Security

Latest Stories

Why is TikTok (and other iOS apps) constantly snooping on your clipboard?

By on

This year’s WWDC saw Apple lean heavily on privacy. It touted all new features and initiatives that would protect and give a better idea on how companies are using your data. But a new privacy feature might have inadvertently exposed that Apple’s privacy messaging might just be smoke and mirrors. iOS 14 will now alert you when an application accesses your clipboard – basically, the place where you store anything […]

How the Qantas Frequent Flyer program taught me about bad security practices

By on

Source: QANTAS I got three push notifications just as I got to my seat before I left to Melbourne from Dubai. One from Instagram, as a comment to something I posted on an Instagram story: “You should delete this.” One from Facebook Messenger: “Hey. Are you still in Dubai?” One from Gmail: “TERENCE, your Qantas Frequent Flyer PIN had been reset.” I didn’t reset my PIN. Well, fuck. “I didn’t […]

Singapore Ahead Of Fight Against Coronavirus Cyberthreats with Acronis

By on

If you’re working digitally during the current pandemic, you have probably seen the increase in spam. Unless of course, if your company uses Acronis, you’re probably seeing none. Singapore’s Unicorn Acronis released the world’s first cyber protection solution, tailored to fight off pandemic cyberthreats. Enabling service providers to cut costs and defend their clients against cyberthreats through AI-powered integration of data protection and cybersecurity – with Zoom security, COVID-19 URL […]

“Your personal data stored with us is not safe”: Early warning alert service breached

By on

Screenshot of the alert An Australian early warning service has suffered a significant security breach, with customers receiving emails, text messages and phone calls that their personal data is not safe. “EWN has been hacked. Your personal data stored with us is not safe. We are trying to fix the security issues,” the message said. EWN has confirmed that the message came from the hacker and not from them. Early […]

This LastPass bug could reveal your password on the MacBook Pro’s Touch Bar

By on

If you happen to use LastPass and have the brand new MacBook Pro with the Touch Bar, then we suggest you avoid using the macOS app for the time being. Why? You could be at risk of revealing your master password when logging into the service. In other words, you could accidentally reveal the password to access all your passwords. And yes, that is very scary news indeed. First revealed by […]

No, Anonymous is not angry at the BBC over Jeremy Clarkson’s suspension

By on

Image: gaelx/Flickr (Creative Commons) A British tabloid recently published a story about how Anonymous – the hacktivist organisation that has targeted many governments – threatened the BBC to DDoS their systems unless they reinstate Jeremy Clarkson. According to the report – we’re refusing to link to the original article because it’s a really stupid story and doesn’t deserve the traffic it’s getting – someone anonymously posted something on Pastebin that […]

Facebook downtime was due to server fault, not DDoS attack

By on

Image: Tom Solari/techgeek.com.au Unless you were living under a rock or had something better to do than check Facebook every single minute, you would have realised that both Facebook and Instagram was down for many people. However, despite claims that it was due to a DDoS attack, Facebook has said that the outage was because of a server fault. “This was not the result of a third-party attack but instead […]

Google refuses to patch vulnerability affecting 930 million users

By on

Google has quietly disclosed that it will not be patching any vulnerabilities in a component in versions of Android before KitKat. This means that 60 percent of all active Android devices – or 930 million – are now vulnerable to an attack. The company made this disclosure to Tod Beardsley, a security researcher from Rapid7, after another vulnerability reporter was told by Google that they will not fix the bug. In a […]

NZ ISP suffers massive outage after users downloaded malware linked to celebrity nude pics

By on

Spark New Zealand – the country’s largest internet service provider – suffered a massive outage lasting nearly thirty hours from last Friday. The outage saw its nearly 700,000 customer base having slow or no internet connectivity on their mobile phones or computers – all because some users on their network wanted to see nude pics of celebrities. According to local media, some users clicked on a link that claimed to […]

Catch Of The Day reveals user data was stolen – three years after it occured

By on

The massively popular (and occasionally crashing) deals website, Catch Of The Day, has told its customers yesterday that they should change their passwords right now, after confirming they suffered a massive data breach. And while they confirmed that user information, encrypted passwords and a small number of credit card numbers were stolen – that is not the big issue at the moment. No, the big issue is that Catch Of The […]

Tweetdeck vulnerability allowed attackers to execute code in 140 characters

By on

If you happen to be using Tweetdeck, then you would be wondering why you were getting random pop-up messages containing messages such as “Yo!“, “XSS in tweetdeck” and “PENIS“. That’s because users discovered a XSS vulnerability that would attackers to remotely execute JavaScript code – all through a simple tweet. XSS (or “cross-site scripting”) vulnerabilities allow attackers to execute JavaScript code after injecting the script onto another web page viewed by others. For example, […]

Google wants to make it easier to encrypt emails with new plugin

By on

Google has today announced that it plans to support end-to-end encryption with Gmail via a Chrome extension, making it harder for others (such as intelligence agencies) to snoop on your emails. End-to-end encryption sees the sender encrypting data (in this case, an email) before it is sent to its intended recipient. It stays encrypted until the receiving party decrypts it, meaning that no third party can intercept and read or […]

No, Commonwealth Bank is not running OpenSSL

By on

Everyone is freaking out about Heartbleed – that massive security bug that may have comprised people’s passwords, usernames and other encrypted information. And rightly so. Many people are now asking companies if they used OpenSSL and if they used the versions that contained the bug. But when the Commonwealth Bank tried to explain whether or not they were running OpenSSL, it made things even worse. That was largely because a blog post […]

Tumblr turns on SSL encryption – but it’s not by default

By on

Like Facebook and Twitter, Tumblr has announced that it now supports SSL encryption – meaning that you will have an extra layer of security whenever you visit the website. However, there is a catch: it is not turned on by default. You will need to go to your account settings and turn the option on. So, why should you turn this feature on? It makes it harder for hackers to extract […]

Canadian ISP Bell suffers huge data breach – and they’re still quiet

By on

Thousands of customers of Bell Canada – the country’s largest ISP – have had their personal information leaked online by a hacking collective known as NullCrew. The leaked data mainly consists of customer’s email addresses and passwords, but also includes modem passwords and partial credit card numbers of 127 Bell customers. “Go fuckin figure, people who are suppose to provide secure connection to the internet?” NullCrew says in the dump. […]