Welcome Guest | Sign In
LinuxInsider.com
Why Are Health Records So Valuable to Cybercriminals?
March 29, 2017
Protecting the data in electronic health records did not start with the advent of HIPAA, as many people think. Protecting health records has been a critical requirement in the healthcare space since the computers became a fixture in hospitals. However, HIPAA added public reports of fines issued for covered entities' failure to properly protect data contained within EHRs.
Group Demands Apple Pay Ransom for iCloud Credentials
March 24, 2017
Apple has received a ransom threat from a hacking group claiming to have access to data for up to 800 million iCloud accounts. The hackers, said to be a group called the "Turkish Crime Family," have threatened to reset passwords and remotely wipe the iPhones of millions of iCloud users if Apple fails to hand over a total of $700,000. They have given the company an ultimatum to respond by April 7.
Dun & Bradstreet Marketing Database Exposed
March 17, 2017
A Dun & Bradstreet database, 52 GB in size and containing more than 33.6 million records with very specific details, has been exposed. Cybersecurity researcher Troy Hunt, who received it for study, on Wednesday confirmed that the records already were organized and developed as if intended for distribution to a potential client. The database apparently was compiled for the use of marketers.
Crafty Phishing Technique Can Trick Even Tech-Savvy Gmail Users
March 17, 2017
Gmail users recently have been targeted by a sophisticated series of phishing attacks that use emails from a known contact. The emails contain an image of an attachment that appears to be legitimate, according to Wordfence. The sophisticated attack displays "accounts.gmail.com" in the browser's location bar and leads users to what appears to be a legitimate Google sign-in page.
Pro-Turkey Hackers Hit Prominent Twitter Accounts
March 16, 2017
Hundreds, if not thousands, of Twitter users, many of them high-profile, were hacked Tuesday by someone who appeared to support Turkey in its diplomatic row with the Netherlands. Their accounts displayed a Swastika -- reversed to face to the right -- as well as the Turkish flag and hashtags to the Nazialmanya and Nazihollanda accounts, which displayed comments on the attack.
US Charges 2 Russian Intel Agents, 2 Hackers in Yahoo Case
March 16, 2017
The Justice Department has announced charges against four individuals, including two officers of Russia's FSB, for carrying out a massive cyberbreach that affected about 500 million Yahoo account holders. A federal grand jury in Northern California charged the defendants -- the FSB officials and two Russian cybercriminals -- with using stolen data to gain illegal access to numerous accounts.
Tech Companies Weigh Responses to WikiLeaks Exposure
March 11, 2017
Following WikiLeaks' publication earlier this week of classified documents stolen from the CIA, major technology companies, including Apple, Samsung, Microsoft and Cisco, have been scrambling to assess the risks posed to their customers by the revelations. The so-called "Vault 7" leak includes information about methods and tools the CIA crafted to hack into products produced by those companies.
WikiLeaks Dumps CIA Hacking Docs Online
March 8, 2017
WikiLeaks on Tuesday dumped thousands of classified documents onto the Internet, exposing hacking programs used by the CIA. The torrent of data is just the first in a series of dumps WikLeaks is calling "Vault 7." This first installment includes 8,761 documents and files stolen from an isolated high-security network within the CIA's Center for Cyber Intelligence in Langley, Virginia.
Twitter Adds Heft to Anti-Harassment Toolbox
March 2, 2017
Twitter on Wednesday announced that over the next few months it will roll out changes designed to increase the safety of users, including the following: Its algorithms will help identify accounts as they engage in abusive behavior, so the burden no longer will be on victims to report it; and users will be able to restrict their tweets to followers for a set amount of time.
FTC's Lawsuit Should Make You Feel Very Insecure About the IoT
February 14, 2017
Even though D-Link expressly promised that many of its wireless devices had the highest level of security available, the FTC last month filed a lawsuit that alleges otherwise. The FTC filing includes copies of online marketing materials and technical specifications for D-Link's products, and flatly declares that "thousands of Defendants' routers and cameras have been vulnerable to attacks."
