Modern endpoint backup means real-time data protection. Get it from Code42. Click here.
Welcome Guest | Sign In
TechNewsWorld.com
DC Healthcare Provider Limps On After Malware Attack
April 1, 2016
Despite its computer systems being infected with malware since Monday, MedStar Health, which operates 10 hospitals and more than 250 outpatient facilities in and around Washington, D.C., has continued to provide patient care at near normal levels, according to several updates released this week. Since the malware attack occurred, MedStar Health has treated an average of 3,380 patients a day.
Firm Wins Patent for Novel Way to Detect Spearphishing
March 31, 2016
Hackers in recent weeks have stepped up their efforts to steal employee tax information from companies in all kinds of industries. Typically, the information contained on IRS form W-2 is used to file false tax returns or steal someone's identity. The situation has become so bad that the IRS earlier this month issued an alert to human resources and payroll professionals about the subject.
Feds Crack iPhone, Warn Apple to Keep One Eye Open
March 29, 2016
After a bitter legal battle over encryption and privacy rights, the Department of Justice on Monday announced it would back out of its case against Apple because the FBI was able to crack the code of the iPhone used by one of the San Bernardino, California, shooters. The department had asked a federal magistrate judge to force Apple to help the FBI crack open the encrypted smartphone.
Chinese National Cops Plea in Defense Secrets Case
March 29, 2016
A Chinese aviation and aerospace businessman last week pleaded guilty to participating in a conspiracy to steal sensitive military and export-controlled data from major U.S. defense contractors and send the information to China, according to the U.S. Department of Justice. Su Bin, also known as Stephen Su and Stephen Subin, entered the plea before Judge Christina A. Snyder.
FBI Would Rather Crack Terrorist's iPhone Itself
March 23, 2016
On the eve of a court showdown with Apple over unlocking the iPhone of one of the San Bernardino shooters, the FBI put its case on pause Monday to pursue an attack method that could allow it to crack the phone without Apple's assistance. After reviewing the FBI's request for postponement of oral arguments in the case, a U.S. District Court in California granted the delay.
New Stagefright Exploit Takes a Bow
March 22, 2016
Stagefright, a multimedia library in Android 2.2 and higher, has been exploited again, according to news reports published last week. Zimperium last year reported a Stagefright exploit that it said exposed 95 percent of Android devices. Details of the latest exploit, named "Metaphor," were published earlier this month in a paper from NorthBit. Metaphor affects Android 2.2-4.0 and 5.0-5.1.
Hopkins Boffins Break iMessage Encryption
March 22, 2016
A team of researchers at Johns Hopkins University has found a way to crack open files sent as encrypted instant messages in Apple's iMessage app, according to news reports published Monday. Although it took months to do, the researchers, led by Professor Matthew Green, were able to brute force a 64-bit encryption key, allowing them to unscramble an image file stored in Apple's iCloud.
Car Computers Are Vehicles for Hacking, Warns FBI
March 22, 2016
The FBI, the U.S. Department of Transportation and the National Highway Traffic Safety Administration last week issued a warning about the threat of automobile hacking. Computers that control steering, braking, acceleration and lights, as well as wireless technologies used in keyless entry, ignition control and navigation systems, provide portals for cyberattack, the agencies said.
Apple Ransomware Reveals Cert Problem
March 17, 2016
Researchers last week discovered the first ransomware in the wild aimed at Apple's hardware platform. While the threat was subdued quickly, it exposed the weakness of digital certificates in authenticating software to devices. The ransomware appeared as a legitimate application because it contained a digital certificate stolen from a bona fide Mac developer in Turkey.
Celebgate Hacker Strikes Plea Deal
March 17, 2016
Prosecutors for the U.S. Attorney's Office for the Central District of California on Tuesday announced they had reached a plea agreement with Ryan Collins, a Pennsylvania resident, over charges that he hacked Apple and Google email accounts of more than 100 people back in 2014. The allegations stemmed from the official investigation into the hacking case dubbed "Celebgate."
