Must-read articles on computer security, including virus alerts and much more!
Chinese firm paid US gov't intelligence adviser
- WASHINGTON (AP) — A longtime adviser to the U.S. Director of National Intelligence has resigned after the government learned he has worked since 2010 as a paid consultant for Huawei Technologies Ltd., the Chinese technology company the U.S. has condemned as an espionage threat, The Associated Press has learned.
Australia foreign minister downplays China air defense zone tension in visit
- By Michael Martina BEIJING (Reuters) - Australian Foreign Minister Julie Bishop downplayed tensions over China's controversial air defense zone, which has also rankled the United States, Japan and South Korea, after meeting her Chinese counterpart on Saturday. "Australia is concerned that there be peace and stability in our region and we don't want to see any escalation of the tensions," Bishop told reporters following four hours of talks with Chinese Foreign Minister Wang Yi. It is in our interests, and indeed in the interests of a number of countries in our region, that there be peace and stability in the East China Sea, the South China Sea, and the region more generally." Bishop said discussion of the ADIZ only took up a "small proportion" of time in talks with Chinese leaders. "Australia's words and actions on the issue of China's air defense zone have damaged the mutual trust between the two sides," state news organization Xinhua reported Wang as saying.
Group charged in PayPal cyber attack pleads guilty
- By Dan Levine SAN FRANCISCO (Reuters) - A group of 13 defendants who had been charged in a cyber attack on PayPal's website pleaded guilty and admitted to the December 2010 attack over PayPal's suspension of WikiLeaks accounts. Following the release of a large amount of classified documents by WikiLeaks, PayPal suspended its accounts so that the anti-secrecy website could no longer receive donations. In retribution, the group "Anonymous" coordinated and executed denial-of-service attacks against PayPal. EBay's PayPal unit is a service that facilitates the electronic transfer of money between parties.
RBS says website briefly disrupted by hackers
- Royal Bank of Scotland said its banking platform was briefly attacked by hackers on Friday, causing problems for some customers trying to access online accounts, just days after a more serious technology crash. RBS said a surge in internet traffic directed at its NatWest website at about 1130 GMT was a deliberate attempt to disrupt its service. Banks typically do not comment on such events, but RBS released a statement to customers after a system crash on Monday left more than 1 million customers unable to withdraw cash or pay for goods. "Due to a surge in internet traffic directed at the NatWest website, customers experienced difficulties accessing some of our sites today ... at no time was there any risk to customers," RBS said.
Microsoft leads disruption of largest infected global PC network
- By Joseph Menn SAN FRANCISCO (Reuters) - Microsoft Corp said on Thursday it had disrupted the largest network of compromised personal computers, involving some 2 million machines around the world, since it stepped up its battle against organized online criminals three years ago. The Redmond, Wash.-based software giant filed a lawsuit in Texas and won a judge's order directing Internet service providers to block all traffic to 18 Internet addresses that were used to direct fraudulent activity to the infected machines. Law enforcement in many European countries served warrants at the same time, seizing servers expected to contain more evidence about the leaders of the ZeroAccess crime ring, which was devoted to "click fraud." Such rings use networks of captive machines, known as botnets, in complicated schemes that force them to click on ads without the computer owners' knowledge. The schemes cheat advertisers on search engines including Microsoft's Bing by making them pay for interactions that have no chance of leading to a sale.
Customer information of JPMorgan's UCard hacked
- JPMorgan Chase & Co. said Thursday that about 465,000 users of a prepaid cash card may have had their personal information hacked. The bank's UCard is used in corporate or government prepaid benefit programs, ...
Microsoft assures international business customers on spying
- By Joseph Menn SAN FRANCISCO (Reuters) - Microsoft Corp pledged late Wednesday to fight in court any attempt by U.S. intelligence agencies to seize its foreign business customers' data under American surveillance laws, one of a series of steps aimed at reassuring nervous users abroad. "We are committing contractually to not turning it over without litigating that issue," Microsoft General Counsel Brad Smith said in an interview. However, Microsoft has turned over data on non-U.S.-based individuals using its email and other services, as required under FISA laws. Microsoft and other companies are suing the government for the right to disclose how frequently that happens.
JPMorgan warns 465,000 card users on data loss after cyber attack
- By David Henry and Jim Finkle NEW YORK/BOSTON (Reuters) - JPMorgan Chase & Co is warning some 465,000 holders of prepaid cash cards issued by the bank that their personal information may have been accessed by hackers who attacked its network in July. The cards were issued for corporations to pay employees and for government agencies to issue tax refunds, unemployment compensation and other benefits. JPMorgan said on Wednesday it had detected that the web servers used by its site www.ucard.chase.com had been breached in the middle of September. Bank spokesman Michael Fusco said that since the breach was discovered, the bank has been trying to find out exactly which accounts were involved and what information may have been compromised.
