Woman reading

InfoSec in the News

2001 and earlier

Most of these news stories could have been prevented with an effective security awareness program or they promote the use of security awareness.
Also visit our News Archives for older stories

Subscribe to the following e-mail lists for even more stories:

SANS NewsBites

Security Wire Digest


31 Dec 2013 - NSA Developed Backdoor for iPhones
A news story in German magazine Der Spiegel said that NSA spyware known as DROPOUTJEEP can give anyone using it access to most everything on infected iPhones. The tool harvests text messages and voicemail and is capable of switching on the device's microphone and camera remotely. Apple has denied that it worked with the NSA to put the backdoor in iPhones. In a statement to the Wall Street Journal, Apple officials said. "Apple has never worked with the NSA to create a backdoor in any of our products, including iPhone. Additionally, we have been unaware of this alleged NSA program targeting our products."

27 Dec 2017 - Target: PINs Were Stolen in Breach
Target now admits that PINs were stolen during a security breach of its in-store payment systems that affected 40 million accounts, but says that the data are encrypted. The PINs are reportedly encrypted at the keypads with Triple DES encryption; Target does not store or even have access to the key necessary to decrypt the data.

24 Dec 2013 - FBI Warns Media Members Receiving Phishing eMails
Earlier this week, the FBI warned that the hacking group known as the Syrian Electronic Army (SEA) was sending phishing emails trying to get people to divulge their usernames and passwords. The emails were reportedly sent to members of the media, including some New York Times employees. The link provided claimed to be a CNN story about the conflict in Syria. The link actually directed people who clicked on it to phony Google login pages. The SEA has denied responsibility for the deceptive messages.

16 Dec 2013 - Laptops Stolen From Insurance Office Contained Unencrypted Patient Data
Earlier this month, a New Jersey health insurance company began notifying more than 800,000 members that their personally identifiable information was stored, unencrypted, on laptops stolen from Horizon Blue Cross Blue Shield headquarters in Newark. The data include names, addresses, dates of birth, insurance ID numbers, and clinical information.

13 Dec 2013 - Android mToken App Steals Texts
The Android mToken app has been found to intercept text messages. The malicious app targets devices that are already infected with banking malware.

5 Dec 2013 - US Lawmaker Seeks Answers From Car Makers About Cybersecurity and Privacy
US Senator Ed Markey (D-Massachusetts), has written to 20 automobile manufacturers, asking them how they plan to secure the wireless computer systems in their cars and how they plan to protect customers' privacy. Markey asks that the companies respond to 18 questions about security and privacy.

5 Dec 2013 - NSA Gathering Huge Quantities of Mobile Phone Location Data
According to documents leaked to the Washington Post, the NSA logs nearly five billion mobile phone location records every day. This particular data collection program "allows the NSA to track individuals and map relationships 'in ways that would have been previously unimaginable.'" According to May 2012 internal briefing, the massive data collection is "outpacing [the NSA's] ability to ingest, process, and store."

4 Dec 2013 - Data Thieves Stole Millions of Account Login Credentials
Researchers found a server containing login credentials for at least two million user accounts. The breach affects Facebook, Google, Twitter, and other website accounts, as well as for email addresses, FTP accounts, remote desktops, and secure shells. The stolen data come from more than
100 countries. While at first glance the majority of the compromised accounts appear to have been taken from computers in the Netherlands, closer examination reveals that most emanated from a single IP address that "functioned as a gateway or reverse proxy between the infected machines and the Command-and-Control server, which [is] in the Netherlands as well."

28 Nov 2013 - US Government Will Pay US $50 Million to Settle Software Piracy Case
The US government will pay US $50 million to a Texas-based company for installing pirated copies of its software on machines. The army has used Apptricity's logistics software since 2004, but the company recently became aware that it was installed on thousands more machines than the number for which the Army had purchased licenses.

