IRS hack: Questions ‘only you know’ easy to answer

Source: National Cyber Security – Produced By Gregory Evans

SAN FRANCISCO – The hackers who got access to over 100,000 personal records through the Internal Revenue Service’s Get Transcript site didn’t need all that much information to break in, say experts. The IRS said Tuesday that cybercriminals used personal data obtained from elsewhere to get into the transcript service, which allows users to view tax account transactions, line-by-line tax return information and wage and income reported to the IRS. To access that information, a legitimate user–or a thief–required a name, Social Security number, date of birth, filing status (single, married, etc) and a street address. Next they needed to answer several personal identity verification questions “that only you can answer,” in the words of the IRS site. These are known as knowledge-based authentication, or KBA, challenges. They came from a service offered by the credit bureau Equifax, according to security writer Brian Krebs. Those included information such as a prior address or phone number or car or home loan information. Users had to supply the correct answer to four such questions. The problem is, that type of data is readily purchased on the Internet underground, where vast databases containing fully built-out portfolios on tens of thousands of people can […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post IRS hack: Questions ‘only you know’ easy to answer appeared first on National Cyber Security.

View full post on National Cyber Security

Cyber Detectives, Nation’s First Interactive Exhibit on Cyber Security, Opens at the Tech Museum of Innovation

Source: National Cyber Security – Produced By Gregory Evans

AN JOSE, CA, May 29, 2015 (Marketwired via COMTEX) — The nation’s first interactive exhibition about Cyber Security will open at The Tech Museum of Innovation in San Jose next week. Cyber Detectives, presented by Palo Alto Networks, is aimed at empowering visitors with the tools to stay safe in a digital age. Visitors will learn how to crack codes, spot scams and prevent crime like a cyber security pro by solving puzzles and completing missions. “You won’t find an experience like Cyber Detectives anywhere in the world,” said Tim Ritchie, President and CEO of The Tech. “Our exhibits team dove into the core of what it means protect yourself and your community online. Everyone who walks through our doors will gain the skills and knowledge necessary in the online world.” The experience starts in a training zone where visitors will learn through games how to create strong passwords, detect malware, spot phishing scams, protect networks and understand the basics of encryption. These skills are tested in subsequent missions to prevent cyber crime and catch cyber criminals. “Prevention of tomorrow’s cyber breaches begins with the education of today’s youth,” said Rick Howard, chief security officer at Palo Alto Networks. “Cyber […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post Cyber Detectives, Nation’s First Interactive Exhibit on Cyber Security, Opens at the Tech Museum of Innovation appeared first on National Cyber Security.

View full post on National Cyber Security

IRS $50M Cyber Security Scandal Stretches to Russia

Source: National Cyber Security – Produced By Gregory Evans

A major attack this year by cyber security criminals on the computer network at the U.S. Internal Revenue Serviceoriginated in Russia, sources confirmed to Fox News late Wednesday. The Associated Press has also cited two anonymous sources who reported the IRS believes the hackers are part of a sophisticated criminal operation in Russia. Neither report connected the attack to the Russian government. But both pointed out that this is not the first time that the IRS has been successfully breached by cyber thieves. Taxpayers whose accounts were accessed will be notified and provided with credit monitoring services, the IRS said. The IRS inspector-general reported in 2012 hackers managed to manipulate the IRS system into sending 655 tax refunds to a single address in Lithuania. Another 343 tax refunds were sent to another address, this one in Shanghai. Following these attacks, system administrators tweaked the network safeguards to block other hackers. This year’s attack began sometime in February, according to the report, and continued until mid-May. So far, the thieves have stolen at least $50 million in fraudulent tax refunds. That figure does not include the cost of tracking the breach, nor the expense involved in fixing it and preventing future attempts. […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post IRS $50M Cyber Security Scandal Stretches to Russia appeared first on National Cyber Security.

