14.1 C
Thursday, November 23, 2017
Home Tags Proprietary Information

Tag: Proprietary Information

Video for episodes of Ballers and Room 104 also reportedly stolen.
Suit says Oculus' Mobile SDK used stolen trade secrets, copyrighted code

Euro firms getting better at detecting breaches more quickly The European energy sector is being targeted by advanced threat actors seeking proprietary information to advance the capabilities of domestic companies, according to FireEye Mandiant.…
Three Chinese men were charged by federal prosecutors with hacking the networks of major merger and acquisition firms for information, which they used to make profitable stock trades. U.S. federal prosecutors charged three Chinese nationals with hacking the networks of U.S.-based international law firms and using information from those firms to conduct insider trading, making more than $4 million from the scheme, according to a statement by the U.S.

Attorney’s Office.The three men targeted at least seven firms which advised companies involved in acquiring, or being acquired by, other companies, according to a statement released by Preet Bharara, the U.S.

Attorney for the Southern District of New York.After successfully compromising two law firms, the group then allegedly bought shares in companies that were about to be acquired or which planned to acquire the other firms.

They then sold the shares after the M&A deals were announced.“This case of cyber meets securities fraud should serve as a wake-up call for law firms around the world: you are and will be targets of cyber hacking, because you have information valuable to would-be criminals,” he said in the statement. The FBI and the U.S.

Attorney’s office worked with the Securities and Exchange Commission, the Office of International Affairs and Hong Kong law enforcement to investigate the group. One of the accused, Iat Hong, a resident of Macau, was arrested by local authorities on Dec. 25 and is awaiting extradition proceedings. The attacks, which occurred in 2014 and 2015, targeted the email accounts and data of law-firm partners, aiming to gain sensitive information about the acquisitions.In one case, the group allegedly compromised a law firm that was advising a company contemplating purchasing Intermune, a U.S.-based drug maker.

After stealing 40 gigabytes of data from the law firm, the three men began purchasing Intermune shares.

After the company announced it would be purchased by Roche AG on Aug. 25, 2014, the men sold the 18,000 shares for a profit of $380,000, according to the U.S.

Attorney’s statement.In a similar attack, the men also allegedly learned of Intel’s intent to acquire Altera, making a profit of $1.4 million on the resulting stock transaction.

The trio also made $841,000 after learning that Pitney Bowes intended to buy BorderFree, an e-commerce company.The attackers took similar measures in two other transactions, prosecutors claim.
In addition, they targeted at least five other law firms and two robotics companies—in the latter case, stealing confidential and proprietary information.The two other accused men, Chin Hung and Bo Zheng, are residents of Macau and Changsha, China, respectively.
EnlargeKlaus with K reader comments 1 Share this story A former IT specialist at Expedia has admitted he used his privileged position to access executives' e-mails in an insider stock-trading scheme that netted almost $330,000 in illegal profits, p...
The threat posed by a ransomware family known as CrySis was diminished considerably on Sunday when the master decryption keys were released to the public. Researchers at Kaspersky Lab said they have already folded the keys into the company’s Rakhni decryptor and victims of CrySis versions 2 and 3 now have a means of recovering their lost files. The key was posted at 1 a.m.

Eastern time to the BleepingComputer.com forums by a user known only as crss7777, said founder Lawrence Abrams.

Abrams speculates that it could have been the ransomware developer who posted the key on the site’s CrySis support forum page; the post included a Pastebin link to a header file written in C that contains the master decryption keys and instructions on how to use them. “Though the identity of crss7777 is not currently known, the intimate knowledge they have regarding the structure of the master decryption keys and the fact that they released the keys as a C header file indicates that they may be one of the developers of the CrySiS ransomware,” Abrams said. “Why the keys were released is also unknown, but it may be due to the increasing pressure by law enforcement on ransomware infections and the developers behind them.” CrySis surfaced in February after a report by researchers at Eset said the ransomware was quickly gaining favor from hackers after the decryption of TeslaCrypt ransomware.

