of 172 page(s)
Target's Data Breach Is Going To Cost The Company Even More Than It Previously Thought
August 5, 2014
Target says costs related to its data breach are increasing as sales in the U.S. and Canada lag.
"Since the data breach last December, we have been focused on providing clarity on the Company's estimated financial exposure to breach-related claims," said John Mulligan, interim president and CEO, CFO of Target. "With the benefit of additional information, we believe that today is an appropriate time to provide greater clarity on this topic." And in addition to increasing costs stemming from this data breach, Target also cut its second quarter earnings outlook.
Ron Paul Argues for Clemency for NSA Whistleblower Edward Snowden
August 5, 2014
Former Rep. Ron Paul is has relaunched his petition at Voices of Liberty urging clemency for NSA whistleblower Edward Snowden.
Paul writes: Mr. Snowden made headlines in late spring 2013 when he revealed in a videotaped interview with investigative journalists Glenn Greenwald and Laura Poitras that our federal government has been operating a massive spying program. The revelations have and continue to open our minds to the truth and power of our government. We are being watched and recorded. And we don't have to do anything wrong; individuals can be falsely attacked to derive suspicion...
Visit the Wrong Website, and the FBI Could End Up in Your Computer
by Kevin Poulsen
August 5, 2014
Security experts call it a "drive-by download": a hacker infiltrates a high-traffic website and then subverts it to deliver malware to every single visitor.
t's one of the most powerful tools in the black hat arsenal, capable of delivering thousands of fresh victims into a hackers' clutches within minutes. Now the technique is being adopted by a different kind of a hacker-the kind with a badge. For the last two years, the FBI has been quietly experimenting with drive-by hacks as a solution to one of law enforcement's knottiest Internet problems: how to identify and prosecute users of criminal websites hiding behind the powerful Tor anonymity system.
Synology and the NAS-ty malware-flingers: What can be learned
by Trevor Pott
August 5, 2014
'Security first' gets more NB for little guys
The recent Synology Synolocker issue should serve as a splash of cold water to any vendors in the tech industry that design and sell systems that are largely unattended or unmanaged. As described in The Reg yesterday, Synology NAS boxes are being hit by a Cryptolocker-like piece of malware dubbed Synolocker. Like Cryptolocker, the "ransomware" encrypts all your files and then demands a ransom to unlock them. How did it happen and what should be done?
Researcher says PayPal's two-factor authentication is easily beaten
by Jeremy Kirk
August 4, 2014
A security feature offered by PayPal to help prevent accounts from being taken over by hackers can be easily circumvented, an Australian security researcher has found.
PayPal users can elect to receive a six-digit passcode via text message in order to access their accounts. The number is entered after a username and password is submitted. The security feature, known as two-factor authentication, is an option on many online services such as Google and mandatory on many financial services websites for certain kinds of high-risk transactions. Since the code is sent offline or generated by a mobile application, it is much more difficult for hackers to intercept although by no means impossible.
Microsoft ordered to hand over overseas email, throwing EU privacy rights in the fire
by Zack Whittaker
August 2, 2014
US law can apply anywhere in the world, so long as a technology company has control over foreign data, a court rules.
A US judge has ordered Microsoft to hand over foreign data it stores back to the US, despite allegedly strong privacy protections in Europe to mitigate such processes. The logic of the court is that because the US-headquartered software giant controls the data it stores overseas, its foreign subsidiary companies are just as applicable to US law. US District Judge Loretta Preska in New York said the ruling will be stayed to allow Microsoft to appeal the decision to an appeals court. "It is a question of control, not a question of the location of that information," Preska said in the ruling.
Feds' Silk Road Investigation Broke Privacy Laws, Defendant Tells Court
by Andy Greenberg
August 2, 2014
The Department of Justice sees its takedown of the billion-dollar Silk Road black market as a massive, victorious drug bust.
Ross Ulbricht, the alleged creator of that anonymous contraband bazaar, now wants to cast the case in a different light: as a landmark example of the government trampling privacy rights in the digital world. In a pre-trial motion filed in the case late Friday night, Ulbricht's lawyers laid out a series of arguments to dismiss all charges in the case based on Ulbricht's fourth amendment protections against warrantless searches of his digital property. As early as the FBI's initial discovery of servers in Iceland hosting the site on the Tor anonymity network-seemingly without obtaining a search warrant from a judge-Ulbricht argues that law enforcement violated his constitutional right to privacy, tainting all further evidence against him dug up in the investigation that followed.
Attackers Compromise TOR Network to De-Anonymize Users of Hidden Services
by Mohit Kumar
July 30, 2014
A critical vulnerability in Tor was probably being used to de-anonymize the identity of Tor users, Tor project warned on Wednesday.
115 MALICIOUS ToR RELAYS WERE DE-ANONYMIZING USERS According to a security advisory, Tor Team has found a group of 115 malicious fast non-exit relays (6.4% of whole Tor network), those were actively monitoring the relays on both ends of a Tor circuit in an effort to de-anonymize users. "While we don't know when they started doing the attack, users who operated or accessed hidden services from early February through July 4 should assume they were affected," Tor said.
Feds Gave Tor Project $1.8M While NSA Actively Tried to Destroy It
by Zenon Evans
July 30, 2014
The Tor Project is a great way for people to cover their tracks on the Internet. Because of this, some in the federal government, specifically the National Security Agency (NSA), really dislikes Tor.
So it comes as a bit of a surprise that the project actually received over $1.8 million in federal money last year. The Tor Project, which provides free software to users interested in surveillance- and censorship-resistant web activity, recently released its financial statements and reports for 2013, and sources began taking note yesterday. The documents show that the State Department directly granted the organization $256,900 as part of its mission to fund "international programs [that] support democracy, human rights and labor."
Yes, You Are a Suspect
Common Sense with Paul Jacob
by Paul Jacob
July 29, 2014
Sometimes the Internet makes a mistake.
The other day, one of my favorite websites embedded a Fox News video about NSA spying. Fox News entitles their video "Citizens Treated As Suspects." At the site showcasing Fox's story, though, the headline reads: "The NSA Grabs Information from Non-Suspects; Ninety percent of those spied upon are under no suspicion." Can this be right? When you're treated as a suspect, you are a suspect, aren't you? You're being suspected of ... something. At least of being somebody who might be up to something worth snagging in an all-embracing fishing expedition. If you're not guilty, somebody else leaving comparable data traces is, surely.
Help keep this page up-to-date. Submit a Virus Information News link for inclusion on this page.