OpManager: A single console to manage your complete IT infrastructure. Click here for a 30-day free trial.
Welcome Guest | Sign In
Massive Hack Attack on Educational Toy Company Exposes Parents, Kids
November 30, 2015
Officials of several U.S. states on Monday have opened investigations into a massive data breach that occurred last month at VTech. The award-winning Hong Kong-based maker of electronic learning toys for kids on Friday announced that its Learning Lodge database was breached in a hack attack on Nov. 14. Learning Lodge offers apps, learning games, e-books, and other educational content.
New Tech Targets Enterprise Ransomware
November 23, 2015
SentinelOne last week introduced an addition to its behavioral solution designed to address the problem of ransomware scrambling files on a computer. Ransomware has been a scourge not only for consumers, but for the enterprise, too. The malicious software can be particularly nettlesome for enterprises because they have to protect many endpoints -- phones, tablets, laptops, desktops and servers.
FBI, Carnegie Mellon Deny $1M Contract to Crack Tor
November 19, 2015
The FBI has denied allegations that it paid Carnegie Mellon University security researchers $1 million to crack a network designed to protect the anonymity of its users. The Tor Project, which operates the network, last week accused the FBI of cutting the CMU deal. The attack on Tor occurred from January to July 2014. The attackers discovered a way to strip the anonymity of Tor users.
Report: Botnets Help Bump Cyberattack Attempts by 20 Percent
November 17, 2015
ThreatMetrix last week reported that it had detected and prevented more than 90 million attempted cyberattacks in real time across industries from July to September. The attempted attacks covered fraudulent online payments, logins and new account registrations, and represented a 20 percent increase over the previous quarter, according to ThreatMetrix Cybercrime Report: Q3 2015.
Gmail to Warn Users of Unencrypted Email
November 16, 2015
Google last week announced that it is developing features for Gmail that will notify them when they get messages through a nonencrypted connection. Regions of the Internet are preventing message encryption by tampering with requests to initiate SSL connections, and malicious DNS servers are publishing fake routing information to email servers looking for Gmail, a study found.
Alibaba Crushes Global Online Shopping Day
November 13, 2015
Alibaba on Wednesday settled $14.3 billion worth of gross merchandise volume via Alipay, the company's online payment solution, during China's 11.11 Global Shopping Festival. That surpassed last year's $9.3 billion. Mobile GMV settlements accounted for about 70 percent of this year's sales. By 2 p.m. China time, more than 70 million mobile buyers had made purchases worth $7 billion.
Decryption Tool Foils Linux Server Ransomware Attacks
November 11, 2015
Bitdefender on Monday released a free decryption tool designed to wrest data from the grip of a rare type of ransomware that's been plaguing Linux servers. Details for performing the decryption are available on the company's website. Essentially, the solution takes advantage of a flaw in the ransomware, which Bitdefender discovered through reverse-engineering.
NIST Seeks Review of Email Safety Doc
November 11, 2015
Email systems have become so routine that consumers and workers often regard them as simply part of the furniture. However, the technology is more complex than most users appreciate -- and that complexity makes it vulnerable to cyberthreats. Increased use of email has resulted in a corresponding increase in criminal and nuisance threats, NIST said in a recent advisory on email security.
Deep Learning App Targets Malware
November 10, 2015
Here's the problem with most programs aimed at killing malicious software: They need someone to tell them something's malicious. What if, however, the programs had the smarts to identify bad code on their own? That's what a company called Deep Instinct says its security solution, launched last week, can do. The offering works its magic with a technology called "deep learning."
Mobile Malware's Growth Slows, Nastiness Grows
November 4, 2015
The good news about mobile malware in 2015 is that growth has slowed down. The bad news is that the malware entering the market is more virulent than ever. While there hasn't been a sharp rise in the volume of mobile malware this year, the increasingly malicious nature of the types of malware and attacks is alarming, Blue Coat Systems said last week in its 2015 Mobile Malware Report.
