|
| |
Posts Tagged ‘Online Security’
Thursday, February 16th, 2012
It seems that at least once a month we are reading a story about another large company being the victim of hacking. Reports on computer hacking into customer databases of large companies is becoming common news.
The latest victim is Microsoft’s online retail store serving India. Yes, computer giant Microsoft can’t even protect the personal data of its customers. That is scary!
I resisted online shopping for many years for this very reason. Occasionally, I am forced to make purchases online, but I am never comfortable doing so. It is obvious that large corporations are not doing enough to protect the personal information of their customers.
Todd Thiemann, product specialist at encryption company Vormetric, says, “As we saw with Sony, Stratfor, Zappos and others, hackers value this information and are selling it on a thriving black market to others focused on identity theft.” “Companies need to rethink how to value and protect customer data.”
On Feb 13, Microsoft took it’s Store India off line after word got out that the site’s customer database had been hacked. A group referring to itself as “Evil Shadow Team” took credit in a blogpost written in Mandarin.
Evil Shadow’s self-proclaimed leader, who refers to himself as 7zl, told Reuters the data had been found unencrypted on the website. On the blog post, 7zl declared himself to be a “patriotic hacker.”
In a statement to Reuters by a Microsoft spokeswoman, she said, the company is “investigating a limited compromise” of the company’s online store in India. “The store customers have already been sent guidance on the issue and suggested immediate actions.” “We are diligently working to remedy the issue and keep our customers protected.”
In addition, the hackers have released user name and password combinations that were saved in plain text by Microsoft. “Storing this data in clear text is playing with fire,” says Thiemann.
I have to ask the obvious question – why wouldn’t this computer giant have (and use) the resources and knowledge to encrypt sensitive data and not store data in clear text? (more…)
Tags: computer hacking, crime, Electronic Countermeasures - Debugging, identity theft, Online Security
Posted in Crime News, Electronic Countermeasures - Debugging, hacking, National News, Security, Technology, U-Spy Store | No Comments »
Wednesday, February 8th, 2012
How would you feel if you installed a security camera video system in your home for protection only to find out your private activities are being viewed live on the internet?
Video feeds from some home user’s Internet security cameras — including children’s rooms and bathroom scenes — are being seen by others around the world because of a coding error that is part of the camera’s software.
I would not want to be the programmer that has to explain this problem.
TrendNet security camera’s flaw was discovered after word of some shared footage spread on various message boards and blogs in the past month.
The BBC reported that messages about the flaw included the following:
“Someone caught a guy in Denmark (traced to ip) getting naked in the bathroom.” Another said: “I think this guy is doing sit-ups.”
One user wrote, “baby spotted,” causing another to comment, “I feel like a pedophile watching this.”
California-based TrendNet told the BBC that it’s in the process of releasing software updates to fix the problem, which it learned about on Jan. 12.
The company is also emailing those owners who registered their cameras. It’s not clear how many are affected. A company spokesman said it could be fewer than 1,000 consumers in the United Kingdom and globally “most likely less than 50,000.”
That’s a lot depending on how many people decide to file lawsuits. With The U.S. being such a litigious society, you can just see the lawsuits mounting now – depending on how many U.S. customers were affected.
Tech website The Verge wrote an extensive report about the exploit last Friday.
The vulnerability was first noted on a Jan. 10th blog said the BBC:
- The author discovered that after setting up one of the cameras with a password, its video stream became accessible to anyone who typed in the correct net address.
- In each case, this consisted of the user’s IP address followed by an identical sequence of 15 characters.
- The writer then showed how the Shodan search engine (which specializes in finding online devices) could be used to discover cameras vulnerable to the flaw.
TrendNet plans to have revised firmware available this week. The company posted the following warning on its website on Monday informing users of the specific camera models and versions that have the flaw:
It is TrendNet’s understanding that video from select TrendNet IP cameras may be accessed online in real time. Upon awareness of the issue, TrendNet initiated immediate actions to correct and publish updated firmware which resolves the vulnerability.
