Welcome Guest | Sign In
LinuxInsider.com
Project Shield Has Krebs on Security's Back
September 27, 2016
The website of prominent security blogger Brian Krebs is back online this week after sustaining one of the largest distributed denial of service attacks in Internet history. DDoS attacks typically disrupt service at a website by flooding it with junk traffic. In this case, garbage traffic assaulted Krebs' site at 620 gigabits per second. By comparison, consumer bandwidth is in the 10-15 megabit per second range; businesses, 100 Mbps to 1 Gbps.
Hack of Half a Billion Records Takes Shine Off Yahoo's Data Trove
September 23, 2016
Yahoo on Thursday disclosed that a data breach in late 2014 resulted in the theft of information from at least 500 million customer accounts. It appears that state-sponsored hackers carried out the attack, the company said. Account information compromised includes names, email addresses, telephone numbers, dates of birth, hashed passwords, and security questions and answers.
Congress to Bureaucrats: Trust No One
September 20, 2016
Congress earlier this month lowered the hammer on the U.S. Office of Personnel Management in a report on the massive data breach that resulted in the theft of 4.2 million former and current government employees' personnel files, as well as 21.5 million individuals' security clearance information, including fingerprints associated with 5.6 million of them.
Cyberattacks on Athletes May Be Russian Distraction Tactic
September 16, 2016
Confidential information about international athletes surfaced on the Internet Wednesday -- the second such exposure this week. Russian hackers allegedly stole the information from the World Anti-Doping Agency. It includes confidential data on medical drug exemptions given to 25 athletes from eight countries. Information about four athletes appeared online earlier in the week.
Attack-for-Hire Teens Collared in Israel
September 14, 2016
At the FBI's request, Israeli authorities last week arrested two teens for operating vDOS, a DDoS-for-hire service that raked in more than half a million dollars in two years. DDoS attacks flood websites with garbage data in order to disrupt their operation and deny users access. The pair were questioned and released after posting bond of about $10,000 each.
Dropbox Drops Other Shoe in Years-Old Data Breach
September 8, 2016
Dropbox has confirmed that more than 68 million emails and passwords have been compromised from a hack that originally was disclosed in 2012. Exposure from the breach was limited to email addresses, Dropbox originally claimed. However, the hackers actually stole hashed and salted passwords. Even so, there have been no indications that they succeeded in accessing user accounts, the company said.
Obama Warns Against Cyber Cold War
September 6, 2016
President Obama on Monday urged de-escalation of a potential arms race involving cyberweapons. The president's remarks followed his meeting with world leaders, including Russian President Vladimir Putin, at the G20 Summit in Hangzhou, China. The U.S. has more offensive and defensive capability than any other country on Earth, Obama noted. The president urged adoption of new cybersecurity norms.
Feds Warn States to Batten Down Hatches Following Election System Attacks
September 2, 2016
The FBI has launched investigations into malicious cyberattacks on the electronic election infrastructures in Illinois and Arizona, and federal officials last month warned states to take steps to protect their systems as the presidential campaign heats up, according to reports. The attacks, dating back to June, led to the illegal download of information on more than 200,000 Illinois voters.
FairWare Hackers May Take Ransoms, Keep Stolen Files
September 2, 2016
The latest ransomware intrusion that targets Linux servers, dubbed "FairWare," may be a classic server hack designed to bilk money from victims with no intent to return stolen files after payment in bitcoins is made. The attack reportedly targets a Linux server, deletes the Web folder, and then demands a ransom payment of two bitcoins for return of the stolen files.
Massive Data Breach Puts French Sub Maker in Crosshairs
September 1, 2016
Officials in France and India are investigating a massive data breach involving thousands of documents belonging to defense industry contractor DCNS, which was scheduled to deliver six Scorpene-class submarines to the Indian navy later this year. Hackers stole more than 22,000 pages of documents that included detailed technical information on the vessels, some of which was published online.
