IANS Blog RSS Feed

http://www.iansresearch.com

Poulin to CSO: We Hacked a Smart Building Using ?Old-School? Techniques

- Thu, 11 Feb 2016 00:00:00 GMT

The ?smarter? buildings get, the easier they are to hack? Maybe. IANS Faculty Chris Poulin, research strategist for IBM?s X-Force ethical hacking team, recently spoke to CSO?s Maria Korolov about a penetration test in which his team was able to gain access to all of the buildings operated by a building management company.

Privacy, Security Concerns Rise as States Mull Encryption Backdoor Requirements

- Wed, 27 Jan 2016 00:00:00 GMT

National Data Privacy Day (January 28th) certainly comes at an interesting time this year, as legislators in two of the most technology-centric U.S. states recently introduced similar bills that would force smartphone manufacturers to include encryption backdoors in their devices.

Fledgling Cyber-Insurance Market Tested by Early Denials, Lawsuits

- Wed, 20 Jan 2016 00:00:00 GMT

Cybersecurity insurance policies may be relatively new, but they have one important thing in common with established, legacy business coverage: They live and die in the fine print.

Hacker-Caused Ukrainian Power Outage Marks First Known Attack With Immediate, Direct Public Impact

- Tue, 05 Jan 2016 00:00:00 GMT

Security researchers have confirmed that a recently updated version of the highly destructive BlackEnergy malware package infected the systems of at least three power authorities in Ukraine, causing a massive outage that left thousands of homes in the Ivano-Frankivsk region of the country without electricity.†

Top 10 IANS Insights from a Tumultuous 2015

- Mon, 28 Dec 2015 00:00:00 GMT

Another year is in the books and what a year it was for infosec pros. From the Ashley Madison hack to the OPM breach, to Jeep commandeering and mysterious backdoors in popular networking gear, every week brought a new security twist that forced us all to keep our heads on swivels.

Herold: Misguided CISA Heightens Security, Privacy Concerns

- Mon, 21 Dec 2015 00:00:00 GMT

The controversial Cybersecurity Information Sharing Act (CISA) is now the law of the land, slipped into an eleventh-hour†spending bill designed to keep the federal government running through 2016.

Patch Now: Rogue Code Leaves Gaping Hole in Juniper Gear

- Fri, 18 Dec 2015 00:00:00 GMT

Juniper Networks says unauthorized code could allow attackers to gain administrative access to its NetScreen appliances and decrypt VPN connections without leaving any trace of their actions. Users are urged to apply fixes immediately.

Poulin: Time to Realistically Acknowledge Vehicle Vulnerabilities

- Wed, 16 Dec 2015 00:00:00 GMT

The images and breathless banter were difficult to ignore: celebrity security researchers gaining remote command of an automobile, disrupting on-board systems before forcing the vehicle and its helpless driver into a ditch.

NIST to Infosec Pros: How Is Our Framework Working?

- Mon, 14 Dec 2015 00:00:00 GMT

The National Institute of Standards and Technology is asking infosec practitioners in the public and private sectors to comment on the efficacy of its cybersecurity framework as it prepares to update the popular, two-year-old document.

As Ransomware Attacks Evolve, Security Teams Must Prepare For New ?Drive-By? Tactics

- Thu, 10 Dec 2015 00:00:00 GMT

Another week, another evolution of the popular ransomware attacks. When we last wrote about it, researchers had discovered a new iteration ? ?Linux.Encoder.1? ? that enabled attackers to inject malware into Linux-powered websites and encrypt all files in the home and backup directories. Now, it appears the popular exploit kit Angler is being used to spread the latest version of CryptoWall and other ransomware on websites as part of ?drive-by? campaigns that begin with the deployment of password-stealing malware.†

Threats RSS Feed - Symantec Corp.

http://www.symantec.com/business/security_response/landing/threats.jsp

Ransom.AlmaLocker

- Tue, 23 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Ransom.AlmaLocker!gm

- Tue, 23 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Trojan.Shakstiler

- Tue, 23 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Hacktool.Mimikatz!g2

- Tue, 23 Aug 2016 00:00:00 +0000

Risk Level: Very Low.

W32.Rexdrup

- Tue, 23 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Worm.

Hacktool.Equation

-

Risk Level: Very Low.

Backdoor.Equation

- Tue, 23 Aug 2016 00:00:00 +0000

Risk Level: Very Low.

Trojan.Kwampirs

- Sat, 20 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

SONAR.MSWord!g8

- Wed, 17 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan, Virus, Worm.

Hacktool.Mimikatz!g1

- Tue, 16 Aug 2016 00:00:00 +0000

Risk Level: Very Low.

Trojan.Ransomcrypt.BH

- Tue, 16 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Trojan.Zombrari

- Mon, 15 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Trojan.Ransomcrypt.BF

- Mon, 15 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Trojan.Ransomcrypt.BG

- Mon, 15 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Exp.CVE-2016-3304

- Thu, 11 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Linux.Leydiwon

- Thu, 11 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

SONAR.JSDownloader!g3

- Thu, 11 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan, Virus, Worm.

SONAR.BC.CryptDrop!g3

- Thu, 11 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan, Virus, Worm.

SONAR.Cryptlocker!g60

- Thu, 11 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan, Virus, Worm.

SONAR.Cryptlk.AF!g1

- Thu, 11 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan, Virus, Worm.

SONAR.Heur.RGC!g231

- Thu, 11 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan, Virus, Worm.

SONAR.Heur.RGC!g332

- Thu, 11 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan, Virus, Worm.

SONAR.Heur.RGC!g275

- Thu, 11 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan, Virus, Worm.

SONAR.Heur.RGC!g294

- Thu, 11 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan, Virus, Worm.