CrySis spread via email attachments with double file extensions or through links in spam messages.
It was also found lurking in Trojanized versions of freely available software such as compression programs like WinRAR. Like most ransomware, it could encrypt a large number of file types and sought to encrypt data stored on shared drives.

Documents encrypted by CrySis have their filenames changed to include a .xtbl extension and an email address, similar to [filename].id-[id].[email_address].xtbl, BleepingComputer said. Kaspersky researchers said CrySis accounted for 1.15 percent of ransomware infections this year, with most of the victims found in Russia, Japan, South and North Korea, and Brazil. A number of virulent ransomware families have been extinguished this year, including CryptXXX, TeslaCrypt, Chimera, Jigsaw and others. Ransomware has been among the most feared malware threats of the year; attacks have taken large organizations in a number of industries offline and have impacted customer service.

A number of high-profile attacks against hospitals and utilities put ransomware on the map as patient care was impacted in a couple of attacks as organizations wrestled with the question of whether to pay the attackers’ demands. In the meantime, the FBI put out a number of warnings about ransomware, urging businesses to be vigilant about patching software that could be targeted by exploit kits spreading the malware, or about email campaigns spreading these infections. “The inability to access the important data these kinds of organizations keep can be catastrophic in terms of the loss of sensitive or proprietary information, the disruption to regular operations, financial losses incurred to restore systems and files, and the potential harm to an organization’s reputation,” the FBI said in May. In September, the FBI made a public plea to organizations that have been ransomware victims to share incident reports, looking for details on how the infection happened, any losses incurred, the attackers’ Bitcoin wallet address and more.
Someone's definitely looking for a new job, ironically Global recruitment giant PageGroup says a hacker infiltrated its network and accessed job applicants' personal information. The miscreant broke into a development system run by IT outsourcer Capgemini for PageGroup, and was able to look up job hunters' names, email addresses, hashed passwords and more. UK-headquartered PageGroup and Capgemini both told The Register they believe the miscreant who slipped into its system had no malicious intent. In alerts emailed to customers on Thursday – messages seen by El Reg – PageGroup warned that their records were obtained illegally by an unauthorized third party. Here's the text of one email sent on Thursday evening, UK time: We regret to inform you that on 1 November 2016, we were made aware that an unauthorised third party illegally gained online access to a development server used by our IT provider, Capgemini for testing PageGroup websites. We are sorry to tell you that the details you provided as part of your recent website activity have been identified as amongst those accessed. We know people care deeply about their data being protected so wanted you to hear this from us. Since we identified that your data was accessed, we have worked non-stop to fix this issue with Capgemini, who are a global leader in consulting, technology and outsourcing services. We immediately locked down our servers and secured all possible entry points to them. We carried out a detailed investigation into the nature of what happened. To reassure you, we know that the data was not taken with any malicious intent. We have requested that the third-party destroys or returns all copies of the data. They have confirmed that they have already destroyed it and we are confident that they have done so. The data fields which were accessed are: First name Last name Email address Password – please note this is encrypted into a code and not readable by any third-party so there’s no need to change your password Telephone number Location The sector you told us you work in The sub sector you told us you work in Job type Current job (only when applying via LinkedIn) Your covering message (optional field) PageGroup has always placed the highest priority on data security and so this breach of data is deeply disappointing and of serious concern. We will continue to work to understand fully how the breach has occurred and to ensure it does not happen again. For more information please visit our FAQ page here. PageGroup learned that it was compromised on on November 1, although took more than a week to admit it. It appears some people are affected more than others: while some customers just had their names and email addresses exposed, others lost control of more information about themselves and their work situation. According to PageGroup, no CVs were accessed by the hacker. Of course, if this person could snatch people's details, anyone with the right skills could have done so, too. "We have ensured the website is secure," PageGroup said in the aforementioned FAQ. "We are treating this issue very seriously and are working with our IT vendor, Capgemini as a matter of urgency to fully investigate how this incident occurred and to put in place measures to ensure it does not happen again. "Capgemini fully manage our PageGroup websites and is regarded as a global leader in consulting, technology and outsourcing services. It has all the appropriate security certificates and ISO certifications in place, which we believed would ensure that the website environments would be secure and safe in their hands." A spokesperson for PageGroup told us the unnamed hacker has since promised they have destroyed the data and the company is "confident that they have done so." To us it sounds like someone discovered a vulnerable server, found out they could exploit it to extract people's information, and then reported it to PageGroup. Capgemini, which handles a lot of outsourced work for the British government, told The Reg in a statement that it had fully investigated the matter and was satisfied there was no criminal intent in the data loss. "Our work has established that this was not a malicious attack and we are not aware of any broader dissemination of data or fraudulent activities as a result of the incident," Capgemini said. "Privacy and security are key priorities for Capgemini and we are reviewing the security procedures and data protection measures we have in place to protect our customers' data and proprietary information." ® Sponsored: Customer Identity and Access Management
Microsoft announced late Tuesday that it has joined Google's Android for Work program and will support Google's container technology for mobile application management in a future release of Intune, Microsoft's own enterprise mobility management (EMM) server.

