|
470 million sites exist for 24 hours, 22% are malicious http://www.net-security.org/secworld.php?id=17297 Excerpt: “Blue Coat researchers analyzed more than 660 million unique hostnames requested by 75 million global users over a 90-day period. They found that 71 percent of the hostnames, or 470 million, were “One Day Wonders,†sites that appeared only for a single day.†The synergy of hackers and tools at the Black Hat Arsenal Mirko Zorz http://www.net-security.org/secworld.php?id=17300 Excerpt: “Black Hat USA 2014 recently welcomed more than 9,000 of the most renowned security experts – from the brightest in academia to world-class researchers and leaders in the public and private sectors.† 50 confirmed, possibly more Norwegian oil companies hacked Zeljka Zorz http://www.net-security.org/secworld.php?id=17301 Excerpt: “50 Norwegian oil and energy companies have been hacked, and 250 more have been warned to check their networks and systems for evidence of a breach, The Local reports.† California phone kill-switch law could lead to abuse Zeljka Zorz http://www.net-security.org/secworld.php?id=17303 Excerpt: “On Monday, California Governor Jerry Brown signed into law a bill (SB 962) that will require any smartphone sold in the state after July 1, 2015, to include a software or hardware (or both) "kill switch" that "can render inoperable the essential features of the smartphone to an unauthorized user", i.e. anyone who is not the rightful owner of the device.†Cellphone surveillance systems can track almost anybody Zeljka Zorz http://www.net-security.org/secworld.php?id=17296 Excerpt: “The surveillance tech industry is booming, and we should be worried about it. Poorly regulated and exceedingly secretive, the companies that create surveillance solutions for law enforcement and intelligence agencies may say that they are vetting its customers carefully, but the depressing reality is that their tools can easily find their way into the hands of repressive regimes.†NSA's metadata search engine used by US, foreign agencies Zeljka Zorz http://www.net-security.org/secworld.php?id=17295 Excerpt: “The NSA has secretly built a “Google-like†search engine to be used by various US government agencies and intelligence agencies of the Five Eyes countries to sift through phone call, email, and Internet chat metadata, as well as cellphone locations collected and stored in a number of different databases.†Hundreds of police investigated over social media misuse http://www.theweek.co.uk/uk-news/60022/hundreds-of-police-investigated-over-social-media-misuse Excerpt: “More than 800 police workers have been investigated for breaching police guidelines on social media in the last five years. Of the 828 cases in England and Wales, from January 2009 to February this year, nine per cent ended in resignation, dismissal or retirement, according to research by the Press Association.†2.1 Million Stolen Credit Card Numbers Found on Seleznev’s Laptop, Bail Denied Ionut Ilascu Excerpt: “During a bail hearing on Friday for Roman Valerevich Seleznev, prosecutors revealed that a laptop computer containing 2.1 million stolen credit card numbers was seized from the defendant.†Why you’re not as secure as you think you are Larry Bridwell http://www.net-security.org/article.php?id=2104 Excerpt: “There are 2.4 billion Internet users in the world today. Many of these users, in good faith, leave their personal online security up to their service providers. Sadly, time and time again, we see these companies fail to effectively protect sensitive customer data.†Identity theft vendor sentenced to 100 months in prison http://www.net-security.org/secworld.php?id=17288 Excerpt: “A northern California man who served as an information and document vendor in the identity theft and credit card fraud ring known as Carder.su was sentenced yesterday to serve 100 months in federal prison. He was further ordered to pay approximately $50.5 million in restitution. Securing networks in the Internet of Things era Cricket Liu http://www.net-security.org/article.php?id=2105 Excerpt: “We all know that the Internet of Things (IoT) is coming, and it’s going to change everything. Its sheer scale alone is almost mind-boggling: Gartner reckons that the number of connected devices will hit 26 billion by 2020, almost 30 times the number of devices connected to the IoT in 2009. This estimate doesn’t even include connected PCs, tablets and smartphones.†Personal info of 4.5 million patients stolen in US hospital group breach Zeljka Zorz http://www.net-security.org/secworld.php?id=17269 Excerpt: “Community Health Systems, a major group that operates 206 hospitals throughout the US, has suffered a massive data breach: personal information of some 4.5 million patients has been stolen from their systems.† The most wanted man in the world James Bamford http://www.wired.com/2014/08/edward-snowden/ Excerpt: “The Message Arrives on my “clean machine,†a MacBook Air loaded only with a sophisticated encryption package. “Change in plans,†my contact says.