IANS Blog RSS Feed

http://www.iansresearch.com

Poulin to CSO: We Hacked a Smart Building Using ?Old-School? Techniques

- Thu, 11 Feb 2016 00:00:00 GMT

The ?smarter? buildings get, the easier they are to hack? Maybe. IANS Faculty Chris Poulin, research strategist for IBM?s X-Force ethical hacking team, recently spoke to CSO?s Maria Korolov about a penetration test in which his team was able to gain access to all of the buildings operated by a building management company.

Privacy, Security Concerns Rise as States Mull Encryption Backdoor Requirements

- Wed, 27 Jan 2016 00:00:00 GMT

National Data Privacy Day (January 28th) certainly comes at an interesting time this year, as legislators in two of the most technology-centric U.S. states recently introduced similar bills that would force smartphone manufacturers to include encryption backdoors in their devices.

Fledgling Cyber-Insurance Market Tested by Early Denials, Lawsuits

- Wed, 20 Jan 2016 00:00:00 GMT

Cybersecurity insurance policies may be relatively new, but they have one important thing in common with established, legacy business coverage: They live and die in the fine print.

Hacker-Caused Ukrainian Power Outage Marks First Known Attack With Immediate, Direct Public Impact

- Tue, 05 Jan 2016 00:00:00 GMT

Security researchers have confirmed that a recently updated version of the highly destructive BlackEnergy malware package infected the systems of at least three power authorities in Ukraine, causing a massive outage that left thousands of homes in the Ivano-Frankivsk region of the country without electricity. 

Top 10 IANS Insights from a Tumultuous 2015

- Mon, 28 Dec 2015 00:00:00 GMT

Another year is in the books and what a year it was for infosec pros. From the Ashley Madison hack to the OPM breach, to Jeep commandeering and mysterious backdoors in popular networking gear, every week brought a new security twist that forced us all to keep our heads on swivels.

Herold: Misguided CISA Heightens Security, Privacy Concerns

- Mon, 21 Dec 2015 00:00:00 GMT

The controversial Cybersecurity Information Sharing Act (CISA) is now the law of the land, slipped into an eleventh-hour spending bill designed to keep the federal government running through 2016.

Patch Now: Rogue Code Leaves Gaping Hole in Juniper Gear

- Fri, 18 Dec 2015 00:00:00 GMT

Juniper Networks says unauthorized code could allow attackers to gain administrative access to its NetScreen appliances and decrypt VPN connections without leaving any trace of their actions. Users are urged to apply fixes immediately.

Poulin: Time to Realistically Acknowledge Vehicle Vulnerabilities

- Wed, 16 Dec 2015 00:00:00 GMT

The images and breathless banter were difficult to ignore: celebrity security researchers gaining remote command of an automobile, disrupting on-board systems before forcing the vehicle and its helpless driver into a ditch.

NIST to Infosec Pros: How Is Our Framework Working?

- Mon, 14 Dec 2015 00:00:00 GMT

The National Institute of Standards and Technology is asking infosec practitioners in the public and private sectors to comment on the efficacy of its cybersecurity framework as it prepares to update the popular, two-year-old document.

As Ransomware Attacks Evolve, Security Teams Must Prepare For New ?Drive-By? Tactics

- Thu, 10 Dec 2015 00:00:00 GMT

Another week, another evolution of the popular ransomware attacks. When we last wrote about it, researchers had discovered a new iteration ? ?Linux.Encoder.1? ? that enabled attackers to inject malware into Linux-powered websites and encrypt all files in the home and backup directories. Now, it appears the popular exploit kit Angler is being used to spread the latest version of CryptoWall and other ransomware on websites as part of ?drive-by? campaigns that begin with the deployment of password-stealing malware. 

Threats RSS Feed - Symantec Corp.

http://www.symantec.com/business/security_response/landing/threats.jsp

Trojan.Snifula!gm

- Sat, 27 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Ransom.Fantom

- Sat, 27 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Ransom.Tearhide

- Fri, 26 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Downloader.Pirpi!g1

- Thu, 25 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Ransom.Purge

- Thu, 25 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Trojan.Chrofprox

- Wed, 24 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Trojan.Egguard

- Wed, 24 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Ransom.AlmaLocker

- Tue, 23 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Ransom.AlmaLocker!gm

- Tue, 23 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Trojan.Shakstiler

- Tue, 23 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Hacktool.Mimikatz!g2

- Tue, 23 Aug 2016 00:00:00 +0000

Risk Level: Very Low.

W32.Rexdrup

- Tue, 23 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Worm.

Backdoor.Equation

- Tue, 23 Aug 2016 00:00:00 +0000

Risk Level: Very Low.

Hacktool.Equation

-

Risk Level: Very Low.

Trojan.Kwampirs

- Sat, 20 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

SONAR.MSWord!g8

- Wed, 17 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan, Virus, Worm.

Hacktool.Mimikatz!g1

- Tue, 16 Aug 2016 00:00:00 +0000

Risk Level: Very Low.

Trojan.Ransomcrypt.BH

- Tue, 16 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Trojan.Zombrari

- Mon, 15 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Trojan.Ransomcrypt.BF

- Mon, 15 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Trojan.Ransomcrypt.BG

- Mon, 15 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Exp.CVE-2016-3304

- Thu, 11 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Linux.Leydiwon

- Thu, 11 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

SONAR.JSDownloader!g3

- Thu, 11 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan, Virus, Worm.

