Saturday, 4 May 2013

Facebook adds Trusted Contacts Security for Hacked Account Recovery

SOCIAL NETWORK Facebook has launched a security feature called Trusted Contacts to make it easier for users to recover hacked accounts.
Facebook announced the new account recovery feature on Thursday and has already added it for all of its users. The social network explained that Trusted Contacts are essentially emergency contacts for its service, enabling friends to help you regain access to your account if it is compromised or you forget your password.
Facebook advised that you shouldn't pick old school friends that you don't really care about, but instead should choose people "you trust, like friends you'd give a spare key to your house".
A Facebook spokesperson said, "Once you've set up your trusted contacts, if you ever have trouble logging in, you'll have your trusted contacts as an option to help. You just need to call your trusted contacts and let them know you need their help to regain access to your account.
"Each of them can get a security code for you with instructions on how to help you. Once you get three security codes from your trusted contacts, you can enter them into Facebook to recover your account."
"With trusted contacts, there's no need to worry about remembering the answer to your security question or filling out long web forms to prove who you are. You can recover your account with help from your friends."
You can enable Facebook's Trusted Contacts by heading to its security settings, where you can select between three and five friends.
Facebook has long been criticised for its poor security and privacy features, and must be hoping that Trusted Contacts will be appreciated by users who are worried about hackers getting into their accounts.

SpyEye developer 'Bx1' extradited to U.S. facing charges

An Algerian man accused of helping to develop and market a computer program that drained millions of dollars from bank accounts around the world pleaded not guilty Friday to nearly two dozen charges.
A 23-count indictment charges Hamza Bendelladj, 24, with wire fraud, bank fraud, computer fraud and conspiracy. U.S. Attorney Sally Yates said the man was extradited to Atlanta from Thailand on Thursday and was arraigned in federal court Friday afternoon. A second person is also charged in the indictment but has not been identified. Investigators could not disclose whether the person was in the U.S. or abroad. Officials also could not disclose what information led them to Bendelladj.
Bendelladj, whose nickname is "Bx1," is accused of developing and marketing SpyEye, a banking Trojan. However, federal authorities have not said exactly how Bendelladj helped develop the software. Court records don't indicate whether he had a lawyer.
The malware was implanted onto computers to secretly collect financial information and drain bank accounts. Authorities say the malware impacted 253 different financial institutions and is responsible for untold amounts of financial theft.
"We're talking millions," Yates said Friday. "We don't have the precise number quantified at this point."
Trojans such as SpyEye can be profitable for cybercriminals. A small group of hackers in Eastern Europe arrested in 2010 was able to steal about $70 million from companies, municipalities and churches in Europe and the U.S.
SpyEye was designed to automatically steal sensitive information — such as bank account credentials, credit card information, passwords and PIN numbers — after being implanted in victims' computers. After the program took control of a computer, it allowed hackers to use a number of covert techniques to trick victims into giving up their personal information — including data grabbing and presenting victims with a fake bank account page. The information was then relayed to a command and control server, which was used to access bank accounts.
Bendelladj was indicted in December 2011 and was on a trip from Malaysia to Egypt when he was arrested during a layover at an airport in Bangkok on Jan. 5, 2013. Police there seized two laptops, a tablet computer, a satellite phone and external hard drives.
Although authorities say he never set foot on U.S. soil, Bendelladj is accused of leasing a virtual server from an unidentified Internet company in Atlanta to control computers that were impacted by SpyEye. The company was unaware the man was allegedly using the server for illegal purposes, Yates said.
"The federal indictment and extradition of Bendelladj should send a very clear message to those international cybercriminals who feel safe behind their computers in foreign lands that they are, in fact, within reach," Mark F. Giuliano of the FBI's Atlanta field office said in a news release.
Bendelladj and others allegedly developed and sold various versions of SpyEye and its components on the Internet between 2009 and 2011. Cybercriminals were able to customize their purchases to choose specific methods of gathering personal information from victims. Bendelladj and others also allegedly advertised SpyEye on Internet forums focused on cybercrime and other criminal activity.
Yates said that Bendelladj is not accused of being part of a specific criminal organization, and that he and his associates are not accused of carrying out cyberterrorism.
While the arrest does show that authorities are vigilant about trying to fight cybercrime, cybersecurity experts said there is still a vast network of cybercriminals finding more sophisticated ways to remain anonymous and create malware resistant to antivirus programs.
"At the end of the day, this one arrest, unfortunately, won't cause a lot of reduction in online fraud attempts," said George Tubin, senior security strategist at Boston-based Trusteer, a provider of cybercrime prevention programs. "Hopefully it sends a message maybe to the fraudsters that you can be caught and you need to think twice."
Investigators say SpyEye is still active, and authorities are trying to track down computer hackers who are still using the virus. Hackers have developed a mobile version of SpyEye called Spitmo, which targets victims' smartphones, Tubin said. Cybercriminals can steal personal information through victims' computers and forward themselves text messages from the victims' cellphones to fraudulently verify the person's identity and lock them out of bank accounts and other personal accounts. That method is more widely used in Europe, Tubin said.
If convicted, Bendelladj faces up to 30 years in prison for conspiracy to commit wire and bank fraud, and up to five years for conspiracy to commit computer fraud. The 21 counts of wire and computer fraud carry maximum sentences of between five and 20 years each. The man may also be fined up to $14 million.

