background preloader


Facebook Twitter

Wave of cybersecurity breaches is no surprise to expert exposing online crime. Brian Krebs does not use heroin, but sometimes people send it to him anyway.

Wave of cybersecurity breaches is no surprise to expert exposing online crime

The 43-year-old Alabama native writes Krebs on Security, a one-man operation focused on digital crime. His encyclopedic knowledge of the subject and his network of contacts has made his blog essential reading for anyone interested in cybercrime and a coveted lecturer at some of the biggest companies in the world. It has also made him some dangerous enemies – hence the heroin, meant as a sinister, silencing message. Looking back on a year in which Russian cyber-spies have been accused of meddling in the US election, Yahoo announced that 1bn email accounts were compromised and hackers used internet-connected devices including baby monitors, webcams and thermostats, to take down some of the world’s biggest websites, what surprise Krebs the most is that people are surprised at all. The problem is cybercrime is easy, Krebs says. The Data Breach Landscape in 2017. Experian Data Breach Resolution released its fourth annual Data Breach Industry Forecast white paper to highlight the risk landscape in 2017.

The Data Breach Landscape in 2017

The industry predictions in the report are rooted in Experian’s history helping companies navigate more than 17,000 breaches over the last decade and almost 4,000 breaches in 2016 alone. The anticipated issues include nation-state cyberattacks possibly moving from espionage to full-scale cyber conflicts and new attacks targeting the healthcare industry. TalkTalk's wi-fi hack advice is 'astonishing' Image copyright Getty Images TalkTalk's handling of a wi-fi password breach is being criticised by several cyber-security experts.

TalkTalk's wi-fi hack advice is 'astonishing'

The BBC has presented the company with evidence that many of its customers' router credentials have been hacked, putting them at risk of data theft. The UK broadband provider confirmed that the sample of stolen router IDs it had been shown was real. But it is still advising users that there is "no need" to change their routers' settings. A cyber-security advisor to Europol said he was astounded by the decision. Latest Technology Security News. Axiom Cyber Intelligence are leaders in Cyber Security and they have put together a short film in the hope of reducing confusion and increasing awareness.

Latest Technology Security News

Cyber security, Computer security, information security or IT security all mean the same thing which is the protection of information systems from theft or damage to the hardware, the software, and to the information on them. recent events. ThyssenKrupp hit by hackers and trade secrets stolen in massive data breach. ThyssenKrupp, one of the largest global steel manufacturers, has confirmed that it was hit by hackers and that sensitive trade secrets have been stolen as part of a "massive" cyberattack.

ThyssenKrupp hit by hackers and trade secrets stolen in massive data breach

The data breach, which was uncovered by the firm's internal security department in April, involved hackers making away with project data from ThyssenKrupp's plant engineering division and possibly other areas, according to reports. "ThyssenKrupp has become the target of a massive cyber attack," the industrial conglomerate said in a statement, Reuters reported. BlackBerry unveils new platform for cyber security threats. BlackBerry Ltd. has unveiled a device management software platform it calls a safeguard against cyber security threats in a mobile and hyper-connected corporate environment.

BlackBerry unveils new platform for cyber security threats

IBM to use AI to help banks with cybersecurity. BI Intelligence DisclaimerMore US4592001014 on Markets Insider » This story was delivered to BI Intelligence "Fintech Briefing" subscribers.

IBM to use AI to help banks with cybersecurity

To learn more and subscribe, please click here. IBM launched its IBM Watson for Cyber Security program in beta on Tuesday, and announced that it already has 40 clients signed up, including global leaders in the banking and insurance industries. Companies like Sun Financial and Sumitomo Mitsui Banking Corporation will test the ability of Watson — IBM's artificial intelligence (AI) — to identify and fight cyberattacks.

Forbes Welcome. Massive Malvertising Campaign Hits MSN, Yahoo. Anti-Malware , Technology Analyst: 'One of the Most Advanced Malvertising Attacks that I've Ever Witnessed' Jeremy Kirk (jeremy_kirk) • December 8, 2016 0 Comments A massive malicious advertising campaign has resurfaced on major publishing websites, including Yahoo and MSN, just a few months after researchers thought they'd nipped it in the bud.