SONAR.Heur.RGC!g271

- Thu, 11 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan, Virus, Worm.

Backdoor.Misogow!g1

- Thu, 4 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Boot.Cryptolocker.AU

- Mon, 8 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Backdoor.Cartcapa

- Mon, 8 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Backdoor.Bandock.A!gm

- Mon, 8 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Trojan.Ransomlock.AT

- Fri, 5 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Trojan.Cryptlk.AN!g14

- Fri, 5 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Backdoor.Misogow

- Thu, 4 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

SONAR.BC.CryptDrop!g4

- Thu, 4 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan, Virus, Worm.

SONAR.BC.CryptDrop!g1

-

Risk Level: Very Low. Type: Trojan, Virus, Worm.

SONAR.BC.CryptDrop!g2

-

Risk Level: Very Low. Type: Trojan, Virus, Worm.

SONAR.Bayrob!gen2

- Thu, 4 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

SONAR.BC.Cryptlk!g2

- Thu, 4 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan, Virus, Worm.

SONAR.BC.Cryptlk!g1

- Thu, 4 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan, Virus, Worm.

SONAR.Cryptlk.AH!g2

- Thu, 4 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan, Virus, Worm.

SONAR.Heur.RGC!g331

- Thu, 4 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan, Virus, Worm.

SONAR.Ransom!gen3

- Thu, 4 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

SONAR.Cryptlocker!g80

- Thu, 4 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan, Virus, Worm.

Trojan.Sorcurat!gen1

- Thu, 4 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Backdoor.Remsec

- Tue, 2 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Exp.CVE-2016-4226

- Tue, 2 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Backdoor.Remvio

- Wed, 3 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Trojan.Trawlmernib

- Wed, 3 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Trojan.Maltrec!eg1

- Mon, 1 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Infostealer.Rultazo

- Sat, 30 Jul 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Exp.CVE-2016-3244

- Wed, 27 Jul 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

SONAR.Heur.RGC!g322

- Wed, 27 Jul 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan, Virus, Worm.

SONAR.SuspBeh!gen66

- Wed, 27 Jul 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan, Virus, Worm.

Exp.CVE-2016-3264

- Fri, 12 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Exp.CVE-2016-3277

- Wed, 27 Jul 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Exp.CVE-2016-3259

- Wed, 27 Jul 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Trojan.Cryptlock.AH!g9

- Tue, 26 Jul 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Security News Headlines - Yahoo! News

http://news.yahoo.com/security/

Source of submarine document leak 'from overseas': Indian defense ministry

- Wed, 24 Aug 2016 07:18:12 -0400

India's defense ministry said on Wednesday that the source of secret documents detailing the capabilities of the French-designed Scorpene submarine being built for the Indian navy appeared to be "from overseas and not from India". Defence Minister Manohar Parrikar said earlier the security breach appeared to have been the work of hackers. The leak, first reported in The Australian newspaper, contains more than 22,000 pages outlining the secret combat capability of six submarines that DCNS of France has designed for the Indian Navy.

Mind the air-gap: Singapore's web cut-off balances security, inconvenience

- Tue, 23 Aug 2016 23:14:20 -0400

Public servants and contractors sit at their desks at a public housing administration center in SingaporeBy Jeremy Wagstaff and Aradhana Aravindan SINGAPORE (Reuters) - Singapore is working on how to implement a policy to cut off web access for public servants as a defense against potential cyber attack - a move closely watched by critics who say it marks a retreat for a technologically advanced city-state that has trademarked the term "smart nation". Some security experts say the policy, due to be in place by May, risks damaging productivity among civil servants and those working at more than four dozen statutory boards, and cutting them off from the people they serve. It may only raise slightly the defensive walls against cyber attack, they say.


New York Times says suspected Russian hackers targeted Moscow bureau

- Tue, 23 Aug 2016 20:50:46 -0400

The sun peaks over the New York Times Building in New YorkThe New York Times said on Tuesday its Moscow bureau was targeted by a cyber attack this month but that there was no evidence the hackers, believed to be Russian, were successful. "We are constantly monitoring our systems with the latest available intelligence and tools," Times spokeswoman Eileen Murphy told the newspaper. "We have seen no evidence that any of our internal systems, including our systems in the Moscow bureau, have been breached or compromised." Earlier on Tuesday, CNN, citing unnamed U.S. officials, reported that the Federal Bureau of Investigation and other U.S. security agencies were investigating cyber breaches targeting reporters at the Times and other U.S. news organizations that were thought to have been carried out by hackers working for Russian intelligence.


Cheating site had inadequate security, privacy officials say

- Tue, 23 Aug 2016 17:36:01 -0400

TORONTO (AP) ? Privacy officials in Canada and Australia have found that cheating website Ashley Madison had inadequate security safeguards and policies despite marketing itself as a discreet and secure service

Russians suspected in hack of New York Times, other U.S. media: CNN

- Tue, 23 Aug 2016 14:52:44 -0400

The sun peaks over the New York Times Building in New YorkThe FBI and other U.S. security agencies are investigating cyber breaches targeting reporters at the New York Times and other U.S. news organizations that are thought to have been carried out by hackers working for Russian intelligence, CNN reported on Tuesday, citing unnamed U.S. officials. "Investigators so far believe that Russian intelligence is likely behind the attacks and that Russian hackers are targeting news organizations as part of a broader series of hacks that also have focused on Democratic Party organizations, the officials said," CNN said. The FBI declined to comment, and representatives for the U.S. Secret Service, which has a role in protecting the country from cyber crime, did not immediately reply to a request for comment.