Election Season Spawns Scams With Political Twist
August 30, 2016
Dirty tricks during political campaigns are nothing new, but the Internet and the proliferation of mobile devices have allowed tricksters to up their games a notch. It came to light last week, for example, that Donald Trump's campaign app was hoovering the address books on his supporters' phones. Trump's app wasn't doing anything illegal. It wasn't even trying to hide what it was doing.
Russian Gang Suspected of Hacking Oracle's POS System
August 20, 2016
Oracle has been investigating a point-of-sale system breach that may be the work of Russian cyberthieves. Hackers compromised at least 700 computers on the MICROS POS system, used by hundreds of thousands of hotels, restaurants and retail outlets worldwide to process credit card transactions, Krebs on Security reported earlier this month. More than 330,000 cash registers worldwide use MICROS.
The Growing Scourge of Cyberbullying, Part 2
August 17, 2016
The digitization of everything has decreased the degrees of separation between everyone. While that interconnectedness has solved many problems, old and new, digitization has worsened one age-old problem: bullying. An online bullying epidemic is now pushing parents, teens, teachers and technology companies to try even harder to mitigate the misery inflicted on its victims.
The Growing Scourge of Cyberbullying, Part 1
August 10, 2016
Smartphones are proliferating among adolescents, and so is cyberbullying. That's particularly worrisome due to its potential contribution to the No. 2 cause of teen death: suicide. About 26.3 percent of the middle- and high-school students who responded to a nine-school survey indicated that they'd been bullied in each of the eight years the poll was taken, researchers found.
Linux Botnets on a Rampage
August 5, 2016
Linux-operated botnet Distributed Denial of Service attacks surged in this year's second quarter, due to growing interest in targeting Chinese servers, according to a Kaspersky Lab report released this week. South Korea kept its top ranking for having the most command-and-control servers. Brazil, Italy and Israel ranked among the leaders behind South Korea for hosting C&C servers, according to Kaspersky Lab.
Old Tech Can Create New Security Woes
August 3, 2016
"Patch your systems in a timely manner" is a mantra of security experts, but what happens when the patch well runs dry because a product's maker no longer supports it? That is a situation facing many large enterprises, and it's one that poses security risks. Between 30 percent and 50 percent of the hardware and software assets in the average large enterprise have reached their end-of-life date.
Clinton Campaign Latest Target of Hackers Linked to Russia
July 30, 2016
The campaign of Democratic presidential nominee Hillary Clinton is the latest possible victim of a series of hack attacks some cybersecurity experts have linked to the Russian government. Campaign officials reportedly acknowledged that an analytics program it uses, which is maintained by the DNC, was accessed in a breach discovered earlier this month.
Public-Private Team Leads Assault on Ransomware
July 28, 2016
Ransomware has become a scourge on the Internet -- but two information security companies, along with a pair of law enforcement agencies, this week launched an initiative to do something about it. No More Ransom is the centerpiece of a collaborative effort involving Kapersky Lab, Intel Security, the Dutch National Police and Europol. The new portal aims to educate the public about ransomware.
Russians Hack DNC Servers to Get Goods on Trump
June 15, 2016
Two groups of Russian hackers burrowed into the Democratic National Committee's servers and spent months stealing information on Donald Trump, the Republican Party's presumptive presidential nominee, according to Crowdstrike. The security firm identified "two sophisticated adversaries on the network," noted CTO Dmitri Alperovitch, dubbed "Cozy Bear" and "Fancy Bear."
Crime Pays: Ransomware Bosses Make $90K Annually
June 14, 2016
If crime doesn't pay, Russian ransomware bosses wouldn't know it. The average Russian ransomware boss makes $90,000 a year -- or 13 times the average income for citizens in the country who stick to the "straight and narrow," according to a recent Flashpoint study. What does a ransomware honcho do for those rubles? Basically, the job calls for supporting and maintaining the malware.
Twitter Users Snared in Dark Web's Brisk Password Trade
June 10, 2016
Data stolen from more than 32 million Twitter users has been offered for sale on the dark web for 10 bitcoin, or around $5,800, LeakedSource reported Wednesday. LeakedSource has added the account and email information to its searchable repository of compromised credentials. The data set came from someone who has been connected to other large collections of compromised data.