Massive Malvertising Campaign Hits MSN, Yahoo

Forbes Welcome. The Department of Defense Is about to Enhance Its Deep Web Search Engine. Hacker Holiday Havoc. It’s that time of year again...when consumers, retailers and manufacturers need to understand and be alert to the latest cyber attacks that threaten to dampen the spirit and excitement of the holidays.

Hacker Holiday Havoc

This year we’re seeing two twists on some tried and true tactics that are cause for concern among the online gaming industry and retailers. Gaming industry and DDoS The use of botnets comprised of compromised IoT devices (cameras, DVRs, routers or other internet-connected hardware) is not a new development. But the recently discovered Mirai malware involved in attacks that targeted Krebs on Security, the French Internet Service Provider OVH, DynDNS and a mobile telecommunications provider in Liberia, have been some of the largest distributed denial of service (DDoS) attacks measured to date.

Carbanak Gang: Global hospitality industry hit by hackers with highly sophisticated stealth malware. The infamous Carbanak Gang has resurfaced with renewed vigour.

Carbanak Gang: Global hospitality industry hit by hackers with highly sophisticated stealth malware

The cybergang, which first made headlines after pulling off a billion dollar cyberheist in 2015, is now going after the global hospitality industry. Security researchers have uncovered a new active and ongoing campaign, which is aimed at harvesting credit card and other personal and sensitive data of customers of the hospitality industry across the globe. Security firm TrustWave's global director of incident response, Brian Hussey told IBTimes UK that the Carbanak Gang is using a new, customised variant of its original malware to conduct cyberattacks.

Uk.businessinsider. Hacker claims army of 3.2M home routers seized via malicious firmware update. After apologizing for accidentally knocking TalkTalk and Post Office internet subscribers offline, a hacker by the name of BestBuy claims to have now intentionally pushed a malicious firmware update to 3.2 million home routers using a modified Mirai-powered botnet. BestBuy told Vice's Motherboard that they set up a server that would automatically connect to vulnerable routers and push a malicious firmware update to them grant him persistent access and the ability to lock out owners as well as internet providers and device manufacturers, according to a Dec. 6 report. “They are ours, even after reboot. They will not accept any new firmware from [Internet Service Provider] or anyone, and connect back to us every time :),” BestBuy told the publication in an online chat.

The hacker also shared a URL which appeared to show the live stats of the Access Control Server (ACS) used to push out the malicious updates. TalkTalk and Post Office routers hit by cyber-attack. Image copyright TalkTalk Thousands of TalkTalk and Post Office customers have had their internet access cut by an attack targeting certain types of internet routers. A spokeswoman for the Post Office told the BBC that the problem began on Sunday and had affected about 100,000 of its customers. Over 1 Million Google Accounts Hacked by 'Gooligan' Android Malware. If you own an Android smartphone, Beware! A new Android malware that has already breached more than 1 Million Google accounts is infecting around 13,000 devices every day. Dubbed Gooligan, the malware roots vulnerable Android devices to steal email addresses and authentication tokens stored on them.

With this information in hands, the attackers are able to hijack your Google account and access your sensitive information from Google apps including Gmail, Google Photos, Google Docs, Google Play, Google Drive, and G Suite. Researchers found traces of Gooligan code in dozens of legitimate-looking Android apps on 3rd-party app stores, which if downloaded and installed by an Android user, malware starts sending your device’s information and stolen data to its Command and Control (C&C) server. Now Appearing: Year-Long Hack at Madison Square Garden. As NYC readies for the big Thanksgiving Day parade, a breach affecting some of the city’s most famous venues, including Madison Square Garden and Radio City Music Hall, has been disclosed.

Madison Square Garden Co. said that a hack of the payment processing system, which also affects the Beacon Theater, Chicago Theater and the Theatre at Madison Square Garden, lasted approximately a year, from November 9, 2015 and October 24, 2016. Hackers gained access to data contained in the magnetic stripe on the back of payment cards swiped in person to purchase merchandise and food and beverage items at Madison Square Garden, the Theater at Madison Square Garden, Radio City Music Hall, Beacon Theater, and Chicago Theater, including credit card numbers, cardholder names, expiration dates and internal verification codes. The company hasn’t disclosed how many are affected, but it did say that not all cards used during this time frame were affected. FBI forced to clarify 'thousands' of National Security Letters after Internet Archive disclosure. For well over a decade, the FBI has issued secretive compel notices on communications providers to request data about users suspected of criminal activity.