SONAR.BC.CryptDrop!g3

- Thu, 11 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan, Virus, Worm.

SONAR.Cryptlocker!g60

- Thu, 11 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan, Virus, Worm.

SONAR.Cryptlk.AF!g1

- Thu, 11 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan, Virus, Worm.

SONAR.Heur.RGC!g231

- Thu, 11 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan, Virus, Worm.

SONAR.Heur.RGC!g332

- Thu, 11 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan, Virus, Worm.

SONAR.Heur.RGC!g275

- Thu, 11 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan, Virus, Worm.

SONAR.Heur.RGC!g294

- Thu, 11 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan, Virus, Worm.

SONAR.Heur.RGC!g271

- Thu, 11 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan, Virus, Worm.

Backdoor.Misogow!g1

- Thu, 4 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Boot.Cryptolocker.AU

- Mon, 8 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Backdoor.Cartcapa

- Mon, 8 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Backdoor.Bandock.A!gm

- Mon, 8 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Trojan.Ransomlock.AT

- Fri, 5 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Ransom.CryptXXX!g14

- Fri, 5 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Backdoor.Misogow

- Thu, 4 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

SONAR.BC.CryptDrop!g4

- Thu, 4 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan, Virus, Worm.

SONAR.BC.CryptDrop!g1

-

Risk Level: Very Low. Type: Trojan, Virus, Worm.

SONAR.BC.CryptDrop!g2

-

Risk Level: Very Low. Type: Trojan, Virus, Worm.

SONAR.Bayrob!gen2

- Thu, 4 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

SONAR.BC.Cryptlk!g2

- Thu, 4 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan, Virus, Worm.

SONAR.BC.Cryptlk!g1

- Thu, 4 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan, Virus, Worm.

SONAR.Cryptlk.AH!g2

- Thu, 4 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan, Virus, Worm.

SONAR.Heur.RGC!g331

- Thu, 4 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan, Virus, Worm.

SONAR.Ransom!gen3

- Thu, 4 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

SONAR.Cryptlocker!g80

- Thu, 4 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan, Virus, Worm.

Trojan.Sorcurat!gen1

- Thu, 4 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Backdoor.Remsec

- Tue, 2 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Exp.CVE-2016-4226

- Tue, 2 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Backdoor.Remvio

- Wed, 3 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Trojan.Trawlmernib

- Wed, 3 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Trojan.Maltrec!eg1

- Mon, 1 Aug 2016 00:00:00 +0000

Risk Level: Very Low. Type: Trojan.

Security News Headlines - Yahoo! News

http://news.yahoo.com/security/

FBI warns of possible state election-system hacks

- Mon, 29 Aug 2016 21:04:44 -0400

FILE - This Feb. 3, 2012, file photo shows FBI headquarters in Washington. The FBI is warning state officials to boost their election security in light of evidence that hackers breached the election systems of a pair of states. The Aug. 18, 2016, warning came just days after Homeland Security Secretary Jeh Johnson hosted a call with secretaries of state and other state elections officials to talk about cybersecurity and the election infrastructure. (AP Photo/Manuel Balce Ceneta, File)NEW YORK (AP) ? The FBI is warning state officials to boost their election security in light of evidence that hackers targeted related data systems in two states.


Exclusive: Six senators urge Obama to prioritize cyber crime at G20 summit

- Mon, 29 Aug 2016 20:52:51 -0400

A man rides an electronic bike past a billboard for the upcoming G20 summit in HangzhouBy Jonathan Spicer NEW YORK (Reuters) - Six U.S. senators have urged President Barack Obama to prioritize cyber crime at this weekend's Group of 20 summit in China, in the wake of the theft of $81 million from Bangladesh's central bank, according to a letter obtained by Reuters. In the letter sent to the White House ahead of the Sept. 4-5 summit, Sherrod Brown, a senior Democrat on the Senate Banking Committee, and five other Democratic senators say they want the U.S. president to press leaders from the world's 20 biggest economies to commit in joint communiques to a "coordinated strategy to combat cyber-crime at critical financial institutions." The letter, dated Monday, suggests that concern among U.S. lawmakers is growing over the February incident in which hackers breached Bangladesh Bank's systems and used the SWIFT banking network to request nearly $1 billion from an account held at the Federal Reserve Bank of New York.


Exclusive: Six U.S. senators urge Obama to prioritize cyber at G20 in China

- Mon, 29 Aug 2016 18:44:20 -0400

A man rides an electronic bike past a billboard for the upcoming G20 summit in HangzhouBy Jonathan Spicer NEW YORK (Reuters) - Six U.S. senators have urged President Barack Obama to prioritize cyber crime at this weekend's G20 summit in China, in the wake of the theft of $81 million from Bangladesh's central bank, according to a letter obtained by Reuters. In the letter sent to the White House ahead of the Sept. 4-5 summit, Sherrod Brown, a senior Democrat on the Senate Banking Committee, and five other senators say they want the U.S. President to press leaders from the world's 20 biggest economies to commit in joint communiques to a "coordinated strategy to combat cyber-crime at critical financial institutions." The letter, dated Monday, suggests concern among U.S. lawmakers is growing over the February incident in which hackers breached Bangladesh Bank's systems and used the SWIFT banking network to request nearly $1 billion from an account held at the Federal Reserve Bank of New York.