Snowden and the NSA Gets Curiouser and Curiouser
June 8, 2016
Edward Snowden made a greater effort than originally believed to raise his concerns within the NSA before releasing thousands of classified documents detailing programs that allowed the agency to spy on U.S. citizens. The truth is more complex than the NSA let on, according to a report based on documents secured through two years of Freedom of Information Act litigation.
Yahoo Publishes NSLs Following Freedom Act Reforms
June 6, 2016
Yahoo last week published the text of three National Security Letters it received from the FBI in 2013. The letters demand the names, addresses, length of service, and electronic communications transactional records -- existing transaction and activity logs and all email header information -- of the targets. However, they do not ask for any content -- either the subject lines or bodies of emails.
Banking Trojans Take Backseat to Ransomware
June 4, 2016
The banking trojan -- a type of malware used to steal credentials for bank accounts -- has been a staple of cyberthieves for years. However, ransomware, which has proven both easy to use and highly successful, has started eroding its popularity. In a typical banking trojan attack, a robber mounts a phishing campaign to entice a target to open an attachment or click on a link.
Rights Advocates Blast EU and Tech Firms' Hate Speech Code
June 2, 2016
Digital rights and free speech advocates are up in arms over Tuesday's announcement of an agreement between the European Commission and four leading U.S. social media firms -- Facebook, YouTube, Twitter and Microsoft -- on a Code of Conduct designed to crack down on hate speech. The companies have agreed to adopt a system that allows users to flag illegal hate speech and incitement to violence.
Myspace Crowned King of Mega Breaches, With More Likely to Come
June 1, 2016
Myspace and Tumblr this week emerged as the latest in a string of mega breaches that resulted in the theft of millions of user IDs -- not just recently but years ago. "Over the period of this month, we've seen an interesting trend of data breaches," wrote security researcher Troy Hunt, operator of the Have I Been Pwned website. "To see a cluster of them appear together is quite intriguing."
Microsoft Tightens Screws on Terrorists Posting Online
May 23, 2016
Microsoft last week announced plans to crack down on terrorist content, perhaps in response to the Obama administration's intense effort to get Silicon Valley's help in preventing organizations like ISIS from using social media as a recruiting and fundraising tool. Microsoft has amended its terms of use to prohibit the posting of terrorist content on its various platforms.
Hacker Hawks 2-Year-Old Cache of 117M LinkedIn User IDs
May 23, 2016
A hacker reportedly has offered to sell the account information of 117 million LinkedIn users, which was stolen in a 2012 hack. The data includes users' email addresses and passwords.The hacker, who goes by the handle "Peace," reportedly offered the data on The Real Deal -- a site on the dark web -- for 5 bitcoins -- about $2,200. LeakedSource last week announced it had more than 167 million stolen records.
Gang Surrenders Key to TeslaCrypt Ransomware Kingdom
May 20, 2016
Eset on Wednesday announced that it has fashioned a free tool that victims of all variants of the TeslaCrypt ransomware can use to unlock affected files. After the criminal gang behind TeslaCrypt recently abandoned support of the malicious software, an Eset analyst contacted the group anonymously, using the channel offered to ransomware victims, and asked for the universal master decryption key.
Flaw Puts a Billion Wireless Mice at Risk
May 20, 2016
Wireless mice and keyboards are the perfect accessories for a world in which devices increasingly are shuffling off their connection coils, but those accessories -- especially untethered rodents -- also can create new threats for those who use them. One such threat is Mousejack. The attack exploits a vulnerability found in 80 percent of wireless mice.
See More Articles in Cybercrime Section >>
Facebook Twitter LinkedIn Google+ RSS
What do you think of politically inspired Internet memes?
They tend to be brutally honest about their targets.
They're usually cheap shots based on lies.
They're often stupid but amusing.
They can have a dangerous influence on uninformed people.
They don't impress me one way or the other.