Dubbed National Security Letters (NSLs), they come with an everlasting gag order and do not need to be approved by a judge. Yet now, after spreading inaccurate legal advice for roughly a year, the US law enforcement agency is reportedly being forced to re-issue thousands of these letters because it failed to inform firms served with an order the law around challenging them had changed. The news came to light following a landmark appeal by the Internet Archive, which was on the receiving end of an NSL back in August.

Upon analysis, the website found the notice contained significant misinformation about how to contest the order. As explained by the Electronic Freedom Foundation (EFF) in a blog post, the NSL failed to explain changes to the law that discarded old rules saying firms could only make one challenge a year. What Trump Can Do About Cybersecurity - Bloomberg View. China: Tech Giants Push Back Against Beijing's New Cyber Security Bill. Trump adds congressional cybersecurity leadership to transition team. China's Business-Unfriendly Cybersecurity Stance. Amazon Cloud Computing Division Unveils New Cyber Security Service. China: Tech Giants Push Back Against Beijing's New Cyber Security Bill. Amazon Cloud Computing Division Unveils New Cyber Security Service.

Accused TalkTalk's server hackers will stand trial next year. Two suspected computer hackers accused of targeting mobile network TalkTalk and stealing their customer banking details will stand trial in July next year. Data protection watchdog could feature in 'naked teen picture' Facebook legal action. Is China’s new cyber security law a threat to international businesses? ‘Despite the challenging dilemma, companies are likely to comply and give in to China’s demands’ China has the world’s largest market for digital shopping, mobile payments, and Internet-enabled financial services.

Close to 400 million people do most of their payments using their smartphones. The country’s overall business in information technology is a market of well above $300 billion, and it is estimated that more than 700 million Chinese people have access to the internet. One hacked laptop leaked personal details of over 130,000 US Navy officers. Drone-hacking cybersecurity boot camp launched in UK. Image copyright Reuters. Cyber Grinches Could Disrupt Holidays' Biggest Shopping Weekend. Facebook Buys Passwords from The Deep Web. Cyber Security Archives - AnonHQ Archive - AnonHQ. UK firms neglecting cyber security, say 74% of IT managers. FBI Hacked into 8,000 Computers in 120 Countries Using A Single Warrant.

Bletchley Park: 'Codebreakers school' planned for site. The Chinese firm taking threats to UK national security very seriously. Malicious insiders the fastest growing threat to cyber security, warns report. Bletchley Park: 'Codebreakers school' planned for site. UK firms neglecting cyber security, say 74% of IT managers. Funds flow for cybersecurity startups. UK must retaliate versus cyber-attacks says chancellor. Intelligent machines: Will we accept robot revolution? How IBM's Watson will change cybersecurity. Cybersecurity forces overwhelmed? Why Facebook Buys Lists of Stolen Passwords. Unmanned Robots for Ocean Data Liquid Robotics. Three Mobile cyber hack: six million customers' private information at risk after employee login used to access database  Snooper's charter: UK passes massive surveillance bill, here's how it can affect you.

Cybersecurity experts offer advice for incoming Trump administration. Trump Cyber Security Team and Policy Slow to Take Shape. Google Clamps Down on Sneaky Malicious Sites. 16-31 October 2016 Cyber Attacks Timeline – HACKMAGEDDON. The Trojan horse: 2017 cyber security trends - Information Age - Information Age. Three Mobile cyber hack: six million customers' private information at risk after employee login used to access database  Blarney: Snowden files expose NSA spying on EU, UN World Bank and IMF. Boy, 17, admits TalkTalk hacking offences. Chinese company installed secret backdoor on hundreds of thousands of phones. Kaspersky: Windows 10's antivirus integration anti-competitive. Security News This Week: What Trump's Win Means for Cybersecurity.