Ashley Madison parent broke Canada, Australia privacy laws

- Tue, 23 Aug 2016 14:48:48 -0400

A photo illustration shows the privacy policy of the Ashley Madison website seen behind a smartphone running the Ashley Madison app in TorontoThe parent company of infidelity dating website Ashley Madison was responsible for numerous violations of privacy laws at the time of a massive release of customer data in a cyber attack last year, privacy watchdogs in Canada and Australia said on Tuesday. The two countries launched an investigation after the 2015 breach of Avid Life Media Inc's computer network, when hackers exposed the personal details of millions who signed up for the site with the slogan "Life is short. Have an affair." The probe found the Toronto-based company had inadequate safeguards in place, including poor password management and a fabricated security trustmark on the website's home page.


France, Germany press for access to encrypted messages after attacks

- Tue, 23 Aug 2016 12:03:46 -0400

French Interior Minister Bernard Cazeneuve greets his German counterpart Thomas de Maiziere in ParisFrance and Germany want to compel operators of mobile messaging services to provide access to encrypted content to terrorism investigations, after a series of deadly attacks in both countries. French intelligence services, on high alert since attackers killed hundreds of civilians in Paris in November and in Nice in July, are struggling to intercept messages from Islamist militants. Many of the groups now use encrypted messaging services rather than mainstream social media, with Islamic State a big user of such apps, investigators in several countries have said.


Two Model S cars were stolen despite Tesla?s advanced tech

- Mon, 22 Aug 2016 20:00:14 -0400

You?d have thought that nobody can steal your Tesla thanks to its advanced tracking system. Thieves foolish enough to try to get away with it could be easily caught with the help of the on-board GPS. However, that?s not really the case. Tesla cars are incredibly valuable, which means thieves will do whatever it takes to grab one and leave no traces behind. In fact, at least two such thefts have already been reported†in Europe. DON?T MISS: This is our first look at one of the two brand new PS4 consoles launching next month Two Tesla owners in Germany discovered that their Tesla Model S cars were stolen, Electrek reports . One of them is a brand new Tesla Model S P90D that was picked up on August 2nd, and another†model disappeared on June 11th. Neither car†has turned up yet, and it?s not clear how it happened or whether their owners will ever get them back. It?s believed that hackers were able to breach the owners' Tesla accounts and then use iPhone or Android apps to access and drive the cars away. One of the drivers said he still has the keys to the car. They also had to jam the GPS signal on the cars, although it?s not clear†how they did it. Last year, a Model S was briefly stolen in Vancouver, but the owner was able to direct the police to the location of the car by using tracking data from his account. It would certainly be interesting to hear how the thieves†plan to use these stolen Teslas. Simply painting the cars over and changing their plates won?t suffice. To take advantage of Tesla?s features, you also have to use the car?s software. And we all†know Tesla keeps track of what happens with each car, so it might be able to find these stolen vehicles†if they ever reconnect to the†system. Tesla has†yet to comment on the matter, but it?s likely that the company is looking at ways to retrieve the stolen cars, and prevent similar thefts†in the future.

Stolen NSA hacking tools reportedly on sale for $8,000

- Mon, 22 Aug 2016 15:04:12 -0400

It's been a rough week for the NSA, to say the least. Last week, a group of hackers collectively known as The Shadow Brokers allegedly stole and released †a treasure trove†of NSA hacking tools and exploits. What's more, the group promised to release even more weapons from the NSA's cyber arsenal for the right price. While the initial leak was met with skepticism, researchers and security experts who examined the leak subsequently confirmed that the leaked exploits were very much real.†"It definitely looks like a toolkit used by the NSA," French computer researcher Matt Suiche said†after taking a look at the code. As if that weren't bad enough, now comes word that The Shadow Brokers may not be the only hackers who hold the keys to the NSA's cache of advanced hacking tools and exploits. DON'T MISS:† Samsung?s best phone yet might have some quality issues that can?t be fixed Late on Sunday night, a hacker with the Twitter handle 1x0123 † indicated that he was willing to sell the aforementioned hacking tools for $8,000. https://twitter.com/1x0123/status/767564288160571392 Speaking to Gizmodo , the hacker also said that he'd be willing to provide screenshots to verify his claims for $1,000. Interestingly, 1x0123 didn't come to possess these files by hacking the NSA, but allegedly by†stealing them from the Shadow Brokers. It?s unclear how the hacker supposedly stole the hacks and he refused to explain beyond saying ?traded some exploits for access to a private escrow and stole the tar file.? This could mean a variety of things, but it seems like he?s indicating that he tricked the Shadow Brokers, the group that originally claimed to have accessed the NSA tools, and stole the .tar file containing the exploits. Again, we don?t have a way to confirm this is true but this hacker has hacked and sold his exploits in the past. Notably, 1x0123 is not some fly by night Twitter account with no track record to speak of. On the contrary, 1x0123 is a self-identified "underground researcher" who has been behind a number of big name exploits in the past, including a hack of †Fidelity National Information Services. It's also worth noting that famed NSA whistleblower Edward Snowden gave 1x0123 some praise on Twitter just a few months ago. https://twitter.com/Snowden/status/719263028345192449?ref_src=twsrc%5Etfw

Germany to tell people to stockpile food and water in case of attacks: FAS

- Sun, 21 Aug 2016 11:43:18 -0400

Germany is currently on high alert after two Islamist attacks and a shooting rampage by a mentally unstable teenager last month. "The population will be obliged to hold an individual supply of food for ten days," the newspaper quoted the government's "Concept for Civil Defence" - which has been prepared by the Interior Ministry - as saying. A spokesman for the Interior Ministry said the plan would be discussed by the cabinet on Wednesday and presented by the minister that afternoon.

