. The first attack started at about 7:10 a.m. EDT.
Assange Lives to Leak Another Day
October 19, 2016
The status of WikiLeaks founder Julian Assange grew a bit murky on Tuesday after the group accused the U.S. State Department of pressuring Ecuadorian officials to block him from posting additional emails linked to presidential candidate Hillary Clinton. The Ecuadorian foreign ministry on Tuesday acknowledged restricting Assange's access, saying it did not wish to interfere in a foreign election.
Odinaff Trojan Targets Banks, Financial Firms Worldwide
October 12, 2016
Symantec on Tuesday reported on a malware campaign that has targeted financial organizations worldwide for the past 10 months. Dubbed "Trojan.Odinaff," it has infiltrated the banking, securities, trading and payroll sectors, as well as organizations that provide them with support services. Odinaff is used in the first stage of an attack, to get a foothold into a network.
Backpage CEO Arrested for Pimping, Child Prostitution
October 7, 2016
Backpage CEO Carl Ferrer is facing extradition to California on charges his company earned millions of dollars by promoting adult and child prostitution through escort advertisements run on the site. Ferrer's arrest took place in Houston upon his return from the Netherlands to the headquarters of his Dallas-based company, perhaps the largest advertiser of adult escort services in the U.S.
Newsweek Joins Growing Club of Possible Russian Cyberattack Targets
October 7, 2016
Newsweek is the latest media institution to get caught up in a series of cyberattacks that have targeted major government, political and media organizations, raising suspicions of links to Russia. The news magazine sustained a massive DDoS attack the day after it published a cover story about Republican presidential candidate Donald Trump's business activities in the late 1990s.
Garden-Variety Cybercrooks Breached Yahoo, Says Security Firm
September 30, 2016
The hackers who stole the data of hundreds of millions of Yahoo users two years ago were two cybercriminal gangs, InfoArmor reported. That finding contradicts the notion that state-sponsored actors were behind the attack, which Yahoo suggested when it disclosed the breach. Further, the number of users' records stolen is closer to 1 billion than to the 500 million Yahoo acknowledged.
Hacking Elections Is Easy, Study Finds
September 30, 2016
It's no longer a question whether hackers will influence the 2016 U.S. elections -- only how much they'll be able to sway them. Leaked emails already have cost a Democratic Party chairperson her job, and the FBI last month issued a flash warning that foreign cyberadversaries had breached two state election databases. Those two states -- most likely Arizona and Illinois -- aren't alone.
Project Shield Has Krebs on Security's Back
September 27, 2016
The website of prominent security blogger Brian Krebs is back online this week after sustaining one of the largest distributed denial of service attacks in Internet history. DDoS attacks typically disrupt service at a website by flooding it with junk traffic. In this case, garbage traffic assaulted Krebs' site at 620 gigabits per second. By comparison, consumer bandwidth is in the 10-15 megabit per second range; businesses, 100 Mbps to 1 Gbps.
Hack of Half a Billion Records Takes Shine Off Yahoo's Data Trove
September 23, 2016
Yahoo on Thursday disclosed that a data breach in late 2014 resulted in the theft of information from at least 500 million customer accounts. It appears that state-sponsored hackers carried out the attack, the company said. Account information compromised includes names, email addresses, telephone numbers, dates of birth, hashed passwords, and security questions and answers.
Congress to Bureaucrats: Trust No One
September 20, 2016
Congress earlier this month lowered the hammer on the U.S. Office of Personnel Management in a report on the massive data breach that resulted in the theft of 4.2 million former and current government employees' personnel files, as well as 21.5 million individuals' security clearance information, including fingerprints associated with 5.6 million of them.
Cyberattacks on Athletes May Be Russian Distraction Tactic
September 16, 2016
Confidential information about international athletes surfaced on the Internet Wednesday -- the second such exposure this week. Russian hackers allegedly stole the information from the World Anti-Doping Agency. It includes confidential data on medical drug exemptions given to 25 athletes from eight countries. Information about four athletes appeared online earlier in the week.
Attack-for-Hire Teens Collared in Israel
September 14, 2016
At the FBI's request, Israeli authorities last week arrested two teens for operating vDOS, a DDoS-for-hire service that raked in more than half a million dollars in two years. DDoS attacks flood websites with garbage data in order to disrupt their operation and deny users access. The pair were questioned and released after posting bond of about $10,000 each.
Dropbox Drops Other Shoe in Years-Old Data Breach
September 8, 2016
Dropbox has confirmed that more than 68 million emails and passwords have been compromised from a hack that originally was disclosed in 2012. Exposure from the breach was limited to email addresses, Dropbox originally claimed. However, the hackers actually stole hashed and salted passwords. Even so, there have been no indications that they succeeded in accessing user accounts, the company said.
Obama Warns Against Cyber Cold War
September 6, 2016
President Obama on Monday urged de-escalation of a potential arms race involving cyberweapons. The president's remarks followed his meeting with world leaders, including Russian President Vladimir Putin, at the G20 Summit in Hangzhou, China. The U.S. has more offensive and defensive capability than any other country on Earth, Obama noted. The president urged adoption of new cybersecurity norms.
Feds Warn States to Batten Down Hatches Following Election System Attacks
September 2, 2016
The FBI has launched investigations into malicious cyberattacks on the electronic election infrastructures in Illinois and Arizona, and federal officials last month warned states to take steps to protect their systems as the presidential campaign heats up, according to reports. The attacks, dating back to June, led to the illegal download of information on more than 200,000 Illinois voters.