The Microsoft blog post gave no timeline. Android for Work, initially released in winter 2015 as part of an Android 5.0 Lollipop update, brought to Android the same level of enterprise-grade protection for mobile apps that had previously been available only to Apple's iOS devices or Samsung's Android devices running Samsung's own Knox technology. Among the Android for Work capabilities that Microsoft said Intune would initially support are the following: Support for work policies, those that apply to the separate container for corporate apps that Android for Work creates on Android devices. Unified deployment of Android apps both from the Google Play Store and of private corporate apps developed by or for an enterprise.  Support for Android for Work policies, which go beyond what the standard Android application policies provide for consumer apps, in IT-developed apps. Until recently, Intune seemed designed to force enterprises to ditch their existing EMM tools in favor of Microsoft's, such as by not letting other EMM tools access Microsoft's proprietary information management APIs.
Intune also did not support Macs, which compete with its Windows operating system. However, this summer Microsoft began quietly supporting some Mac management APIs in Intune.

And since last fall it has allowed enterprises to use its Enterprise Management Suite, of which Intune is an optional component, in concert with other vendors' EMM servers. That shift let enterprises keep their existing EMM vendor relationships while being able to use the proprietary Office 365 information management APIs. Microsoft has also worked with the leading EMM providers to have them support Azure Active Directory in their identity management capabilities.
The 2016 Summer Olympics in Rio de Janeiro caught the collective attention of the world, which watched as best-in-class athletes from countries from around the world competed for the coveted medals and honor for their countries.