Business Highlights

- Mon, 29 Aug 2016 18:07:43 -0400

___ Mylan launching cheaper, generic version of EpiPen The maker of EpiPens will start selling a cheaper, generic version of the emergency allergy shots as the furor over repeated U.S. price hikes continues ...

These Bluetooth EarPods for the iPhone 7 better be fake

- Mon, 29 Aug 2016 17:00:56 -0400

Apple will soon unveil the iPhone 7, a smartphone that?s supposed to look almost exactly like the iPhone 6 and iPhone 6s. But the device will pack better hardware, and bring over one massive change. The iPhone 7 will be the first iPhone to ship without a standard 3.5mm audio jack, and we still have no idea how Apple will deal with the matter. One solution would be wireless headphones, which Apple is reportedly working on. A new leak shows what appears to be Bluetooth EarPods that would ship with the iPhone 7. But we hope ? and think ? it?s fake. DON?T MISS: A closer look at the NSO Group, the organization behind the most advanced iPhone spyware ever released The following images were posed online by @the_malignant , a mysterious Twitter account that keeps leaking details about unreleased devices, including the iPhone 7, but the new pictures are rather dubious. The person who supposedly had access to these many iPhone 7 retail boxes, complete with wireless EarPods, didn?t even bother to take the headphones out for closer inspection. And there?s nothing to suggest these EarPods will look anything like the current wired EarPods that ship with iPhones. Not to mention that there doesn?t appear to be space for a second EarPod in the box. https://twitter.com/the_malignant/status/770024716983828480 The boxes seem shady, and that iPhone 7 that sits on a box isn?t necessarily the real thing either. It appears to be a clone similar to the one showed in the following images, all labeled as fakes a few days ago, by the same @the_malignant ? check that QR code in the top right corner that keeps appearing in these pictures: https://twitter.com/the_malignant/status/769440570318151680 Apple will unveil its iPhone 7 on September 7th, according to recent reports, at which point we'll learn more details about the way it wants to solve issues caused by the removal of the headphone jack.

Instagram pic teases Microsoft?s redesigned Surface Book 2

- Mon, 29 Aug 2016 16:35:52 -0400

Microsoft on Sunday took to Instagram to post a teaser image of the Surface Book, saying that Surface is ?your key to success.? The company didn?t say anything about the photo, but people soon noticed there was something odd with the picture. It didn't show the same Surface Book hinge that Microsoft introduced on the first model. Instead, the image hints at a significant design change coming in this year?s Surface Book 2. DON?T MISS: A closer look at the NSO Group, the organization behind the most advanced iPhone spyware ever released Recent reports claimed that Microsoft?s Surface Book successor would feature a redesigned hinge  that would allow the screen to sit flush with the keyboard, eliminating the gap in existing models. Microsoft did not reveal any other details about the picture, but it?s definitely a real  photo given that it made it to the company?s Surface Instagram account. Furthermore, Windows Central says it can confirm the image is from an ?internal Microsoft ?sizzler? reel meant to demonstrate some ideas for the new Surface Book 2.? The video was shown within Microsoft?s various departments in July, the report notes. The first-gen Surface Book was a very well-kept secret ahead of last year?s launch, as Microsoft wanted to surprise the audience with a premium laptop. But now that the Surface Book brand is out there and we all expect product refreshes on a yearly basis, there?s no point in completely hiding it from the public. Interestingly, Microsoft also released  a new Surface ad taking hits at the MacBook, so this Instagram ?leak? doesn?t seem to be a mistake. Instead, Microsoft is probably getting ready for a big Surface Book 2 reveal ahead of the holidays.

FBI detects breaches against two state voter systems

- Mon, 29 Aug 2016 16:04:59 -0400

Voters cast their ballots at Su Nueva laundromat during voting in Illinois' U.S. presidential primary election in ChicagoBy Dustin Volz and Jim Finkle WASHINGTON (Reuters) - The Federal Bureau of Investigation has found breaches in Illinois and Arizona's voter registration databases and is urging states to increase computer security ahead of the Nov. 8 presidential election, according to a U.S. official familiar with the probe. The FBI warning in an Aug. 18 flash alert from the agency's Cyber Division did not identify the intruders or the two states targeted. Officials and cyber security experts say recent breaches at the Democratic National Committee and elsewhere in the Democratic Party were likely carried out by people within the Russian government.


Cyber threat grows for bitcoin exchanges

- Mon, 29 Aug 2016 07:34:53 -0400

An illustration photo shows a Bitcoin (virtual currency) paper wallet with QR codes and a coin are seen at La Maison du Bitcoin in ParisBy Gertrude Chavez-Dreyfuss NEW YORK (Reuters) - When hackers penetrated a secure authentication system at a bitcoin exchange called Bitfinex earlier this month, they stole about $70 million worth of the virtual currency. The latest survey of 46 securities exchanges released three years ago by the International Organization of Securities Commissions and World Federation of Exchanges found that more than half had experienced a cyber attack.