14 Nov 2013 - Guilty Plea in Webcam Hacking and Extortion Case
A 19-year-old man has pleaded guilty to charges of extortion and unauthorized access of a computer for breaking into computers belonging to young women, taking pictures of them with their computers' webcams, and attempting to blackmail the young women. Jared James Abrahams will be sentenced in March 2014; his plea agreement is likely to draw a prison sentence of 27 to 33 months. Abrahams allegedly hacked into computers of more than 20 women.

30 Oct 2013 - Microsoft Urging Windows XP Users to Upgrade to Windows 8
Computers running Windows XP are already six times more likely to suffer malware infections than machines running Windows 8, according to Microsoft Trustworthy Computing general manager Mike Reavey. The problem is only going to get worse in April 2014, when Microsoft ends support for the 12-year-old operating system. According to one estimate, after April 8, the likelihood of machines running XP becoming infected with malware will increase by two-thirds.

29 Oct 2013 - UK ISPs Ordered to Block More Sites in Bid to Quell Piracy
A UK court has ordered Internet service providers (ISPs) there to block 21 additional websites suspected of encouraging illegal music filesharing. The blocks must be in place by Wednesday, October 30. Earlier orders have called on UK ISPs to block eight other sites, including The Pirate Bay.

28 Oct 2013 - MPAA Publishes List of Top Filesharing Sites Around the World
The Motion Picture Association of America (MPAA) has released a report that lists major illegal filesharing sites around the world. Ironically, the MPAA has criticized Google for returning high numbers of filesharing sites in its search results, but now MPAA has provided an organized list of many of those sites. The MPAA report was created to provide the US Trade Representative with the names of "potential Internet and physical notorious markets that exist outside the US."


24 Oct 2013 - US Attorney Charges Seven in Connection with Fraudulent Internet Transactions
Seven people have been indicted in connection with a scheme selling nonexistent luxury items on eBay and other sites. The indictment was filed in the Eastern District of New York Office of the US Attorney. The defendants allegedly netted more than US $3 million in the scheme. The defendants, who are from Romania and Albania, remain at large. Interpol is asking for assistance in apprehending the suspects.


23 Oct 2013 - Rental Company Settles Charges Over Webcam Spying
An Atlanta-based rental store has agreed to stop spying on customers who rent computers. Aaron's used software called Detective Mode to monitor customer activity through keystroke logging, screen shots, and images taken from webcams. The complaint, filed by the US Federal Trade Commission (FTC) noted that the practice violated customers' privacy and put them at rick of identity fraud because of screen shots that contained financial data. According to the settlement, Aaron's may not use technology that captures keystrokes, screenshots, images, or sounds on the devices it rents. The company may only use tracking technology with the consent of the renter. Consumers also filed a lawsuit against Aaron's prior to the FTC's complaint.

10 Oct 2013 - Five-and-a-Half Year Sentence for Role in Phishing Scheme
A UK court has sentenced Olukunle Babatunde to 66 months in prison for his role in a phishing scheme. Babatunde admitted to stealing more than GBP 750,000 (US $1.2 million) from more than 700 online bank accounts.


10 Oct 2013 - Skimmers Found on Registers at Department Store in Florida
Skimmers were found on a half-dozen registers at a Florida Nordstrom department store. A closed-circuit camera captured images of three men tampering with registers at the store on October 5. The thieves worked as a team: two people distracted store staff while a third examined the registers. Later the same day, a different group of three people came to the store and again distracted employees while one of the group installed keylogging Ps2 connectors on the registers.


27 Sept 2013 - Copyright Attorney Suing Record Label Over Automated Takedown Notice
Harvard Law School professor Lawrence Lessig is suing an Australian record label that attempted him to sue him for copyright infringement. The matter involves a lecture given by Lessig that is available on YouTube. The lecture is in fact about the need for copyright law to be adjusted for the Internet. In the lecture, Lessig uses a clip from a song to which the Australian record label holds the rights. However, the company backed down after Lessig invoked the fair use legal doctrine. Lessig then sued the company for initiating a bad-faith lawsuit. Lessig filed the suit because he believes music labels should stop depending on automated systems to detect possible infringements and send takedown notices.