Facebook Exec's Brazilian Misadventure Signals Bigger Problem
March 10, 2016
The jailing last week of Facebook Regional Vice President Diego Dzoda in Brazil may have been the tip of an iceberg. Frustrated police made the arrest after Facebook failed to produce WhatsApp messages connected to a drug trafficking case. The incident is one of a growing heap of examples that highlight the difficulties law enforcement agencies face when trying to collect digital evidence.
Google Brings Project Shield to DDoS Battlefield
February 26, 2016
Google on Thursday announced that it was expanding its Project Shield program, offering to protect news and human rights websites from distributed denial of service attacks for free. Project Shield uses Google's security infrastructure to detect and filter DDoS attacks, which flood websites with Internet traffic or service requests in order to impair their functioning or take them down altogether.
Operation Blockbuster Brings the Fight to Sony Hackers
February 25, 2016
Operation Blockbuster, a coalition of security companies led by Novetta, on Wednesday published a report detailing the activities of the Lazarus Group, the organization responsible for the 2014 cyberattack against Sony Pictures Entertainment. Researchers last week published detection signatures to the companies' respective software in the hope of disrupting the group's activities.
The Downside of Linux Popularity
February 25, 2016
Popularity is becoming a two-edged sword for Linux. The open source operating system has become a key component of the Internet's infrastructure, and it's also the foundation for the world's largest mobile OS, Google's Android. Widespread use of the OS, though, has attracted the attention of hackers looking to transfer the dirty tricks previously aimed at Windows to Linux.
Security Pros to Users: Do as We Say, Not as We Do
February 24, 2016
IT pros -- the gatekeepers of company security policies -- are willing to bend the rules to get things done, according to Absolute Software, based on survey findings it released last week. Forty-five percent of IT pros confessed they knowingly worked around their own security policies, according to the survey. Moreover, 33 percent admitted to hacking their own or another organization's systems.
Hollywood Hospital Succumbs to Hacker Shakedown
February 19, 2016
Hollywood Presbyterian Medical Center on Wednesday announced that it paid approximately $17,000 to resume normal operations after digital extortionists knocked its computer systems offline. The Los Angeles hospital discovered its computer network infected with ransomware earlier this month. After paying the ransom, the hospital was able to bring its electronic medical record system online.
DHS Ready to Share Intelligence With Private Sector
February 18, 2016
The U.S. Department of Homeland Security this month will start sharing threat information with a small number of hand-picked companies under the newly enacted Cybersecurity Information Sharing Act. DHS hopes to collect threat indicators from companies and redistribute them to other companies so everyone gets a better view of threats and can use that knowledge to bolster defenses.
Hollywood Hospital Hacked Back to Paper Age
February 17, 2016
Hollywood Presbyterian Medical Center last week revealed its computer systems were offline after a ransomware attack scrambled the data on its systems. Ransomware is a form of malware that encrypts data and system files on a computer and demands a ransom payment to unscramble the files. Since the attack, HPMC medical personnel have resorted to faxes and handwritten charts to perform their tasks.
IRS Halts Hack Attack
February 11, 2016
The Internal Revenue Service on Tuesday said it recently discovered and halted an automated bot attack on its electronic filing PIN application website. Identity thieves used malware in an attempt to generate E-file PINs for 464,000 Social Security numbers stolen from another source, the IRS said. The hackers succeeded in accessing an E-file PIN for 101,000 of those numbers.
Hacker Posts Stolen Data on FBI, Homeland Security Employees Online
February 9, 2016
The U.S. departments of Justice and Homeland Security on Monday announced they were investigating reports that a hacker broke into government computer systems and stole sensitive information about employees at the agencies. The hacker posted stolen information for about 9,000 DHS employees online Sunday and made public data on 20,000 FBI employees Monday.
Old-Timey Mischief on Display at the Malware Museum
February 9, 2016
The Internet Archive on Friday cut the ribbon on its online Malware Museum, an online compendium of malware programs computer users in the 1980s and 1990s sometimes encountered. Everything old is new again, apparently. The museum presents examples of the viruses, complete with the messages or animations they would have shown when infecting a computer.
