86437733
submission
itwbennett writes:
After Yahoo raised eyebrows in the security community with its claim that state-sponsored hackers were responsible for the history-making breach, security firm InfoArmor now says it has evidence to the contrary. InfoArmor claims to have acquired some of the stolen information as part of its investigation into 'Group E,' a team of five professional hackers-for-hire believed to be from Eastern Europe. The database that InfoArmor has contains only 'millions' of accounts, but it includes the users' login IDs, hashed passwords, mobile phone numbers and zip codes, said Andrew Komarov, InfoArmor's chief intelligence officer. Earlier this week, Chase Cunningham, director of cyber operations at security provider A10 Networks called Yahoo's claim of state-sponsored actors a convenient, if trumped up, excuse: 'If I want to cover my rear end and make it seem like I have plausible deniability, I would say 'nation-state actor' in a heartbeat.'
85112267
submission
itwbennett writes:
Microsoft's recent victory in court, when it was ruled that the physical location of company's servers in Ireland were out of reach of the U.S. Government, was described on Slashdot as being "perceived as a major victory for privacy." But J. Trevor Hughes, president and CEO of the International Association of Privacy Professionals (IAPP) has a different view of the implications of the ruling that speaks to John Perry Barlow's vision of an independent cyberspace:By recognizing the jurisdictional boundaries of Ireland, it is possible that the Second Circuit Court created an incentive for other jurisdictions to require data to be held within their national boundaries. We have seen similar laws emerge in Russia – they fall under a policy trend towards 'data localization' that has many cloud service and global organizations deeply concerned. Which leads to a tough question: what happens if every country tries to assert jurisdictional control over the web? Might we end up with a fractured web, a 'splinternet', of lessening utility?
Link to Original Source
84493235
submission
itwbennett writes:
It was first reported in April that New Jersey had been using audio surveillance on some of its light rail lines, raising questions of privacy. This week, New Jersey Transit ended the program following revelations that the agency 'didn’t have policies governing storage and who had access to data,' writes Taylor Armerding. But New Jersey isn't the only state where you now have even more reason to want to ride in the quiet car. 'The Baltimore Sun reported in March that the Maryland Transit Administration (MTA) has used audio recording on some of its mass transit vehicles since 2012. It is now used on 65 percent of buses, and 82 percent of subway trains have audio recording capability, but don’t use it yet, according to the Sun,' says Armerding. 'And cities in New Hampshire, Connecticut, Michigan, Ohio, Nevada, Oregon and California have either installed systems or moved to procure them, in many cases with funding from the federal Department of Homeland Security (DHS).'
84424849
submission
itwbennett writes:
Blancco Technology Group, which specializes in data erasure, bought 200 secondhand PC storage drives from eBay and Craigslist to see if they could recover any of the old data saved inside. Their findings: 78 percent of the drives contained residual data that could be recovered, 67 percent still held personal files, such as photos with location indicators, resumes and financial data, and 11 percent of the drives also contained company data, such as emails, spreadsheets and customer information. Only 10 percent had all the data securely wiped, Blancco said.
84286837
submission
itwbennett writes:
Researchers from Cisco Systems' Talos group have found three memory corruption errors in the widely used open-source library libarchive that can result in arbitrary code execution and can be exploited by passing specially crafted files to applications that contain the vulnerable code. 'The library is used by file and package managers included in many Linux and BSD systems, as well as by components and tools in OS X and Chrome OS,' writes Lucian Constantin. 'Developers can also include the library's code in their own projects, so it's hard to know how many other applications or firmware packages contain it.' So, while the libarchive maintainers have released patches for the flaws, it will likely take a long time for them to trickle down through all the affected projects.
84235955
submission
itwbennett writes:
A person nicknamed AppleJ4ck, who has been previously been linked to Lizard Squad, a group notorious for DDoS attacks against gaming platforms, including the PlayStation Network and Xbox Live, has taken credit for server outages affecting gaming giant Blizzard Monday morning. The outages led to authentication lockouts for gamers attempting to access Overwatch, Hearth Stone, World of Warcraft, Diablo, Heroes of the Stone, and others. During the outage, AppleJ4ck said Monday's problems were just a test, promising more outages in the future.
83415915
submission
itwbennett writes:
Researchers at BAE Systems have found a long chain of coding coincidences linking attempted fraud over the SWIFT network to the 2014 Sony Pictures hack. "The overlaps between these samples provide strong links for the same coder being behind the recent bank heist cases and a wider known campaign stretching back almost a decade," the researchers concluded. But it's still anybody's guess who's behind all these attacks: in Bangladesh, government officials are pointing the finger at SWIFT technicians who worked on the central bank's network last year, while the FBI says that attack was an inside job — but blames the North Koreans for the Sony hack.
