Monthly Archives2014 December

Source: Zdnet

http://www.zdnet.com/article/microsoft-is-building-a-new-browser-as-part-of-its-windows-10-push/

United States investigators have concluded that North Korea orchestrated the late November network intrusions that compromised sensitive personal data for tens of thousands of Sony Pictures employees, according to The Wall Street Journal.

Officials are “still gathering evidence and are trying to build a clearer picture of who directed the hacking and how,” the Journal stated, citing unnamed sources “familiar with the investigation.”

ABC News also reported earlier on Tuesday that U.S. officials believed an elite North Korean hacking unit was behind the attack. Investigators traced the intrusions into Sony’s computer network, saying they were “routed through a number of infected computers in various locations overseas, including computers in Singapore, Thailand, Italy, Bolivia, Poland, and Cyprus,” ABC News reported.

Revelations about the scope of the Sony Networks hack appeared in early December when unknown hackers calling themselves the “Guardians of Peace,” or “GOP,” began posting stolen files to the Internet. Among the private data that was stolen and posted online were some 47,000 Social Security numbers belonging to Sony employees—and famous Hollywood stars.

The Journal reported that U.S. investigators “strongly suspect” that the attack was carried out by a North Korean government-backed hacking group known as Unit 121, or alternatively as Bureau 121, which is part of the government’s General Bureau of Reconnaissance and is believed to have been behind cyber attacks aimed at South Korea.

Earlier this month, Re/code reported that North Korea was behind the attack, but thus far, Sony and its security consultants have pointedly refused to confirm that, while North Korea has denied its involvement.

The Journal reported that U.S. officials were concerned over the diplomatic implications of revealing their findings in the Sony hack investigation.

“Within the U.S. government, there has been an internal debate in recent days about when and how to … reveal that belief publicly, because doing so could complicate relations with Japan, and raises the difficult question of how the U.S. should respond to an aggressive act by a foreign government,” the newspaper reported.

The supposed motive for North Korea was anger over The Interview, a Sony Pictures comedy in which bumbling journalists are enlisted by the CIA to assassinate North Korean leader Kim Jong-un.

Earlier this week, the GOP tied the Sony hack to outrage over The Interview.

An email purportedly sent by the Guardians of Peace warns moviegoers to “remember the 11th of September 2011,” and threatens a “bitter fate” to those who attend screenings of The Interview, which is slated to open on Dec. 25 in the United States—though Sony has reportedly considered cancelling that launch date in light of the threats.

The message, published by Fusion.net, was posted on Pastebin and was “accompanied by links to torrent files, similar to the batches sent out on several prior occasions,” Fusion.net said.

http://www.pcmag.com/article2/0,2817,2473854,00.asp

Shred sensitive documents, power up your passwords, stay alert for frauds—these are all good ideas. But even if you do everything possible to stop attempts at stealing your identity, there’s always a chance you’ll take a hit. Maybe you slipped up, or maybe the breach was totally out of your control. No matter how it happened, the moment you realize you’ve been hit with identity theft, there are three things you need to do immediately.

1. Place a Fraud Alert
The Federal Trade Commission offers a fantastic resource for victims of identity theft. It’s also a useful site for those who simply want to know more about the problem and its solutions. According to the FTC, your very first step is to place an initial fraud alert with one of the three big credit reporting agencies: Equifax,Experian, or TransUnion. You only have to place the alert with one of them; the one you choose will pass along the alert to the others. However, the FTC recommends that you confirm that your information should be shared.

Placing this initial fraud alert makes it harder for the thief to set up new accounts in your name. Before extending new credit, a business must contact you and verify your identity. After 90 days, the fraud alert expires. Information from the FTC suggests marking the expiry date on your calendar, so you can renew it if you haven’t resolved your identity problems.

2. Order Credit Reports
You probably know that you’re entitled to an annual free credit report from each of the three agencies. Placing the fraud alert on your file entitles you to a set of three reports even if it hasn’t been a year since your last request.

Don’t go to annualcreditreport.com for this request, and definitely don’t go to one of the look-alike sites that try to make you pay for free reports, or try to steal your identity. You’ll need to contact the three agencies directly. They’ll be able to see that you did indeed file a fraud alert, and will then release the report.

3. File an Identity Theft Report
Identity theft has been a federal offense since 1998. It’s a crime, and you should report it to the police, but there’s more you can do to protect yourself. By combining a government affidavit about the crime with that police report, you create an official Identity Theft Report, which gives you certain important rights.

Fill out an identity theft complaint on the FTC’s website, and include all the details that you know about what happened. When you’ve finished, print the resulting affidavit and take it along when filing the police report.