How to not get scammed on Amazon

- Sat, 27 Aug 2016 09:00:39 -0400

Amazon is the biggest online retailer in the US, but it's also not without problems. One of the ways Amazon became so big was by opening up its distribution network to third-party retailers, who use Amazon's warehouses and website to sell their own products. Buying from these retailers means you're not buying from Amazon proper, and that means you can be burned. DON'T MISS: How-To Geek  has the story of how one author got scammed by a mini PC with a cracked version of Windows. When you're paying good money for a computer off a giant website, it shouldn't arrive with pirated software. And yet: The particular PC I purchased was sold by ? MarsKing ?. Sure, that?s a Chinese manufacturer I?ve never heard of, but it?s solid Intel hardware inside. It was also marked by Amazon as the ?#1 New Release? in this category and had solid 4-to-5-star reviews at the time. It even had a ?Prime? logo, which meant that it would be shipped to me from an Amazon warehouse. Looks legit, right? Nope! The PC came with a KMS Loader activation crack installed and was using a KMS key?a common way to activate pirated Windows licenses. Windows Defender found the KMS activation crack and complained about malware as soon as Windows Update ran automatically. After I left a bad review and returned the product to Amazon, MarsKing contacted me through Amazon with an offer: ?We would like to sell you a new pc box with legitimate [Windows license] at 50% money off as apologize.? I didn?t take them up on it. As the author points out, the reason he was burned was because he was buying from a third-party seller. Since Amazon never really verifies or tests products that it sells on behalf of third parties, there's very little quality control in the system. In fairness, Amazon is still better than buying from a scammer on eBay or Craigslist. Amazon's customer service is designed to keep the customers happy, so you can always return products, and I've personally been offered small discount vouchers when my Amazon purchases have gone wrong. But still, you don't want to go through the time and hassle of buying and returning something that's fake. To that end,  How-To Geek  has some good, simple tips to use when buying off Amazon. Avoid products that are sold and shipped by third-party sellers, and instead look for things sold by Amazon.com, or at least shipped by Amazon. Reading reviews is also important, but that's its own minefield. Amazon reviews have become tainted as of late. There's an entire cottage industry dedicated to writing fake Amazon reviews, and many companies have started trading discounted (or free) products in return for favourable reviews. Reviews aren't worthless (yet!), but you should pay attention when reading them to try and avoid reviews that have been incentivized.

Kuwaiti government employee arrested over IS online postings

- Fri, 26 Aug 2016 02:39:50 -0400

KUWAIT CITY (AP) ? Kuwait's Interior Ministry says a government employee has been arrested for spreading Islamic State ideology and hacking social media pages of "some friendly and sister countries."

U.S. Homeland Security probes hacking of actress Leslie Jones' website

- Thu, 25 Aug 2016 22:01:13 -0400

Cast member Leslie Jones poses at the premiere of the film "Ghostbusters" in Hollywood, CaliforniaThe U.S. Department of Homeland Security is investigating a new incident involving actress Leslie Jones, who has been targeted by online abusers, after hackers posted nude photos and personal information on the "Ghostbusters" star's website. In order to protect the integrity of the case, no further details are available at this time," Rachel Yong You, a spokeswoman for the U.S. Immigration and Customs Enforcement, said on Thursday in an email to Reuters. ICE, as the agency is known, is a branch of the Department of Homeland Security.


Apple fixes security flaw after UAE dissident's iPhone targeted

- Thu, 25 Aug 2016 19:28:18 -0400

A salesman checks a customer's iPhone at a mobile phone store in New DelhiApple Inc issued a patch on Thursday to fix a dangerous security flaw in iPhones and iPads after researchers discovered that a prominent United Arab Emirates dissident's phone had been targeted with a previously unknown method of hacking. The thwarted attack on the human rights activist, Ahmed Mansoor, used a text message that invited him to click on a web link. Instead of clicking, he forwarded the message to researchers at the University of Toronto's Citizen Lab.


Russian lawmaker's son convicted in U.S. for hacking scheme

- Thu, 25 Aug 2016 19:21:41 -0400

View shows various credit cardsRoman Seleznev, also known as "Track2," was found guilty by a federal jury in Seattle on 38 of 40 counts including wire fraud and intentional damage to a protected computer following an eight day trial, prosecutors said. The conviction of Seleznev, of Vladivostok, followed a 10-year-long investigation by the U.S. Secret Service, the agency said. Seleznev, the son of Valery Seleznev, a member of the Russian Parliament, is scheduled to be sentenced on Dec. 2.


Apple issues security update following discovery of iPhone spyware circulating in Middle East

- Thu, 25 Aug 2016 13:06:16 -0400

PARIS (AP) ? Apple issues security update following discovery of iPhone spyware circulating in Middle East.

Tech firms' encryption foe struggles for U.S. Senate re-election

- Thu, 25 Aug 2016 06:24:12 -0400

Senators hold a news conference to talk about new legislation to restrict prisoner transfers from the detention center at Guantanamo Bay, at the U.S. Capitol in WashingtonBy Dustin Volz WASHINGTON (Reuters) - A U.S. senator seen by Silicon Valley as one of the technology industry's main foes in Congress is fighting for his political life as Donald Trump's slumping poll numbers threaten to damage Republican candidates across the board. Senator Richard Burr from North Carolina, the chairman of the Senate Intelligence Committee, is facing a strong and unexpected challenge from Democrat Deborah Ross. Ross, a former head of the state's chapter of the American Civil Liberties Union, is fighting an uphill battle.


