Modern endpoint backup means real-time data protection. Get it from Code42. Click here.
Welcome Guest | Sign In
TechNewsWorld.com
Mobile Ransomware Has Mushroomed: Report
July 8, 2016
The number of mobile ransomware victims across the globe has increased fourfold compared to a year ago, suggests a Kaspersky Lab report. Kaspersky software protected 136,532 users targeted by ransomware from April 2015 to March 2016 -- up from 35,413. "The growth curve may be less than that seen for PC ransomware, but it is still significant enough to confirm a worrying trend," the report notes.
Feds Probe Philanderers' Site Ashley Madison: Report
July 6, 2016
The United States Federal Trade Commission reportedly has launched an investigation into philanderers' dating site Ashley Madison. The company, which suffered a massive data breach last year that resulted in extortion attempts and ruined lives, as well as class-action lawsuits, earlier this week announced that it hired a new CEO and a new president in April.
FBI Director Raps Clinton but Recommends No Criminal Action
July 6, 2016
Although an FBI investigation concluded that Hillary Clinton's use of a separate email system during her tenure as Secretary of State may have violated federal law, Director James B. Comey recommended no criminal prosecution. Considered in light of the bureau's actions in similar cases in the past, Comey explained, the facts in the Clinton case do not warrant the filing of criminal charges.
HummingBad Mucks Up Android's Works
July 6, 2016
More than 85 million Android devices worldwide have been taken over by the Yingmob, a group of China-based cybercriminals who created the HummingBad malware, according to Check Point. HummingBad establishes a persistent rootkit on Android devices, generates fraudulent ad revenue, and installs additional fraudulent apps. HummingBad reportedly has been generating revenue of $300,000 a month.
Symantec Scrambles to Fix Flaws After Google Sounds Alarm
July 5, 2016
Symantec last week confirmed that it had developed fixes for a series of eight vulnerabilities found in its portfolio of security products for enterprise and consumer customers, after an outside researcher identified the problem. A researcher from Google's Project Zero alerted the company, but there was no evidence of the vulnerability being exploited in the wild.
FCC's Internet Privacy Proposal Sparks Congressional Action
July 5, 2016
With breaches of consumer data occurring all too frequently, who could be against proposals to improve privacy on the Internet? Well, a broad swath of the e-commerce sector, ranging from CTIA-The Wireless Association to USTelecom and the National Retail Federation, is strongly opposed to a recent proposal from the Federal Communications Commission to regulate privacy.
Pichai Account Trespassers Claim Their Hacking Heart's in the Right Place
June 29, 2016
Hackers late Sunday broke into CEO Sundar Pichai's Quora account and through it accessed his Twitter followers, according to reports. The group taking credit for the breach, OurMine Security, previously hit other prominent high-tech figures, including Facebook CEO Mark Zuckerberg, Spotify CEO Daniel Elk, Amazon CTO Werner Vogels and former Twitter CEO Dick Costolo.
Senate Falls Short on Expansion of FBI Surveillance Authority
June 27, 2016
The United States Senate last week rejected a Republican-backed amendment that would have given the FBI expanded authority to access the browser histories and other electronic records of targets of terrorism and other national security investigations without first obtaining a warrant. The Senate voted 58-38 for the amendment, cosponsored by Sens. Richard Burr and John McCain.
Study: Third-Party Apps Pose Risks for Enterprises
June 23, 2016
Since mobile computing put an end to the good old days when IT departments had absolute control over software deployed in the enterprise, there's been a rise in employees' use of third-party applications -- a rise that poses security risks to corporate environments. That is one of the findings in a report CloudLock released last week.
Google Makes It Easier to Do the 2-Step
June 21, 2016
Google on Monday began rolling out a new two-step authentication feature, Google Prompt, targeting enterprise employees. The new option consists of a pop-up that displays a mobile user's name and profile image, and that specifies the location and device involved in the attempted sign-in. The device owner is asked whether to allow or deny the sign-in.
How Private Is iOS 10?
