WPA2 Wi-Fi Flaw Revealed, Android & Linux Most Vulnerable

According to researchers, the WPA2 protocol for Wi-Fi connectivity contains a significant weakness that makes it vulnerable to attackers. A hacker within range of connected devices would reportedly be able to exploit this weakness to hijack passwords, emails and other “encrypted” data, or even place ransomware into a website the user is visiting. The research, which has been ongoing for weeks, reveals that the WPA2 core vulnerability could affect operating systems and devices including Android, Linux, OpenBSD, MediaTek, Linksys, macOS and Windows. Continue reading WPA2 Wi-Fi Flaw Revealed, Android & Linux Most Vulnerable

Clicking Flash Update on the Equifax Site Results in Adware

In the wake of May’s Equifax website breach that reportedly involved personal data of 145.5 million U.S. consumers, the credit reporting service’s site was manipulated again this week. On Wednesday, and again on Thursday, fraudulent Adobe Flash updates appeared that infected computers with adware when clicked. Only three of 65 antivirus providers detected the adware. Security analyst Randy Abrams discovered the issue while investigating false information that had appeared on his credit report. Meanwhile. federal legislators have introduced a new cybersecurity bill to help protect consumers. Continue reading Clicking Flash Update on the Equifax Site Results in Adware

Security Update: 3 Billion Yahoo Accounts Hit in 2013 Attack

Yahoo announced yesterday that all 3 billion of its user accounts were affected by a previously disclosed August 2013 cyberattack, originally reported by the company as affecting 1 billion accounts. Yahoo had earlier reported that a separate 2014 attack affected 500 million accounts. Last year we learned that, “digital thieves made off with names, birth dates, phone numbers and passwords of users that were encrypted with security that was easy to crack,” according to The New York Times. “The intruders also obtained the security questions and backup email addresses used to reset lost passwords.” Continue reading Security Update: 3 Billion Yahoo Accounts Hit in 2013 Attack

CCleaner Malware Is Linked to Attack Against 20 Tech Firms

Security companies Morphisec and Cisco reported the extent of the damage caused by a malware attack on security software CCleaner. Experts say that the software, distributed by Czech company Avast, was targeted not simply to disrupt as many computers as possible, but to conduct espionage. Hackers penetrated the software and added a backdoor, ultimately installing malware on more than 700,000 computers. But hackers also sought to find computers among those infected that resided in networks of 20 leading tech firms. Continue reading CCleaner Malware Is Linked to Attack Against 20 Tech Firms

Equifax Breaches Spur Businesses to Prioritize Cybersecurity

Equifax’s two cyber breaches, which exposed about 143 million Americans’ personal information, were the work of hackers who took advantage of a flaw in Apache Struts software. The nonprofit Apache Software Foundation and the U.S. Computer Emergency Readiness Team warned of the bug in early March, but Equifax only alerted its end users on September 7, almost five months later. IT experts say the event highlights the challenges in keeping software current and identifying all potentially vulnerable applications. Continue reading Equifax Breaches Spur Businesses to Prioritize Cybersecurity

Are Cryptocurrencies Next Big Bust or Revolution in Finance?

Jackson Palmer and his once-wildly successful cryptocurrency Dogecoin are a cautionary tale for those bedazzled by Bitcoin. Palmer was an early enthusiast of cryptocurrency, but sought a way to mock the hype around investing huge sums of money in it. He created his own cryptocurrency, Dogecoin, based on an Internet meme of a Shiba Inu dog. Instead of getting the joke, investors brought Dogecoin’s market value to $400 million, before scammers and hackers brought it down, selling fake products and defrauding investors. Continue reading Are Cryptocurrencies Next Big Bust or Revolution in Finance?

Equifax Data Breach, Discovered in July, Impacts 143 Million

Equifax reported that hackers likely gained access to the personal information of about 143 million people in the U.S., making it the second biggest data breach after last year’s two Yahoo hacks, which impacted as many as 1.5 billion customers. The Equifax hack is almost twice as large as the J.P. Morgan Chase & Co. hack three years ago. The damage the hack to Equifax will do is as of yet unknown, but it could be serious, given the immense scope of the attack and the future potential for fraud.   Continue reading Equifax Data Breach, Discovered in July, Impacts 143 Million