25 Sept 2013 - Underground Identity Theft Site Hacked Data Aggregators
An underground website that trades in identity theft data reportedly gathers information by breaking into computers at major US data aggregators. The site, SSNDOB, sells Social Security numbers (SSNs), birthdates, and other personal data. Network analysis showed that SSNDOB administrators were also operating a botnet that had infiltrated servers at LexisNexis, Dun & Bradstreet, and Kroll Background America.

23 Sept 2013 - Grace Period Ends for Updated HIPAA Rule Compliance
As of September 23, 2013, US organizations that handle protected health information must abide by updated Health Insurance Portability and Accountability Act (HIPAA) rules. The changes were established in 2009 and took effect in March 2013, but organizations were given a six-month grace period that ended this week. Among the new rules are a requirement that business associates of organizations covered by HIPAA must be in compliance with the rules' security and privacy measures, and new restrictions on covered entities' marketing and sale of personal health information.

23 Sept 2013 - MPAA, RIAA Help Draft Anti-Piracy Curriculum for Use in California Schools
The Motion Picture Association of America (MPAA), the Recording Industry Association of America (RIAA), and several major US ISPs plan to pilot an anti-piracy program in California's elementary schools. The curricula, which are adapted for each age level from kindergarten through sixth grade, were created by the California School Library Association and the Internet Keep Safe Coalition working with the Center for Copyright Infringement, which counts executives from MPAA, RIAA, and several large telecommunications forms among its board members. A draft of the program suggests that using other people's works without permission is worse than copying someone's answers on a test. Those helping to develop the curriculum stress that it is still in draft form.

18 Sept 2013 - MPAA Says Search Engines Should Do More to Prevent Piracy
The Motion Picture Association of America (MPAA) has released a report indicating that search engines need to make a more concerted effort to help fight piracy. The report comes just as the Commerce Department is considering ways to help private sector companies fight piracy. The MPAA's report said that Google's recent changes to its search algorithm have not had an effect on piracy.

13 Sept 2013 - AT&T Issues Piracy Warning to Customers
AT&T is warning its customers that if they are found to be engaging in Internet piracy, their Internet access could be severed. The warning, which came in the form of a letter, is part of the company's implementation of the so-called "six strikes" anti-piracy policy. The letter says the illegal activity "could result in mitigation measures including limitation of Internet access or even suspension or termination." Several years ago, AT&T reportedly said it would terminate users' accounts only upon receipt of a court order.

12 Sept 2013 - Three-Year Prison Sentence for Hacking Police Web Sites
An Ohio man has been sentenced to three years in federal prison for hacking into police department websites in Utah, New York, and California. The actions of John Anthony Borell III reportedly caused thousands of dollars in damage; the Utah police force site was down for nearly three months. Borell has also been ordered to pay US $227,000 in damages.

5 Sept 2013 - Hesperbot Trojan Spreading
The Hesperbot Trojan horse program spreads through emails that appear to be legitimate package-tracking documents or messages from Internet service providers and other companies. The messages attempt to get the recipients to download an attachment with a .pdf.exe file extension.
Hesperbot has the capability to log keystrokes, take screenshots, record from installed video cameras, intercept traffic, and send all the information back to the command-and-control server. It also establishes a remote proxy on infected machines. Hesperbot has infected computers in Turkey, Portugal, the Czech Republic, and the UK.

30 August 2013 - Aberdeen City Council Fined GBP100,000
The United Kingdom's Information Commissioner's Office (ICO) has fined the Aberdeen City Council the sum of GBP100,000 (US$150,000) resulting from the leaking online of sensitive data relating to vulnerable children. The data was accessed on an employee's home PC from where a file sharing program installed on the PC uploaded the information and shared it online. The information was first leaked on the 14th November
2011 and was detected by another member of staff on the 15th February 2012. Ken Macdonald, Assistant Commissioner for Scotland at the ICO, said "As more people take the opportunity to work from home, organisations must have adequate measures in place to make sure the personal information being accessed by home workers continues to be kept secure."