For those competing, th...
John Carmack (left) poses with Oculus founder Palmer Luckey (center) and other members of the Oculus team.OculusVR reader comments 39 Share this story The 2014 lawsuit filed against virtual reality headset company Oculus and its parent company Facebook has now received its first major amendment in nearly two years. The civil complaint from game publisher ZeniMax was updated on August 16 with 22 additional "paragraphs," and those updates mince few words. Most notably, the lawsuit now names Oculus executives John Carmack and Brendan Iribe as defendants, in addition to the aforementioned companies and Oculus founder Palmer Luckey. The updated filing, which was reported by Game Informer on Monday, still alleges that Oculus's major VR technologies were taken from ZeniMax in a way that violated contracts and nondisclosure agreements—especially since Carmack originally worked for ZeniMax and had signed contracts that made ZeniMax the owner of any technologies he worked on within the company (specifically, at its subsidiary, id Software). Now that Iribe and Carmack are listed as defendants, ZeniMax has aimed further allegations directly at those two men—and have questioned claims that Luckey had much to do with the development of Oculus' core technologies. Issues with disclosure In the last amended complaint, Zenimax simply said that "Rift’s VR Technology... had actually been developed by ZeniMax without Luckey’s involvement." This new complaint goes much further, especially when talking about the ways Oculus bolstered its reputation en route to being acquired by Facebook for $2 billion in 2014. "Oculus needed to be able to explain how it came to own VR technology" without acknowledging any misuse of another company's technologies, the suit now claims, and it also alleges that Iribe instructed Oculus staffers to "disseminate to the press the false and fanciful story that Luckey was the brilliant inventor of VR technology" and "had developed that technology in his parents' garage." "In fact, that story was completely and utterly false," the complaint continues. "Luckey lacked the training, expertise, resources, or know-how to create commercially viable VR technology. His computer programming skills were rudimentary, and he relied on ZeniMax's computer program code and games to demonstrate the prototype Rift. Nevertheless, this fraudulent tale was frequently reported in the media as fact." The complaint also newly accuses Iribe of hiding any proof of a nondisclosure agreement between Oculus and Zenimax not only from potential outside investors but even from major Oculus staffers. One of those people, Chief Operating Officer Laird Malamed, is named as "the Oculus officer for providing Oculus's nondisclosure agreements, contracts, and other legal documents to potential investors conducting due diligence on Oculus." The complaint claims that Malamed did not learn about this crucial NDA, which governed the access Oculus had to proprietary Zenimax technologies, until the original lawsuit had been filed in 2014. Blacked-out text For his part, CTO John Carmack has been accused of wholesale theft of ZeniMax documents. The exact issue, according to ZeniMax's updated complaint, is that Carmack "secretly and illegally copied thousands of documents containing ZeniMax's intellectual property from his computer at ZeniMax to a USB storage device which he wrongfully took with him to Oculus." Additionally, ZeniMax now alleges that Carmack returned to his id Software office after officially departing the company so that he could "take without permission a customized tool that Carmack and other ZeniMax personnel had developed for work on virtual reality." The lawsuit's amendments were filed in late June and unsealed in the US District Court of North Texas on August 16, but the judge presiding over the case insisted that some of its details remain sealed. Perhaps the juiciest bit of the sealed content is a blacked-out sentence, followed by: "Carmack has retained these files and he has used them for his work at Oculus." The blacked-out text could pertain to the aforementioned "customized tool" or perhaps to the "thousands of documents" that he allegedly copied to a USB stick. The amended complaint also adds a few Carmack-specific assertions that connect Oculus' success to ZeniMax's contributions to virtual reality, including the following: "Carmack has admitted that without ZeniMax, Oculus 'wouldn't exist as a funded company.'" And a paragraph in the updated complaint mentions both new defendants by accusing Iribe of directing Oculus employees such as Luckey to contact Carmack in order to "obtain ZeniMax's VR technology for Oculus's benefit." That technology allegedly included "confidential and proprietary information," "computer program source code," and "design specifications." The updated complaint was unsealed days before the case's updated fact-discovery deadline of August 19; Facebook had requested that delay from the US District Court in June, before ZeniMax had submitted its amended complaint. As in the original filing, ZeniMax seeks a monetary judgment against the named defendants "in an amount to be determined at trial." Oculus' response to this complaint has not yet been filed in US District Court. An Oculus representative offered a statement to Game Informer, stating that "this complaint filed by ZeniMax is one-sided and conveys only ZeniMax's interpretation of the story. We continue to believe this case has no merit, and we will address all of ZeniMax's allegations in court."