NIST Seeks Business Partners to Boost Email Security
November 3, 2015
The controversy over the management of email systems by former Secretary of State Hillary Clinton has been in the spotlight since March. More recently, the CIA director acknowledged that his personal email had been hacked. Both situations highlight the vulnerability of email. That's why NIST has launched an initiative to help both public and private organizations improve email security.
SXSW May Put Online Harassment in the Spotlight
October 28, 2015
SXSW Interactive reportedly might include a daylong event on combating online harassment. The news followed SXSW's cancellation of two planned panels that were expected to focus on opposite ends of the Gamergate debate. Threats of on-site violence spurred the decision to cancel both panels, according to SXSW officials. However, that decision immediately drew fire.
CISA Passes Senate Despite Privacy Advocates' Fear and Loathing
October 28, 2015
The U.S. Senate on Tuesday voted 74-21 to pass the Cybersecurity Information Sharing Act, or CISA, in the face of strong opposition from legal and cybersecurity experts, the high-tech industry, privacy and civil liberties organizations, and members of the public. The Act calls for several federal agencies to share cyberthreat indicators between the public and private sectors.
Google Pushes Transparency for SSL Certificates
October 27, 2015
The padlock on a browser's address bar is supposed to give Net travelers some security in insecure virtual space, but some dangerous flaws lurk behind the padlock. They can weaken the effectiveness of encrypted Internet connections and compromise TLS/SSL processes, including domain validation, end-to-end encryption, and the chains of trust certificate authorities have put in place, Google said.
TalkTalk Attacked, Hit With Ransom Demand
October 23, 2015
TalkTalk on Thursday announced that it received a ransom demand following a cyberattack that may have compromised the credit card and bank details of millions of customers. "TalkTalk constantly updates its systems to make sure they are as secure as possible against the rapidly evolving threat of cybercrime, impacting an increasing number of individuals and organizations," CEO Dido Harding said.
Global Attacks on Mobile Networks Jeopardize Privacy, Profits
October 21, 2015
Bad actors are exploiting an obscure technology found in telecommunications networks around the world to track mobile users and engage in fraud, and they could be costing carriers millions of dollars in lost revenues. Compromise of the technology, called "SS7," can cause significant damage to the reputation and finances of carriers around the world, AdaptiveMobile noted.
Healthcare Sector Security Woefully Weak, Survey Says
October 21, 2015
The healthcare industry has become the favorite playground for many cybercriminals, suggests a report Trustwave released earlier this month. Of the 398 full-time healthcare professionals surveyed, 91 percent of information technology respondents and 77 percent of nontechnical respondents believed criminals increasingly were targeting healthcare organizations.
Report: Cybersecurity Pact Fails to Deter Chinese Hackers
October 20, 2015
The cybersecurity pact the U.S. and China agreed to last month apparently has not stopped Chinese hackers from trying to steal intellectual property from U.S. companies. "Over the last three weeks, CrowdStrike Falcon platform has detected and prevented a number of intrusions into our customers' systems from actors we have affiliated with the Chinese government," said CTO Dmitri Alperovitch.
Boffins Demo Remote Control of Siri, Google Now
October 19, 2015
Siri and other smartphone digital assistants may do your bidding -- but they may do a hijacker's as well. That's what two researchers discovered when they began to tinker with the effects of radio waves on smartphones. They could use the waves to issue commands to any Android or iOS phone running Google Now or Siri. The researchers first aired their findings at a Paris conference this summer.
EU Court Decision Threatens US Cloud Dominance
October 16, 2015
Edward Snowden's legacy gained another chapter last week when the European Court of Justice rejected an agreement that created a Safe Harbor for U.S. companies handling personal data of overseas citizens. In essence, the agreement provided that a U.S. company's word that it had adequate privacy safeguards in place was all that was needed to permit overseas personal data transfers.
HP, 3M to Shield Laptop Screens From Visual Hacking
October 15, 2015
HP and 3M are collaborating on privacy screens to protect notebook PCs from visual hacking. "3M is developing an innovative light-enhancement film that can be incorporated into a system that enables light to be directed to other viewers when you want information sharing, and away from onlookers when you need private viewing," 3M spokesperson Jessica Walton said.