Welcome to the Trump-Clinton conspiracy election

- Thu, 25 Aug 2016 03:45:02 -0400

Democratic presidential nominee Hillary Clinton talks with Jimmy Kimmel during a break in the taping of "Jimmy Kimmel Live!" in Los Angeles, Monday, Aug. 22, 2016. (AP Photo/Carolyn Kaster)LOS ANGELES (AP) ? It's a conspiracy: The 2016 campaign features one candidate who warned against the "vast right-wing conspiracy" and another who was a leader of the so-called "birther" movement.


CrowdStrike, other cybersecurity firms integrating industry cooperative

- Thu, 25 Aug 2016 02:44:11 -0400

A padlock is displayed at the Alert Logic booth during the 2016 Black Hat cyber-security conference in Las VegasBy Joseph Menn SAN FRANCISCO (Reuters) - Some information security companies that were shut out of the leading system for sharing data on malicious software are revealing more about how their own systems work in hopes of rejoining the cooperative effort, a shift that should improve protections for customers throughout the industry. CrowdStrike, one of the most prominent young security companies threatened with exclusion from some shared services, said it has integrated part of its system for detecting malicious software with VirusTotal, the main industry repository for disclosing and rating risks of malware and suspect files. Alphabet Inc's Google runs the VirusTotal database so security professionals can share new examples of suspected malicious software and opinions on the danger they pose.


'SNL' star Leslie Jones' personal site offline after hacking

- Wed, 24 Aug 2016 21:12:03 -0400

FILE - In this July 9, 2016 file photo, actress Leslie Jones arrives at the Los Angeles premiere of "Ghostbusters." (Photo by Jordan Strauss/Invision/AP, File)LOS ANGELES (AP) ? Leslie Jones, the black "Saturday Night Live" and "Ghostbusters" actress-comedian, is again the target of racist and sexist online attacks.


Jury deliberates case of Russian man charged with hacking

- Wed, 24 Aug 2016 19:40:07 -0400

SEATTLE (AP) ? The son of a Russian lawmaker made millions by hacking into U.S. businesses to steal credit card information and selling that data to other criminals, a federal prosecutor told the jury during his closing argument on Wednesday.

France and Germany latest countries to want magical backdoors in encryption

- Wed, 24 Aug 2016 17:20:05 -0400

The recent NSA hack just proved to the world that no system is hack-proof if attackers have what it takes to break the access door. Regardless of whatever protections guarded that NSA server, hackers found a security hole to get in and steal critical documents. The same thing could happen to encrypted services that would feature a backdoor for law enforcement. But governments around the world still think they?d be able to handle such terrifying scenarios, with France and Germany being the latest nations looking to gain access to private encrypted messages exchanged over the internet by terror plot suspects. DON?T MISS: Steve Wozniak has free advice for Apple on how to fix the iPhone 7?s major issue It?s understandable why France and German are interested in heightened digital security, considering the many terrorist attacks that have hit the European region. ?Messages exchanged through certain apps such as Telegram must be decrypted and used as evidence by magistrates and investigators as part of legal proceedings,? French Interior Minister Bernard Cazeneuve said during a joint press conference with his German counterpart German Interior Minister Thomas de Maizičre. As The Wall Street Journal reports , the two countries are seeking new legislation that would allow spy agencies to demand access to a suspect?s communications, and impose ?obligations? on operators unwilling to help. The proposed laws would force companies including Apple, WhatsApp, Telegram, and many others, to build backdoors into their messaging systems, something that?s highly unlikely to happen. ?Some terrorists and criminals are ahead of us on the technology front. That?s not right,? de Maizičre said. But breaking encryption isn?t right either. The Computer & Communications Industry Association, representing Amazon, Facebook, Google, eBay, and others already took notice of the matter. ?It is certainly understandable that some would respond to recent tragedies with back doors and more government access,? the director for Europe of the association, Christian Borggreen, said. ?But weakened security ultimately leaves online systems more vulnerable to all types of attacks from terrorists to hackers.? This fall, the European Commission is expected to come up with new rules on privacy and security for telecom operators to include third-party services such as WhatsApp or Telegram.

Lottery scandal prosecutor seeks to subpoena Texas attorneys

- Wed, 24 Aug 2016 16:31:16 -0400

DES MOINES, Iowa (AP) ? An Iowa prosecutor wants a judge to issue subpoenas for telephone and bank records of two Texas attorneys who he believes are connected to a former lottery computer security administrator who fixed lottery games in several states.

The Latest: Jury gets case of Russian accused of hacking

- Wed, 24 Aug 2016 16:09:52 -0400

SEATTLE (AP) ? The Latest on the trial of a Russian man accused of hacking into U.S. businesses (all times local):

Netflix phishing scam looks to steal credit card details from iPhone users

- Wed, 24 Aug 2016 14:26:07 -0400

Whether or not you have active Netflix or Apple accounts makes no difference to hackers looking to steal precious personal data. But you should be aware of a new Netflix email scam that?s using a fake iTunes bill to fool you into giving your credit card details to scammers, so here?s what you need to know about it so you can avoid it. DON?T MISS:  iPhone 7: New leak may have just solved the only mystery left Like any phishing scheme, these fraudulent emails contain fake bills for products you may not remember having purchased, according to This Is Money . The emails seem to originate from Apple, and they appear to contain receipts for purchases that you?d normally get in your email ? if you have an Apple ID account and buy stuff from Apple?s digital stores. This particular receipt concerns Netflix, and it tries convince you that someone impersonating you has gained access to your Apple account to subscribe to Netflix. Naturally, you?ll want to put a stop to it by clicking the available ?refund? or ?manage subscriptions? links in that email. You?ll then get to a website that looks like Apple?s where you have to enter your account and credit card details for the refund. But what really happens is that those details are delivered straight to the scammers. And they?ll then put it to good use, meaning that you can expect real warnings from your bank in the near future. So what should you do? First of all, if you don't have an Apple account, then you're safe. Secondly, never click the links inside an email like this. Instead, check with your bank to see if the fraudulent charges are real. You can also go to Apple.com directly and check your account ? but, again, don?t use the links in that email. Just type the site's address into your browser. It might be Netflix and Apple today, but scammers could pair other hot products in the future to send similar emails. Consider the tips above best practices that you should always keep in mind.