Poison-Ivy Trojan on U.S. nuclear weapons researcher network

Attacker have used  security hole in Internet Explorer 8  to install spyware on computers of employees of the nuclear weapons research program of the U.S. Department of Energy, reported the website Nextgov.
First attacker infected an unsafe website of the U.S. Department of Labor then the employees of the nuclear weapons research program infected from infected  website.
The Trojan is a variant of the Poison Ivy toolkit that has been modified so that only a few antivirus programs can detect it.
There is no evidence internal Labor data and services were manipulated or lost, according to agency officials. "The department will continue the investigation and will ensure that appropriate precautions and safeguards remain in place to protect our information and information systems",read Nextgov
The Trojan horse is use a command-and-control protocol similar to that which has already been used by the alleged Chinese hacker group Deep Panda.
Microsoft has confirmed the vulnerability in Internet Explorer 8 and said there is not a patch and  recommends a Windows update to newer versions of Internet Explorer

One Fifth of UK PCs Infected by Malware

malware virus security threat breach
Over one fifth of all UK PCs are infected with some form of malware, while one third of all PCs across the world are also affected, according to new research from Panda Security.

The firm’s Quarterly Report for Q1 found that 31.13 percent of PCs around the world are now infected, and that China is responsible for the vast majority, with over half of all machines in the country infected. Second was Ecuador with a 41 percent infection rate, while Turkey was third at 40 percent.
The table below shows the ten most infected nations across the globe.
Malware infection levels by country from Panda Security
The UK fared better, ranking as the fourth safest country, just behind Finland, Sweden and Switzerland. Although this sounds good, over 21 percent of UK machines are infected, while Finland still has a 17 percent infection rate.
The rising tide of cyber crime means that Panda Security detected over six million new malware samples in the first quarter of the year, with the vast majority – 80 percent – taking the form of Trojans. Tools like Java and Adobe Reader remain some of the most at-risk services exploited by criminals.
“Trojans are cyber-crooks’ weapons of choice, which explains why they account for most new specimens in circulation and infections triggered in the first quarter of the year,” explained Luis Corrons, technical director of PandaLabs.
Earlier this week it was revealed that Chinese hackers had hit the US Department of Labor website with a malicious code attack while a new report on Friday from Trend Micro predicted that Latin America is becoming the next hotbed for cyber crime, as well as the Caribbean.

Latin America becoming Newest Malware Hotbed

Cristo Redentor statue overlooking Rio de Janeiro
Latin America and the Caribbean are seeing a surge in reports of targeted attacks, driving cyber crime in the area to unprecedented levels.
Researchers with Trend Micro reported that a series of sophisticated attacks on finance and government institutions has helped to push a 40 percent jump in cyber crime incidents in the region since last year.
According to a study, carried out with local governments and law enforcement agencies in the region, targeted attacks were on the rise and losses from cyber crime were higher than any other form of crime.
As with other parts of the world, the researchers found that popular attacks included hacktivism and targeting critical infrastructures. The study uncovered a number of incidents where industrial control systems were targeted, which makes a region in which many of its nation states are economically developing and reliant on fragile infrastructure vulnerable to a large-scale attack.
"These incidents highlight the dangers that well-coordinated attacks on critical infrastructures pose to public wellbeing and economic development," the researchers said in the report.
"While attacks involving critical infrastructures have not yet caused catastrophic losses or physical damage in the Americas and the Caribbean, they do highlight the need for vigilance and improved resilience, as many critical systems in the region remain exposed."
Latin America and the Caribbean are not alone in facing such attacks. Government systems and critical infrastructure attacks have faced developing nations and world economic leaders alike, and both state-sponsored and private groups look to steal confidential information and trade secrets.
What did raise eyebrows with researchers, however, was that so many attacks were only now being spotted in the region. The researchers noted that in many instances there were indications that the attacks had been previously occurring but were only recently spotted.
"Several governments clarified that the numbers they provided did not necessarily reflect real changes in attack frequency, but rather improvements in network monitoring and better trained personnel, which allowed organisations to detect more system breaches and other illicit cyber activities," the researchers said in the report.
"Interestingly, those countries with recently established national CSIRTs [Computer Security Incident Response Teams] reported some of the most significant increases in managed incidents."

Samsung Knox and BlackBerry 10 get Government and Military Security Approval

Toy soldiers standing on a laptop
Samsung’s challenge to BlackBerry’s enterprise credentials gained a notable boost when the US Department of Defense (DoD) approved the firm’s Knox service as good enough for use by the US government and military services.
BlackBerry’s new BB10 devices, the Z10, Q10 and its Playbook tablet also received this approval. However, the fact one of its chief rivals can now compete at the highest level for military contracts will be unwelcome competition, especially given the clamour for Samsung devices.
The approval by the DoD may also make more enterprises reconsider Android devices for work use, if the Knox system is deemed good enough for government use. Although at present Samsung has been vague about when the Knox service will actually be available.
"This is a significant step towards establishing a multi-vendor environment that supports a variety of state-of-the-art devices and operating systems," said Lieutenant Colonel Damien Pickart in a widely reported statement.
The approval was welcomed by Samsung, which said it underlined its position as a major player within enterprise markets. “This approval enables other government agencies and regulated industries such as healthcare and financial services to adopt Samsung Galaxy smartphones and tablets. This is a significant milestone for Samsung as we work to grow our relationships within government and large corporate enterprises,” said JK Shin, chief executive of Samsung Electronics.
BlackBerry also welcomed the accreditation. “BlackBerry 10 is ideal for government customers because it offers a rich, highly responsive mobile computing experience, along with BlackBerry’s proven and validated security model,” said BlackBerry senior vice president of security, Scott Totzke.
“This approval will enable DoD customers to connect their BlackBerry Z10 or BlackBerry Q10 smartphones to DoD networks and securely access assets from work.”
The DoD is also said to be in the process of approving the iOS 6 platform from Apple, in what could be seen as a watershed moment for the mobile market as all major operating systems start to become suitable for high-level use having overcome security concerns.
This could be particularly welcome news for businesses grappling with the growing bring your own device trend that’s predicted to be in place for almost half of all firms by 2016.