FairWare Hackers May Take Ransoms, Keep Stolen Files
September 2, 2016
The latest ransomware intrusion that targets Linux servers, dubbed "FairWare," may be a classic server hack designed to bilk money from victims with no intent to return stolen files after payment in bitcoins is made. The attack reportedly targets a Linux server, deletes the Web folder, and then demands a ransom payment of two bitcoins for return of the stolen files.
Massive Data Breach Puts French Sub Maker in Crosshairs
September 1, 2016
Officials in France and India are investigating a massive data breach involving thousands of documents belonging to defense industry contractor DCNS, which was scheduled to deliver six Scorpene-class submarines to the Indian navy later this year. Hackers stole more than 22,000 pages of documents that included detailed technical information on the vessels, some of which was published online.
Election Season Spawns Scams With Political Twist
August 30, 2016
Dirty tricks during political campaigns are nothing new, but the Internet and the proliferation of mobile devices have allowed tricksters to up their games a notch. It came to light last week, for example, that Donald Trump's campaign app was hoovering the address books on his supporters' phones. Trump's app wasn't doing anything illegal. It wasn't even trying to hide what it was doing.
Russian Gang Suspected of Hacking Oracle's POS System
August 20, 2016
Oracle has been investigating a point-of-sale system breach that may be the work of Russian cyberthieves. Hackers compromised at least 700 computers on the MICROS POS system, used by hundreds of thousands of hotels, restaurants and retail outlets worldwide to process credit card transactions, Krebs on Security reported earlier this month. More than 330,000 cash registers worldwide use MICROS.
The Growing Scourge of Cyberbullying, Part 2
August 17, 2016
The digitization of everything has decreased the degrees of separation between everyone. While that interconnectedness has solved many problems, old and new, digitization has worsened one age-old problem: bullying. An online bullying epidemic is now pushing parents, teens, teachers and technology companies to try even harder to mitigate the misery inflicted on its victims.
The Growing Scourge of Cyberbullying, Part 1
August 10, 2016
Smartphones are proliferating among adolescents, and so is cyberbullying. That's particularly worrisome due to its potential contribution to the No. 2 cause of teen death: suicide. About 26.3 percent of the middle- and high-school students who responded to a nine-school survey indicated that they'd been bullied in each of the eight years the poll was taken, researchers found.
Linux Botnets on a Rampage
August 5, 2016
Linux-operated botnet Distributed Denial of Service attacks surged in this year's second quarter, due to growing interest in targeting Chinese servers, according to a Kaspersky Lab report released this week. South Korea kept its top ranking for having the most command-and-control servers. Brazil, Italy and Israel ranked among the leaders behind South Korea for hosting C&C servers, according to Kaspersky Lab.
Old Tech Can Create New Security Woes
August 3, 2016
"Patch your systems in a timely manner" is a mantra of security experts, but what happens when the patch well runs dry because a product's maker no longer supports it? That is a situation facing many large enterprises, and it's one that poses security risks. Between 30 percent and 50 percent of the hardware and software assets in the average large enterprise have reached their end-of-life date.
Clinton Campaign Latest Target of Hackers Linked to Russia
July 30, 2016
The campaign of Democratic presidential nominee Hillary Clinton is the latest possible victim of a series of hack attacks some cybersecurity experts have linked to the Russian government. Campaign officials reportedly acknowledged that an analytics program it uses, which is maintained by the DNC, was accessed in a breach discovered earlier this month.
Public-Private Team Leads Assault on Ransomware
July 28, 2016
Ransomware has become a scourge on the Internet -- but two information security companies, along with a pair of law enforcement agencies, this week launched an initiative to do something about it. No More Ransom is the centerpiece of a collaborative effort involving Kapersky Lab, Intel Security, the Dutch National Police and Europol. The new portal aims to educate the public about ransomware.
Russians Hack DNC Servers to Get Goods on Trump
June 15, 2016
Two groups of Russian hackers burrowed into the Democratic National Committee's servers and spent months stealing information on Donald Trump, the Republican Party's presumptive presidential nominee, according to Crowdstrike. The security firm identified "two sophisticated adversaries on the network," noted CTO Dmitri Alperovitch, dubbed "Cozy Bear" and "Fancy Bear."
Crime Pays: Ransomware Bosses Make $90K Annually
June 14, 2016
If crime doesn't pay, Russian ransomware bosses wouldn't know it. The average Russian ransomware boss makes $90,000 a year -- or 13 times the average income for citizens in the country who stick to the "straight and narrow," according to a recent Flashpoint study. What does a ransomware honcho do for those rubles? Basically, the job calls for supporting and maintaining the malware.
Twitter Users Snared in Dark Web's Brisk Password Trade
June 10, 2016
Data stolen from more than 32 million Twitter users has been offered for sale on the dark web for 10 bitcoin, or around $5,800, LeakedSource reported Wednesday. LeakedSource has added the account and email information to its searchable repository of compromised credentials. The data set came from someone who has been connected to other large collections of compromised data.
Snowden and the NSA Gets Curiouser and Curiouser
June 8, 2016
Edward Snowden made a greater effort than originally believed to raise his concerns within the NSA before releasing thousands of classified documents detailing programs that allowed the agency to spy on U.S. citizens. The truth is more complex than the NSA let on, according to a report based on documents secured through two years of Freedom of Information Act litigation.
See More Articles in Cybercrime Section >>
Facebook Twitter LinkedIn Google+ RSS
What's your alarm level over cyberattacks on the Internet's infrastructure?
Red: A deadly cyberwar will occur -- It's when, not if.
Orange: A big one could be costly and threaten public safety.
Yellow: We need to improve cybersecurity at a faster pace.
Blue: Regional outages will become more frequent and more annoying.
Green: There's no way anyone could take out the entire Internet.