Democrats fear hackers targeted tight Florida races for latest data leaks

- Fri, 19 Aug 2016 18:31:26 -0400

The headquarters of the Democratic National Committee is seen in WashingtonBy Mark Hosenball and Ginger Gibson WASHINGTON (Reuters) - Leading Democrats are growing increasingly worried that the hackers who made public leaked documents this week were trying to sabotage the Democratic candidates in several central Florida congressional races, the first time such leaks have been targeted so directly. Two sources familiar with Democratic Party investigations of recent cyber attacks said documents made public this week by the hacker known as Guccifer2 contained information that could damage Democratic candidates in competitive Florida contests for the U.S. House of Representatives. The documents, hacked from the Democratic Congressional Campaign Committee (DCCC), which raises funds for the party's House candidates, are detailed dossiers describing the Florida candidates' backgrounds, including personal details, as well as political, economic and demographic profiles of the strategic congressional districts.


Ukrainian MP offers more details on alleged payments to Trump campaign chief

- Fri, 19 Aug 2016 07:25:58 -0400

Ukrainian lawmaker Serhiy Leshchenko displays papers from secret ledgers belonging to Party of Regions of former Ukraine's President Viktor Yanukovich during a news conference in KievBy Pavel Polityuk KIEV (Reuters) - A Ukrainian lawmaker on Friday divulged more details of what he said were payments made to Donald Trump's campaign chief in the U.S. presidential race by the political party of the Kremlin-backed former Ukrainian leader Viktor Yanukovich. MP Serhiy Leshchenko said money was allocated for Trump aide Paul Manafort to finance services such as carrying out exit polls at elections, buying computers and conducting research. Manafort has denied allegations - first made in the New York Times on Monday - that he received cash payments worth more than $12 million over five years that were itemized on secret ledgers belonging to Yanukovich's Party of Regions.


Hackers targeted Trump campaign, Republican Party groups: sources

- Thu, 18 Aug 2016 19:05:21 -0400

Republican U.S. presidential nominee Donald Trump holds a campaign rally at the ?Ziegler Building at the Washington County Fair Park & Conference Center in West Bend, WisconsinHackers targeted the computer systems of presidential candidate Donald Trump and Republican Party organizations as well as Democratic Party networks, sources familiar with investigations into the attacks said. At least one Trump staff member?s email account was infected with malware in 2015 and sent malicious emails to colleagues, according to one insider for the Republican candidate's campaign and an outside security expert. In the past month, U.S. security officials have said that starting last year, hackers infiltrated computers of the Democratic National Committee (DNC), the presidential campaign of Hillary Clinton and her party's congressional fundraising committee.


Eddie Bauer says retail store registers hit by malware

- Thu, 18 Aug 2016 18:01:10 -0400

Eddie Bauer says its retail stores' point-of-sale systems were infected with malware earlier this year, possibly giving hackers access to customers' payment card information.

iOS and Android inch closer to owning 100% of the entire smartphone market

- Thu, 18 Aug 2016 18:00:02 -0400

The latest research numbers from Gartner reveal that iOS and Android are inching ever closer towards completely owning 100% of the entire global smartphone market. According to the latest figures, sales of Android and iOS†handsets during the recent June quarter accounted for 99.1% of all smartphone sales worldwide. Broken down by platform, Android devices accounted for 86.2% of sales while iPhone sales accounted for 12.9% of sales. DON'T MISS:† The Galaxy Note 7 has a big problem, and it might also affect the iPhone 7 As evidenced by the chart below, sales of Windows and Blackberry devices have effectively been reduced down to mere footnotes. The share of†Windows devices, for example, dropped down from an already unimpressive 2.5% during the June 2015 quarter to just 0.6% during the most recent quarter. If we look more closely and divide up marketshare across individual handset manufacturers, it's no surprise that Samsung is still the big name to beat. Indeed, three out of the top five handset manufacturers enjoyed year over year growth during the last quarter, with Apple being a notable exception. That, of course, shouldn't come as too much of a surprise given that Apple over the past two quarters has posted two year-over-year declines in iPhone sales. For some historical context, it's interesting to note that both Samsung and Apple's share of the smartphone market have fallen off over the last few years, primarily due to the emergence of brands like Huawei and Xiaomi. For example, Samsung and Apple's share of the smartphone market in 2013 checked in at 31% and 15.6% respectively.

iOS and Android inch closer to owning 100% of the smartphone market

- Thu, 18 Aug 2016 18:00:02 -0400

The latest research numbers from Gartner reveal that iOS and Android are inching ever closer towards completely owning 100% of the entire global smartphone market. According to the latest figures, sales of Android and iOS†handsets during the recent June quarter accounted for 99.1% of all smartphone sales worldwide. Broken down by platform, Android devices accounted for 86.2% of sales while iPhone sales accounted for 12.9% of sales. DON'T MISS:† The Galaxy Note 7 has a big problem, and it might also affect the iPhone 7 As evidenced by the chart below, sales of Windows and Blackberry devices have effectively been reduced down to mere footnotes. The share of†Windows devices, for example, dropped down from an already unimpressive 2.5% during the June 2015 quarter to just 0.6% during the most recent quarter. If we look more closely and divide up marketshare across individual handset manufacturers, it's no surprise that Samsung is still the big name to beat. Indeed, three out of the top five handset manufacturers enjoyed year over year growth during the last quarter, with Apple being a notable exception. That, of course, shouldn't come as too much of a surprise given that Apple over the past two quarters has posted two year-over-year declines in iPhone sales. For some historical context, it's interesting to note that both Samsung and Apple's share of the smartphone market have fallen off over the last few years, primarily due to the emergence of brands like Huawei and Xiaomi. For example, Samsung and Apple's share of the smartphone market in 2013 checked in at 31% and 15.6% respectively.