You have a cooler phone than President Obama
- President Obama, the most powerful man in the world, is stuck with cumbersome and faulty technology that might have been impressive half-a-decade ago. We're talking about his bulky old BlackBerry jam-packed with extra security measures. Yesterday in a speech at the White House, the President joked that the Secret Service doesn't allow him to use an iPhone — even though his daughters Malia and Sasha are addicted to theirs. "I'm not allowed for security reasons to have an iPhone," he told a group of young people.
Facebook, Google, Twitter Users Among the Nearly 2 Million Accounts Hacked by Botnets
- Cyber security firm Trustwave announced on Tuesday that nearly 2 million online accounts have been hacked, compromising the privacy of user of Facebook, Yahoo, Google, Twitter, and payroll service company ADP in nearly 100 countries. According to Trustwave, the violation was likely achieved using keylogging malware, began on October 21, and is possibly ongoing. CNN reports that Trustwave has alerted affected users of the security breach. Trustwave says that roughly 1.58 million website logins, 320,000 email accounts, and several other credentials were stolen.
Microsoft moves to assure international business customers on spying
- By Joseph Menn SAN FRANCISCO (Reuters) - Microsoft Corp pledged late Wednesday to fight in court against any attempt by U.S. intelligence agencies to seize its foreign customers' data under American surveillance laws, one of a series of steps aimed at reassuring nervous users abroad. The maker of the world's most popular computer operating system said it had never turned over any such data under the Foreign Intelligence Surveillance Act and did not believe that authorities are entitled to the information if it is stored abroad. "We are committing contractually to not turning it over without litigating that issue," Microsoft General Counsel Brad Smith said in an interview with Reuters. Smith also said that Microsoft would dramatically increase the amount of encryption it uses for internal traffic, following similar moves by Google Inc and Yahoo Inc in the wake of reports that the National Security Agency had tapped into their facilities overseas without oversight by the Foreign Intelligence Surveillance Court.
Hackers steal 2 million Facebook, Google, Twitter, Yahoo passwords
- It looks as though hackers have managed to swipe user names and passwords from some of the world’s biggest social networking and email platforms… again. Per CNN, security firm Trustwave claims that hackers have stolen more than 2 million Facebook, Google, Twitter and Yahoo user names and passwords through malicious keylogging software that’s been installed in an unknown number of computers. Facebook users have been the biggest victims of the malware so far, as an estimated 318,000 Facebook accounts have been compromised so far along with 70,000 Google-related accounts, 60,000 Yahoo accounts and 22,000 Twitter accounts. Trustwave says that it’s notified all affected companies about the security breach.
Tech Tips: Guide to protecting Internet accounts
- NEW YORK (AP) — Security experts say passwords for more than 2 million Facebook, Google and other accounts have been compromised and circulated online, just the latest example of breaches involving leading Internet companies.
Fingerprint sees touch ID going mainstream for smartphones
- By Mia Shanley and Olof Swahnberg STOCKHOLM (Reuters) - Fingerprint Cards is aiming to sell its identity technology to most of the world's biggest smartphone makers, which are likely to follow Apple in offering touch recognition for mobiles from next year. Apple's September launch of the iPhone 5S was the first smartphone with a fingerprint identity touch sensor, provided by AuthenTec, part of Apple.
2 arrested, bitcoins seized in German fraud probe
- BERLIN (AP) — German police say they have arrested two people and seized illegally generated bitcoins worth more than 700,000 euros ($950,000) in an investigation of computer fraud.
Britain to give all-clear to Huawei security centre
- By Andrew Osborn and Peter Griffiths LONDON (Reuters) - Britain will clear Chinese telecoms equipment firm Huawei to run a UK-based cyber security center if it agrees to tighter rules to allay spying and hacking fears, a person familiar with the matter said on Wednesday. Huawei supplies software and equipment which channels phone calls and data around Britain and has found itself at the center of a debate, particularly in the United States, over whether it is a risk for governments to allow foreign suppliers access to their networks. Last year, the U.S. House Intelligence Committee urged U.S. telecoms companies not to do business with Huawei because it said potential Chinese state influence on the firm posed a security threat. Australia's government upheld a ban in October on Huawei bidding for work on its National Broadband Network, citing security agency advice.
Would you buy a used website from this man?
