BryonT

January
15
0 likes
0 comments
0 shares

Insight: Thoughts About Ethical Hackers

In recent history the term “Hacker” most often leaves people with the impression of “evil” in their minds. A recent article published by Wired Magazine outlines the public’s view of the hacker and how the name “conjures up images of some basement-dwelling, pimply geek who gets off on trying to hack the Pentagon“, as writer Richard Kastelein humorously states. In the article he reminds us that we have cherished the idea that these individuals do nothing but mess with the computers of “ordinary people” while “making misery of our lives as we battle spam, malware, Trojans and other forms of time-wasting and spending money hand over fist getting things back to normal.” Kastelein shares some important insight that “the idea of hacking…

Read More ›

January
15
0 likes
0 comments
0 shares

GCHQ says British Government Vulnerable to Hacking

Officials from the British Intelligence Agency have recently reported their fears of the government becoming “the biggest free bank in the world for internet criminals“, according to an article published by The Telegraph. The article indicates that the GCHQ – the British Government’s “listening agency” – is seriously concerned with “Ukrainian hackers” and their attacks –  which can “harvest hundreds of customer passwords every day.” The GCHQ feels, according to the article, that the state is “vulnerable to losing tens of millions of pounds” to invading internet criminals since additional government services like “tax collection” are moved to the online space. The article says that there are heightened concerns for the “incoming Universal Credit welfare system” and the “student loan book” since they may…

Read More ›

January
14
0 likes
0 comments
0 shares

Research Finds Mobile Apps Used in DDoS Attacks

Prolexic Technologies, a firm specializing in the protection against Distributed Denial of Service (DDos) attacks, announced in their quarterly report, that “downloadable mobile apps” have been used in attacks against enterprise businesses, according to a recent article published by The Web Host Industry Review website. The article indicates that “digital forensics and attack signature analysis” performed by the firm’s security engineering and response team, PLXsert, reportedly found that “mobile devices participated in a DDoS attack campaign against a client in the global financial services sector.” Stuart Scholly, President of Prolexic Technologies, was quoted in the article to say, “Mobile devices add another layer of complexity.” Scholly continued in the article to say that the “huge number of mobile devices in existence as well as the ease of downloading malware make mobile DDoS…

Read More ›

January
14
0 likes
0 comments
0 shares

Server Upgrade Caused Dropbox Downtime

A recent outage experienced by the file storage and sharing site Dropbox has been blamed on issues with a “planned server maintenance job“, according to articles published by CNet and the Washington Post. The server upgrade script was interrupted by a “glitch in its server upgrade process” or what Dropbox referred to as a “subtle bug“, according to the CNet article. The article indicates that Dropbox “went offline on Friday and continued to suffer problems even after returning to life over the weekend.” Dropbox was able to restore their core services on Sunday 4:40 PM PT , according to CNet, but left many asking for more specific reasons why this outage happened. The company denied reports of an intrusion by a hacker or Distributed Denial of Service (DDoS) attack and…

Read More ›

January
13
0 likes
0 comments
0 shares

Recent Cyber Attack on Retail Hits More than Target

A recent security breach – reported to have been exclusively against retail giant Target – has now been discovered to be a “cyberattack campaign” which affected other retailers as well, according to an article published by Information Week. The article states that this was more than likely a “coordinated” campaign that “breached data from Target, Neiman Marcus, and at least three other retailers.” According to the article, it was reported Friday that a data breach at Neiman Marcus “extended throughout at least part of December” causing the retailer to suffer an “unknown amount of credit and debit card data” theft. According to this report, Neiman Marcus learned in the middle of December 2013 that security systems had been breached. Ginger Reeder, the…

Read More ›

January
13
0 likes
0 comments
0 shares

Researchers Find Water, Gas Utilities Vulnerable to Hacking

Researchers at Positive Technologies, the information security firm, discovered vulnerabilities which could let hackers gain access to specialty utility systems in “many industrial plants” and maliciously “shut off water or electricity supplies“, according to a recent article published by the Telegraph website. The article states that researchers found “flaws in the Supervisory Control and Data Acquisition (SCADA) computer systems” which are in control of “major infrastructure, including energy, oil and gas and transportation“, according to reports. This discovery shows, according to the article, “vulnerabilities in the way that Siemens’ WinCC software encrypts and stores passwords in its project database” leaving attackers to “gain access to Programmable Logic Controllers” which are the primary systems that have control over  “machinery and other processes.” Unfortunately this…

Read More ›

January
09
0 likes
0 comments
0 shares

Experts Say Cyber Crime Top Threat in 2014

According to a recent article published by IT Wire, intelligence gathered by technology industry experts confirms that both “cyber crime and financial crime” will be top priority threats in 2014. BAE Systems Detica, an information intelligence solutions firm, is convinced that “the single biggest issue that will hit organizations in 2014 will be the rise of digital criminality” demanding that the fight to combat against such threats be of major importance, according to the article. Richard Watson, BAE Systems Detica Managing Director, commented in the article that his company sees this increase clearly “as fraud becomes increasingly cyber enabled.” Watson was quoted in the article to say, “That means we’ll see digital-savvy criminals using cyber and fraud techniques simultaneously to carry out far more complex crimes than…

Read More ›

January
09
0 likes
0 comments
0 shares

Internet Pros Pull Out of RSA Security Event

Multiple industry experts have reportedly withdrawn from next month’s highly regarded RSA Conference in San Francisco due to reports of the sponsor’s controversial and deliberate use of “flawed encryption technology“, according to an article published by ABC News. The article states that approximately “eight researchers or policy experts” have pulled out of the conference after the sponsor, RSA Security, reportedly purposefully used this technology in commercially released software to “allow the National Security Agency to spy more easily on computer users.” Claims of “intentionally introducing the flawed encryption algorithm” have been disputed by RSA – and their parent company, EMC Corporation – but they continue to refuse comments about the reported published information describing a “$10 million government contract“, according to the article. As the article…

Read More ›

January
08
0 likes
0 comments
0 shares

Boy Finds Security Weakness, Faces Cybercrime Charges

An Australian teenager faces charges under the country’s cybercrime act after discovering – and reporting – “serious cyber-security weaknesses” within the Public Transport Victoria (PTV) systems, according to a recent article published by The Age website. According to the article, the 16-year-old from Melbourne, Joshua Rogers, “discovered an extensive database containing the personal details of public transport users in Victoria” – a large containment of personal data. The article reports that Rogers – a self-identified ‘‘security researcher’’ – used “a common hacking technique” to gain access to the website, according to cybersecurity experts. After gaining access to the site and seeing the vulnerabilities, Rogers contacted PTV to alert them of this security issue on Thursday, December 26th, but, according to the article, “got no response until…

Read More ›

January
08
0 likes
0 comments
0 shares

Researchers Find Windows Crash Reports Vulnerable to Hackers

Researchers at Websense, a San Diego-based company specializing in computer security software, have reported that the Microsoft’s error and crash reporting system for Windows is “prone to hacking” – allowing attackers to use “unencrypted data” as an opportunity to “refine and pinpoint their attacks“, according to a recent article published by Zee News India. Alex Watson, director of threat research at Websense, was reported in the article to say that the collected information would give the hacker “significant advantage and give them a blueprint of the targeted network.” In the article, Watson explains further by saying that “Microsoft does not encrypt the initial crash reports.” According to the article, these include two types of Microsoft crash prompts:  (1) reports that prompt the user before they’re sent, and (2) reports that do not…

Read More ›