29 August 2013 - New York Times Domain Hijack Due to Phishing Email
On Wednesday evening hackers claiming to be part of the Syrian Electronic Army disrupted web services for the New York Times, as well as the Huffington Post UK and the Twitter image sharing site Twing.com.
The attack appears to have originated after a user in a reseller for Australian based domain registrar Melbourne IT fell victim to a "targeted phishing attack".  Melbourne IT is the domain registrar for the New York Times and the other affected domains. As a result the attackers gained access to the username and password of the reseller.
The attackers were then able to alter the DNS records for the affected sites to servers under their control based in Russia.  Control over the domain records were eventually returned to the rightful owners and normal services restored.
Internet Storm Center: https://isc.sans.edu/diary/NY+Times+DNS+Compromised/16451http://www.theregister.co.uk/2013/08/27/twitter_ny_times_in_domain_hijack/

27 August 2013 - Three Men Charged with Stealing Company Code from Wall Street Firm
Three men have been charged in a scheme to steal the source code for the electronic trading software of a Wall Street based firm. Two of those charged were employees of the firm. They are accused of emailing the code from their work accounts to their personal accounts. According to the complaint one of the accused, Glen Cressman, a trader at the firm, sent emails to his personal account which included trading strategies
and valuation algorithms.   He is charged with two counts of unlawful
duplication of computer related material and unauthorized use of secret scientific material. One of his alleged conspirators and former co-worker, Jason Vuu, faces twenty counts of the same charge. Vuu is alleged to have shared the stolen information with a former college friend with the aim to set up their own trading company.

16 August 2013 - Phony Flash Update Serves Spam Ads
A phony update for Adobe's Flash Player serves spam advertisements to users who fall prey to its lure. Users are told that must install the update to view certain videos. Some of the advertisements are pornographic, and others are capable of replacing legitimate advertisements. The phony update has been spotted on websites aimed at children. It injects ads into every page visited. Users are advised to check their browser extensions.

25 July 2013 - Apple Users Getting Hit with Phishing eMails in Wake of Developer Site Hack
Unsurprisingly, phishing emails targeting Apple users have followed close on the heels of an attack on the Apple Developer website. The messages contain obvious signs that they are phony, but "scammers often use emotional responses to a recent event to induce panic in users - which may make them less likely to double-check a domain or other details before" surrendering authentication credentials.

18 July 2013 - Apple and Samsung Smartphone Antitheft Technologies to be Tested
The "Secure Our Smartphone" initiative asks phone makers to implement technology that will help reduce smartphone theft. This week, state and federal prosecutors in California plan to bring in experts who will try to defeat security measures on smartphones provided by Apple and Samsung. Apple's iPhone 5 will have the "Activation Lock" feature enabled, and Samsung's Galaxy S4 will come with the LoJack for Android feature. Federal prosecutors are still hopeful that the companies will eventually manufacture smartphones with kill switches.

16 July 2013 - Cybersecurity Moved From 12th to 3rd Place on Lloyd's Risk Index List
Lloyd's Risk Index 2013 places cybersecurity near the top of the list of risk factors faced by businesses. Risk of cyber incidents was ranked twelfth in the 2011 Index and has moved, in three years, to third, following only high taxation and loss of customers. Cyber issues top the list of political, crime, and security risks. This may be attributable to increased politically and ideologically motivated attacks and the increased cost associated with attacks. The report questions whether organizations "are spending money on the right things" to effectively address cybersecurity, and posits that spending money on security measures and making sure that security recommendations are implemented might be a better investment than purchasing insurance policies that cover cyberattacks. An April 2013 report from the Insurance Information Institute suggests that about two-thirds of cyber incidents are due to issues within organizations' control.