- The past two months have not been kind to the credibility of Barack Obama and his administration. Millions of cancelations made a mockery of Obama's promise that people could keep their health insurance, and documents uncovered by the media over the past several weeks show that administration officials knew it to be false even while they repeated the claims. But instead of slowing down, the Obama administration is trying to squeeze even more people into this dysfunctional system. This week, President Obama and his White House advisers surveyed the damage done by ObamaCare, and decided that the best solution is... a series of sales pitches.
U.S. concern over Huawei telecoms deal with South Korea
- The heads of two U.S. Senate committees overseeing national security have expressed concern to the Obama administration over a recent network supply deal between China's Huawei Technologies Co Ltd and Washington ally South Korea. South Korea, which hosts some 28,000 U.S. soldiers to deter potential provocation from North Korea, said Huawei's deal to supply mobile network equipment does raise security concerns, but it had no immediate plan to look into the issue. LG Uplus Corp, South Korea's third-largest mobile carrier, added Huawei to its fourth-generation mobile network vendor list in October to boost competition. We don't have any plan to look into Huawei's deal at this point," the official said.
South Africa's Vodacom opens office in Ethiopia, eyes foothold
- South Africa's Vodacom Group opened its first office in Ethiopia on Tuesday, eyeing a foothold in a nation which is the last remaining large market on the continent to maintain a state monopoly in telecoms. Africa's rapidly expanding telecoms industry has come to symbolise its economic growth, with subscribers across the continent totalling almost 650 million last year, up from just 25 million in 2001, according to the World Bank. Ethiopia's state-run Ethio Telecom signed a $1.6 billion deal in July and August with Chinese firms Huawei and ZTE Corp to expand mobile phone infrastructure, including rolling out 4G services in the capital. But Addis Ababa has ruled out liberalising its telecoms sector, saying the 6 billion birr it generates each year is being spent on vital infrastructure projects.
U.S. senator seeks information on carmaker efforts to thwart hackers
- By Jim Finkle BOSTON (Reuters) - A U.S. senator has asked 20 of the world's biggest automakers for information on how they secure their vehicles from cyber attacks, in light of reports by security experts who say they have identified ways to hack into cars. Edward Markey, a Democrat from Massachusetts, asked the companies to respond to a series of questions including how they test electronic components and wireless networks to make sure that attackers cannot gain access to onboard networks. He cited recent research by security experts who uncovered cyber vulnerabilities in cars that they said hackers might be able to exploit to cause them to crash.
A taste of the horrible things to come for Windows XP
- Windows XP is now more than 12 years old but according to data from Net Applications, it is still used on more than 31% of desktop and laptop computers around the world. Those tens of millions of PC users could be in for a very rude awakening next year once Microsoft cuts off support for the aged operating system. Microsoft itself even warned users of the imminent tsunami of viruses and other malware that will inevitably wash over XP stragglers once it stops issuing updates and fixes for the OS. Now, a recently discovered critical zero-day flaw has been acknowledged in a Microsoft support document that could cause serious problems for XP users. “The vulnerability is an elevation of privilege
Terrifying new malware uses sound to spread, doesn’t need networks
- Computer scientists have developed an audio malware prototype that’s capable of establishing communication between devices that do not have an active network connection, Ars Technica reports. Instead, the lab-created malware uses the built-in microphones and speakers to send out a high-frequency signal from an infected computer to a different source. While it has limited use and can only send 20 bits of data per second to up to 65 feet the audio malware concept can still be used to send out significant data, including user and passwords for certain systems. Additionally, the distance can be increased by adding more attacker-controlled devices to repeat the audio signal. The research, published in the Journal of Communications, proves that computers that aren’t connected to
Hacker of Koch Industries website sentenced in Kansas
- A Wisconsin man was sentenced on Monday to two years probation after he admitted taking part in a cyber attack sponsored by the hacker group Anonymous against Kansas conglomerate Koch Industries in February 2011, federal prosecutors said. Eric J. Rosol, 38, also was ordered by the U.S. District Court in Wichita, Kansas, to pay $183,000 restitution for waging the attack on Koch Industries's, which is led by billionaire brothers David and Charles Koch who are prominent contributors to conservative political causes. Americans for Prosperity, a group founded by David Koch, launched an advertising campaign to support the proposed curbs.
Wisconsin trucker sentenced in Koch cyberattack
- A Wisconsin truck driver who joined a cyberattack on Wichita-based Koch Industries was sentenced Monday to two years' probation and ordered to pay $183,000 in restitution for the onslaught that briefly ...
