Other News

Citing Facebook, Mobile Devices, FTC Updates Online Protections for Kids

The U.S. Federal Trade Commission issued updated rules on Wednesday that will ban online advertisers from tracking the online behavior of children without explicit consent from their parents. In a press conference in Washington D.C, FTC Chairman Jon Leibowitz announced new guidelines for implementing the Children’s Online Privacy Protection Act (COPPA). Among other things, the changes expand the list of information that cannot be collected from children without parental consent to include photographs, videos and audio recordings of children and geo-location information. “Unless you get parental consent, you may not track children and use their information to build massive profiles of online behavior,” said FTC Chairman Leibowitz. The new rules are a major revision to the COPPA rule, which was first passed in 1998. The law is a kind of privacy Bill of Rights and applies to children 13 years old and younger. Speaking at a press conference on Wednesday afternoon, […]

The Good News for Newtown Investigators: Destroying Hard Drives is Harder than You Think

Adam Lanza knew what he was doing. The 20 year-old man, who has been named as the killer of 27 people, including 20 children, six elementary school staff members and his own mother, deliberately destroyed the hard drives to personal computers he used before leaving his home to launch his attack on t the Sandy Hook Elementary School in Newtown, Connecticut. The hard drives are believed to contain valuable clues to Lanza’s online activities and could help establish a motive for the otherwise senseless crime. According to reports from various news outlets, Lanza removed the hard drives and “smashed” them using what’s described as a hammer or possibly a screw driver. The drives are described as “broken into pieces.” A report on CBS quoted an unnamed source that was “working with the drives” as saying that they were “so badly damaged that authorities face a significant challenge in retrieving any data […]

In Iran, New Data Wiping Malware on the Loose

Iran’s Computer Emergency Response Team (IR-CERT) issued a warning on Sunday about a newly discovered malicious program that is erasing hard drives on infected systems in that country – just the latest data-destroying malware to appear there. IR-CERT said that an investigation by its Maher center found that the malware “wipes files on different drives in various predefined times,” including disk partitions and user profiles. However, the malware isn’t widespread and doesn’t appear linked to “other sophisticated targeted attacks,” the alert said – in a possible reference to the Stuxnet and Flame malware, both of which targeted Iranian critical infrastructure. Subsequent analysis by independent security firms confirmed most of the details of the IR-CERT warning. Writing on Monday, Jamie Blasco of the firm Alien Vault said the malware was “just another wiping malware” and “very simple,” and could have been delivered in a variety of ways – from USB drive […]

Tantalizing Clues in Dexter Malware Lead to Mystery Man…and Zeus

The Dexter malware is getting some media attention this week – and not just because the malware shares its name with Showtime’s popular drama about a serial killer by the same name. (Not that those of us tasked to write catchy headlines don’t love stuff like that – ’cause we do.) No, the Dexter virus caught the attention of malware analysts because it infects point of sale (POS) systems like electronic cash registers, kiosks and automatic teller machines (ATMs), rather than run of the mill laptops and desktops. It has also generated some interest because it uses a form of memory dump parsing to steal sensitive data from infected POS terminals, and because its POS malware that is part of a botnet – communicating back to a command and control system and receiving commands – that’s quite unusual and, while its kind of insider baseball for malware geeks, it makes […]

Security Hole in Samsung Smart TVs Could Allow Remote Spying

The company that made headlines in October for publicizing zero day holes in SCADA products now says it has uncovered a remotely exploitable security hole in Samsung Smart TVs. If left unpatched, the vulnerability could allow hackers to make off with owners’ social media credentials and even to spy on those watching the TV using compatible video cameras and microphones. In an e-mail exchange with Security Ledger, the Malta-based firm said that the previously unknown (“zero day”) hole affects Samsung Smart TVs running the latest version of the company’s Linux-based firmware. It could give an attacker the ability to access any file available on the remote device, as well as external devices (such as USB drives) connected to the TV. And, in a Orwellian twist, the hole could be used to access cameras and microphones attached to the Smart TVs, giving remote attacker the ability to spy on those viewing […]