Google Ramping Up its Artificial Intelligence Efforts in China

Despite earlier concerns over censorship and a cyberattack traced to Chinese hackers — and the fact that its search engine can only be accessed in the region by using VPNs (due to the government’s filtering system) — Google is reportedly ramping up its presence in China. Its careers web page lists nearly 60 open positions in Beijing and Shanghai. According to The Wall Street Journal, at least four of the engineering positions involve artificial intelligence, “including a technical lead to develop a team to work on natural language processing, data compression and other machine learning technologies.” Continue reading Google Ramping Up its Artificial Intelligence Efforts in China

Ransomware: Hackers Extort $1 Million From One Company

In the largest ransomware payout to date, South Korean web provider Nayana has agreed to pay $1 million to hackers who originally demanded 550 Bitcoins, about $1.62 million. Following negotiations, Nayana has agreed to pay $1 million in three installments. The ransomware, identified as Erebus by cybersecurity firm Trend Micro, impacted 153 Linux servers and more than 3,400 websites hosted by Nayana. “This is the single largest-known payout for a ransomware attack, and it was an attack on one company,” reports CNET. “For comparison, the WannaCry ransomware attacked 200,000 computers across 150 countries, and has only pooled $127,142 in Bitcoins since it surfaced.” Continue reading Ransomware: Hackers Extort $1 Million From One Company

Bitcoin Market Trending Upwards, But Ethereum On the Rise

The Bitcoin market, almost a decade old, is now skyrocketing in value. Behind Bitcoin’s rising price are investments by Japanese investors and a heightened perception of global perils. Over the weekend, according to the website CoinDesk, the price of Bitcoin reacted to a sudden spell of speculative investment, trading above $2,200 on Monday, which represents more than 15 percent from the closing price of $1,913 on Friday. Bitcoin is up 397 percent from a year ago and 130 percent this year. Continue reading Bitcoin Market Trending Upwards, But Ethereum On the Rise

Advice on Keeping Smaller Businesses Safe From Cybercrime

The threat of ransomware and malware are growing. The “WannaCry” attack impacted at least 200,000 computers in 150 countries before peaking last week. Adylkuzz is another piece of malware currently threatening computers around the world. As computers become increasingly connected, so opportunities for cybercrime expand, say the experts. Part of the problem is that the Internet wasn’t designed with cybersecurity protections, and criminals are attracted to cybercrimes for the relatively easy profits they can make. Continue reading Advice on Keeping Smaller Businesses Safe From Cybercrime

Extortion Hacking On the Rise, But Does Not Always Pay Off

Cyberattacks are on the rise, with major corporations, media companies, the healthcare industry and even the federal government becoming targets of hacking. Recent incidents involved media content as hackers threatened early releases of movies and streaming series if the property owners failed to pay ransoms. Hackers called the Shadow Brokers told the NSA they would release secret espionage tools unless the agency pays up. Security experts suggest that this type of extortion has had mixed results thus far. Continue reading Extortion Hacking On the Rise, But Does Not Always Pay Off

Google Docs Users Targeted in Widespread Phishing Attack

A major phishing attack mimicking cloud-based Google Docs software spread across news organizations and other companies yesterday. Gmail users have been reporting massive numbers of fraudulent emails that masquerade as a message from Google Docs. The emails appear as an invitation to join a Google Doc and often claim to be sent by an individual in the user’s address book. However, clicking on the embedded link directs recipients to grant access to a Google Docs app that is actually a program that sends spam to addresses in the recipient’s email. Continue reading Google Docs Users Targeted in Widespread Phishing Attack

Hacker Releases Original Netflix Content, Threatens Networks

A hacker group that goes by the name “TheDarkOverlord” has reportedly stolen episodes from a number of television shows. Over the weekend, 10 episodes from the upcoming fifth season of “Orange Is the New Black” was shared after Netflix did not meet ransom requests. The hackers may have access to up to three dozen series from networks including ABC, CBS, Fox, FX, IFC, NatGeo and NBC. It provided a list of TV series and a few movies to cybersecurity blog DataBreaches.net, claiming that the content was stolen from audio post-production facility Larson Studios. Continue reading Hacker Releases Original Netflix Content, Threatens Networks

NAB 2017: SMPTE Future of Digital Cinema Looks at Security

At a SMPTE symposium on the Future of Digital Cinema, speakers addressed the “unknown” cyber threats to movie security. SMPTE vice president of education Richard Welsh, cofounder/vice president of Sundog Media Toolkit, identified threats beyond “the kid with a camcorder.” The audience also heard from Emile Monette, a government cybersecurity senior advisor and Ted Harrington of ISE (Independent Security Evaluators). The general consensus is that many companies fail to understand the way hackers work, leaving their content vulnerable. Continue reading NAB 2017: SMPTE Future of Digital Cinema Looks at Security