83260411
submission
itwbennett writes:
Lenovo has fixed a vulnerability in its Lenovo Solution Center support tool, which comes pre-installed on many Lenovo laptops and desktops. The vulnerability could allow attackers to execute code with system privileges and take over computers. Users should automatically be prompted to update LSC when they open the application, but in case they don't, they should download the latest version (3.3.002) manually from Lenovo's website. This is not the first time such a vulnerability was found and fixed in LSC. In fact, Lenovo updated an old advisory for flaws reported in December with information about the new vulnerability, making it somewhat hard to spot.
82742511
submission
itwbennett writes:
An optional Windows patch released Tuesday protects against an attack, dubbed MouseJack, that affects wireless mice and keyboards from many manufacturers, including Microsoft and allows attackers to spoof a wireless mouse from up to 100 meters away and send rogue keystrokes instead of clicks to a computer. According to a Microsoft security advisory, the devices affected by this attack are: Sculpt Ergonomic mouse, Sculpt Mobile Mouse, Wireless Mobile Mouse 3000 v2.0, Wireless Mobile Mouse 3500, Wireless Mobile Mouse 4000, Wireless Mouse 1000, Wireless Mouse 2000, Wireless Mouse 5000 and Arc Touch Mouse. But Marc Newlin, one of the researchers who developed the attack said on Twitter that the patch doesn't go far enough and 'injection still works against MS Sculpt Ergonomic Mouse and non-MS mice.'
82696375
submission
itwbennett writes:
According to a new report by Symantec, 54 zero-day vulnerabilities were discovered in 2015, more than twice as many as in 2014, and the number of breaches of more than 10 million records also hit a record high. Driving this is a new professionalism in the market. 'People figured out that they could make money by finding zero-day vulnerabilities and selling them to attackers,' said Kevin Haley, director of security response at Symantec. 'So there became a marketplace, and these things started to have value, and people started to hunt for them.' At the same time, 2015 saw another disturbing trend: The number of companies choosing not to report the number of records they have lost rose by 85 percent (from 61 in 2014 to 113 in 2015). 'More and more companies aren't actually revealing what was breached,' said Haley. 'They will say attackers came and stole from us, but not saying how many records were lost.'
82302283
submission
itwbennett writes:
A Trojan program, dubbed USB Thief by researchers at antivirus firm ESET, infects USB drives that contain portable installations of popular applications like Firefox, NotePad++ or TrueCrypt, and seems to be designed to steal information from so-called air-gapped computers that are not connected to the Internet. 'In the case we analyzed, it was configured to steal all data files such as images or documents, the whole windows registry tree (HKCU), file lists from all of the drives, and information gathered using an imported open-source application called 'WinAudit',' the ESET researchers said in a blog post. The stolen data was saved back to the USB drive and was encrypted using elliptic curve cryptography. Once the USB drive was removed, there was no evidence left on the computer, the ESET researchers said.
82152171
submission
itwbennett writes:
CSO Online's Steve Ragan reports that dozens of Russian banks were targeted this week by meticulous attackers who formatted a 'Word document was formatted to look like a legitimate FinCERT bulletin – suggesting that the attackers took their time to learn proper protocol and standards. A remarkable feat, considering FinCERT notifications are usually not for public consumption,' says Ragan. The attackers also were reportedly particular about their messages and to whom they were addressed. They even timed the email campaign to coincide with the lunch rush, presumably thinking that workers hurrying to get out of the office would be less cautious. Their only misstep, in the form of a grammatical error, came the next day when they sent the message out to hundreds more banks
81982441
submission
itwbennett writes:
Sky News reports that it was handed a USB stick with 'tens of thousands of documents' detailing phone numbers and family contacts of Islamic State members by 'a disillusioned convert' to Islamic State. 'One of the files marked 'Martyrs' detailed a brigade manned entirely by fighters who wanted to carry out suicide attacks and were trained to do so,' according to Sky News. CSO Online's Steve Ragan had a little fun at ISIS' expense and worked up a data breach notification that ISIS HR is free to use should they so choose.
81912069
submission
itwbennett writes:
In remedy for the 2014 data breach that included the theft of data pertaining to about 56 million payment cards, as well as 53 million email addresses, Home Depot has reportedly agreed to pay $13 million to reimburse customers for their losses and $6.5 million to provide them with 18 months of identity protection services. And while the company was not required to admit wrongdoing, it has agreed to hire a chief information security officer.
81850835
submission
itwbennett writes:
You can add Seagate to the growing list (now up to 7) of companies hit by malware seeking W2 data on employees. As reported on Slashdot, Snapchat disclosed the last weekend of February that someone had posed as the company's CEO and received payroll data on 700 employees. The other companies hit by similar phishing scams so far are Central Concrete Supply Co., Mercy Housing Inc., Magnolia Health Corporation, BrightView, and Polycom. Seagate learned of the incident on March 1, and the story was broken by Brian Krebs after a former employee received a notice and reached out to him.