View full post on National Cyber Security

The 3 Best Hacking Techniques To Create A Security Breach

Source: National Cyber Security – Produced By Gregory Evans

I find that good, law-abiding citizens are fascinated by what I do. I’m a penetration tester, a.k.a. “white hat” or “ethical” hacker. In other words, companies hire me to break into their systems for a living to demonstrate where there are vulnerabilities. (I can’t believe I get paid for doing this!) If you want to avoid a cyber security breach at your company, I recommend that you understand – and guard against – three hacking techniques that your enemies (the “black hat” hackers) use every day. First, let’s set the stage. Let’s say that your company is Big Boxes 4U, a major mass-market retailer with more than 1,500 locations in the United States. Your innovative designer partnerships, high-quality product mix, and great customer service have earned you a loyal customer following. You capture customer information every day at the point of sale, including both in-store and online purchases. The result is a central database that houses a collection of valuable customer information that gives insight into how your customers shop, what they buy, and what products and services they prefer. Just as you value this information, so do hackers. Here’s how they create a cyber security breach. Hacking Technique #1: […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post The 3 Best Hacking Techniques To Create A Security Breach appeared first on National Cyber Security.

View full post on National Cyber Security

How a growing cyber attack industry is good news for investors

Source: National Cyber Security – Produced By Gregory Evans

Whilst cyber attacks continue to make the news, a new report published by Capital News Desk suggests that around 70 percent of organizations choose to keep their security incidents quiet. It also reveals that around 73 percent of large organizations have been infiltrated by attacks. It’s newer technologies like BYOD and the cloud that are seen as the biggest threats along with cyber crime. In an effort to combat these attacks worldwide information security spending is expected to reach $94.8 billion by the end of this year. By 2019 the cyber security sector is forecast to be worth $155 billion. The US government has budgeted $14 billion for cyber security in 2016 with the Pentagon alone requesting $5.5 billion for cyber defense. This boom in security is good for investors though and has led to venture capitalists seeking out companies in the sector. More detail is available in an infographic reproduced below. Source: Beta News 

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post How a growing cyber attack industry is good news for investors appeared first on National Cyber Security.

View full post on National Cyber Security

Here’s How Kaspersky Aims To Solve The Cyber Security Challenges Of Smart Cities

Source: National Cyber Security – Produced By Gregory Evans

Narendra Modi’s concept of smart city may soon be redefining the living standards of people across the country. An ideal city enriched with niche of every possible thing is what it aims for. However, the notion being very topical, many organizations are working on intelligent solutions to make urban areas energy efficient, comfortable, environment-friendly, and physically safe. Unfortunately, far fewer are considering the cybersecurity of these smart cities. The more IT organizations involved in creating a smart city, the greater the potential risk. If security is not addressed early on, the cost and complexity of a smart city could make it difficult to address problems. In the end, the city would be left vulnerable. One such solution is provided by a new not-for-profit global initiative, Securing Smart Cities. As per the press statement, this venture is backed by leading IT security researchers, companies and organizations, including IOActive, Kaspersky Lab, Bastille, and the Cloud Security Alliance. The aim is to solve the cyber security challenges of smart cities through collaboration and information sharing. The group will serve as a communications node for companies, governments, media outlets, not-for-profit initiatives, and individuals across the world involved in the creation, improvement, and promotion of […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post Here’s How Kaspersky Aims To Solve The Cyber Security Challenges Of Smart Cities appeared first on National Cyber Security.

View full post on National Cyber Security

How IBM Watson Is Helping To Fight Cyber Crime

Source: National Cyber Security – Produced By Gregory Evans

If it feels as though your online existence is under constant threat from hackers and cyber thieves, you’re not imagining it. According to AV-TEST, an independent IT security institute, every day over 390,000 malicious programs are released into the wild with the aim of infiltrating computer networks, stealing trade secrets and personal data. So how is it that Amir Husain, founder of SparkCognition, is hopeful when so many of us feel so helpless? He believes network security software is entering a new, more powerful age, one that’s enabled by artificial intelligence and IBM Watson. We caught up with Husain to discuss what his new model for network security entails. Warner: SparkCognition is causing quite a stir in the online security world. Can you talk a bit about your mission? Husain: We’re solving problems with the industrial Internet and with cyber security. For the former, we work with large manufacturers and energy companies that need a better way of getting a handle on machine prognostics that can predict when systems will fail. For cyber security, we apply our algorithms to a massive body of information, what we call a cognitive security depository. It’s a very large collection of honey pot systems […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post How IBM Watson Is Helping To Fight Cyber Crime appeared first on National Cyber Security.