Anonymous Hacker Pulls Plug on Thousands of Dark Net Sites
February 7, 2017
Twenty percent of the Dark Net was taken offline last week, when a hacker compromised a server hosting some 10,000 websites on the Tor network. Tor, designed to hide the identities of its users, is widely used on the Dark Web, which serves as a hub for illegal online activities. Visitors to the affected pages were greeted with the message, "Hello, Freedom Hosting II, you've been hacked."
Calling Facebook Customer Service? Beware of Fraudsters
February 2, 2017
Googling for a Facebook customer support phone number may connect users with fraudsters. A fraudulent number reportedly appeared not only as top result in a Google search, but also as a featured snippet -- that is, highlighted in a box at the top of the search results. An investigator who called the number, posing as a Facebook customer who had been locked out of his account.
Hackers Targeted DC Police Cams Days Before Inauguration
January 31, 2017
A ransomware attack darkened the video surveillance system of the District of Columbia's police department eight days before the presidential inauguration of Donald J. Trump. Video storage devices for 70 percent of the CCTV system reportedly were unable to record anything between Jan. 12 and Jan. 15, as police techies scrambled to combat malicious software found on 123 of 187 networked video recorders.
St. Jude Medical Patches Cardiac Machine's Cybersecurity Flaw
January 11, 2017
Medical device maker St. Jude Medical on Monday began deploying software designed to protect its remote monitoring system for implantable pacemaker and defibrillator devices. The move came on the heels of the U.S. food and Drug Administration's warning that the company's Merlin@home Transmitter contained vulnerabilities that could be exploited by hackers.
Las Vegas Captures Ransomware Crown
January 7, 2017
Las Vegas is arguably the gambling capital of the world, but it's also the king city for ransomware, based on recent research. Among the world's nations, the United States ranked highest in ransomware incidents, according to a Malwarebytes report on the prevalence and distribution of extortion apps. The area of the country that logged the most incidents was the Las Vegas-Henderson, Nevada, region.
Yahoo Suffers Major Data Breach Deja Vu
December 16, 2016
Yahoo has revealed that Net bandits stole data associated with 1 billion of its user accounts -- one of the largest data breaches in Internet history. The theft, which occurred in 2013, is distinct from the theft disclosed earlier this fall, in which 500 million accounts were compromised, Yahoo CISO Bob Lord explained. Stolen data may include names, email addresses, telephone numbers and more.
Ransomware Fighters Get New Free Tool
December 7, 2016
Ransomware has become a gold mine for digital criminals. In the first three months of this year, electronic extortionists squeezed $209 million from victims desperate to recover their data after it was scrambled by the malicious software, based on FBI estimates. At that rate, ransomware could funnel as much as $1 billion into criminal coffers this year.
Multinational Effort Halts Malware Avalanche
December 6, 2016
The DoJ on Monday released new details about the multinational takedown of Avalanche, a multimillion-dollar malware and money-laundering network, following a four-year probe led by German police and prosecutors. Assistant Attorney General Leslie R. Caldwell, Acting U.S. Attorney Soo C. Song and Assistant Director Scott S. Smith of the FBI's Cyber Division made the announcement in Pittsburgh.
Google Clamps Down on Sneaky Malicious Sites
November 16, 2016
Sites that repeatedly violate Google's safe browsing policies will be classified as repeat offenders, the company said. A small number of websites take corrective actions after Google displays alerts on their landing pages warning visitors that they're harmful. However, they typically revert to violating the policies after Google verifies that they're safe and removes the warnings.
Russia's Fancy Bear Attacks Microsoft, Adobe as Election Nears
November 4, 2016
Microsoft earlier this week said it had fallen victim to "Strontium," its code name for the Russian hacking group also known as "Fancy Bear," which has been linked to recent attacks on Democratic Party systems. The group launched a spear phishing attack that targeted vulnerabilities in both the Windows operating system and Adobe Flash, according to Microsoft EVP Terry Myerson.
Bot Armies Boost Candidates' Popularity on Twitter
October 29, 2016
Internet bots have many useful online purposes, but they have a dark side, too, as three researchers demonstrated in their analysis of Twitter traffic during the first presidential debate between Hillary Clinton and Donald Trump. Bots are used to automate functions on the Net. For example, if you belong to several social networks, you could use a bot to post a photo to all of them at once.