June 20, 2016
Almost lost among the deluge of new features in the upcoming version of iOS Apple touted last week was the company's announcement about privacy. "All this great work in iOS 10 would be meaningless to us if it came at the expense of your privacy," Craig Federighi, Apple's senior vice president for software engineering, told attendees at the company's Worldwide Developers Conference in San Francisco.
Russians Hack DNC Servers to Get Goods on Trump
June 15, 2016
Two groups of Russian hackers burrowed into the Democratic National Committee's servers and spent months stealing information on Donald Trump, the Republican Party's presumptive presidential nominee, according to Crowdstrike. The security firm identified "two sophisticated adversaries on the network," noted CTO Dmitri Alperovitch, dubbed "Cozy Bear" and "Fancy Bear."
Crime Pays: Ransomware Bosses Make $90K Annually
June 14, 2016
If crime doesn't pay, Russian ransomware bosses wouldn't know it. The average Russian ransomware boss makes $90,000 a year -- or 13 times the average income for citizens in the country who stick to the "straight and narrow," according to a recent Flashpoint study. What does a ransomware honcho do for those rubles? Basically, the job calls for supporting and maintaining the malware.
Twitter Users Snared in Dark Web's Brisk Password Trade
June 10, 2016
Data stolen from more than 32 million Twitter users has been offered for sale on the dark web for 10 bitcoin, or around $5,800, LeakedSource reported Wednesday. LeakedSource has added the account and email information to its searchable repository of compromised credentials. The data set came from someone who has been connected to other large collections of compromised data.
Snowden and the NSA Gets Curiouser and Curiouser
June 8, 2016
Edward Snowden made a greater effort than originally believed to raise his concerns within the NSA before releasing thousands of classified documents detailing programs that allowed the agency to spy on U.S. citizens. The truth is more complex than the NSA let on, according to a report based on documents secured through two years of Freedom of Information Act litigation.
Hacks Highlight Zuckerberg's Cavalier Attitude Toward Security
June 7, 2016
Facebook top dog Mark Zuckerberg had several of his social media accounts breached and defaced, according to reports that surfaced Sunday. Zuckerberg's Twitter, LinkedIn and Pinterest memberships were hacked, but evidence of the attacks quickly disappeared. In addition to requiring passwords, Twitter and LinkedIn protect their accounts with optional two-factor authentication.
Yahoo Publishes NSLs Following Freedom Act Reforms
June 6, 2016
Yahoo last week published the text of three National Security Letters it received from the FBI in 2013. The letters demand the names, addresses, length of service, and electronic communications transactional records -- existing transaction and activity logs and all email header information -- of the targets. However, they do not ask for any content -- either the subject lines or bodies of emails.
Banking Trojans Take Backseat to Ransomware
June 4, 2016
The banking trojan -- a type of malware used to steal credentials for bank accounts -- has been a staple of cyberthieves for years. However, ransomware, which has proven both easy to use and highly successful, has started eroding its popularity. In a typical banking trojan attack, a robber mounts a phishing campaign to entice a target to open an attachment or click on a link.
Myspace Crowned King of Mega Breaches, With More Likely to Come
June 1, 2016
Myspace and Tumblr this week emerged as the latest in a string of mega breaches that resulted in the theft of millions of user IDs -- not just recently but years ago. "Over the period of this month, we've seen an interesting trend of data breaches," wrote security researcher Troy Hunt, operator of the Have I Been Pwned website. "To see a cluster of them appear together is quite intriguing."
Silicon Valley Debates Thiel's Money Man Role in Gawker Suit
May 31, 2016
The digital media world was abuzz last week when news surfaced that billionaire Peter Thiel had provided financial backing for a defamation lawsuit against Gawker Media. The suit stemmed from Gawker's publication of a sex tape involving ex-WWE superstar Terry Bollea, better known as "Hulk Hogan." A Florida jury awarded Bollea $140 million in March.
