p According to online-security giant Symantec, over $4 billion in ransom money was paid to hackers in 2013.If you decide to negotiate, how do you improve the decision-making dynamics?One of the major mistakes that enterprises and IT managers make is to assume that negotiation with a hacker is similar to bargaining with an angry business partner or a disappointed customer.The cost of no deal, or WATNA in negotiation terms (Worse Alternative To a Negotiated Agreement), should be considered in three ways:Potential damage to the company's technological infrastructurePotential, and likely, damage to services provided by the company
Whether you re looking to protect your PC or an entire fleet of computers, chances are you ve either considered or have ended up purchasing products from Symantec.In fact, Google s security hacker Tavis Ormandy discovered numerous vulnerabilities in 25 different Norton and Symantec products, and he said they are as bad as it gets.In certain cases on Windows, vulnerable code is even loaded into the kernel, resulting in remote kernel memory corruption.Rather than protecting users from malicious programs, the anti-virus programs could end up helping hackers by making it even easier to target these machines – essentially, a hacker could simply have to attack the software intended to protect a computer, rather than the computer itself.Just emailing a file to a victim or sending them a link to an exploit is enough to trigger it – the victim does not need to open the file or interact with it in any way, Google s researcher said.Google s team looks for zero-day security holes in various products and found issues in antivirus products from Trend Micro in the past.
Cyber security is a rapidly-evolving field, and high-level IT security professionals have a mandate to stay one step ahead by locating and fortifying an organization s vulnerabilities before malicious hackers do.These experts regularly save companies millions in revenue and data breach loss, a high value for any business.To leap into a cybersecurity career, the Cyber Security Hacker & Pen Tester Certification Training offer will set you on track for an incredible 95 percent off from TNW Deals.New threats emerge daily in the digital realm, and your high-level IT security training will ensure avoidance of small oversights which could devastate a company.Through 117 lectures, the Cyber Security Hacker & Pen Tester Certification Training program will put you in command of the tools, techniques, and methodologies necessary to excel in network penetration testing.Develop commanding knowledge of ethical hacking and penetration testing, with practical, real-world tips from leading security experts to help you succeed in your new role.
But this was something else: the people Cristal was haggling with were members of Apt28, aka Fancy Bear.This is the hacking outfit whose past targets include Nato, Georgia’s government, US private military company Academi (erstwhile Blackwater) and, more recently, the World Anti-Doping Agency.Now, the brigade’s focus appeared to have shifted from geopolitically significant objectives to a lucrative corporate victim: Apt28 had stolen a trove of data from a financial services company and was holding it for a Bitcoin ransom.Is it a low period in state-on-state cyberwar?’ They answered: ‘It’s just a little professional project of ours.’”State-funded hackers moonlighting as common cyber-criminals (or, as Reuters suggested in March, cyber-ronins eking a living after government layoffs) are just one of the categories of people enlivening Cristal's job routine.In May 2002, he was part of a negotiating team sent to solve a stalemate in the West Bank: Israeli troops had been laying a month-long siege to the Church of Nativity after suspected Palestinian militants had barricaded themselves inside, together with several Franciscan monks.
The first point addressed by the dynamic duo was that of fears hackers had altered the nation's election results.Both Comey and Rogers stressed to the committee that they had seen no evidence of anyone compromising electronic election terminals to directly influence the outcome, although some voter registration records were obtained.Both men also shot down wild claims by a Fox News analyst – and later tweeted by Commander in Chief Trump – that then-President Barack Obama ordered that Trump and his associates be wiretapped, possibly by British agents at GCHQ.Admiral Rogers agreed, saying that no members of the NSA had been involved in any such shenanigans, and he hadn't seen evidence of such surveillance.Noisy hacking attacks by RussiaA large part of the hearings covered the ongoing investigation into Russian state spies and Putin-sponsored miscreants actively influencing the US presidential election.
Email scams taxpayers should look out forCriminals sometimes take advantage of big events such as the Olympic Games to lure victims into hacks and cyber attacks.It isn't as glamorous as a big sporting occasion, but the US tax season, now in full steam ahead of the April 18 filing deadline, is a prime time for cybercriminals to steal financial information and personal data.When people are concerned about finances they either owe or are owed, it's an opportunity for hackers to fraudulently pose as the tax collector in an effort to carry out phishing attacks, or distribute malware and ransomware.The IRS recently issued a warning on phishing scams targeting US tax payers, many of whom are set to do their taxes over the next month.Now cybersecurity researchers at Microsoft Malware Protection Center have identified some of the last-minute email scams taxpayers should look out for ahead of the April 18 tax deadline.