11 July 2013 - WellPoint to Pay US $1.7 Million for HIPAA Violations
WellPoint, an Indianapolis-based health insurance provider, will pay the US Department of Health and Human Services (HHS) US $1.7 million for violations of the Health Insurance Portability and Accountability Act (HIPAA). The charges stem from WellPoint's weak database security that exposed the personal records of more than 600,000 people. The database was reportedly accessible between October 2009 and March 2010, exposing patients' names, Social Security numbers (SSNs), and health data.
WellPoint reported the issue as required under HIPAA rules; a subsequent investigation conducted by HHS found that WellPoint was using inadequate policies and procedures to protect access to online data. In 2011, WellPoint was ordered to pay US $100,000 to the state of Indiana to settle charges resulting from a breach that exposed personal information of 32,000 Indiana patients.

26 June 2013 - Organizations are Not Doing Enough to Defend Themselves from Cybercrime
According to the 2013 State of Cybercrime Survey from PwC, "Organizations are misjudging the severity of risks they face from a financial, reputational, and regulatory perspective." Current defenses against cyberattacks are not effective because executives either do not understand the scope and import of the threats, or they have stopped paying attention. Many leaders are unaware of who in their organizations is responsible for cybersecurity. They also "underestimate the capabilities of their attackers and the damage they can cause." The leaders also appear not to understand that, while using smart cloud services and other technological advances may help productivity, they introduce their own vulnerabilities.

24 June 2013 - Google Scanning Chrome Apps and Extensions Submitted to Chrome Web Store
Google is now scanning apps and extensions submitted to the Chrome Web Store for malware. Google already performs this function in its Google Play Android Apps Store. Developers could experience short delays in uploads because of the scanning. Google calls the process "Enhanced Item Validation."

24 June 2013 - US-CERT Issues Default Password Alert
The US Computer Emergency Response Team (US-CERT) has issued an alert warning that "it is imperative to change default manufacturer passwords and restrict network access to critical and important systems." The alert notes that "critical infrastructure and other important embedded systems, appliances, and devices are of particular concern."

20 June 2013 - US Seized 1,700 Domains Over Three Years in Anti-Piracy Operation
"Operation In Our Sites," an ongoing effort by US authorities to thwart intellectual property fraud, has seized more than 1,700 websites in the past three years. The offending sites offered illegally streamed sporting events; sold bogus apparel, accessories and counterfeit drugs; and allowed illegal downloads of music and movies. US authorities were able to seize the sites because the domains - .net, .com, and .org - are controlled by US entities.

16 June 2013 - Police Using Driver's License Photo Databases in Criminal Investigations
Over the past several years, US states began collecting searchable photo ID databases for the purpose of thwarting driver's license fraud, but the information is increasingly being used by law enforcement to identify criminal suspects, accomplices, and in some cases, just bystanders related to investigations. The databases are required to be used only for "law enforcement purposes," criteria vague enough to suggest they can be used in a variety of situations. The information is used to develop investigative leads, not to make positive identification. Using facial recognition technology, law enforcement agents have mined the databases for information and caught serious criminals. The problem is, the driver's license photo databases are not criminal databases, but are being used as if they were. The state databases are becoming increasingly interconnected, which is giving law enforcement officers a de facto national identification system. The recent Supreme Court ruling allowing the collection of DNA samples from people who are arrested could just add to the amount of information that law enforcement will have at their fingertips. Thirty-seven US states use facial recognition technology in license registries. Twenty-six of those states permit law enforcement agents at the local, state, and federal levels to search their databases to help identify people relevant to their investigations.


11 June 2013 - State Prosecutors Introduce "Save Our Smartphones" Initiative
A group of law enforcement officials, politicians, and consumer advocates aim to help fight the growing theft of smartphones, which has reached "epidemic" proportions, according to San Francisco District Attorney George Gascon. The group plans to ask the manufacturers of the most widely used devices - Apple, Google/Motorola, Microsoft, and Samsung - to develop features that make the phones less attractive to thieves. The announcement of the initiative came on the same day that Gascon and New York Attorney General Eric Schneiderman were hosting a Smartphone Summit with representatives from major smartphone makers.