The report will help you recover from identity theft. It allows you to have fraudulent data removed from your credit report. If businesses are breathing down your neck about collecting debts you didn’t incur, it can put them on hold and prevent them from selling the debt to a collection agency. And you may be able to get information about accounts the thief opened in your name.

You can also place an extended fraud alert, which is a level up from the initial fraud alert mentioned earlier. This alert gets you two free credit reports per year from the three agencies, and it enjoins them to take your name off marketing lists for prescreened credit cards for five years. This is not the same as a credit freeze, which blocks all access to your credit report but generally requires a small payment to each of the agencies.

Going Forward
Taking these three steps as soon as possible should limit the damage an identity thief can do, but it’s only the beginning. The FTC suggests keeping a log of every communication related to your identity theft, whether it’s via mail, email, or phone. You’ll definitely get a lot of use from the agency’s Repairing Identity Theft instructions. Among other things, you can find sample letters and forms, a statement of victims’ rights, and instructions for repairing your credit. Identity theft is definitely a violation, but by following the correct steps you can limit the damage and go on to recover.

BY NEIL J. RUBENKING

DECEMBER 3, 2014

http://www.pcmag.com/article2/0,2817,2472998,00.asp

Talk about quick reflexes. Apple’s new patent could allow future iPhones to automatically safeguard themselves whenever they’re headed toward the ground.

A new USPTO listing shows that Apple has secured the rights to a “protective mechanism for an electronic device,” which would work with the iPhone’s motion sensor and processor to adjust the product’s weight distribution in the midst of a drop.

The patent outlines “a method of protecting a vulnerable area of an electronic device during freefall,” in which the device detects its state of freefall, estimates the distance of the surface below and automatically shifts itself in order to land on, say, one of its edges rather than its shatter-happy screen.

The patent mentions a number of ways in which this “protective mechanism” could work, including some sort of movable mass within the device that would slide around to change the way your smartphone lands on the ground. The filing also makes note of a “thrust mechanism” that would use bursts of gas to reorient the device, as well as a mechanism that would automatically contract a device’s physical buttons during a state of freefall.

While the patent doesn’t apply exclusively to Apple’s iPhone, its description notes that the mechanism is built primarily with mobile devices in mind. Many of the patent’s images show an iPhone-like mockup, though one sketch of a laptop suggests that the technology could come to the company’s MacBooks.

Source: toms hardware

http://www.tomsguide.com/us/apple-iphone-drop-proof-patent,news-19972.html

You can teach an old dog new tricks, provided that dog is a powerful and infamous type of malware. The Citadel Trojan now steals master passwords from the password-management applications Password Safe and KeePass, as well as the enterprise authentication solution Nexus Personal Security Client.

Once it’s infected a computer, Citadel waits until one of these programs is launched, logs keystrokes to steal the master passwords, giving the attackers to every account protected by the password manager. Fortunately, while the Citadel Trojan is widely distributed, this password-seeking variant probably is not.

Many security experts recommend use of password managers to ensure that each of an individual’s online accounts have strong, unique passwords. It’s a lot easier to have the program remember dozens of long, complicated passwords, especially when all you have to remember is the master password that unlocks the password manager.

However, password managers also create a single point of failure. If the user forgets the master password, he loses access to every covered account; if an attacker manages to learn the master password, she gets access to all those accounts.

The fact that Citadel can do this isn’t the fault of the password managers. Any typed information can be stolen by a keylogger. But master passwords are the crown jewels of passwords, compromising many accounts in one fell swoop.

The Citadel Trojan is primarily a banking Trojan used by multiple online criminal groups. Once it has infected a PC, Citadel connects to a remote server, called a command-and-control server, via which attackers can send it specific commands and updates.

This variant of Citadel Trojan was discovered on a single PC by data-security company IBM Trusteer, which said the PC in question was infected with the Citadel variant before Trusteer’s security software was installed on it.

Trusteer guessed that the Citadel variant may be part of a targeted attack, one meant for a specific person or group of people. Nevertheless, the fact that the variant can target third-party password managers (instead of browser-based password vaults, as has been more commonly seen in malware) may represent a significant new trend.

“[The Citadel variant] might be an opportunistic attack, where the attackers are trying to see which type of information they can expose through this configuration, or a more targeted attack in which the attackers know that the target is using these specific solutions,” writes Dana Tamir, Trusteer’s director of enterprise security, on IBM’s security blog Security Intelligence.

IBM Trusteer researchers found three new processes in the Citadel software: Personal.exe (which targets the Nexus Personal Security Client), PWsafe.exe (which targets Password Safe, an open-source password manager created by encryption expert Bruce Schneier), and KeePass.exe, which targets KeePass, also an open-source password manager.

Source: Toms Hardware

http://www.tomsguide.com/us/citadel-trojan-password-managers,news-19942.html