As the investigation into the Trump campaign’s contacts with Russian intelligence services heats up, the White House has launched what appears to be a concerted effort to minimize the role that Paul Manafort—the former Trump campaign chairman with a long history of ties to allies of Russian president Vladimir Putin—played in Trump’s victory.Last month, Trump told a reporter that Manafort “was replaced long before the election....He was only there for a short period of time.” Just yesterday, press secretary Sean Spicer went even further, preposterously claiming that Manafort had only a short and “very limited” role in the campaign.But previously unreported text messages allegedly hacked from a phone belonging to Manafort’s daughter appear to contradict that spin, and suggest that Manafort remained “very much involved” with the Trump operation even after his resignation in August.During yesterday’s White House press briefing, when asked whether Trump stood by his claims that he wasn’t aware of any contact between his campaign and Russia, Spicer said, “obviously there’s been discussion of Paul Manafort who played a very limited role for a very limited amount of time.”ABC News’ Jonathan Karl then jumped in, pointing out that Manafort did not play a limited role but was, in fact, the chairman of the campaign.
Everything in your home that connects to the internet — and we mean EVERYTHING — is vulnerable to attack.Sure you have antivirus software on your PCs, but what about your smartphones and tablets?What about your Amazon Echo, your home security cameras and your baby monitors?Most people don’t even realize how vulnerable all of these devices can be, and to be honest, you shouldn’t have to worry about hackers breaking into your network and using your Nest Cam to spy on you and record you.That’s where CUJO comes in.This little gadget might look even more adorable than Wall-E, but it means business.
A mischievous band of hackers is reportedly trying to shake down Apple over a large trove of stolen iPhone credentials, including iCloud and other Apple email accounts.The attackers – who identified themselves as ‘Turkish Crime Family’ – are seeking to receive $75,000 in the popular cryptocurrency Bitcoin or the less known alternative, Ethereum.They will, however, also settle for $100,000 worth of iTunes gift cards, Motherboard reports.“I just want my money and thought this would be an interesting report that a lot of Apple customers would be interested in reading and hearing,” a member of Turkish Crime Family told the publication.The hackers have since shared screenshots of their communication with the Apple security team, as well as access to the email address they used to contact the company.The email exchanges further indicate the attackers have also provided Apple’s team with a YouTube video that shows one of the Turkish Crime Family members allegedly logging into the account of an elderly woman, filled with backed-up photos and the ability to remotely purge all content from the device.
An IT expert has been charged with hacking into Kenya's Revenue Authority and stealing $39m (£31m).Alex Mutungi Mutuku, 28, is accused of electronic fraud but he denies any wrongdoing.The prosecution says he is part of an international network stealing money from several state bodies.The government says there is a ring involving expatriates from the United States and other countries, along with police officers and civil servants.A thorough background check on state employees is now being conducted, government spokesperson Eric Kiraithe told the BBC.Other state agencies affected by the alleged hacking include the e-citizen online payment portal where users pay for government services.
Fortunately you’re not powerless, and there are lots of ways to fight back.You don’t need to be a hacker, cracker, or computer savant to protect your laptop.If your computer is slowing down and behaving erratically, you might have a virus or spyware app to contend with (or you might just have a really old computer).If you’ve already got antivirus software set up, then most threats should be blocked, but there’s always a chance that something has crept through—like a freeware app that isn’t what it says it is.If you’re noticing a specific issue or a specific error message, a quick web search will help—a specific removal tool might be available that you can make use of, or there might be specific steps you need to work through to get rid of the threat.On top of that, the old adage to always keep your software updated is still as relevant as ever.
A group of hackers is threatening to wipe data from millions of Apple devices in two weeks if the company doesn’t pay them $150,000.The group, which calls itself Turkish Crime Family, claims to have login credentials for more than 627 million icloud.com, me.com and mac.com email addresses.These are email domains that Apple has allowed for users creating iCloud accounts over the years.Since announcing its plan to wipe devices associated with iCloud accounts, the group claimed that other hackers have stepped forward and shared additional account credentials with them, putting the current number it holds at over 627 million.According to the hackers, over 220 million of these credentials have been verified to work and provide access to iCloud accounts that don't have security measures like two-factor authentication turned on.This was determined by testing the credentials using automated scripts and a very large number of proxy servers to avoid getting banned by Apple, the hackers said.
The leak of nude images stolen from a slew of female celebrities, actors and musicians looks set to continue after a new batch was uploaded to the web appearing to include US cosplayer Jessica Nigri, Walking Dead actor Lauren Cohan and British model Lacey Banghard.On 15 March, the leaks, now dubbed "The Fappening 2.0", started to appear on a number of gossip and little-known pornography websites.There has been multiple arrests, with one 36-year-old called Ryan Collins being jailed for 18 months last year after being found guilty of hacking charges.The full list of Fappening 2.0 celebrities so far:Who is behind the Fappening hacks?The source of the leaks remains unclear, however, some speculate that – like the 2014 "Fappening" – it could be a result of online hacking.
'Turkish crime family' says Bitcoin's also OKHackers who claim to have gained access to over 300 million iCloud and Apple email accounts are threatening to wipe user data unless Apple pays a ransom.The self-styled "Turkish Crime Family" are threatening to remotely wipe data from those millions of Apple devices unless Apple pays it $75,000 in crypto-currency or $100,000 worth of iTunes gift cards before a 7 April deadline.Evidence of the supposed breach is far from conclusive (the hackers provided screenshots of alleged emails between the group and members of Apple's security team to Motherboard) leaving security watchers sceptical about the alleged breach.Several researchers are speculating that the whole thing might be an elaborate bluff.Lee Munson, security researcher at Comparitech.com, commented: "Whether the group has the means to do as it claims is debatable – supposed correspondence with Apple and a YouTube video showing the takeover of an account may well have been faked – but what is not up for debate is Apple’s resolve to not pay a ransom to make the group back down.