“We are scrambling to discover how the code was introduced and at this point it seems like a coding oversight,” a company spokesman told the BBC.
Read story@ msnbc
Tags: cameras, invasion of privacy, Online Security, privacy, spying, Video Security, voyeur
Posted in "Hmm.", hard to find security equipment, Home Surveillance, Home, Personal & Travel Security, Online Security, privacy, Technology, U-Spy Store, U-Spy Surveillance Equipment, Video Security | No Comments »
Wednesday, January 18th, 2012
It is becoming increasingly challenging for companies to stay one step ahead of cyber-criminals. A book on “Vulnerability Management for Dummies” isn’t likely to be very helpful. Given the level of sophistication of the constant attacks plaguing large companies and individuals, you would need a Master’s degree in computer programming at minimum.
Cyber-criminals have now devised a malware designed to infiltrate portable documents, commonly known as PDF. Generally, malware is intended to be intercepted by antivirus software.
Defense analysts cited in online commentaries said the PDF attacks were aimed at corporate and government institutions and were part of sophisticated schemes aimed at stealing information from systems otherwise thought to be secure and protected by firewalls.
Several corporate sources confirmed defense organizations were targeted in the attacks. The attackers appear to be nicely funded and the attacks could come from an unknown country or corporate entity – making it more difficult to track the offenders.
News of the latest cyber-threat coming through PDF files followed warnings from computer software company Symantec and comments from defense manufacturer Lockheed Martin, along with software provider Adobe who acknowledged the risks.
Symantec said cyber-criminals are trying to take advantage of the alleged weakness in Adobe’s PDF reading and editing software with the family malware called Sykipot. (more…)
Tags: crime, cyber attack, cyber crimes, Electronic Countermeasures - Debugging, hacking, Online Security
Posted in crime, hacking, Online Security, Technology, U-Spy Store | No Comments »
Thursday, January 12th, 2012
People who have been the victim of identify theft know it can take months or even years to clean up the mess. It is one of the most stressful experiences a person can have. The story I am about to share is very real. A close friend of mine was a victim of such a crime and the fact that resetting that person’s email password was all the thief needed to do to get the ball rolling is scary. This individual didn’t use simple passwords, yet the thief was still successful. Still, you should make your passwords and security questions unique and don’t use the same information for multiple accounts. Make the answers to your questions incorrect – just random information that isn’t even true. You may have to write down this information since all of us have so many accounts – making it impossible to remember everything. But, this minor inconvenience sure beats the major nightmare you will live if your identity is even stolen.
Herbert Thompson is an academic software developer who loves being a geek. He has stolen the identities of several casual acquaintances. In one case he gained access to a bank account in seven very simple steps. He didn’t use any programming tricks – only a little sleuth work.
As part of an experiment and with the permission of some people he barely knew, Thompson stole their identities to demonstrate to the public just how easy it is to gain access to personal data and banking information. His experiment only required some basic surfing for freely available personal data. The following steps show is how vulnerable we all are to security breach. (more…)
Tags: hacking, identity theft, Online Security, privacy, security, theft investigations
Posted in Abuse, hacking, Online Security, privacy, safety, Security, Technology, U-Spy Store | No Comments »
Wednesday, January 11th, 2012
Much has been written about the security concerns of the President of the United States using a Blackberry. President Obama’s use of the device came under fire primarily because he is more willing to embrace technology than previous Presidents and admits to being addicted to the device.
I am no expert on how hackers do their thing, but I find it disturbing when the media/journalists either print or talk of the ways in which national security can be breached. Why would we want to give the crazies of the world any tips on how to breach our national security? Exposing techniques for hacking or eavesdropping on the President of the United States is quite irresponsible – whether you know what you are talking about or not. Even if the concerns are justified, don’t publicize it! Just like I would ask you not to give written instructions on how to make a bomb.
Two such articles attempt to expose the vulnerabilities of the President’s use of a Blackberry (links provided at the end of this story). My head was spinning after reading about the various technologies, the proposed vulnerabilities written by non-security experts, and the comments written by readers explaining why/how it would be virtually impossible to hack into the President’s Blackberry.