Eddie Bauer says malware used to access payment card data

- Thu, 18 Aug 2016 17:47:16 -0400

Eddie Bauer store is seen in Broomfield(Reuters) - Retailer Eddie Bauer LLC said on Thursday customers' payment card information used at its stores may have been accessed by unauthorized parties. A malware was used to access the data at its retail stores on various dates between Jan. 2 and July 17, the company said. Payment card information used for online purchases on the company's website was not affected.


Olympics-Russian whistleblower Stepanova treated 'very poorly' -IOC's Pound

- Thu, 18 Aug 2016 17:27:11 -0400

By Jonathan Crane RIO DE JANEIRO, Aug 18 (Reuters) - Russian whistleblower Yulia Stepanova and her husband, who fled their country after uncovering a state-backed doping scandal, were treated poorly by all sports bodies, said International Olympic Committee member Dick Pound. Pound, the former head of the World Anti-Doping Agency who helped draft the first of several reports into Russian doping last year, said her treatment and exclusion from the Olympics was scaring off other people who may be ready to talk. "I think collectively we have treated Stepanova very poorly and I think that would have a tendency to put a wet blanket over any other whistleblowers, who'll say, 'look what happened to them.

AP EXPLAINS: Why Trump can't shut down the internet

- Thu, 18 Aug 2016 16:21:48 -0400

AP EXPLAINS: Why Trump can't shut down the internetDonald Trump is repeating calls for the U.S. and its allies to cut off internet access to the Islamic State group and other extremist organizations. Problem is, there isn't a way to do it. Trump first ...


NY Fed, Bangladesh central bank to resume normal money transfers: sources

- Thu, 18 Aug 2016 14:39:01 -0400

Commuters pass by the front of the Bangladesh central bank building in DhakaThe Federal Reserve Bank of New York and Bangladesh's central bank have agreed to withdraw additional payment security measures put in place after one of the world's biggest cyber heists, the theft of $81 million from Bangladesh Bank's account at the Fed, two sources said. The decision was taken at a meeting in New York this week between officials from Bangladesh Bank, the New York Fed and SWIFT, said a source close to Bangladesh Bank who has direct knowledge of the matter.


The Twitter Bot That Sounds Just Like Me

- Thu, 18 Aug 2016 09:00:00 -0400

The tweet came in Monday afternoon: ?@kavehwaddell ...what are they looking for that isn't backed up to iCloud data?and can produce if subpoenaed.? To most people, that tweet is the opposite of clickbait: It?s opaque, technical, and kind of boring. But the tweet wasn?t directed at most people?it was directed at me, a digital-privacy reporter who?s written extensively on encryption and the sorts of data that technology companies can and can?t turn over to law enforcement if compelled.

Clinton Foundation hired cyber firm after suspected hacking: sources

- Thu, 18 Aug 2016 07:11:25 -0400

U.S. Democratic presidential candidate Clinton looks at a computer screen during a campaign stop at Atomic Object company in Grand RapidsBy Mark Hosenball, Dustin Volz and John Walcott WASHINGTON (Reuters) - Bill and Hillary Clinton's charitable foundation hired the security firm FireEye to examine its data systems after seeing indications they might have been hacked, according to two sources familiar with the matter. One of the sources and two U.S. security officials said that like hackers who targeted the Democratic National Committee, Hillary Clinton?s presidential campaign and the Democrats' congressional fundraising committee, the hackers appear to have used ?spear phishing? techniques to gain access to the foundation's network.


'Auction' of NSA tools sends security companies scrambling

- Thu, 18 Aug 2016 03:40:22 -0400

FILE - In his June 6, 2013 file photo, the National Security Agency (NSA) campus in Fort Meade, Md. The leak of what purports to be a National Security Agency hacking tool kit has set the information security world atwitter ? and sent major companies rushing to update their defenses. Experts across the world are still examining what amount to electronic lock picks. Here's what they've found so far. (AP Photo/Patrick Semansky, File)PARIS (AP) ? The leak of what purports to be a National Security Agency hacking tool kit has set the information security world atwitter ? and sent major companies rushing to update their defenses.


Lenovo first-quarter profit leaps, helped by asset sale, but smartphone losses linger

- Thu, 18 Aug 2016 02:10:55 -0400

A Lenovo logo is seen at the computer in KievChina's Lenovo Group , the world's biggest PC maker, said first-quarter profit jumped nearly two-thirds, helped by a one-off asset sale, but its mobile arm lost money again as a $3 billion bet on buying Motorola to diversify has yet to pay off. Lenovo said on Thursday net profit climbed 64 percent to $173 million for the quarter ended June compared with a year earlier, when profit was hit by restructuring costs. A $132 million gain from the sale of a Beijing office property boosted profit well beyond the $130.1 million average estimate of analysts polled by Thomson Reuters SmartEstimates.


