Tag: Mobile Threats

Report: Cyber Ring Stole Data To Game Stock Market | Reuters

Reuters has the story this morning about a new report out from the folks at FireEye about a cyber espionage ring that targets financial services firms. The campaign, dubbed FIN4 by FireEye, stole corporate secrets for the purpose of gaming the stock market. FireEye believes that the extensive cyber operation compromised sensitive data about dozens of publicly held companies. According to FireEye the victims include financial services firms and those in related sectors, including investment bankers, attorneys and investor relations firms. Rather than attempting to break into networks overtly, the attackers targeted employees within each organization. Phishing e-mail messages led victims to bogus web sites controlled by the hackers, who harvested login credentials to e-mail and social media accounts. Those accounts were then used to expand the hackers reach within the target organization: sending phishing email messages to other employees. The criminals behind FIN4 sought data that could be useful to stock traders, including Securities and […]

Continue Reading

Security Needs Context in IoT| SC Magazine

SC Magazine has a worthy editorial on IoT and security by John Barco, VP of product management at the firm ForgeRock on how Internet of Things (IoT) technologies requires both security and a better understanding of what Barco calls “context.”   “It’s not just about protecting IoT devices but the entire ecosystem, from the customer to the partner, the web page, mobile device, mobile app, the cloud and everything else in between,” he writes. Organizations that do not grasp the complex interactions between static devices, mobile devices and (of course) the cloud risk leaving sensitive, regulated data or intellectual property at the mercy of malicious actors. Barco’s recommendations? More and better user authentication to support IoT use cases outside the firewall, and future-proofing your IoT deployment by eschewing proprietary platforms and technologies. To quote Barco: “open source gives IT a platform it can build on and customize, while open standards offer the flexibility to adapt to future […]

Continue Reading

Customer Support A Weak Link In Two Factor | Ars Technica

Ars Technica has an interesting write-up on an apparently successful compromise of Google’s two-factor authentication technology. Though in this case, the culprit wasn’t any system Google deployed or managed, but a gullible customer support representative working for the victim’s cell phone carrier. According to this post over at Facebook-for-hipsters site Ello.co, Grant Blakeman woke up on a recent Saturday morning to find that his Google account had been hijacked – despite the fact that he used Google’s two-factor authentication to protect access to the account. How? Blakeman enlisted the help of none-other than Mat Honan, whose own struggles with account hijacking became the subject of a much-cited Wired feature article. As with Honan, Blakeman’s valuable three-character Instagram account, @gb, appears to have been the lure for hackers. (Honan’s @mat Twitter account was what lured his attackers.) Read “Researchers sidestep Paypal Two-Factor Authentication.” After a conversation with Honan, Blakeman contacted his cell provider and […]

Continue Reading

White House Cyber Chief: JP Morgan Underscores Critical Infrastructure Risk

The White House’s cyber security czar, Michael Daniel, said the Obama Administration is deeply concerned about the reported hack of systems belonging to banking giant JP Morgan Chase & Co. but sees the incident as part of a larger trend of attacks against U.S. critical infrastructure. Asked about the targeted attack against JP Morgan and other banks and financial institutions, Daniel said that the White House was concerned, but not surprised by the incident. “We have watched for several years the trend of malicious actors in cyber try to figure out how to target critical infrastructure,” he said. “Financial services is critical infrastructure.” The White House was concerned that a major U.S. bank would fall victim to hackers, but sees it in the context of a “broad trend,” rather than an isolated incident, he said. Speaking with Michael Farrell, the Cybersecurity Editor at Christian Science Monitor, Daniel hit on many of the now-common talking […]

Continue Reading

McKinsey: Consumers Want Connected Cars – And Fear Them, Too

The consulting firm McKinsey & Co. has released an interesting report on the future of connected vehicles. But it has some sobering data for car makers: concerns about privacy and the possibility that connected cars could be hacked are major concerns for consumers that could dampen enthusiasm for smart vehicles. The report, “What’s Driving the Connected Car?” finds that connectivity features will be a major driver of car sales in the coming years, with car buyers increasingly accustomed to vehicles that sport sophisticated interactive and networking features. That said: security concerns may hamper the “rapid and broad adoption” of connected vehicle technology. For its report, McKinsey interviewed 2,000 new car buyers in four countries: Brazil, China, Germany and the U.S. The survey found that a quarter of respondents considered connectivity a more important feature than engine power or even fuel efficiency. The firm estimates that connectivity features will become increasingly important selling features […]

Continue Reading
1 23 24 25 26 27 44