Goldcorp struggles with leak at Mexican mine

- Wed, 24 Aug 2016 11:16:19 -0400

GOLDCORP-LEAKBy Allison Martell, Frank Jack Daniel and Noe Torres TORONTO/MEXICO CITY (Reuters) - Mexican regulators said they are examining whether mining company Goldcorp Inc broke any regulations in its handling of a long-running leak of contaminated water at Mexico's biggest gold mine. Levels of the mineral selenium rose in one groundwater monitoring well near Goldcorp?s Penasquito mine as early as October 2013, Goldcorp data reviewed by Reuters shows. The Canadian company reported a rise in selenium levels in groundwater to the Mexican government in October 2014, after which the contamination near its mine waste facility intensified, according to internal company documents seen by Reuters, and interviews with government officials.


Source of submarine document leak 'from overseas': Indian defense ministry

- Wed, 24 Aug 2016 07:18:12 -0400

India's defense ministry said on Wednesday that the source of secret documents detailing the capabilities of the French-designed Scorpene submarine being built for the Indian navy appeared to be "from overseas and not from India". Defence Minister Manohar Parrikar said earlier the security breach appeared to have been the work of hackers. The leak, first reported in The Australian newspaper, contains more than 22,000 pages outlining the secret combat capability of six submarines that DCNS of France has designed for the Indian Navy.

Mind the air-gap: Singapore's web cut-off balances security, inconvenience

- Tue, 23 Aug 2016 23:14:20 -0400

Public servants and contractors sit at their desks at a public housing administration center in SingaporeBy Jeremy Wagstaff and Aradhana Aravindan SINGAPORE (Reuters) - Singapore is working on how to implement a policy to cut off web access for public servants as a defense against potential cyber attack - a move closely watched by critics who say it marks a retreat for a technologically advanced city-state that has trademarked the term "smart nation". Some security experts say the policy, due to be in place by May, risks damaging productivity among civil servants and those working at more than four dozen statutory boards, and cutting them off from the people they serve. It may only raise slightly the defensive walls against cyber attack, they say.


New York Times says suspected Russian hackers targeted Moscow bureau

- Tue, 23 Aug 2016 20:50:46 -0400

The sun peaks over the New York Times Building in New YorkThe New York Times said on Tuesday its Moscow bureau was targeted by a cyber attack this month but that there was no evidence the hackers, believed to be Russian, were successful. "We are constantly monitoring our systems with the latest available intelligence and tools," Times spokeswoman Eileen Murphy told the newspaper. "We have seen no evidence that any of our internal systems, including our systems in the Moscow bureau, have been breached or compromised." Earlier on Tuesday, CNN, citing unnamed U.S. officials, reported that the Federal Bureau of Investigation and other U.S. security agencies were investigating cyber breaches targeting reporters at the Times and other U.S. news organizations that were thought to have been carried out by hackers working for Russian intelligence.


Cheating site had inadequate security, privacy officials say

- Tue, 23 Aug 2016 17:36:01 -0400

TORONTO (AP) ? Privacy officials in Canada and Australia have found that cheating website Ashley Madison had inadequate security safeguards and policies despite marketing itself as a discreet and secure service

Russians suspected in hack of New York Times, other U.S. media: CNN

- Tue, 23 Aug 2016 14:52:44 -0400

The sun peaks over the New York Times Building in New YorkThe FBI and other U.S. security agencies are investigating cyber breaches targeting reporters at the New York Times and other U.S. news organizations that are thought to have been carried out by hackers working for Russian intelligence, CNN reported on Tuesday, citing unnamed U.S. officials. "Investigators so far believe that Russian intelligence is likely behind the attacks and that Russian hackers are targeting news organizations as part of a broader series of hacks that also have focused on Democratic Party organizations, the officials said," CNN said. The FBI declined to comment, and representatives for the U.S. Secret Service, which has a role in protecting the country from cyber crime, did not immediately reply to a request for comment.


Ashley Madison parent broke Canada, Australia privacy laws

- Tue, 23 Aug 2016 14:48:48 -0400

A photo illustration shows the privacy policy of the Ashley Madison website seen behind a smartphone running the Ashley Madison app in TorontoThe parent company of infidelity dating website Ashley Madison was responsible for numerous violations of privacy laws at the time of a massive release of customer data in a cyber attack last year, privacy watchdogs in Canada and Australia said on Tuesday. The two countries launched an investigation after the 2015 breach of Avid Life Media Inc's computer network, when hackers exposed the personal details of millions who signed up for the site with the slogan "Life is short. Have an affair." The probe found the Toronto-based company had inadequate safeguards in place, including poor password management and a fabricated security trustmark on the website's home page.