Why 2014 might be the beginning of the end for passwords
- If there’s one legacy Internet protocol that really needs to go, it’s the password. Given how easy it’s become for hackers to decipher most passwords and how annoying it’s become to memorize multiple passwords that all require capital letters, numbers and symbols, it’s only a matter of time before some enterprising tech company comes up with a way to get rid of the password nuisance once and for all. Forbes contributor Amadou Diallo writes that Google and Yubico are working on a USB dongle called the YubiKey Neo that will essentially act as a skeleton key for all of your online accounts. You’ll need to set up a user name and PIN to access the YubiKey but from there the device
International Agents Shut Down Counterfeit Sites in Flashy Sting
- International law enforcers shut down more than 700 online stores selling counterfeit goods in Europe and the U.S. as part of an annual Cyber Monday piracy sting. U.S. Immigration and Customs Enforcement (ICE) issued a press release outlining the successes of the operation, which appears to have borrowed its name from a low-budget action flick sequel: Operation In Our Sites, Project Cyber Monday IV resulted in the seizure of 297 domain names from undercover operations conducted by (Homeland Security Investigations) HSI offices around the country. This is the fourth year that the IPR Center has targeted websites selling counterfeit products online in conjunction with Cyber Monday.
In God we trust, maybe, but not each other
- You can take our word for it. Americans don't trust each other anymore. We're not talking about the loss of faith in big institutions such as the government, the church or Wall Street, which fluctuates ...
Techies vs. NSA: Encryption arms race escalates
- SAN JOSE, Calif. (AP) — Encrypted email, secure instant messaging and other privacy services are booming in the wake of the National Security Agency's recently revealed surveillance programs. But the flood of new computer security services is of variable quality, and much of it, experts say, can bog down computers and isn't likely to keep out spies.
China's Huawei to roll out 4G service in Ethiopian capital
- By Aaron Maasho ADDIS ABABA (Reuters) - Ethiopia's state-run Ethio Telecom said on Thursday it had picked Huawei Technologies Co Ltd , the world's second largest telecom equipment maker, to roll out a high-speed 4G network across the capital Addis Ababa. The introduction of the service is part of a $1.6 billion deal signed in July and August between the Ethiopian firm, Huawei and ZTE Corp., China's second-biggest telecoms equipment maker, to expand mobile phone infrastructure throughout the Horn of Africa country. "In terms of allocation, Huawei will be responsible for the expansion of 4G in Addis Ababa, including other mobile services - the 2G, 3G, IP and the like," Abdurahim Ahmed, Ethio Telecom's head of communications, told Reuters.
CTIA’s stolen smartphone database is complete – but will it curb theft?
- The CTIA on Wednesday announced that the database system for lost smartphones launched by the country’s main mobile operators back in April 2012 is finally complete, beating the initial November 30th deadline by a few days. The database will allow local carriers to block the activation of 4G and 3G smartphones not just in the U.S. but also abroad, as it will also integrate with similar databases from international carriers. But San Francisco district attorney George Gascón believes that the new database will not be that effective. “The UK tried a national registry and has not slowed down thefts,” he told The Verge. Last week, the same Gascón testified that the same carriers who helped build the CTIA database, including
NSA snooping keeps tabs on porn habits of alleged ‘radicalizers’
- A document provided by NSA whistleblower Edward Snowden apparently reveals that the NSA has been keeping track of online sexual activity for certain targets that can potentially “radicalize” others through public speeches, videos and articles in which they express their views against America. In addition to keeping tabs on porn habits, the NSA has also been tracking their lifestyle and money spending, including the use of money from donations for personal expenses for these individuals, The Huffington Post reports. The purpose of such operations is to use available information gathered through online surveillance in order to discredit such individuals and prevent their radical messages from spreading to followers that would have ties with terrorist organizations. Shawn Turner, director of public
Student, worker data at risk at Maricopa colleges
- Private information of millions of current and former students, workers and suppliers at the Maricopa County Community College District was vulnerable to hackers because of security lapses in the district's ...