† Data breaches and high-risk vulnerabilities continue to dominate  http://www.net-security.org/secworld.php?id=17248 Excerpt: “Cyber threats, data breaches and high-risk vulnerabilities have continued to dominate the first half of 2014. The severity of these attacks intensified against financial and banking institutions as well as retail outlets, according to Trend Micro."  86% of hackers don't worry about repercussions  http://www.net-security.org/secworld.php?id=17257 Excerpt: “Thycotic announced the results of a survey of 127 self-identified hackers at Black Hat USA 2014. The survey found that 86% of hackers are confident they will never face repercussions for their activities. In a double-edged sword conundrum, 88% of respondents also believe their own personally identifiable information (PII) is at risk of online theft.† Millions Of PCs Affected By Mysterious Computrace Backdoor  Brian Donohue https://threatpost.com/millions-of-pcs-affected-by-mysterious-computrace-backdoor-2/107700 Excerpt: “Nearly every PC has an anti-theft product called Computrace embedded in its BIOS PCI Optional ROM or its unified extensible firmware interface (UEFI). Computrace is a legitimate, trusted application developed by Absolute Software. However, it often runs without user-consent, persistently activates itself at system boot, and can be exploited to perform various attacks and to take complete control of an affected machine.† Iran's Internet Users Outsmart Government in Cat-and-Mouse Censorship Game  Mahsa Alimardani Excerpt: “Tor, a popular online anonymity tool used by many Iranians to bypass Internet censorship, was blocked from late July until the beginning of August. The block prevented 75 percent of the network's estimated 40,000 daily users in Iran from connecting to Tor.† Russian PM's Twitter hacked, posting 'I resign'  Joe Miller http://www.bbc.com/news/technology-28786683 Excerpt: “The Twitter account of Russia's prime minister was hacked on Thursday. The infiltrators posted a message saying Dmitry Medvedev had resigned. The Russian-language feed, which has more than 2.5 million followers, was also filled with tweets denouncing the country's president, Vladimir Putin.† Young Hacker Charged with Financial Crimes in Prepaid Card Scheme  Chris Stobing http://vpncreative.net/2014/08/02/young-hacker-charged-financial-crimes-prepaid-scheme/ Excerpt: “When Muneeb Akhter first graduated from George Mason University at age 19 with a Master’s degree in computer engineering, behind bars was probably the last place he thought he would end up.† Snowden allowed to stay in Russia for three more years  Zejlka Zorz http://www.net-security.org/secworld.php?id=17222 Excerpt: “NSA whistleblower Edward Snowden has been permitted to stay in Russia for another three years, and is free to travel within the country and abroad, Russia Today reports."  US govt is after another secret document leaker  Zejlka Zorz http://www.net-security.org/secworld.php?id=17214 Excerpt: “It seems that there is a leaker following in the footsteps of Edward Snowden, and US government officials are trying to discover his or her identity, as they confirmed for the CNN on Tuesday.'  China bans Symantec, Kaspersky software from govt systems  Zejlka Zorz http://www.net-security.org/secworld.php?id=17202 Excerpt: “Symantec and Kaspersky Lab have become the latest victims of Chinese government's procurement agency's axe as the two firms have been dropped from the approved list of security software suppliers, reports People's Daily Online."  Poweliks malware creates no files, lays low in the registry  Zejlka Zorz http://www.net-security.org/malware_news.php?id=2828 Excerpt: “For most malware, performing their malicious task(s) is the primary goal, and a close second is to stay unnoticed on the system for as long as possible. As developers of security software constantly improve detection methods, malware creators are always trying to keep one step ahead of their efforts.† Chinese TV channel hacked while on air  Chandni Sembhi http://www.scmagazineuk.com/chinese-tv-channel-hacked-while-on-air/article/364439/ Excerpt: “Hacktivists in China put anti-government messages up over broadcast programmes while Wenzhou TV station was on air.† UK cyber security body warns of IT security flaws and risks posed by malware  Excerpt: “Weak passwords and unpatched software is enabling hackers to use organisations' own servers as the hosts of cyber attacks, the UK's National Computer Emergency Response Team (CERT-UK) said.† Russian crime ring amasses over a Billion credentials  Pierluigi Paganini http://securityaffairs.co/wordpress/27378/cyber-crime/1-billion-stolen-credentials.html Excerpt: “Experts at Hold Security firm discovered a Russian group of hackers that collected 1.2B stolen credentials obtained in different data breaches worldwide.† Israel-Hamas conflict sparks surge in DDoS attacks  Charlie Osborne http://www.zdnet.com/israel-hamas-conflict-sparks-surge-in-ddos-attacks-7000032375/ Excerpt: “As conflict between Israel and the Palestinian militant Islamist organisation Hamas escalates, new research has revealed the impact politics has had on cyberattack trends.†|
Â