France, Germany press for access to encrypted messages after attacks

- Tue, 23 Aug 2016 12:03:46 -0400

French Interior Minister Bernard Cazeneuve greets his German counterpart Thomas de Maiziere in ParisFrance and Germany want to compel operators of mobile messaging services to provide access to encrypted content to terrorism investigations, after a series of deadly attacks in both countries. French intelligence services, on high alert since attackers killed hundreds of civilians in Paris in November and in Nice in July, are struggling to intercept messages from Islamist militants. Many of the groups now use encrypted messaging services rather than mainstream social media, with Islamic State a big user of such apps, investigators in several countries have said.


Two Model S cars were stolen despite Tesla?s advanced tech

- Mon, 22 Aug 2016 20:00:14 -0400

You?d have thought that nobody can steal your Tesla thanks to its advanced tracking system. Thieves foolish enough to try to get away with it could be easily caught with the help of the on-board GPS. However, that?s not really the case. Tesla cars are incredibly valuable, which means thieves will do whatever it takes to grab one and leave no traces behind. In fact, at least two such thefts have already been reported in Europe. DON?T MISS: This is our first look at one of the two brand new PS4 consoles launching next month Two Tesla owners in Germany discovered that their Tesla Model S cars were stolen, Electrek reports . One of them is a brand new Tesla Model S P90D that was picked up on August 2nd, and another model disappeared on June 11th. Neither car has turned up yet, and it?s not clear how it happened or whether their owners will ever get them back. It?s believed that hackers were able to breach the owners' Tesla accounts and then use iPhone or Android apps to access and drive the cars away. One of the drivers said he still has the keys to the car. They also had to jam the GPS signal on the cars, although it?s not clear how they did it. Last year, a Model S was briefly stolen in Vancouver, but the owner was able to direct the police to the location of the car by using tracking data from his account. It would certainly be interesting to hear how the thieves plan to use these stolen Teslas. Simply painting the cars over and changing their plates won?t suffice. To take advantage of Tesla?s features, you also have to use the car?s software. And we all know Tesla keeps track of what happens with each car, so it might be able to find these stolen vehicles if they ever reconnect to the system. Tesla has yet to comment on the matter, but it?s likely that the company is looking at ways to retrieve the stolen cars, and prevent similar thefts in the future.

Stolen NSA hacking tools reportedly on sale for $8,000

- Mon, 22 Aug 2016 15:04:12 -0400

It's been a rough week for the NSA, to say the least. Last week, a group of hackers collectively known as The Shadow Brokers allegedly stole and released  a treasure trove of NSA hacking tools and exploits. What's more, the group promised to release even more weapons from the NSA's cyber arsenal for the right price. While the initial leak was met with skepticism, researchers and security experts who examined the leak subsequently confirmed that the leaked exploits were very much real. "It definitely looks like a toolkit used by the NSA," French computer researcher Matt Suiche said after taking a look at the code. As if that weren't bad enough, now comes word that The Shadow Brokers may not be the only hackers who hold the keys to the NSA's cache of advanced hacking tools and exploits. DON'T MISS:  Samsung?s best phone yet might have some quality issues that can?t be fixed Late on Sunday night, a hacker with the Twitter handle 1x0123   indicated that he was willing to sell the aforementioned hacking tools for $8,000. https://twitter.com/1x0123/status/767564288160571392 Speaking to Gizmodo , the hacker also said that he'd be willing to provide screenshots to verify his claims for $1,000. Interestingly, 1x0123 didn't come to possess these files by hacking the NSA, but allegedly by stealing them from the Shadow Brokers. It?s unclear how the hacker supposedly stole the hacks and he refused to explain beyond saying ?traded some exploits for access to a private escrow and stole the tar file.? This could mean a variety of things, but it seems like he?s indicating that he tricked the Shadow Brokers, the group that originally claimed to have accessed the NSA tools, and stole the .tar file containing the exploits. Again, we don?t have a way to confirm this is true but this hacker has hacked and sold his exploits in the past. Notably, 1x0123 is not some fly by night Twitter account with no track record to speak of. On the contrary, 1x0123 is a self-identified "underground researcher" who has been behind a number of big name exploits in the past, including a hack of  Fidelity National Information Services. It's also worth noting that famed NSA whistleblower Edward Snowden gave 1x0123 some praise on Twitter just a few months ago. https://twitter.com/Snowden/status/719263028345192449?ref_src=twsrc%5Etfw

Germany to tell people to stockpile food and water in case of attacks: FAS

- Sun, 21 Aug 2016 11:43:18 -0400

Germany is currently on high alert after two Islamist attacks and a shooting rampage by a mentally unstable teenager last month. "The population will be obliged to hold an individual supply of food for ten days," the newspaper quoted the government's "Concept for Civil Defence" - which has been prepared by the Interior Ministry - as saying. A spokesman for the Interior Ministry said the plan would be discussed by the cabinet on Wednesday and presented by the minister that afternoon.