View full post on National Cyber Security

Other voices: The fight over NSA spying

Source: National Cyber Security – Produced By Gregory Evans

Congressional negotiators are scrambling over the Memorial Day recess to rustle up the votes required to pass legislation to rein in the National Security Agency’s bulk collection of phone records but preserve the government’s domestic surveillance program. This race against the clock would never have become necessary — and shouldn’t have — but for a group of senators intent on scuttling sensible legislation authored by U.S. Rep. Jim Sensenbrenner (R-Wis.). Sensenbrenner’s USA Freedom Act would end the government’s massive eavesdropping program revealed two years ago by whistle-blower Edward Snowden. His bill overwhelmingly passed the House but fell three votes short of the 60 needed for passage last week in the Senate. Sen. Rand Paul (R-Ky.), whose hours-long monologue on Friday made passage impossible, wants to go farther: He has vowed to block reauthorization of the bill until the Senate votes to end the section of the Patriot Act used by the NSA to justify the dragnet of phone records. But Paul, a presidential candidate who has used his filibustering to raise funds for his campaign, is wrong. The better course (though less lucrative for his campaign) would have been simple support for Sensenbrenner’s bill. The USA Freedom Act represents a […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post Other voices: The fight over NSA spying appeared first on National Cyber Security.

View full post on National Cyber Security

Car Hacking: Consumer Reports Calls On Members To Pressure Congress For New Mandatory Protections

Source: National Cyber Security – Produced By Gregory Evans

In an email blast to subscribers today filled with ominous warnings, Consumer Reports, the nation’s biggest consumer watchdog and advocacy organization, called on its members to write  congress looking for more government-mandated security for car-based computer systems. Citing a report released back in February by Senator Ed Markey (D-Mass.),  Consumer Reports said “auto companies are failing to secure their wireless systems against privacy intrusions and, in some cases, even sharing personal vehicle information such as where drivers parked with third parties.” CR asked its members (it has more than 6 million, but its unclear how many got the note) to fill in a form letter that would automatically be sent to congress. “Something this important should not be left to each auto maker on a voluntary basis. Just as seat belts are mandatory, so should computer security be mandatory. I strongly urge Congress to mandate standards to protect the data, security and privacy of drivers,” the form letter, signed by CR’s Vice President Chris Meyer reads, in part. The full note—filled with dire warnings (“What if someone could take control of your car’s brakes, steering system or instrument panel by hacking into one of your car’s computerized systems?”) — is […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post Car Hacking: Consumer Reports Calls On Members To Pressure Congress For New Mandatory Protections appeared first on National Cyber Security.

View full post on National Cyber Security

Hacking With Pictures; New Stegosploit Tool Hides Malware Inside Internet Images For Instant Drive-by Pwning

Source: National Cyber Security – Produced By Gregory Evans

Go online for five minutes. Visit a few webpages. How many pictures do you see? With the media rich nature of the web, chances are your answer is in the hundreds. It is in this space the future of malicious cyber attacks could be embedded. In a presentation at Hack In The Box in Amsterdam, Net Square security researcher Saumil Shah demonstrated an updated method of his digital steganography project, Stegosploit, which involves embedding executable JavaScript code within an image to trigger a drive by download. In plain speak, this means virtually any picture you view on the web, even without clicking on it or downloading it, could potentially contain malware. Upon viewing the image, the hidden program would automatically load on your computer or mobile device without your consent. That malicious software could then do a variety of nasty things from taking control of your device to stealing data, photos, login credentials, sensitive personal and financial information and more. The best part of all, antivirus and malware detection scanners are not, at this time, equipped to detect these kinds of attacks, rendering your safety net completely useless. While using steganography to convey hidden messages is nothing new, the attack […]

For more information go to http://www.NationalCyberSecurity.com, http://www. GregoryDEvans.com, http://www.LocatePC.net or http://AmIHackerProof.com

The post Hacking With Pictures; New Stegosploit Tool Hides Malware Inside Internet Images For Instant Drive-by Pwning appeared first on National Cyber Security.

View full post on National Cyber Security

Page 1 of 2,37212345»102030...Last »

My Twitter

Gregory D. Evans On Facebook

Get The New Book By Gregory Evans

Everyone Is Talking About!

Are You Hacker Proof?
$15.95

Find Out More, Click Here!