In an interesting chain of events, Indian hackers launched a massive counter attack on Pakistani websites, after a hacker group from across the ...
Friday, October 9, 2015
Where Do Major Tech Companies Stand on Encryption?
Where Do Major Tech Companies Stand on Encryption?
In an era of ubiquitous malicious hacking and sensitive personal information data breaches, it's time for President Obama to listen to Internet ...
In an era of ubiquitous malicious hacking and sensitive personal information data breaches, it's time for President Obama to listen to Internet ...
Wednesday, September 9, 2015
UPS Now The Third Company In A Week To Disclose Data Breach
Credit and debit card information belonging to customers who did business at 51 UPS Store Inc. locations in 24 states this year may have been compromised as the result of an intrusion into the company's networks.
The complete listings: Computerworld's 100 Best Places to Work in IT for 2015
A compact list of the 56 large, 18 midsize and 26 small organizations that ranked as Computerworld's READ NOW
In a statement Wednesday, UPS said it was recently notified by law enforcement officials about a "broad-based malware intrusion" of its systems.
A subsequent investigation by an IT security firm showed that attackers had installed previously unknown malware on systems in more than four-dozen stores to gain access to cardholder data. The affected stores represent about 1% of the 4,470 UPS Store locations around the country.
The intrusion may have exposed data on transactions conducted at the stores between Jan. 20 and Aug. 11, 2014. "For most locations, the period of exposure to this malware began after March 26, 2014," UPS said in a statement.
Reference:
The complete listings: Computerworld's 100 Best Places to Work in IT for 2015
A compact list of the 56 large, 18 midsize and 26 small organizations that ranked as Computerworld's READ NOW
In a statement Wednesday, UPS said it was recently notified by law enforcement officials about a "broad-based malware intrusion" of its systems.
A subsequent investigation by an IT security firm showed that attackers had installed previously unknown malware on systems in more than four-dozen stores to gain access to cardholder data. The affected stores represent about 1% of the 4,470 UPS Store locations around the country.
The intrusion may have exposed data on transactions conducted at the stores between Jan. 20 and Aug. 11, 2014. "For most locations, the period of exposure to this malware began after March 26, 2014," UPS said in a statement.
Reference:
Chrysler Recalls 1.4 Million Vehicles After Jeep Hacking Demo
Today, Fiat Chrysler recalled 1.4 million vehicles possibly affected by a vulnerability in the UConnect infotainment system that could allow attackers to hijack the vehicle's steering and braking. Car hacking researchers Chris Valasek and Charlie Miller demonstrated proof of concept in striking fashion, when they wirelessly took control of a 2014 Jeep Cherokee driven by Wiredreporter Andy Greenberg and brought it from 70 mph to a screeching halt.
The National Highway Traffic Safety Administration (NHTSA) is launching an investigation to determine the effectiveness of Fiat Chrysler's recall.
As Dark Reading's Kelly Jackson Higgins wrote yesterday in an interview with Valasek:
Miller and Valasek were able to control a 2014 Jeep Cherokee's steering, braking, high beams, turn signals, windshield wipers and fluid, and door locks, as well as reset the speedometer and tachometer, kill the engine, and disengage the transmission so the accelerator pedal failed.
The National Highway Traffic Safety Administration (NHTSA) is launching an investigation to determine the effectiveness of Fiat Chrysler's recall.
As Dark Reading's Kelly Jackson Higgins wrote yesterday in an interview with Valasek:
Miller and Valasek were able to control a 2014 Jeep Cherokee's steering, braking, high beams, turn signals, windshield wipers and fluid, and door locks, as well as reset the speedometer and tachometer, kill the engine, and disengage the transmission so the accelerator pedal failed.
Thursday, May 7, 2015
Kicking The Stool Out From Under The Cybercrime Economy
CSO Online had the opportunity to chat with Shape Security's senior threat researcher, Wade Williamson, at this year's Black Hat conference, and he offered a brief background of these types of popular malware platforms before putting the threat landscape into perspective.
Google Report Unmasks Ad Injection Economy
"Our results reveal that ad injection has entrenched itself as a cross-browser monetization platform that impacts tens of millions of users around the globe," according to a report from Google and a team of researchers that will be presented at the IEEE Symposium on Security and Privacy later this month. "Our client-side telemetry finds that 5.5% of unique daily IP addresses visiting Google properties have at least one ad injector installed. The most popular, superfish.com, injects ads into more than 16,000 websites and grossed over $35 million in 2013 according to financial reports."
UPS Now The Third Company In A Week To Disclose Data Breach
Credit and debit card information belonging to customers who did business at 51 UPS Store Inc. locations in 24 states this year may have been compromised as the result of an intrusion into the company's networks.
In a statement Wednesday, UPS said it was recently notified by law enforcement officials about a "broad-based malware intrusion" of its systems.
A subsequent investigation by an IT security firm showed that attackers had installed previously unknown malware on systems in more than four-dozen stores to gain access to cardholder data. The affected stores represent about 1% of the 4,470 UPS Store locations around the country.
In a statement Wednesday, UPS said it was recently notified by law enforcement officials about a "broad-based malware intrusion" of its systems.
A subsequent investigation by an IT security firm showed that attackers had installed previously unknown malware on systems in more than four-dozen stores to gain access to cardholder data. The affected stores represent about 1% of the 4,470 UPS Store locations around the country.
5 Ways Schools Can Upgrade Cyber Security
May 06, 2015 Added by:Paul Lipman
Today’s cyber criminals are more aggressive than ever before in their quest to achieve financial gains through hacking. With that being said, it should come as no surprise that our nation's schools are a prime target for such attacks. In this article, iSheriff CEO Paul Lipman highlights the five actions that can be taken to upgrade cyber security practices.
There are five actions that can be taken to move you toward the ideal. These include:
- Establish a policy and technology to allow BYOD
- Upgrade the web filter
- Protect owned devices while off the network
- Anti-malware protection does still matter
- Integrate and move your security to the cloud
Wednesday, January 7, 2015
Monday, June 2, 2014
'Oleg Pliss' Hack Makes for A Perfect Teachable IT Moment
Computerworld - Earlier this week, a number of iOS device owners woke up to discover that someone had locked them out of the iPhones, iPads, and iPod touches. The attack, primarily aimed at users in Australia and New Zealand (though there are now reports of users in North America and other countries being hit), demanded a ransom be paid to unlock each device. Ironically, the PayPal account referenced in the demand did not seem to even exist.
The "Oleg Pliss" hack, if you can call it one, wasn't particularly sophisticated. The party behind it -- most likely relied on information like user IDs (including email addresses used as usernames) collected by attacks on non-Apple websites like the recent breach that compromised eBay user accounts. Since a lot of people reuse user IDs, passwords and account security questions, all the hacker(s) needed to do was use that information to log into iCloud and use the Find My iPhone/iPad/iPod feature to lock the device and display a message on it. (The feature is typically used to locate a lost or stolen iOS device.)
Read more...
The "Oleg Pliss" hack, if you can call it one, wasn't particularly sophisticated. The party behind it -- most likely relied on information like user IDs (including email addresses used as usernames) collected by attacks on non-Apple websites like the recent breach that compromised eBay user accounts. Since a lot of people reuse user IDs, passwords and account security questions, all the hacker(s) needed to do was use that information to log into iCloud and use the Find My iPhone/iPad/iPod feature to lock the device and display a message on it. (The feature is typically used to locate a lost or stolen iOS device.)
Read more...
Subscribe to:
Posts (Atom)