U.K. PM Cameron wants to block ‘extremist’ websites
- David Cameron, the British prime minister, has recently said in parliament that the U.K. government wants to block Internet access to certain “extremist” Islamist sites, Business Insider reports. On October 23rd, when discussing the measures the U.K. government is taking to combat terrorism, Cameron said that the government has various steps in place to disrupt the extremist narrative, “including blocking online sites,” with the remark apparently being overlooked by the media. However, Cameron did not offer any details on how the government would define “extremism” or how the blocking of such sites would occur and who would oversee the ban. The prime minister has repeatedly said that he wants to change U.K. law to censor more of the Internet, Business
Analysis: U.S. exchanges grapple for solutions to trading glitches
- By Herbert Lash NEW YORK (Reuters) - U.S. security exchanges are feverishly working in the wake of August's Nasdaq trading halt to reinforce a market that too frequently seems to succumb to technology glitches, but these efforts are unlikely to rectify all the weak spots. Making the SIPs more resilient highlights a problem for a market that generally operates exceptionally well, despite a number of high-profile technology failures since early 2012, including Nasdaq's botched handling of Facebook's IPO that May. The more than 50 equity trading venues and their links to hundreds of brokerages, with differing software and numerous order interfaces with the market, have created a system so complex it is vulnerable to failure in countless ways. Monitoring for potential glitches or other application failures has taken on greater importance with the market now geared to trade large volumes of securities in microseconds, said Donal Byrne, chief executive of Corvil, which monitors the performance of trading platform operating systems.
China probe may be aimed at Qualcomm's 4G royalties
- China's anti-trust investigation into Qualcomm, the world's biggest smartphone chip maker, is likely tied to the impending $16 billion rollout of commercial fourth-generation services by China's big telecoms carriers. The probe by the National Development and Reform Commission (NDRC), China's top economic planning body and price regulator, is a likely pre-emptive measure that will allow China's telecom providers to gain leverage in royalty negotiations ahead of the rollout of new high-speed mobile networks, analysts said. China Mobile, China Unicom and China Telecom are investing more than 100 billion yuan ($16.4 billion) in system equipment for the next-generation wireless networks, which are expected to be introduced nationwide over the coming year.
NSA malware reportedly infects more than 50,000 computers worldwide
- The NSA-related cover surveillance operations are further detailed in a report by Dutch publication NRC that claims that more than 50,000 computers worldwide have been infected with NSA-operated malware. The software, hidden in computer networks belonging to organizations such as mobile operators across the globe, can remain dormant for years and be activated at will for personal data collection. The publication says it had access to documents provided by NSA employee turned whistleblower Edward Snowden that prove the agency’s complex hacking operation. According to the report, there are over 1,000 hackers working for a special department inside the agency called Tailored Access Operations or TAO. NSA hackers had apparently infected 20,000 computers with such “Computer Network Exploitation” or CNE programs back in
Palo Alto Networks' revenue jumps as subscriptions rise
- (Reuters) - Security software maker Palo Alto Networks's quarterly revenue jumped 49 percent as subscriptions rose, sending its shares up 8 percent in extended trading. The company's net loss increased to $7.9 million, or 11 cents per share, in the first quarter ended October 31, from $3.5 million, or 5 cents per share, a year earlier. Excluding items, the company earned 8 cents per share Revenue rose to $128.2 million from $85.9 million. Palo Alto Networks sells firewalls that prevent data breaches and block malware and viruses. ...
Special Report: How a Chinese dissident walked into America's culture wars
- By Jonathan Allen (This is the first part of a two-part story.) NEW YORK (Reuters) - In May 2012, Chen Guangcheng, the Chinese dissident, was getting ready to journey to New York after his improbable escape from house arrest. But, as Smith is aware, they tend to disagree strongly with some of his politics.
Enrolling the Homeless in Medicaid Is as Hard as It Sounds
- Medicaid expansion could be extremely beneficial to homeless people, who often have higher rates of alcohol and substances abuse problems, along with chronic diseases like diabetes, cancer and HIV/AIDS. Housing advocates also argue that expanded Medicaid could help reduce homelessness, according to The New York Times. But how do you enroll someone with no phone, no email address, no permanent residence, no income for travel, and no trust in government programs? That's the problem facing housing advocates and social workers, who are trying to help as many people as possible enroll. Currently a lot of Medicaid programs, in addition to income caps, also limit the program to those with disabilities or dependents. For the rest, qualifying for disability insurance means filling out a lot of paperwork — which can be tough for people with mental illness, language barriers and/or low literacy rates, the Kaiser Family Foundation reported last year.
Veteran Injured Saving Woman Who Jumped from Upper Deck at Oakland Colisuem
- On Sunday, a 61-year-old man saved the life of a woman who decided to jump off the third deck of the Oakland Coliseum after the Raiders game. In an attempt to catch her, the life-long Raiders fan suffered serious injuries. She'd be dead now," Sgt. J.D. Nelson of the Alameda County Sheriff's Office told the Associated Press. The incident occurred right after Oakland's 23-19 loss to the Tennessee Titans when, for a unknown reason, a woman jumped from the stadium's third level in section 301.