E-Commerce Firms Need to Wise Up to Cybercrime
October 15, 2015
Every business owner and executive must think long and hard about cybersecurity -- especially considering all the break-ins and data thefts during the last several years. Data breaches and security issues are in the headlines on a regular basis. One good source for getting a grip on some possible solutions to the problem is AT&T's new report, "What Every CEO Needs to Know About Cybersecurity."
User Info Safe After LoopPay Attack, Says Samsung
October 9, 2015
Samsung has assured users that their information is safe following a computer intrusion of a key company linked to its mobile payment system. The intrusion may have occurred as early as March. Samsung purchased LoopPay for $250 million in February. Its technology allows mobile phones to perform payment card transactions with older POS terminals that recognize only cards with magnetic strips.
DDoS Attacks Create Smokescreens for Larceny
October 7, 2015
DDoS attacks have evolved from protest tool to criminal weapon. More than one in three DDoS attacks are used to plant malware or a virus on company systems, and 40 percent of them result in data theft, according to NeuStar's semiannual DDoS attack and protection report. "Until two years ago, DDoS attacks were really seen as just a disruption and annoyance tool," said NeuStar's Joe Loveless.
The Sluggish Crawl to Chip-Secured Shopping
October 5, 2015
For retailers that do not yet accept EMV cards -- credit and debit cards with chips embedded in them -- a spine-tingling deadline arrived last week. Liability for any payment fraud that results from acceptance of old-school plastic shifted to them. The magnetic chips in EMV cards will reduce in-store payment fraud, which affected 62 percent of companies, according to a recent survey.
Black Hats Offer Million-Dollar iOS 9 Bug Bounty
September 30, 2015
Zerodium has posted a million-dollar bounty for juicy iOS 9 bugs or jailbreaks. Zerodium runs a market where exploits and vulnerabilities are bought and sold, according to Damballa. "While there is no insight into a specific buyer, we can assume if an exploit for iOS 9 is found, Zerodium will sell it for way more than $1 million," wrote Loucif Kharouni, senior threat researcher at Damballa.
Two Risky Strategies Could Threaten Apple's Long-Term Survival
September 28, 2015
One of the ironies of my career is that when I first went to work for a tech company, I specifically wanted to work for a firm that was breaking the mold -- not representative of it. So, in my initial interview, I was concerned that IBM was going to buy the firm because it was the mold at that time. I was promised that there was a contract that said it couldn't. Then, six months later, it did.
OPM's Latest Bad News: 5.6 Million Fingerprints Lifted
September 25, 2015
The Office of Personnel Management on Wednesday revealed that the hackers who penetrated its records system stole 5.6 million fingerprints of federal employees -- five times the 1.1 million originally reported. The cyberattack, which came to light this spring, compromised the Social Security numbers and other sensitive information of 21.5 million people.
What Goes Around Comes Around: Russia Gets Hacked
September 23, 2015
Russia has been a prime suspect in recent cyberattacks against U.S. government targets. However, Russia has been poked with the other end of the hacker stick. For more than two months, hacker attacks originating in China have bedeviled Russia's military and telecom sectors, Proofpoint researchers have revealed. Russian-speaking analysts working at global financial firms also have been attacked.
Feds Award $500M Credit-Monitoring Contract Following OPM Breach
September 23, 2015
The U.S. government spends millions of dollars on IT systems designed to prevent cybersecurity attacks, but they still occur. Government agencies are hopeful that the learning curve will improve dramatically, and breaches will be reduced. In the meantime, what happens to people affected by a breach after an attack succeeds? This year, the OPM was hit with one of the biggest hack attacks ever.
See More Articles in Cybercrime Section >>
Facebook Twitter LinkedIn Google+ RSS
I plan to do my holiday shopping…
Online only -- I like the convenience and comfort.
Online only -- I'd shop in stores if their stock weren't so limited.
At brick-and-mortar stores only -- I like to see what I'm getting.
At brick-and-mortar stores only -- I enjoy the holiday shopping atmosphere.
At brick-and-mortar stores only -- I want to support local merchants.
Online and in stores -- I want the best of both worlds.
I'm not planning on doing any holiday shopping.