Free Republic

This thumbdrive hacks computers. “BadUSB” exploit makes devices turn “evil” Per FR posting rules, ars technica can not be posted, so a link to the article referring to USB thumbdrives hacking computers is listed instead. Ignore the "source url", it just points back to the FR website. Article here: http://arstechnica.com/security/2014/07/this-thumbdrive-hacks-computers-badusb-exploit-makes-devices-turn-evil/

“I was in private industry beforehand. But I've kind of always liked computers,” Mularski said during a recent interview. All 56 FBI field offices have cyber squads. Mularski chose Pittsburgh largely because of family considerations — he grew up in suburban White Oak, the son of a steelworker. “It kind of looked like cyber was the wave of the future,” Mularski said. “The majority of all my computer training was just on-the-job training at the bureau.” It has proved remarkably effective. Even before the Chinese and Russian cases made worldwide headlines, Mularski was making cyber waves. He infiltrated Dark Market...

In the latest disagreement between Russia and the US, a 30-year-old Russian national has been arrested for allegedly hacking US retailers, gaining access to credit card information, and selling it. Roman Valerevich Seleznev was arrested while vacationing with his family in the Maldives; he was subsequently transported to Guam. In a statement on its website, the Russian Foreign Ministry denounced the arrest, referring to it as a “kidnapping” and “the latest unfriendly move from Washington."

Law enforcement agencies across the globe are taking a page out of the hacker's handbook, using targets' own phones and computers to spy on them with methods traditionally associated with cybercriminals, two computer security groups said Tuesday. Drawing on a cache of leaked documents and months of forensic work, two reports about the private Italian firm Hacking Team expose a global network of malicious software implants operated by police and spy agencies in dozens of countries. "This in many ways is the police surveillance of the now and the future," said Morgan Marquis-Boire, a security researcher with Citizen Lab and...

These days, your car isn't a car - it's a rolling computer platform. You don't drive it as much as you give the computer commands and then let it carry them out. That's why the idea of hackers breaking into car computers is so terrifying. You have to see this video showing the scary reality of car hacking.

Justice Department's indictment last week of five Chinese military officials accused them of trying to pilfer confidential information from American companies. Westinghouse, is building four nuclear reactors in China. Allegheny Technologies, operates a joint venture in Shanghai. Alcoa, is the biggest foreign investor in China's aluminum market. 77 Chinese company stocks now trade on the NYSE. e-commerce giant Alibaba - plans to list its stock in the United States, either on the NYSE or NASDAQ. General Motors sells more cars in China than in the United States.

eBay Inc. (Nasdaq: EBAY) said beginning later today it will be asking eBay users to change their passwords because of a cyberattack that compromised a database containing encrypted passwords and other non-financial data. After conducting extensive tests on its networks, the company said it has no evidence of the compromise resulting in unauthorized activity for eBay users, and no evidence of any unauthorized access to financial or credit card information, which is stored separately in encrypted formats. However, changing passwords is a best practice and will help enhance security for eBay users.

China has dismissed all US accusations of industrial cyber-espionage against five of its military officials and published proof that Washington is actually stealing data from China. Beijing also summoned the US ambassador for an explanation. Beijing reacted to Washington’s recent round of industrial espionage accusations by publishing its latest data on US cyber-attacks against China. China’s National Computer Network Emergency Response Technical Team Coordination Center of China (NCNERTTCC) reported that during just two months, from March 19 to May 18, the US directly controlled 1.18 million host computers in China using 2,077 Trojan horse networks or botnet servers. According to...

"Eric Holder described the charging of five Chinese military officers with cybercrimes as a "wake-up call" and China is certainly paying attention: Government officials have summoned the US ambassador in Beijing, suspended a cybersecurity agreement made with the US last month, and denounced the charges as an "absurd" move that has "severely damaged mutual trust," reports the BBC, which notes that it is "extremely unlikely" that any of the accused will ever be sent to the US to face charges."

The Internal Revenue Service continues to have weaknesses in information security control that the Government Accountability Office fears could affect the confidentiality, integrity and availability of financial and sensitive taxpayer data. An April 8 GAO report found that although the IRS has improved on information security control and internal control over financial reporting, significant risks remain. The agency has failed to consistently install the appropriate patches on all databases and servers to protect against known vulnerabilities, GAO found, and also failed to sufficiently monitor database controls and appropriately restrict access to its mainframe environment. The IRS has also allowed individuals...

