Remember the security breach at Target where more than 40 million credit card numbers were hacked? It was Brian Krebs who broke the story. He’s a cybercrime and security reporter. 

In order to do his work, Krebs has learned computer code, the Russian language and how to get onto black market websites and cybercrime networks. And cyber criminals who don’t appreciate his work have found creative and frightening ways to harass him, including calling in a fake hostage situation:

"In March of last year, a heavily armed police force showed up at my home à propos of nothing. They call it "swatting." Somebody had called in a fake hostage situation at my home. They said Russians had broken into my home and shot my wife and that I was hiding in the closet, send guns and forces to get these guys out of my house.

They showed up… [The swat team] had me put my hands up… walk down my front stoop backwards. [They] handcuffed me and put me in the squad car and this is happening at about five, quarter-to-six in the evening on a week day so all the people trying to come home from work, the police had barricaded the entrance to our neighborhood. People are staring out their windows. It was quite a scene.”

Photo - Daniel Rosenbaum for The New York Times

REUTERS/Rick Wilking

Seventeen fake cellphone towers were discovered across the U.S. last week, according to a report in Popular Science.

Rather than offering you cellphone service, the towers appear to be connecting to nearby phones, bypassing their encryption, and either tapping calls or reading texts. 

Les Goldsmith, the CEO of ESD America, used ESD’s CryptoPhone 500 to detect 17 bogus cellphone towers. ESD is a leading American defense and law enforcement technology provider based in Las Vegas. 

With most phones, these fake communication towers are undetectable. But not for the CryptoPhone 500,  a customized Android device that is disguised as a Samsung Galaxy S III but has highly advanced encryption.

Goldsmith told Popular Science: " Interceptor use in the U.S. is much higher than people had anticipated. One of our customers took a road trip from Florida to North Carolina and he found eight different interceptors on that trip. We even found one at South Point Casino in Las Vegas.”

The towers were found in July, but the report implied that there may have been more out there.

Although it is unclear who owns the towers, ESD found that several of them were located near U.S. military bases. 

"Whose interceptor is it? Who are they, that’s listening to calls around military bases? Is it just the U.S. military, or are they foreign governments doing it? The point is: we don’t really know whose they are," Goldsmith said to Popular Science.

It’s probably not the NSA — that agency can tap all it wants without the need for bogus towers, VentureBeat reported:

Not the NSA, cloud security firm SilverSky CTO/SVP Andrew Jaquith told us. “The NSA doesn’t need a fake tower,” he said. “They can just go to the carrier” to tap your line.

ComputerWorld points out that the fake towers give themselves away by crushing down the performance of your phone from 4G to 2G while the intercept is taking place. So if you see your phone operating on a slow download signal while you’re near a military base … maybe make that call from somewhere else.

In an amazing coincidence, police departments in a handful of U.S. cities have been operating “Stingray” or “Hailstorm” towers, which — you guessed it — conduct surveillance on mobile phone activity. They do that by jamming mobile phone signals, forcing phones to drop down from 4G and 3G network bands to the older, more insecure 2G band.

Biggest Databreaches & Cyber Attacks of 2014

Data Breach

2014 becomes the year of biggest cyber attacks & world’s giant websites were compromised due to these cyber attacks. These attacks have steal millions of records and money by data breach.

Top Data Breaches Per Year

Figure : Top Data Breaches Per Year

Biggest Databreaches and Cyber Attack occurred in 2014

1. eBay Data Breach : World’s biggest online retailer Ebay’s employee’s login credentials have been compromised and around 145M user’s have been affected, eBay have solve this and urge users to change their passwords.

2. Michaels Stores : The POS (Point of Scale System) at Michaels and Aaron Brothers stores have been compromised due to unsophisticated malware, as per company’s report 2.6 Million Credit card number & expiration date information have been stolen.

3. Montana Department of Public Health and Human Services : Some suspicious activity found on “Montana Department of Public Health and Human Services”, around 1.3 Million people’s name, address, birth date & social credentials have been stolen.

4. Variable Annuity Life Insurance Co. : About 774273 customer data of Variable Annuity Life Insurance Co. have been stolen.

5. Spec’s : Texas’s biggest retailer network Spec’s was compromised due to cyber attack, customer name, address, credit card credentials (Expiration date, security code, banking info) were stolen.

Source: http://bit.ly/1jtnASD

Cybercriminals are sneaking past security protections to access online accounts across 34 banks in Switzerland, Sweden, Austria and Japan. And in doing so, experts say, the hackers are defeating what’s often touted as one of the more effective online security protocols.