Democrats fear hackers targeted tight Florida races for latest data leaks

- Fri, 19 Aug 2016 18:31:26 -0400

The headquarters of the Democratic National Committee is seen in WashingtonBy Mark Hosenball and Ginger Gibson WASHINGTON (Reuters) - Leading Democrats are growing increasingly worried that the hackers who made public leaked documents this week were trying to sabotage the Democratic candidates in several central Florida congressional races, the first time such leaks have been targeted so directly. Two sources familiar with Democratic Party investigations of recent cyber attacks said documents made public this week by the hacker known as Guccifer2 contained information that could damage Democratic candidates in competitive Florida contests for the U.S. House of Representatives. The documents, hacked from the Democratic Congressional Campaign Committee (DCCC), which raises funds for the party's House candidates, are detailed dossiers describing the Florida candidates' backgrounds, including personal details, as well as political, economic and demographic profiles of the strategic congressional districts.


Ukrainian MP offers more details on alleged payments to Trump campaign chief

- Fri, 19 Aug 2016 07:25:58 -0400

Ukrainian lawmaker Serhiy Leshchenko displays papers from secret ledgers belonging to Party of Regions of former Ukraine's President Viktor Yanukovich during a news conference in KievBy Pavel Polityuk KIEV (Reuters) - A Ukrainian lawmaker on Friday divulged more details of what he said were payments made to Donald Trump's campaign chief in the U.S. presidential race by the political party of the Kremlin-backed former Ukrainian leader Viktor Yanukovich. MP Serhiy Leshchenko said money was allocated for Trump aide Paul Manafort to finance services such as carrying out exit polls at elections, buying computers and conducting research. Manafort has denied allegations - first made in the New York Times on Monday - that he received cash payments worth more than $12 million over five years that were itemized on secret ledgers belonging to Yanukovich's Party of Regions.


Hackers targeted Trump campaign, Republican Party groups: sources

- Thu, 18 Aug 2016 19:05:21 -0400

Republican U.S. presidential nominee Donald Trump holds a campaign rally at the ?Ziegler Building at the Washington County Fair Park & Conference Center in West Bend, WisconsinHackers targeted the computer systems of presidential candidate Donald Trump and Republican Party organizations as well as Democratic Party networks, sources familiar with investigations into the attacks said. At least one Trump staff member?s email account was infected with malware in 2015 and sent malicious emails to colleagues, according to one insider for the Republican candidate's campaign and an outside security expert. In the past month, U.S. security officials have said that starting last year, hackers infiltrated computers of the Democratic National Committee (DNC), the presidential campaign of Hillary Clinton and her party's congressional fundraising committee.


Eddie Bauer says retail store registers hit by malware

- Thu, 18 Aug 2016 18:01:10 -0400

Eddie Bauer says its retail stores' point-of-sale systems were infected with malware earlier this year, possibly giving hackers access to customers' payment card information.

iOS and Android inch closer to owning 100% of the entire smartphone market

- Thu, 18 Aug 2016 18:00:02 -0400

The latest research numbers from Gartner reveal that iOS and Android are inching ever closer towards completely owning 100% of the entire global smartphone market. According to the latest figures, sales of Android and iOS handsets during the recent June quarter accounted for 99.1% of all smartphone sales worldwide. Broken down by platform, Android devices accounted for 86.2% of sales while iPhone sales accounted for 12.9% of sales. DON'T MISS:  The Galaxy Note 7 has a big problem, and it might also affect the iPhone 7 As evidenced by the chart below, sales of Windows and Blackberry devices have effectively been reduced down to mere footnotes. The share of Windows devices, for example, dropped down from an already unimpressive 2.5% during the June 2015 quarter to just 0.6% during the most recent quarter. If we look more closely and divide up marketshare across individual handset manufacturers, it's no surprise that Samsung is still the big name to beat. Indeed, three out of the top five handset manufacturers enjoyed year over year growth during the last quarter, with Apple being a notable exception. That, of course, shouldn't come as too much of a surprise given that Apple over the past two quarters has posted two year-over-year declines in iPhone sales. For some historical context, it's interesting to note that both Samsung and Apple's share of the smartphone market have fallen off over the last few years, primarily due to the emergence of brands like Huawei and Xiaomi. For example, Samsung and Apple's share of the smartphone market in 2013 checked in at 31% and 15.6% respectively.

iOS and Android inch closer to owning 100% of the smartphone market

- Thu, 18 Aug 2016 18:00:02 -0400

The latest research numbers from Gartner reveal that iOS and Android are inching ever closer towards completely owning 100% of the entire global smartphone market. According to the latest figures, sales of Android and iOS handsets during the recent June quarter accounted for 99.1% of all smartphone sales worldwide. Broken down by platform, Android devices accounted for 86.2% of sales while iPhone sales accounted for 12.9% of sales. DON'T MISS:  The Galaxy Note 7 has a big problem, and it might also affect the iPhone 7 As evidenced by the chart below, sales of Windows and Blackberry devices have effectively been reduced down to mere footnotes. The share of Windows devices, for example, dropped down from an already unimpressive 2.5% during the June 2015 quarter to just 0.6% during the most recent quarter. If we look more closely and divide up marketshare across individual handset manufacturers, it's no surprise that Samsung is still the big name to beat. Indeed, three out of the top five handset manufacturers enjoyed year over year growth during the last quarter, with Apple being a notable exception. That, of course, shouldn't come as too much of a surprise given that Apple over the past two quarters has posted two year-over-year declines in iPhone sales. For some historical context, it's interesting to note that both Samsung and Apple's share of the smartphone market have fallen off over the last few years, primarily due to the emergence of brands like Huawei and Xiaomi. For example, Samsung and Apple's share of the smartphone market in 2013 checked in at 31% and 15.6% respectively.