Yup, Russia was probably behind that NSA hack

- Wed, 17 Aug 2016 21:00:07 -0400

The NSA was†hacked by a group that calls itself Shadow Brokers, a report earlier this week revealed, with some of the stolen†cyberweapons being auctioned off to the highest bidder. Since then, experts who have seen some of the stolen files believe that the NSA has indeed been hacked, with Russia being one of the prime suspects. As for the strange auction itself, it looks like nobody is really interested in paying for the hacked documents at this point. DON?T MISS:† iPhone 7: Our biggest question was just answered A new report from Business Insider reveals that the NSA itself was not hacked. However, a server used by the Equation Group, a highly sophisticated cyber-security†company that?s believed to support the NSA?s Tailored Access Operations (TAO) hacking group, was hit. Security researchers who have seen the stolen data believe it's authentic, including Kaspersky researchers and Nicholas Weaver. Even Edward Snowden commented on the matter, suggesting that a server may have been hit. "NSA malware staging servers getting hacked by a rival is not new," he said on Twitter. "A rival publicly demonstrating they have done so is." Meanwhile, some security experts believe that Russia is behind the hack. There?s no real proof for now, but considering the timing and nature of the attack, security experts see the country as a potential backer of the Shadow Brokers. "High level US political officials seemed quite upset about the DNC hacks, which no doubt resulted in a covert response, which this is then likely a counter-response to," former NSA employee Dave Aitel said . "No team of 'hackers' would want to piss off Equation Group this much. That's the kind of cojones that only come from having a nation state protecting you." "The list of suspects is short: Russia or China," Weaver said . "And in the context of the recent conflict between the US and Russia over election interference, safe money is on the former." Even Snowden said the attack might be a warning to the US against accusing Russia publicly of hacking the DNC. As for the contents of the files stolen from the NSA computer, nobody is really looking to buy them, Wired reports .†With over 24 hours having passed since the auction was made public, the highest bid is at $937.15. That?s nowhere near the asking price of 1†million bitcoin that the hackers are looking for†(that?s $576 million). The auction is rather strange and isn?t really an auction, per se. The Shadow Brokers expect bidders to pay in advance, with the highest bidder set to receive the stolen cyeberweapons. Everyone else would lose their bids. However, the attackers ? if they're indeed enemies of the†US ? may be more interested in sending a message than making any money off the hack. ?This leak is likely a warning that someone can prove US responsibility for any attacks that originated from this malware server,? Weaver wrote. ?That could have significant foreign policy consequences. Particularly if any of those operations targeted US allies?.Particularly if any of those operations targeted elections.?

Cisco to cut 5,500 jobs in shift from switches to software

- Wed, 17 Aug 2016 18:52:52 -0400

File photo of the Cisco Systems logo is seen as part of a display at the Microsoft Ignite technology conference in ChicagoBy Alexandria Sage and Arathy S Nair SAN FRANCISCO (Reuters) - Cisco Systems Inc said it would cut nearly 7 percent of its workforce, posting charges of up to $400 million in its first quarter, as the world's largest networking gear maker shifts focus from its legacy hardware towards higher-margin software. The gradual move to fast-growing sectors such as security, the Internet of Things and the cloud is a response to sluggish demand for Cisco's traditional lineup of switches and routers from telecom carriers and enterprise customers, amid intense competition from companies such as Huawei and Juniper Networks Inc. Savings from up to 5,500 job cuts would be reinvested into key growth areas, Cisco said. "We think this is partly an effort by (CEO) Chuck Robbins to put a stake in the ground and send a message that this is going to be a leaner, meaner Cisco that is focused on driving software and recurring revenue business," said Guggenheim Securities analyst Ryan Hutchinson.


U.S. offers states help to fight election hacking

- Wed, 17 Aug 2016 10:41:39 -0400

U.S. Homeland Security Secretary Johnson testifies before a House Homeland Security Committee hearing on Capitol Hill in WashingtonBy Doina Chiacu WASHINGTON (Reuters) - The government is offering to help states protect the Nov. 8 U.S. election from hacking or other tampering, in the face of allegations by Republican Party presidential candidate Donald Trump that the system is open to fraud. Homeland Security Secretary Jeh Johnson told state officials in a phone call on Monday that federal cyber security experts could scan for vulnerabilities in voting systems and provide other resources to help protect against infiltration, his office said in a statement. The attempts to sow doubts about the 2016 election results coincided with Trump's slide in opinion polls against Democratic Party candidate Hillary Clinton and missteps in his campaign.


Special Report: Not so SWIFT - Bank messaging system slow to address weak points

- Wed, 17 Aug 2016 05:36:44 -0400

Photo illustration of the Swift bank logoBy Tom Bergin LA HULPE, Belgium (Reuters) - More than a dozen current and former board directors and senior managers of SWIFT, the bank messaging system that helps transmit billions of dollars around the world every day, have told Reuters the organization for years suspected there were weaknesses in the way smaller banks used its messaging terminals ? but did not address such vulnerabilities. The sources said that until February, when hackers tried to steal nearly $1 billion dollars by breaking into the messaging system at Bangladesh's central bank, SWIFT had not regarded the security of customer terminals as a priority. In SWIFT's annual reports and strategy plans from the past 17 years Reuters could find only one reference to SWIFT helping its users to secure their systems.