11 June 2013 - Twelve-Year Prison Sentence for Man Who Sold Pirated Industrial Software
A man from Chengdu, China has been sentenced to 12 years in prison for his role in a software piracy operation that sold over US $100 million worth of software. Xiang Li, who operated a website that sold pirated software, was convicted of conspiracy to commit wire fraud and criminal copyright infringement. The software sold on the site was largely industrial grade, much of it designed for aerospace simulation and design, defense, intelligence gathering, and manufacturing plant design, and other technical applications. Li was arrested two years ago when US agents posing as businessmen set up a meeting with him in the Northern Mariana Islands, which is a protectorate of the US and therefore falls under US jurisdiction.

10 June 2013 - Prison Terms for Two in Phishing Scheme
A US district judge in Connecticut has sentenced two Romanian men to prison for their roles in a phishing scheme. Bogdan Boceanu received an 80-month sentence and Andrei Bolovan received a 27-month sentence. In December, Bolovan pleaded guilty to conspiracy to commit fraud in connection with access devices. That same month, a jury found Boceanu guilty of the same charge as well as one charge of conspiracy to commit bank fraud. In all, 19 people are believed to have been involved in the scheme, which phished for payment card information, then used that information to make fraudulent withdrawals from ATMs.

31 May 2013 - Multi-Factor Authentication May Someday be Available As Tattoos and Pills
Motorola Mobility has demonstrated two authentication technologies that remove the need for people to carry around devices for two-factor authentication. The first is an electronic tattoo, a flexible, water-resistant sticker that lasts for several days. The second is a capsule that people can swallow daily. Its components are activated by stomach acids to emit a signal. Motorola said that the US Food and Drug Administration (FDA) has cleared the pill authentication technology for human use.

23 May 2013 - Commission Seeks Stronger Action be Taken to Protect Intellectual Property
The Commission on the Theft of American Intellectual Property, a private organization, has issued a report arguing that US companies should be permitted to act aggressively to prevent hackers from stealing their intellectual property. The report notes that "hundreds of billions of dollars" worth of US intellectual property (IP) is stolen each year, and estimates that China is responsible for 50 to 80 percent of international intellectual property theft. In addition, "the slow pace of legal remedies for IP infringement does not meet the needs of companies whose products have rapid product life and profit cycles." The paper also makes a case for creating disincentives to IP theft by making it unprofitable. The report calls for laws to allow intellectual property owners to retrieve or "render inoperable" stolen IP. The process would be helped through increased "meta-tagging," "beaconing," and "watermarking," technology that basically has a phone home effect, letting IP holders known when information has been stolen.

13 May 2013 - Malicious Browser Extensions Hijack Facebook Accounts
According to a warning from Microsoft's Malware Protection Center, a Trojan horse program called JS/Febipos.A is taking control of Facebook accounts by disguising itself as a legitimate Firefox add-on or Google Chrome extension. The Trojan checks to see if users are logged in to Facebook, then receives configuration instructions from a remote site which enable it to perform most Facebook activity posing as the user. The issue currently affects users in Brazil.

13 May 2013 - NY Attorney General Wants Mobile Phone Companies to Help Thwart Device Theft
New York State Attorney General Eric Schneiderman has sent letters to the CEOs of Apple, Samsung, Google, Motorola, and Microsoft asking them to specify what they are doing to make phones less susceptible to theft. Schneiderman asked why the companies do not offer technology that would make stolen phones useless, which would deter thieves.

10 May 2013 - US Government is the Largest Purchaser of Hacking Tools
According to a report from Reuters, the US government is the single largest buyer in the "gray market" of offensive hacking tools. While tools that exploit unknown vulnerabilities provide a tactical advantage, not disclosing the flaws leaves other organizations, including those in the US, vulnerable to attacks. Former high level cybersecurity officials have expressed concern about the situation. Former White House cybersecurity advisor Richard Clarke said, "If the US government knows of a vulnerability that can be exploited, under normal circumstances, its first obligation is to tell US users." Howard Schmidt, also a former White House cybersecurity advisor, said, "It's pretty naive to believe that with a newly-discovered zero-day, you are the only one in the world that's discovered it." And former NSA director Michael Hayden said that although "there has been a traditional calculus between protecting your offensive capability and strengthening your defense, it might be time now to readdress that at an important policy level." Paying the vulnerability purveyors for the malware also removes the incentive for talented hackers to inform software makers about the flaws.