Both stories seem more focused on concerns that carrying around a Blackberry places the President at risk because his location could be determined either via GPS tracking of his device or by hackers being able to hone in on which device belongs to the President by discovering the serial number (IMEI) of his device.  (more…)
Tags: eavesdropping, Electronic Countermeasures - Debugging, GPS Technology, hacking, Online Security, security
Posted in "Hmm.", cell phone security, eavesdropping, Electronic Countermeasures - Debugging, GPS Technology, hacking, Mobile Phone Security, Online Security, Technology, U-Spy Store | No Comments »
Tuesday, January 10th, 2012
Facebook has been victimized by security issues. Up to 45,000 Facebook users have been hit by a computer worm which has stolen passwords and login details.
The worm was discovered by an Israeli security firm, Seculert. Evidence of the attacks was reportedly discovered in Seculert’s logs.
The worm, known as Ramnit, was first detected in April 2010, and is described as malware that infects Windows executable and HTML files, stealing information like stored credentials and browser cookies.
When the worm first appeared, it targeted financial institutions. Now, it is targeting Facebook and its 800 million users, especially in Europe. Approximately 69 percent of the 45,000 compromised login details were from Facebook users in Britain, followed by 27 percent in France and 4 percent elsewhere.
PC Magazine reported that a July 2011 report from security firm Symantec said Ramnit was responsible for 17.3 percent of all new malicious software infections.
More than 800,000 machines have been infected with Ramnit since September 2011, though not all have been hit by the Facebook attack.
Seculert said: “We suspect that the attackers behind Ramnit are using the stolen credentials to login to victim’s Facebook accounts and to transmit malicious links to their friends, thereby intensifying the malware’s spread even further.”
The firm went on to say, “Cybercriminals are taking advantage of the fact that users tend to use the same password in various web-based services to gain remote access to corporate networks.” (more…)
Tags: cyber attack, Electronic Countermeasures - Debugging, Facebook Hacking, hacking, Online Security, theft by unlawful taking
Posted in Electronic Countermeasures - Debugging, hacking, National News, Online Security, Technology | No Comments »
Monday, January 9th, 2012
FD HIDDEN DIV
“You could now listen in 100% completely undetected” — that’s the promise one company makes on its website to anyone who wants to eavesdrop on someone else’s cellphone.
Spy technology is now available to the average person who wants to gather cellphone information, read private emails, and track someone’s location using global positioning systems. Experts say that the technologies are being used by spouses and partners to track, harass and stalk. “Technology has just exploded. It’s so sophisticated now and it’s very easy to utilize these different technologies to keep tabs on a person and find out where they’re going,” said Gina Pfund, chief assistant prosecutor of the Domestic Violence Unit in Passaic County.
I have personal knowledge of a woman who was being stalked and believed her ex-boyfriend was entering her home when she was out. She couldn’t understand how he knew each and every time that she wasn’t home. She eventually figured it out – he was tracking her via her cellphone. This is very scary stuff when this type of technology gets into the wrong hands.
The person watching or listening is often a family member and frequently a suspicious or controlling partner. They have scanned Facebook pages, viewed online web-browsing histories, and examined cellphone records for proof. However, some take it a step further, planting spyware on smart phones and computers. (more…)
Tags: cell phone spying, computer spying, eavesdropping, Electronic Countermeasures - Debugging, invasion of privacy, Online Security, security
Posted in Abuse, cell phone security, eavesdropping, Electronic Countermeasures - Debugging, GPS Technology, hard to find security equipment, Home, Personal & Travel Security, Mobile Phone Security, Online Security, privacy, stalking, Technology, U-Spy Store | No Comments »
Friday, January 6th, 2012
Computer security experts have told us that the best way to protect ourselves from an online financial scam is to regularly monitor our bank accounts. Unfortunately, this no longer provides any guarantees, because what you may be seeing on your computer screen may be an illusion.
