Data Security

What are “State-Sponsored Actors”? Facebook confusion ensues

What are “State-Sponsored Actors”? Facebook confusion ensues

Facebook is sending out warnings - as of this week - to users that may be the subject of hacking efforts by 3rd party systems. The message their receiving suggests that they "may be the target of attacks from state-sponsored actors." What in the world could that possibly mean? This message is actually super simple and should very well have been simplified further before reaching the public. State-sponsored actors are just hackers sponsored by the government. Not the United States government (not in this case), but potentially harmful nonetheless.

Continue Reading

JPEG images may one day have DRM copy protection

JPEG images may one day have DRM copy protection

It's not time to panic just yet, but there could one day be a fundamental change to the JPEG image format that would have a significant impact on the way we view and use images on the web. The committee behind the format, the Joint Photographic Experts Group (JPEG), is now holding discussions on the topic of privacy and security, and considering the idea of bringing digital rights management (DRM) to the popular image type.

Continue Reading

Hacked Patreon user data posted online

Hacked Patreon user data posted online

Following yesterday's news about crowdfunding platform Patreon getting hacked, with user details including names and addresses being among what was stolen, now comes the sad discovery that the data — nearly 15GBs worth — has been leaked online. Security researcher Troy Hunt told Ars Technica that he found the data dump on file sharing sites, and it included Patreon's user database and the site's source code.

Continue Reading

Patreon says it was hacked, user data leaked

Patreon says it was hacked, user data leaked

While not as ground-breaking a breach as the recent cyber attack on dating site Ashley Madison, the crowdfunding website Patreon has disclosed that it was hacked recently, and some personal data belonging to users was accessed. In a blog post and email to users from the site's CEO Jack Conte, it was said that the information leaked in the breach includes registered names, email addresses, shipping addresses, and some billing addresses that were entered before 2014.

Continue Reading

Ashley Madison users made terrible password choices

Ashley Madison users made terrible password choices

It’s no secret that many (most?) people choose their passwords without much thought — things like kids or pets names, their birthday, even the word “password”. All are commonly seen and used as examples of what not to make your password, but many Internet users don't listen, and unless they're forced to use a secure password, they'll select the path of least resistance. The users of Ashley Madison were, largely, no exception.

Continue Reading

IRS hit with lawsuit over recent taxpayer data hack

IRS hit with lawsuit over recent taxpayer data hack

The massive IRS data breach has resulted in a lawsuit from affected taxpayers. The hack was announced in May, and affected about 330,000 (or more) taxpayers who used the IRS’ “Get Transcript” service. The hackers, who are said to have originated from Russia, made off with sensitive personal details, including social security numbers and home addresses. Using this information, the hackers then spoofed tax paperwork and were able to steal millions in refunds.

Continue Reading

Ashley Madison hackers drop another 20GB of stolen data

Ashley Madison hackers drop another 20GB of stolen data

The Ashley Madison hackers have released a larger cache of information stolen from the website for affairs. The first batch of data — which has already revealed numerous well-known names and email addresses tied to government agencies, among others — was about 10GB compressed, and this latest data dump is about double that: 20GB or so of compressed data on more users of the infidelity website. This latest dump appears to, in part, include emails belonging to at least one of the site's executives.

Continue Reading

Target pens settlement agreement with Visa over 2013 security breach

Target pens settlement agreement with Visa over 2013 security breach

The big data breach that affected Target in 2013 is still hurting the company, this time to the tune of $67 million. The retailer has struck a deal with financial institutions that were affected by the breach; the settlement is made with Visa on behalf of those institutions, and a deal akin to this one is said to be the works with MasterCard. The data breach, which unfortunately happened during the holiday shopping season, left about 40 million MasterCard and Visa credit and debit cards exposed to fraud — it was one of the worst security lapses affecting a big-name retailer in years.

Continue Reading

IRS hack larger than reported: 600k+ taxpayers targeted

IRS hack larger than reported: 600k+ taxpayers targeted

This year the IRS joined the OPM and other entities -- both government and private -- that were hit with cyberattacks of one sort or another. The massive Office of Personnel Management hack has received the most attention, but as you may remember, the IRS was also targeted and suffered a huge loss of data. Only, it didn't report accurate numbers. As it turns out, the hack was even more massive than originally reported, with more than half a million people having been targeted.

Continue Reading

‘Cyberflashing’ incident ushers in new era of perverts

‘Cyberflashing’ incident ushers in new era of perverts

The modern world is full of funny new terms that speak of situations facilitated by the gadgets we carry around with us. The new word buzzing around is 'cyberflashing', and some are saying the first of such incidents has taken place via a lone pervert using AirDrop. Reportedly, the suspect used Apple's AirDrop to send unsolicited indecent pictures (it is unclear whether they were images of the suspect) to a passenger on a train in London. Police say they have investigated the matter.

Continue Reading

Security issues in some Android handsets leave fingerprints exposed

Security issues in some Android handsets leave fingerprints exposed

A team of researchers with FireEye have discovered a serious security vulnerability in some Android phones involving biometric security. The flaw leaves fingerprints open to hackers by storing them in a "world readable" folder as an image file. Both the HTC One Max and the Samsung Galaxy S5 were cited as vulnerable, but other Android phones from other manufacturers could also be at risk. The HTC One Max was cited as being the most vulnerable, however, storing the fingerprints as unencrypted BMP files that could be read by any unprivileged app or process.

Continue Reading

Firefox exploit discovered, but update is already available

Firefox exploit discovered, but update is already available

If you're a Firefox user and reading this, stop and update to version 39.0.3 right now. Mozilla has revealed on their blog that a nasty exploit has been discovered that can give someone access to the files on your computer. The security hole allows JavaScript to be injected, letting an attacker search your computer and then upload files to a server in Ukraine. Even worse is that fact that no trace of the breach is left behind, so users will have no idea the breach has taken place.

Continue Reading

Prev 1 2 3 4 5 6 7 8 Next