3 May 2013 - Man Allegedly Hacked Former Employer's System
A New York man has been arrested for allegedly damaging his former employer's computer systems. Michael Meneses allegedly caused more than US $90,000 in damage to the Spellman High Voltage Electronics Corporation. While employed by Spellman, Meneses co-managed the company's enterprise resources management application. In late 2011, he was reportedly angry after he was passed over for a promotion, and he submitted his resignation. Some former colleagues reported that Meneses copied files from his company computer to a flash drive. The details of what he then did are vague. He allegedly stole access credentials and "corrupt[ed] the network." He allegedly changed the company's business calendar. That activity was traced to a North Carolina hotel close to Meneses's new job, and records showed that he had been staying at the hotel at the time of the intrusions.

3 May 2013 - FTC to Hold Hearing on Identity Theft and Senior Citizens
The US Federal Trade Commission (FTC) plans to hold a hearing on Tuesday, May 7 at which it will look into identity theft schemes perpetrated on senior citizens, including tax and government benefit identity theft; long term care identity theft; and medical identity theft, which is occurring with increasing frequency. One study said that about two million US citizens are victims of medical identity theft every year. The incidents cost an average of US $20,000 to resolve. The hearing will also look at ways of educating senior citizens about these issues.

3 May 2013 - Middle School Students Phish Teachers' Admin Credentials
Students at a middle school in Alaska managed to trick teachers into providing their administrative access credentials and then used the access to control classmates' computers. The students are 12 and 13 years old. At least 18 students involved in the scheme gained control of more than 300 computers at Schoenbar Middle School in Ketchikan, Alaska. The students manipulated the computers so that teachers thought they were entering their access credentials to allow installation of software updates.

1 May 2013 - US Government Is Website Serving Malware To Citizens
A US Department of Labor website was found to be serving up malware to unsuspecting citizens through drive-by download attacks. The code embedded in the Site Exposure Matrices (SEM) page redirects users to other pages that installed malware on their computers. Once redirected, a script attempts to exploit a known flaw in Internet Explorer to install a backdoor that facilitates communication between the infected computer and machines controlled by the hackers. Sadly far too many people have not installed the patch, so their systems are being infected.


1 May 2013 - US Army Corps of Engineers' Database Breached
Someone used stolen credentials to gain access to the US Army Corps of Engineers' National Inventory of Dams (NID) database. The breach reportedly began in January but was not detected until April. The intruder gained access to "sensitive fields of information not generally available to the public."  Once the US Army Corps of Engineers realized that the individual was not "authorized [to have] full access to the NID," the credentials were revoked. A US Army Corps of Engineers spokesperson said the breach does not pose a public threat.

29 April 2013 - The Guardian's Twitter Accounts Hijacked
The same group that hijacked the Associated Press's Twitter feed last week is now claiming responsibility for taking over Twitter accounts belonging to the UK newspaper The Guardian. The Syrian Electronic Army claims to have taken control of 11 Twitter feeds at the Guardian. The attack occurred over the weekend; as of Monday, Twitter had suspended most of the hijacked Guardian accounts. Following last week's AP incident, which resulted in a phony tweet claiming that there had been an attack on the White House, Twitter announced that it is conducting internal testing of two-factor authentication.

26 April 2013 - LivingSocial Hacked, User Passwords Reset
Hackers have compromised a database belonging to the LivingSocial daily deals website; the breach affects more than 50 million users. The cyberthieves managed to steal names, email addresses, birthdates and encrypted passwords. Affected users are being urged to change their passwords. Fortunately, customers' financial information is stored separately and did not fall prey to the attackers. LivingSocial has not provided details about what sort of attack was used to access the data.