A new computer virus has been discovered by Israeli-based Security firm Trusteer. This virus not only allows fraudsters to steal money from bank accounts, but it also covers its tracks.
Think of a crime plot involving a spy who plans to break into a high-security building and begins by swapping out security camera video so guards don’t notice anything unusual. Known as a surveillance camera hack, the technique has been demonstrated in many movies.
A new version of the widely prevalent SpyEye Trojan horse works in a similar way, only it swaps out banking Web pages rather than video and prevents account holders from noticing that their money is missing.
The Trojan horse employs a powerful two-step process to commit the electronic crime. First, the virus lies waiting for a customer with an infected computer to visit their online banking site. It then steals their login credentials and tricks the victim into offering additional personal information such as debit card information. After the stolen card number is used for a fraudulent purchase, the virus intercepts any further visits to the victim’s banking site and scrubs transaction records clean of any fraud. This prevents, or at least delays, customers from discovering fraud and reporting it to the bank. This buys the fraudster extra time to complete the crime. (more…)
Tags: crime, Electronic Countermeasures - Debugging, hacking, identity theft, online banking hacking, Online Security, spying
Posted in crime, Electronic Countermeasures - Debugging, hacking, Online Security, Technology, U-Spy Store, U-Spy Surveillance Equipment | No Comments »
Wednesday, January 4th, 2012
The U.S. Department of Defense is holding a Cyber Conference in Atlanta, Georgia from January 20 – 27, 2012.
This program brings together professionals in the following disciplines: Digital Forensics, Forensic R&D, Information Technology, Investigations, and Legal.
Some of the topics include:
- D3 Digital Crime Scene Challenge
- Six People Who Are Changing the World of Security
- U.S. Cyber Challenge
- Forensics
- The Future of Crime
- Computer Crime and Intellectual Property
These are amazing topics! If you are interested, go to: dodcybercrime
Tags: crime, cyber crime training, cyber-crime, hacking, identity theft, investigation, Online Security, spying
Posted in cell phone security, crime, Electronic Countermeasures, Electronic Countermeasures - Debugging, hacking, Intellectual Property Theft, Mobile Phone Security, Online Security, Technology, U-Spy Store | No Comments »
Wednesday, January 4th, 2012
In the old days, spies were just people who physically engaged in espionage or clandestine operations. This made it simpler to find your enemies than in today’s world of high technology. Now, we don’t know if “spies” are in our computers or phones. Surveillance equipment has taken on a whole new meaning.
Wikileaks revealed what it has dubbed “the Spy Files.” These files are a collection of 287 documents that include information about companies that provide different types of surveillance methods including cell phone forensics, spyware, and Wifi interceptions.
Wikileaks founder, Julian Assange says that for “Over a year or longer, SSL certificates have been penetrated by various organized crime groups and intelligence agencies. The entire SSL system, which is the mechanism that guarantees security and anonymity online, has been compromised. SSL is beyond repair.”
In addition, the ACLU has listed a very detailed account of what they consider illegal domestic spying in America. “The FBI, federal intelligence agencies, the military, state and local police, private companies, and even firemen and emergency medical technicians are gathering incredible amounts of personal information about ordinary Americans that can be used to construct vast dossiers that can be widely shared with a simple mouse-click through new institutions like Joint Terrorism Task Forces, fusion centers, and public-private partnerships. The fear of terrorism has led to a new era of overzealous police intelligence activity directed, as in the past, against political activists, racial and religious minorities, and immigrants.”
Read story@ dfinews
Tags: cell phone spying, eavesdropping, Electronic Countermeasures - Debugging, electronic spying, government spying, hacking, invasion of privacy, Online Security, spying, surveillance
Posted in "Hmm.", cell phone security, eavesdropping, Electronic Countermeasures, Electronic Countermeasures - Debugging, hacking, hard to find security equipment, Mobile Phone Security, Online Security, privacy, Technology, U-Spy Store, U-Spy Surveillance Equipment | No Comments »
| |
|