A new installment of leaks from WikiLeaks’ so-called Vault 7 cache of secret CIA documents published Thursday hints at the ultra-stealthy techniques the agency has used to spy on the laptops—and possibly smartphones—of Apple users when it can get physical access to those machines.The documents show how the CIA’s spyware infects corners of a computer’s code that antivirus scanners and even most forensic tools often miss entirely.Known as EFI, it’s firmware that loads the computer’s operating system, and exists outside of its hard-disk storage.“The EFI is what orchestrates the entire boot sequence.If you change something before that, you’re controlling everything,” says Karsten Nohl, the founder of Security Research Labs and a well-known firmware hacker.There’s no way of knowing that it’s there, and also hardly any way to get rid of it.”
US authorities are reportedly preparing to bring charges against North Korea, who investigators believe, may have orchestrated the high-profile Bangladesh Bank cyberheist, which saw hackers make away with $81m.Charges are also expected to be brought against Chinese middlemen, who authorities believe, may have helped Pyongyang plan and execute the cyberheist.According to unspecified sources familiar with the matter, the Department of Justice is reportedly in agreement with the assessment of some private cybersecurity firms, which have previously claimed that the bank hack was connected to a North Korea-linked hacker group called Lazarus, also believed to be responsible for the 2014 Sony hack, The Wall Street Journal reported.NSA deputy director Richard Ledgett, speaking at an Aspen Institute roundtable in Washington on Tuesday (21 March), said: "If that linkage is true, that means a nation-state is robbing banks.That is a big deal; it's different."When asked if he thought nation-state actors were now robbing banks, Ledgett responded: "I do," Foreign Policy reported.
The bugs could have allowed hackers to swipe password by attracting users to a malicious websitePassword manager LastPass has hurried to patch a trio of bugs that affect its operation in its extensions for Google’s Chrome and the Firefox browsers.Two bugs were discovered to have affected extensions in Firexfox version 3.3;2, while only a single bug blighted the LastPass browser add-on in Chrome.The bugs were disclosed by Google’s Project Zero security team and detailed how passwords could have been extracted from LastPass if hackers were to exploit them by attracting users to a malicious website then making calls to LastPass application programming interfaces (APIs) or running arbitrary code while appearing as a trusted party.This attack vector would have allowed a hacker to attack the intermediary JS script that sits between the affected browser extension and LastPass’ cloud service, which acts as the storage for its users passwords.“It’s possible to proxy untrusted messages to LastPass 4.1.42 due to a bug, allowing websites to access internal privileged RPCs (Remote Procedure Calls).
The US government may just have inadvertently confirmed the legitimacy of WikiLeaks' recent Vault 7 dump, which allegedly details CIA hacking tools and techniques.The US Department of Justice (DoJ) reportedly wants to keep the now-publicly available alleged CIA documents, out of appearing in an unrelated court case, because they contain classified material.A recent court filing, which is linked to the Paypen case and involves uncovering the scope of the FBI's hacking powers, revealed that when federal public defender Colin Fieman wanted to submit some of the WikiLeaks' CIA documents into court; his attempts were blocked by the US government, Motherboard reported.Fieman allegedly wanted to use the Vault 7 documents to bolster his argument that even a forensic evaluation of the defendant's computer would not help in revealing whether someone planted child pornography on the suspects' system.Using WikiLeaks' CIA documents as exhibits to the court, he allegedly wanted to argue that the US government has "the ability to hack into a computer without leaving any trace," the court filing, written by District Judge Robert J. Bryan, reads.However, the US government did not allow the WikiLeaks documents to be included in the case.
The official Twitter accounts of mainstream US news outlet ABC News and its daily show Good Morning America, were briefly taken over by hackers this week (23 March).The profiles, each with millions of followers, displayed a series of explicit messages left by the culprits.On ABC News, one read: "Shouts to real news" and tagged the account of rival broadcaster, CNN.On Good Morning America, an update added: "Following first 50 people to follow @The6Clerk."@The6Clerk, using the name "Savaged", only recently followed the news organisations, their profile shows.The account was created in September last year but has had little real activity or interactions.
How many hacks will it take before organizations start improving the security of their Twitter profiles?Compromised accounts are a problem that feels like an almost weekly occurrence.Just this morning, hackers took control of accounts belonging to ABC News and Good Morning America, posting a stream of obscenities and fake news to a combined 13 million followers.At about 6 am today, ABC News’ Twitter account started posting Tweets containing the kind of language that suggested it had either been hacked, or someone on the team was having a really bad day.Several of the messages linked to another account, @the6clerk, which has since been suspended by Twitter.The attackers also tweeted that rapper Tyler the Creator had died in a tour bus crash, as well as messages such as “we are totally russian hackers, but we love @POTUS @realDonaldTrump ;),” and “trump is our lord and savior.”