Huawei is selling a phone with the Galaxy S7?s specs for $400

- Tue, 16 Aug 2016 23:52:55 -0400

Huawei is a Chinese phone manufacturer notorious for selling off-contract Android phones for dirt cheap. With the latest addition to the family, the Honor 8, the tune is exactly the same -- and that's a seriously good thing. The Honor 8 isn't technically Huawei's flagship phone, but you wouldn't know it from a glance at the spec sheet. It's a glass-backed phone that reminds me of the Nexus 4, with a 5.2-inch, full HD screen. Buried in the glass back is a dual-camera system, which yes, is the same thing rumored for the upcoming iPhone 7. Guess Huawei got there first. DON'T MISS: Samsung Galaxy Note 7 Review The two rear cameras are both 12MP, but one takes a color picture, while the other shoots in black and white. Photos are captured with both sensors at once, and supposedly combined into a better image. It's basically the same system on the existing Honor P9, but without the Leica branding. Also on the back is Huawei's fingerprint sensor, which doubles as a programmable smart button. More than anything else, I like the aesthetic -- glass back with a silver ring is a rare distinctive look in a sea of black rectangles. Underneath, it's a Kirin 950 processor and 4GB of RAM running the show. In theory, that should be enough to make the phone buttery smooth, although this is the first phone sold with that chipset in the US. There's also a 3,000mAh battery to power everything, which is decent but not exceptional for a 5-inch phone. Otherwise, there's a USB-C port for charging, a 3.5mm headphone jack, and a microSD port for expansion. The 32GB model costs $400, with the 64GB running $450. Overall, it looks like a solid offering for a price that's a little under flagship phones. Most of all, it offers two things that people really care about -- a unique design and a (hopefully) good camera -- for well under the $600 that a flagship phone generally costs off-contract. At the $400 price point, it's going up against the Oneplus 3, and more worryingly, the iPhone SE. Huawei hasn't made huge inroads into the US yet, and I don't think the Honor 8 is enough of a knockout to change that on its own. It's not a total game-changer, but a flagship phone for $400 really isn't anything to sniff out. If Huawei can work out a way to really sell its phones without going through the cell carriers, it might be onto something. Pre-orders open today on Amazon, Best Buy and Newegg, with a $50 gift card for anyone who pre-orders. Delivery is expected sometime in early September.

Top Asian News 3:17 a.m. GMT

- Tue, 16 Aug 2016 23:17:29 -0400

BEIJING (AP) ? China's launch of the first quantum satellite Tuesday will push forward efforts to develop the ability to send communications that can't be penetrated by hackers, experts said. The satellite launched into space from the Jiuquan launch base in northwestern China's Gobi desert will allow Chinese researchers to transmit test messages between Beijing and northwestern China as well as other locations around the world. If the tests are successful, China will take a major step toward building a worldwide network that can send messages that can't be wiretapped or cracked through conventional methods. "It moves the challenge for an eavesdropper to a different domain," said Alexander Ling, principal investigator at the Centre for Quantum Technologies in Singapore.

Snowden: Exposure of alleged NSA tools may be warning to US

- Tue, 16 Aug 2016 14:25:31 -0400

PARIS (AP) ? The exposure of malicious software purportedly linked to the National Security Agency is likely a message from Moscow, former intelligence worker Edward Snowden said Tuesday, adding a layer of intrigue to a leak that has set the information security world abuzz.

Google will fight the iPhone 7 with phones of its own, but don?t call them Nexuses

- Tue, 16 Aug 2016 14:10:33 -0400

The iPhone 7 isn?t the only hot new smartphone coming to town this year. In case you haven?t been paying attention, Google has two new HTC-made smartphones in the pipeline and they're rumored to launch in early October. But a new report says that rather than including them in the Nexus family, Google will do something entirely different: It?ll launch its first ever Google-branded smartphones this year. DON?T MISS: Samsung Galaxy Note 7 review The report comes from Gadgets 360 , which has supposedly learned from unnamed sources that Google†will launch the devices ?later in September? in a handful of countries, including India. The phones will come in two sizes, including 5 inches and 5.5 inches. They will also run Android 7.0 Nougat out of the box and feature 32GB and 12GB variants. The source who saw the two handsets confirmed they ran Nougat, featuring the new launcher we?ve seen in leaks. The launcher lacks the iconic Google search box you?re used to†on Android handsets, and the phones come with Google Assistant preloaded, which would be a ?headline software feature? of the new phones. If these details sound familiar, that?s because the HTC Sailfish and Marlin are supposed to be high-end Nexus handsets sharing the same specs.†Recent leaks have suggested there?s no Nexus branding on these devices. Instead, a ?G? for Google might appear on the rear cases, something Android Police †reiterated in a recent report . This design detail seems to support Gadgets 360 ?s claims. However, official documentation filed with the FCC says that the manuals for the upcoming HTC devices will be found online on Google?s Nexus mini-site. The report goes on to say that Google is looking to position these devices ?as premium smartphones with excellent overall experience,? looking to better take on the iPhone. The phones will even come with a new mechanism to transfer data from an†iPhone so that switchers can have a seamless transition to Android. Interestingly, market experts told the site that Samsung?s high-end sales are most likely to be impacted by the launch of Google?s phones in India. Does that mean the Google-branded phones will be cheaper than Samsung?s top†Galaxy devices? On a related note, we?ll also remind you that a few months ago, a Huawei exec let it slip that the Chinese company will have a new Nexus device in stores this year. However, that device failed to appear in recent†rumors. Is it possible that Google will launch both new Nexus and Google phones this year? September can?t come soon enough.

U.S. government offers states help to fight voter fraud

- Tue, 16 Aug 2016 14:03:24 -0400

U.S. Homeland Security Secretary Johnson testifies before a House Homeland Security Committee hearing on Capitol Hill in WashingtonBy Doina Chiacu WASHINGTON (Reuters) - The government is offering to help states protect the Nov. 8 U.S. election from hacking or other tampering, in the face of allegations by Republican Party presidential candidate Donald Trump that the system is open to fraud. Homeland Security Secretary Jeh Johnson told state officials in a phone call on Monday that federal cyber security experts could scan for vulnerabilities in voting systems and provide other resources to help protect against infiltration, his office said in a statement. The attempts to sow doubts about the 2016 election results coincided with Trump's slide in opinion polls against Democratic Party candidate Hillary Clinton and missteps in his campaign.


In a shift, Bangladesh Bank says no plans to sue Fed, SWIFT

- Tue, 16 Aug 2016 04:30:59 -0400

Photo illustration of the Swift bank logoBy Serajul Quadir and Jonathan Spicer DHAKA/NEW YORK (Reuters) - Bangladesh's central bank said it has reversed its plans to sue the Federal Reserve Bank of New York and the SWIFT money transfer network, and instead intends to seek their help recovering $81 million stolen by cyber thieves in February. A source close to the Asian central bank last month said it was preparing litigation to seek compensation, claiming errors by the New York Fed and SWIFT had made Bangladesh Bank vulnerable.