26 April 2013 - Travnet Trojan Steals Data
The Travnet Trojan horse program compresses stolen files and uploads them to remote servers. Travnet is being used in targeted attacks. It collects information about the computers it infects, including IP addresses, IP configuration data, and running processes. It is capable of stealing a variety of document types. Travnet has been infecting computers through email and exploiting known and patched flaws in Microsoft Office.

24 April 2013 - Judge Denies FBI Permission to Install Surveillance Software on Suspect's Computer
The FBI may not install specialized surveillance software on a suspect's computer, according to a ruling from a federal magistrate judge. Judge Stephen Smith said that the order requested by the FBI was too broad and too invasive. The FBI had sought permission to install specialized software on a computer used by the suspect; the software "has the capacity to search the computer's hard drive, random access memory, and other storage media; to activate the computer's ... camera; to generate [location] data for the device; and to transmit the extracted data to FBI agents." The judge also took the FBI to task for failing to specify how the operation would be certain to target the suspect and no one else.

20 April 2013 - BadNews Malware Snuck Into Google Play Apps
Malware known as BadNews has been downloaded from Google Play at least two million times. BadNews was found to have been hidden in at least 32 separate apps from four different developers. The malware was added to the apps after they had been submitted to Google Play. Infected Android devices connect to remote servers every four hours to send harvested data, including device phone numbers and unique serial numbers. The remote servers also instruct infected devices to install a Trojan horse program called AlphaSMS that sends text messages to numbers that incur charges. Google has removed the infected apps.

19 April 2013 - Former Hosting Provider Admin Allegedly Placed backdoors on 2,700 Servers
A man who was once employed by hosting provider Hostgator has been arrested and charged with breach of computer security. Eric Gunnar Gisse worked as an administrator at Hostgator from September 2011 through February 15, 2012. He allegedly installed backdoors on more than 2,700 company servers. The day after Gisse was dismissed from his position, officials at Hostgator detected the backdoor application that he had installed. The backdoor was disguised to look like a Unix administration tool.


19 April 2013 - Siri Retains Query Data for Two Years
Apple has revealed that it retains information about questions users ask Siri for as long as two years, although the company does try to anonymize the data. Siri queries are sent to Apple's servers, where they are assigned an identifier - not an AppleID or email address - that links the voice files to the device from which they were sent. After six months, the identifier is removed, but the query data are retained to help Apple with product testing and improvement. The disclosure of Apple's data retention practices comes in response to pressure from American Civil Liberties Union (ACLU) lawyer Nicole Ozer, who said that that Apple does not do enough to let customers know their privacy rights.

17 April 2013 - Microsoft to Begin Offering Two-Factor Authentication
Microsoft will start offering two-factor authentication to Microsoft Account users on an optional basis. The scheme will be much like those used by Google, Apple, and Facebook in which accounts are protected with both a password and a one-time passcode sent to users in a text message or generated by an authentication app. Users will have the opportunity to designate certain devices as trusted on which they do not need to use two-factor authentication.

17 April 2013 - Microsoft: Web Based Threats More Prevalent Than Network Threats
According to Microsoft's Security Intelligence Report, web-based threats pose a greater risk to enterprise networks than do worms that spread through the network. This is the first time in four years that Conficker has not topped the list of threats to enterprise networks. That position is now occupied by IframeRef malware.

17 April 2013 - Study Says Home Routers Vulnerable to Attacks
Many widely used home routers are easy to hack into, according to a study by a company called Independent Security Evaluators. A test found 13 of the most popular home routers had easily remotely exploitable vulnerabilities that could be used to snoop on or modify network traffic. All of the routers tested were using the most recent firmware and were tested with their out-of-the box default configurations.


© 1999-2016 Security Awareness, Inc. All Rights Reserved  :  Privacy Statement
Contact Us     Site Map