The attack can get past two-factor authentication, which requires customers to type in a code sent to their cellphone or inbox to ensure the user is who he or she claims to be, by convincing customers to download a malicious smartphone app, according to a report released Tuesday by the security firm Trend Micro. The researchers dubbed the technique “Emmental” — like the Swiss cheese — because they say it shows the security flaws in online banking. So far, funds “in the seven figures” have been taken from bank accounts, according to Trend Micro spokesman Thomas Moore.

Read More

Now e-cigarettes can give you malware

Read More on http://newsrule.com/now-e-cigarettes-can-give-malware/

Now e-cigarettes can give you malware

This article titled “Now e-cigarettes can give you malware” was written by Alex Hern, for theguardian.com on Friday 21st November 2014 16.37 UTC

E-cigarettes may be better for your health than normal ones, but spare a thought for your poor computer – electronic cigarettes have become the latest vector for malicious software, according to online reports.

Many e-cigarettes can be charged over USB, either with a special cable, or by plugging the cigarette itself directly into a USB port. That might be a USB port plugged into a wall socket or the port on a computer – but, if so, that means that a cheap e-cigarette from an untrustworthy supplier gains physical access to a device.

A report on social news site Reddit suggests that at least one “vaper” has suffered the downside of trusting their cigarette manufacturer. “One particular executive had a malware infection on his computer from which the source could not be determined,” the user writes. “After all traditional means of infection were covered, IT started looking into other possibilities.

“The made in China e-cigarette had malware hardcoded into the charger, and when plugged into a computer’s USB port the malware phoned home and infected the system.”

Rik Ferguson, a security consultant for Trend Micro, says the story is entirely plausible. “Production line malware has been around for a few years, infecting photo frames, MP3 players and more,” he says. In 2008, for instance, a photo frame produced by Samsung shipped with malware on the product’s install disc.

Even more concerning is a recent proof-of-concept attack called “BadUSB”, which involves reprogramming USB devices at the hardware level. “Very widely spread USB controller chips, including those in thumb drives, have no protection from such reprogramming,” says Berlin-based firm SRLabs, which released the code.

Combine the two, says Ferguson, “and a very strong case can be made for enterprises disabling USB ports, or at least using device management to allow only authorised devices.

“For consumers it’s a case of running up-to-date anti-malware for the production line stuff and only using trusted devices to counter the threat.”

Dave Goss, of London’s Vape Emporium, says that vapers can remain safe by buying from respected manufacturers such as Aspire, KangerTech and Innokin, and by checking for “scratch checkers” on the box, which mark out authentic goods from counterfeits.

“Any electrical device that uses a USB charger could be targeted in this way, and just about every one of these electrical devices will come from China,” he adds.

In early November, figures obtained by the Press Association revealed that e-cigarettes and related equipment, such as chargers, were involved in more than 100 fires in less than two years.

guardian.co.uk © Guardian News & Media Limited 2010

Published via the Guardian News Feed plugin for WordPress.

DDoS attacks are becoming more effective

DDoS Attack

According to the new Global study by BT, Daniel of Service (DDoS) attack is the most effective attack and it can put organization down for hours or for days.

As per the research report globally there are 41% organizations were affected by DDoS attack and among these 41% organization 78% were targeted twice. Millions of user data, Login credentials, banking information have been breached.

78% US organizations were affected due to this DDoS Attack. This DDoS Attacks complex, strong & hard to reveal.

As these DDoS attacks are increasing day by day it is responsibility of Website admins & webmasters to use maximum security for their website to avoid DDoS Attack.

Source: http://bit.ly/VEu7zF

Post @ 1337 Tech News

New Post has been published on http://www.1337technews.com/want-to-know-how-to-shop-safely-on-black-friday-and-cyber-monday-join-our-twitter-chat/

Want to know how to shop safely on Black Friday and Cyber Monday? Join our Twitter chat!

Learn how to protect yourself online, not just on the forthcoming Cyber Monday, but for the rest of the year as well. Join us and the Center for Internet Security in a Twitter chat…and bring your friends and family, too.

"Kryptowährungen könnten die Offshore-Konten der Zukunft sein"

“Kryptowährungen könnten die Offshore-Konten der Zukunft sein”

Das Europäische Zentrum für Cyberkriminalität hat einen Bericht veröffentlicht. Dieser informiert auf knapp 100 Seiten Entscheidungsträger aus der Politik über laufende Entwicklungen im Cybercrime, dessen Risiken für die Gesellschaft und mögliche Umgangsweisen mit neuen Bedrohungen. Dass der Bitcoin darin eine Rolle spielt, versteht sich von selbst. Laut dem Bericht sind Kryptowährungen zwar noch…

View On WordPress

Cyber Criminals taking advantage of Malaysia Airlines Flight MH17 Plane Crash News to Bait Users

Recently Malaysian Airlines flight MH17 was crashed by a ground-to-air missile, 283 passenger & 15 crew member were died.