China's launch of quantum satellite major step in space race

- Tue, 16 Aug 2016 02:17:06 -0400

In this photo released by China's Xinhua News Agency, a Long March-2D rocket carrying the world's first quantum satellite lifts off from the Jiuquan Satellite Launch Center in Jiuquan, northwestern China's Gansu Province, early Tuesday, Aug. 16, 2016. Experts say China's launch of the first quantum satellite will push forward the worldwide effort to develop the ability to send communications that are impenetrable by hackers. (Jin Liwang/Xinhua via AP)BEIJING (AP) ? China's launch of the first quantum satellite Tuesday will push forward efforts to develop the ability to send communications that can't be penetrated by hackers, experts said.


Trump promises to work with NATO to defeat Islamic State

- Mon, 15 Aug 2016 21:41:03 -0400

Republican U.S. presidential nominee Donald Trump speaks at Youngstown State University in Youngstown, OhioBy Ginger Gibson YOUNGSTOWN, Ohio (Reuters) - Republican Donald Trump said on Monday he would work closely with NATO allies to defeat Islamic State militants if he wins the White House, reversing an earlier threat that the United States might not meet its obligations to the Western military alliance. In a policy speech, Trump said he would wage a multi-front "military, cyber and financial" war against Islamic State, although it was not clear how that would differ from the Obama administration's fight with the jihadist group. "We will also work closely with NATO on this new mission," said Trump, whose remarks about the defense organization earlier this summer drew heavy criticism from allies and even some of his fellow Republicans.


Hackers may have stolen your credit card data if you stayed at any of these hotels

- Mon, 15 Aug 2016 21:00:13 -0400

Remember when news broke out that a certain retail or hotel chain was hit by a sophisticated malware attack that allowed hackers to steal personal information belonging to a large number of customers, including payment information? Well, this is such a case. And if you stayed at one of the 20 following hotels and paid for goods using your credit cards, then your financial data may be at risk, and you probably have to take various preemptive measures. DON?T MISS: New photos and video show iPhone 7 Plus in the color we?ve all been waiting for: Space Black 20 hotels in the US operated by HEI Hotel & Resorts on behalf of Starwood, Marriott, Hyatt, and Intercontinental may have been included in the attack, ZDNet and Reuters report . The number of affected customers is difficult to calculate because they used their cards multiple times. The malware was discovered in June of this year, but may have operated for periods longer than a year, being active from March 1st, 2015, in some systems. The hackers likely targeted PoS terminals and recorded data in real time, given that the company says it does not store credit card numbers and data. HEI said that hackers were able to steal names, payment card account numbers, card expiration dates, and verification codes. PIN codes were not collected. The list of affected hotels, their addresses, and the period during which the malware operated on their PoS terminals is found in the following spreadsheet. In case you stayed at any of these 20 locations and used credit card transactions, you should review your banking statements for potentially fraudulent charges, and change your credit cards right away.

Hacking group claims to offer cyber-weapons in online auction

- Mon, 15 Aug 2016 19:38:03 -0400

A man is seen near cyber code and the U.S. National Security Agency logo in this photo illustration taken in SarajevoHackers going by the name Shadow Brokers said on Monday they will auction stolen surveillance tools they say were used by a cyber group linked to the U.S. National Security Agency. To arouse interest in the auction, the hackers released samples of programs they said could break into popular firewall software made by companies including Cisco Systems Inc, Juniper Networks Inc and Fortinet Inc. The companies did not respond to request for comment, nor did the NSA. Writing in imperfect English, the Shadow Brokers promised†in postings on a Tumblr blog that the auctioned material would contain ?cyber weapons? developed by the Equation Group, a hacking group that cyber security experts widely believe to be an arm of the NSA.


Stepanova: If something happens to us, it's not an accident

- Mon, 15 Aug 2016 18:23:55 -0400

FILE - In this July 6, 2015 file photo Russian doping whistleblower Yuliya Stepanova, who ran under a neutral flag, leaves the track after suffering an injury in a women's 800m heat during the European Athletics Championships in Amsterdam, the Netherlands. Stepanova is in fear of her safety, switching residences after hackers breached a database that records her whereabouts. Stepanova and her husband, Vitaly, were the informers who detailed a state-run doping system in Russia that led to the ouster of the country's athletes from the Olympic track meet. (AP Photo/Geert Vanden Wijngaert, File)RIO DE JANEIRO (AP) ? The runner who blew the whistle on the doping scandal in Russia fears for her safety and has switched residences after hackers breached a database that records her whereabouts.


Clinton team hits report of Trump aide's ties to Russia

- Mon, 15 Aug 2016 18:11:33 -0400

FILE - In this July 18, 2016, file photo, Trump campaign chairman Paul Manafort walks around the convention floor before the opening session of the Republican National Convention in Cleveland. Hillary Clinton?s campaign is questioning Donald Trump?s top political aide?s ties to a pro-Kremlin political party in Ukraine, claiming it is evidence of the Republican nominee?s cozy relationship with Russia. The New York Times reported that handwritten ledgers found in Ukraine show $12.7 million in undisclosed payments to Paul Manafort from the pro-Russia party founded by the country?s former president Viktor Yanukovych. (AP Photo/Carolyn Kaster, File)NEW YORK (AP) ? Hillary Clinton's campaign is questioning Donald Trump's top political aide's ties to a pro-Kremlin political party in Ukraine, claiming it is evidence of the Republican nominee's cozy relationship with Russia.