Antique Kernel Flaw Opens Door to New Dirty Cow Exploit
October 25, 2016
A Linux security vulnerability first discovered more than a decade ago once again poses a threat, Red Hat warned last week, as an exploit that could allow attackers to gain enhanced privileges on affected computers has turned up in the wild. Users need to take steps to patch their systems to prevent the exploit, known as "Dirty Cow," from granting access to unprivileged attackers.
DDoS Attack Causes Waves of Internet Outages
October 22, 2016
Hundreds of websites -- including those of biggies such as Netflix, Twitter and Spotify -- on Friday fell prey to massive DDoS attacks that cut off access to Internet users on the East Coast and elsewhere in the U.S. Three attacks were launched over a period of hours against Internet performance management company Dyn. The first attack started at about 7:10 a.m. EDT.
Assange Lives to Leak Another Day
October 19, 2016
The status of WikiLeaks founder Julian Assange grew a bit murky on Tuesday after the group accused the U.S. State Department of pressuring Ecuadorian officials to block him from posting additional emails linked to presidential candidate Hillary Clinton. The Ecuadorian foreign ministry on Tuesday acknowledged restricting Assange's access, saying it did not wish to interfere in a foreign election.
Odinaff Trojan Targets Banks, Financial Firms Worldwide
October 12, 2016
Symantec on Tuesday reported on a malware campaign that has targeted financial organizations worldwide for the past 10 months. Dubbed "Trojan.Odinaff," it has infiltrated the banking, securities, trading and payroll sectors, as well as organizations that provide them with support services. Odinaff is used in the first stage of an attack, to get a foothold into a network.
Backpage CEO Arrested for Pimping, Child Prostitution
October 7, 2016
Backpage CEO Carl Ferrer is facing extradition to California on charges his company earned millions of dollars by promoting adult and child prostitution through escort advertisements run on the site. Ferrer's arrest took place in Houston upon his return from the Netherlands to the headquarters of his Dallas-based company, perhaps the largest advertiser of adult escort services in the U.S.
Newsweek Joins Growing Club of Possible Russian Cyberattack Targets
October 7, 2016
Newsweek is the latest media institution to get caught up in a series of cyberattacks that have targeted major government, political and media organizations, raising suspicions of links to Russia. The news magazine sustained a massive DDoS attack the day after it published a cover story about Republican presidential candidate Donald Trump's business activities in the late 1990s.
Garden-Variety Cybercrooks Breached Yahoo, Says Security Firm
September 30, 2016
The hackers who stole the data of hundreds of millions of Yahoo users two years ago were two cybercriminal gangs, InfoArmor reported. That finding contradicts the notion that state-sponsored actors were behind the attack, which Yahoo suggested when it disclosed the breach. Further, the number of users' records stolen is closer to 1 billion than to the 500 million Yahoo acknowledged.
Hacking Elections Is Easy, Study Finds
September 30, 2016
It's no longer a question whether hackers will influence the 2016 U.S. elections -- only how much they'll be able to sway them. Leaked emails already have cost a Democratic Party chairperson her job, and the FBI last month issued a flash warning that foreign cyberadversaries had breached two state election databases. Those two states -- most likely Arizona and Illinois -- aren't alone.
Project Shield Has Krebs on Security's Back
September 27, 2016
The website of prominent security blogger Brian Krebs is back online this week after sustaining one of the largest distributed denial of service attacks in Internet history. DDoS attacks typically disrupt service at a website by flooding it with junk traffic. In this case, garbage traffic assaulted Krebs' site at 620 gigabits per second. By comparison, consumer bandwidth is in the 10-15 megabit per second range; businesses, 100 Mbps to 1 Gbps.
See More Articles in Cybercrime Section >>
Facebook Twitter LinkedIn Google+ RSS
What's your reaction to the Turkish Crime Family's claim that it can access hundreds of millions of iCloud accounts?
I'm very worried -- I take all cyberthreats seriously.
I'm feeling secure -- I changed my password and set up 2FA.
I'm angry -- companies need to be more responsible.
I'm not at all concerned -- I trust Apple.
I'm resigned -- I expect to be breached at some point.
I don't care much -- the world has bigger problems.