Federal IT Living in the Floppy Age, Reports GAO
May 31, 2016
Antiquated IT systems are soaking up federal technology dollars and creating risks for both bureaucrats and citizens, the Government Accountability Office reported last week. More than 75 percent of the federal IT budget in 2015 went toward the operation and maintenance of nearly obsolete legacy systems that use outdated software languages and unsupported hardware parts.
Black Duck's Free Tool Digs Out Open Source Bugs
May 28, 2016
Black Duck Software this week released Security Checker, a free tool based on the company's Hub open source security solution. Security Checker is a drag-and-drop, Web-based tool that allows users to determine if known open source vulnerabilities exist in the components used to build applications. It scans the code in an uploaded archive file or Docker image and provides a report showing known bugs.
Oculus Riles Users Over Piracy Block That Fails Anyway
May 25, 2016
It took a hacker just a day to come up with a workaround for the platform update Oculus released last week, which blocked users from running the company's games on rival virtual reality systems. Version 1.4 of the Oculus App blocked a hack from LibreVR called "Revive" that allowed users to play Oculus games on rival systems, including the HTC Vive and Valve.
Google's Abacus May Count Out Passwords
May 24, 2016
By the end of the year, Android devs will be able to use a trust API from Google's Project Abacus in their apps, Google ATAP Director Dan Kaufman suggested at last week's I/O conference. The API, which will run in the background continually, is aimed at doing away with passwords. It will use a smartphone's sensors to create a cumulative trust score that will authenticate users.
Microsoft Tightens Screws on Terrorists Posting Online
May 23, 2016
Microsoft last week announced plans to crack down on terrorist content, perhaps in response to the Obama administration's intense effort to get Silicon Valley's help in preventing organizations like ISIS from using social media as a recruiting and fundraising tool. Microsoft has amended its terms of use to prohibit the posting of terrorist content on its various platforms.
Vendors Gain Congressional Support on IT Pricing
May 23, 2016
Selling information technology to the U.S. government is never easy, and it's even harder when a vendor cannot highlight the qualitative differences it believes separates its competencies from other providers competing for the same work. Yet a major contracting tool federal agencies use in seeking IT products and services tends to smother those differences in skills and competencies.
Hacker Hawks 2-Year-Old Cache of 117M LinkedIn User IDs
May 23, 2016
A hacker reportedly has offered to sell the account information of 117 million LinkedIn users, which was stolen in a 2012 hack. The data includes users' email addresses and passwords.The hacker, who goes by the handle "Peace," reportedly offered the data on The Real Deal -- a site on the dark web -- for 5 bitcoins -- about $2,200. LeakedSource last week announced it had more than 167 million stolen records.
Gang Surrenders Key to TeslaCrypt Ransomware Kingdom
May 20, 2016
Eset on Wednesday announced that it has fashioned a free tool that victims of all variants of the TeslaCrypt ransomware can use to unlock affected files. After the criminal gang behind TeslaCrypt recently abandoned support of the malicious software, an Eset analyst contacted the group anonymously, using the channel offered to ransomware victims, and asked for the universal master decryption key.
Google Challenges Right to Be Forgotten in French High Court
May 20, 2016
Google on Thursday filed an appeal with France's supreme administrative court over an order from a privacy regulator requiring it to scrub certain search results around the world under a law called "the right to be forgotten." The March order from the CNIL requires Google and other search engines to delist the information of Europeans that shows up in searches for their name.
Flaw Puts a Billion Wireless Mice at Risk
May 20, 2016
Wireless mice and keyboards are the perfect accessories for a world in which devices increasingly are shuffling off their connection coils, but those accessories -- especially untethered rodents -- also can create new threats for those who use them. One such threat is Mousejack. The attack exploits a vulnerability found in 80 percent of wireless mice.
See More Articles in Security Section >>
Facebook Twitter LinkedIn Google+ RSS
How do you feel about technology and security?
Very insecure -- I would gladly pay extra for better security.
Very insecure -- I'm using technology less as a result.
Very insecure -- but I'm willing to make the trade-off.
Secure enough -- I take reasonable precautions.
Secure enough -- I'm not a likely target.
Very secure -- I trust tech companies to protect me.