Now, Cyber criminals are taking advantage of this MH17 flight crash news to spread malware and miscellaneous threats.

Cyber researchers of one of the leading antivirus firms "Trend Micro" have first discovered that specious activity on social networking giant Twitter. As Twitter supports #(Hashtag) functionality to trend something world wide, hackers have made use of #MH17 hashtag to lure users who are looking to read news that are related to Malaysian Airlines Flight MH17.

Hundreds of users have twitter and retwitted that spam Tweet which is infected with malware/threats.

MH17 Spam Tweet

Spam Tweet 1

MH17 Spam Tweet

Spam Tweet 2

We are requesting users not to click on this kind of spammy links.

Source: http://bit.ly/1rhoWkq

My B-day wish

I wish for my B-day for people stop taking my art with out my permission and calling me mean things and talking mean things about me wail taking my art… I will not draw. I will not post. I will not talk intill people know what’s wrong here… If you do care like this it will show that I’m not the only who’s in pain here. Thank you and fare well. Master Pinpey out.

The U.S. Department of State’s Transnational Organized Crime (TOC) Rewards Program is offering rewards for information leading to the arrest and/or conviction of alleged Romanian Internet fraud conpirators Nicolae Posescu and Dumitru Daniel Bosogioiu. A reward of up to $1 million is offered for information on Popescu, who allegedly led a cyber fraud scheme to flood U.S. marketplace websites with convincing advertisements to sell cars, motorcycles, boats, and other high-value items that did not exist. Victims were directed to wire payments to fraudulent bank accounts, from which the money was transmitted to the leaders of the organization in Romania. The conspiracy potentially resulted in millions in U.S. victim losses. A reward of up to $750,000 is offered for information on Bosogioiu, who allegedly participated in the scheme as a key member. Both Popescu and Bosogioiu are wanted by the Federal Bureau of Investigation (FBI) on charges including conspiracy to commit substantive crimes - wire fraud, money laundering, passport fraud and trafficking in counterfeit service marks - as well as substantive wire fraud and money laundering charges. (via Rewards for Information on Nicolae Popescu and Dumitru Daniel Bosogioiu)

  • FBI added Popescu to its Cyber’s Most Wanted list. Launched in 2013, this list highlights the most egregious cyber crimes committed on a global scale. Cyber threats are now considered a top national security threat to the United States.
  • Congress established the TOC Rewards Program in 2013 in order to assist efforts to dismantle transnational criminal organizations and bring their leaders and members to justice. The U.S. Department of State’s Bureau of International Narcotics and Law Enforcement Affairs (INL) manages the program in coordination with other U.S. federal agencies. It is a key element of the White House Strategy to Combat Transnational Organized Crime.
  • More information about Popescu and Bosogioiu is available on the Transnational Organized Crime Rewards Programwebsite. Anyone with information on these individuals should contact the FBI via the Major Case Contact Center at 1-800-CALLFBI (225-5324), or the nearest U.S. Embassy or Consulate. You may also submit a tip online. All information will be kept strictly confidential.
youtube

What will the future be like? Could it be a truly connected universe where we can express the full power of our imagination? Or will cybercrime plunge us into chaos? Kaspersky Lab lets you choose how your new world will be. You create it, we protect it. ‪#‎powertoprotect‬

Learn more! 

Unsung heroes of T&T Cyber-security

Unsung heroes of T&T Cyber-security

Antonio Ventour, Bankers Association of Trinidad & Tobago, Roshan Mohammed, CipherQuest, Vashti Maharaj Head Legal, Min Science & Technology, Amos Sylvester, TTPS CCU. Photograph by Shiva Bissessa

Shiva Bissessar attended two sessions of the 2014 ICT Symposium and returned with this story about an some unsung heroes of the earliest days of national cyber-security management.

Inspector Amos…

View On WordPress

Our lives are going digital. We shop, bank, and even date online. Computers hold our treasured photographs, private emails, and all of our personal information. This data is precious—and cybercriminals want it. Now, NOVA goes behind the scenes of the fast-paced world of cryptography to meet the scientists battling to keep our data safe. They are experts in extreme physics, math, and a new field called “ultra-paranoid computing,” all working to forge unbreakable codes and build ultra-fast computers. From the sleuths who decoded the world’s most advanced cyber weapon to scientists who believe they can store a password in your unconscious brain, NOVA investigates how a new global geek squad is harnessing cutting-edge science—all to stay one step ahead of the hackers.