A special unit with the US intelligence agency succeeded in infiltrating Huwaei's network and copied a list of 1,400 customers as well as internal documents providing training to engineers on the use of Huwaei products, among other things. Source Code Breached According to a top secret NSA presentation, NSA workers not only succeeded in accessing the email archive, but also the secret source code of individual Huwaei products. Software source code is the holy grail of computer companies. Because Huawei directed all mail traffic from its employees through a central office in Shenzhen, where the NSA had infiltrated the network,...

WASHINGTON — American officials have long considered Huawei, the Chinese telecommunications giant, a security threat, blocking it from business deals in the United States for fear that the company would create “back doors” in its equipment that could allow the Chinese military or Beijing-backed hackers to steal corporate and government secrets. But even as the United States made a public case about the dangers of buying from Huawei, classified documents show that the National Security Agency was creating its own back doors — directly into Huawei’s networks. The agency pried its way into the servers in Huawei’s sealed headquarters in...

A sophisticated piece of spyware has been quietly infecting hundreds of government computers across Europe and the United States in one of the most complex cyber espionage programs uncovered to date. Several security researchers and Western intelligence officers say they believe the malware, widely known as Turla, is the work of the Russian government and linked to the same software used to launch a massive breach on the U.S. military uncovered in 2008. Those assessments were based on analysis of tactics employed by hackers, along with technical indicators and the victims they targeted.

Link only. Read article at source.

A British man accused of hacking into U.S. government computer networks was charged in a new indictment unsealed Thursday with infiltrating the Federal Reserve’s computers. Lauri Love, 28, of Stradishall, England, was charged with computer hacking and aggravated identity theft, which carry a potential penalty of up to 12 years in prison. He initially was arrested in Great Britain in October and released on bail after he was charged under a United Kingdom law that permits the arrest of anyone who starts attacks from the U.K. on computers anywhere in the world. …

The Global Positioning System helps power everything from in-car satnavs and smart bombs to bank security and flight control, but its founder has warned that it is more vulnerable to sabotage or disruption than ever before – and politicians and security chiefs are ignoring the risk. Impairment of the system by hostile foreign governments, cyber criminals – or even regular citizens – has become “a matter of national security”, according to Colonel Bradford Parkinson, who is hailed as the architect of modern navigation. “If we don’t watch out and we aren’t prepared,” then countries could be denied everything from ‘navigation’...

A local congressional candidate now says she will not be hiring a cyber-security firm to look into claims that someone hacked her campaign’s website. The situation started in September, 2013, when Democrat Martha Robertson’s campaign sent an e-mail out to supporters claiming “GOP ops” were trying to hack their website. In early October, the Robertson campaign backed off the “GOP ops” claim during an interview with WETM, but presented evidence showing there were multiple “SQL injection” attacks made on the website. And during an interview with the political site Roll Call, Robertson state the campaign was looking into hiring a...

Visitors to the Sochi Winter Olympics can expect for their computers and mobile devices to be hacked, NBC’s Richard Engel reported Tuesday evening on NBC Nightly News. Engel conducted multiple experiments with the help of an American based security expert in which the NBC reporter logged onto various public WIFI networks around Moscow. Almost immediately, all of Engel’s devices were exposed to malicious malware. Analysis revealed some of Engel’s devices were transmitting personal data stored on his computer to a server based in Russia. The best way for travelers to avoid these issues, Engel said, is to avoid public WIFI...

A 19-year-old who lived at home with his mom and worked at a local call center stole the identities of America's rich and famous — including Kim Kardashian and the head of the FBI — and took over their financial accounts..... ...Earlier this week, Flores learned he'll spend the next 3 1/2 years in federal prison for his identity theft scheme..... ....At the time, Flores was already facing criminal charges in state court, where he was accused of taking private information from a coworker's personnel profile and having his colleague's paycheck directly deposited into his own bank account. Flores was...

Beware of malformed FileZilla FTP client versions 3.7.3 and 3.5.3. We have noticed an increased presence of these malware versions of famous open source FTP clients. The first suspicious signs are bogus download URLs... Malware installer GUI is almost identical to the official version. The only slight difference is version of NullSoft installer where malware uses 2.46.3-Unicode and the official installer uses v2.45-Unicode. All other elements like texts, buttons, icons and images are the same. The installed malware FTP client looks like the official version and it is fully functional! You can’t find any suspicious behavior, entries in the system...