Just one month into a six-month pilot, a UK-led international cyber crime looks set to become permanent, according to Troels Oerting, head of Europol’s European Cybercrime Centre (EC3). EC3 is hosting the Joint Cybercrime Action Taskforce (J-CAT) set up in September 2014 to co-ordinate international investigations with partners, targeting key cyber crime threats and top targets. Initiated by EC3, the EU Cybercrime Taskforce, the FBI and the National Crime Agency (NCA), the J-CAT is made up of cyber liaison officers from EU states, non-EU law enforcement partners and EC3. Oerting said the unit, which is led by deputy director of the UK’s National Cyber Crime Unit (NCCU) Andy Archibald, is due for its first evaluation at the end of February 2015. “There are already indications it will be extended for at least another six months, but I think it is likely to become permanent as it keeps acquiring cases and we are trying to get European Union (EU) funding for it,” he said. Operation Imperium In just one month, the unit notched up its first success by co-ordinating Operation Imperium, which resulted in 31 arrests and 42 house searches by Spanish and Bulgarian police, supported by EC3. The raids took place mainly in Malaga, Spain and the three Bulgarian cities of Sofia, Burgas, and Silistra. The operation was aimed at taking down an organised crime network suspected of a variety of crimes, including large-scale automated-teller-machine (ATM) skimming, electronic payment fraud and forgery of documents. Eight criminal labs, including two very complex modern production sites for skimming equipment and counterfeit documents in Sofia and Malaga, were discovered and dismantled. More than 1,000 devices – including micro-camera bars, card readers, magnetic-strip readers and writers, computers, phones and flash drives, as well as plastic cards ready to be encoded – were seized. The cyber crime gang was using 3D printing equipment to produce fake plastic card slot bezels ready to be installed on bank ATMs and manipulated point-of-sale (POS) terminals. “This was probably the most advanced print shop I have ever seen, including 3D-printing equipment,” Oerting told Computer Weekly. Police officers also confiscated dozens of forged payment cards with records of PIN numbers, ready to be used at other ATMs. Mobile offices set up by EC3 enabled direct access to Europol's databases for the cross-checking, analysis and exchange of intelligence in real time. The cyber criminals were harvesting financial data from ATMs or compromised POS terminals in Italy, France, Spain, Germany and Turkey that was used to create fake payment cards. The fake cards could then be used to withdraw large amounts of cash from ATMs outside the EU, in countries like Peru and the Philippines. The case illustrates the cross-jurisdictional nature of cyber crime that typically adds a layer of complexity for law enforcement, particularly when non-European or allied states are involved. “We are using J-CAT to highlight obstacles we encounter,” said Oerting. “Even in the EU difficulties are caused by differences between member states in what is required for law enforcement officers to acquire an internet protocol (IP) address, for example. “In some counties a police officer can do this, while in other countries police officers have to go to a prosecutor to obtain a warrant from a judge, which can lose valuable time,” he said.  Cyber criminals operating outside the EU The biggest challenge, however, is when cyber criminals are operating from outside the EU. “We are trying to solve this by engaging with several states outside the EU to enable joint investigations and, so far, we have been able to achieve results,” said Oerting. “We will continue to pursue this and I hope we will be able to report the success on four test cases soon, and they will be the catalyst for more joint cases in future." It is a myth law enforcement agencies want to know everything about everyone – we are only interested in targeted information about criminal suspects that we can use Troels Oerting, EC3 Oerting again underlined the importance of sharing information, not only with other authorities but also with private companies. In this regard, J-CAT also has a role to play. The unit is currently working on an encryption system that is designed to facilitate the exchange of data. “J-CAT is working on encrypting data sets in such a way that they can be compared to see if there are any matches,” said Oerting. The aim is to reduce concerns about privacy because all the data will be encrypted, and will also reduce the volume of data exchanged. “Only if there is a match between the data sets – say of an IP address or particular kind of malware linked to a case, for example – will we put in an official request for that data, which we can then use,” explained Oerting. This means law enforcement will not have access to the full data set of collaborators, but only to specific information that relates to ongoing cases. “This the philosophy behind the project, but it is still very much a work in progress, so it is difficult to say at this stage exactly how it will work,” Oerting said. “J-CAT will continue to work on this because we know there are private companies that would be willing to exchange cyber attack information with us on this basis,” he added. This approach means there will be no exchanges of bulk data, nor any disclosures of personal or proprietary information that is not directly relevant to a criminal investigation. “It is a myth law enforcement agencies want to know everything about everyone – we are only interested in targeted information about criminal suspects that we can use,” said Oerting. The system is expected to be up and running by March 2015 to facilitate a stream of highly targeted information to J-CAT to support international anti-cyber crime operations. Email Alerts Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox. By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy Read More Related content from ComputerWeekly.com RELATED CONTENT FROM THE TECHTARGET NETWORK