Oracle Pulls Plug on Java Browser Plug-In
January 30, 2016
Oracle earlier this week announced its decision to scrap its Java browser plug-in. The plug-in, a frequent target of hackers, won't be included in the next version of JDK 9, which is expected to ship in September. Oracle's action was motivated by browser makers' withdrawal of support for the plug-in. Developers of applications that depend on it need to consider alternatives, the company said.
FDA Guidelines Target IoT Medical Device Security
January 28, 2016
The U.S. Food and Drug Administration last week took a step toward addressing the threat the Internet of Things poses to patients and their data by releasing some proposed guidelines for managing cybersecurity in medical devices. "Networked medical devices, like other networked computer systems, incorporate software that may be vulnerable to cybersecurity threats," the FDA says in its proposal.
Snap-Happy Trojan Targets Linux Servers
January 22, 2016
Security researchers at Dr.Web on Tuesday revealed details of the Trojan Linux.Ekoms.1, which takes screen shots and records audio to acquire sensitive and personal information, mostly from Linux servers. Malware for Linux is becoming more diverse and includes spyware programs, ransomware and Trojans designed to carry out distributed denial-of-service attacks, according to Dr.Web.
GM Bug Program Gets Mixed Notices
January 21, 2016
Two white-hat hackers, Charlie Miller and Chris Valasek, made headlines last year when they demonstrated how they could hijack the control systems of a moving motor vehicle over the Internet. The move got the attention of the auto industry, and last week General Motors put in place a program to encourage more digital dabblers to alert the company when they find bugs in GM vehicles.
Ukraine Mounts Investigation of Kiev Airport Cyberattack
January 20, 2016
Ukrainian officials earlier this week said they had launched a probe into the source of a cyberattack that targeted a Kiev Airport. The attack may be related to the BlackEnergy malware attacks that recently targeted Ukrainian infrastructure facilities, apparently from Russia. CERT-UA on Monday warned system administrators to be on the alert for the presence of BlackEnergy malware.
Phishing Attack Could Net LastPass Credentials
January 19, 2016
LastPass has boosted security for its users after a security researcher alerted the company of a phishing attack he devised to steal users' login and two-factor authentication credentials. Sean Cassidy, CTO of Praesidio, demonstrated the phishing attack, which he calls "LostPass," last week at ShmooCon. "We think this is a very serious problem," said Praesidio CEO Edgardo Nazario.
OpenSSH Flaw Could Leak Crypto Keys
January 15, 2016
Qualys on Thursday reported a flaw in the OpenSSH client that could let a hacker steal the client's private crypto keys. The bug is the result of an undocumented feature called "roaming" that exists in version 5.4 and above. It's one of two vulnerabilities that a malicious SSH server or a trusted but compromised server can exploit, Qualys said. The other is a heap-based buffer overflow.
Privacy as a Service Advocates Promise Better Data Protection
January 14, 2016
There's been a lot of wailing and gnashing of teeth about the Sisyphean task of protecting privacy in the Digital Age, but that hasn't stopped innovators from searching for ways to preserve it. One of the latest ideas to emerge in the field is Privacy as a Service. As with many emerging technologies, the definition of "PaaS" (not to be confused with Platform as a Service) is in flux.
Hack Lets PS4 Run Linux
January 7, 2016
Hacking team fail0verflow last week demonstrated a hack of Sony's PlayStation 4 game console that allows anyone running the modification to run the Linux OS on the appliance. The demo was part of a lightning talk session at the 32nd Chaos Communication Congress. The hackers used exploits in FreeBSD, PS4's operating system and WebKit, which powers the game console's browser.
See More Articles in Hacking Section >>
Facebook Twitter LinkedIn Google+ RSS
Windows 10 is no longer free...
I have it, and I like it.
I have it, but I'm not sold yet.
I'm considering paying to get it.
I tried to upgrade, but it didn't work.
I'm happy with the Windows version I have.
I don't use Windows.