Security

Browsing: Security

Yahoo resets passwords after hackers attacked email service

By on

Yahoo has said that it will be resetting passwords of several users after it identified a “coordinated effort to gain unauthorised access” to those users Yahoo Mail accounts. The company did not share much detail about the attack, like how many accounts were affected. It did say, however, that the attackers used information from a third-party whose database was compromised; and that there was no evidence that the information came […]

Yep, Snapchat still sucks at security – new anti-spam measure cracked in less than 30 minutes

By on

Image: Screenshot from TechCrunch It’s been a bad few weeks for Snapchat after many people called into questioned how secure users were on the service – especially given how dismissive they were to an exploit which lead to 4.6 million usernames and phone numbers leaked, and a sudden increase in spam. However, the company has said they are now working on fixing its security problems. In the last 24 hours, the company […]

NOT AGAIN: Syrian Electronic Army strikes at another Microsoft website

By on

You would have thought that after a series of embarrassing hacks by the pro-Assad Syrian Electronic Army that Microsoft would have increased the level of security. Well, if they did, then it obviously didn’t work. The Syrian Electronic Army have managed to take over the Office Blogs website. In a series of tweets to confirm the attack, the group have posted onto Twitter two screenshots: Screenshot of the old administration panel […]

What would happen if Google suddenly forgot to check your password?

By on

We’re all familiar with how a login page works. We type in a username and password, and possibly a code sent to our phones, to a form. We click the submit button, and all of that data is sent to a server. That data is checked to a database, and if it matches, it will let you in. But imagine this scenario: what would happen if suddenly, Google didn’t check your […]

More Microsoft accounts hijacked by Syrian Electronic Army

By on

It appears more Microsoft accounts have been hijacked by the Syrian Electronic Army, the hacking group that are supporters of the Syrian President Bashar al-Assad. The group were able to successfully take over the Microsoft News Twitter account and the Official Microsoft Blog. @Official_SEA16 This post took 154 Retweets :) pic.twitter.com/0PJ4RnlrGL — ♥Dove Syrienne♥ (@DoveSyrienne) January 11, 2014 The Official Microsoft Blog: Syrian Electronic Army Was Here #SEA pic.twitter.com/CzYH5jMrY8 — […]

Syrian Electronic Army takes over Xbox social media accounts

By on

A group purporting to be the Syrian Electronic Army – a hacking collective that supports Syrian President Bashar al-Assad – has said taken over the social media profiles belonging to Xbox. This comes after another Microsoft-owned property, Skype, also had their social media profiles hijacked by the group. Images posted by the Syrian Electronic Army on Twitter show that they have, or had, control of the main Twitter and Instagram accounts. […]

Dropbox “partial leak” from Anonymous-linked group is a fake, designed to troll tech press

By on

The Anonymous-linked hacking group 1775 Sec has now confirmed that their attack on Dropbox is a fake. While the group claims that the DDOS attack was real, the data breach claim was designed to troll the tech press. “That was some serious Lulz. We DDoS attack DropBox! After it’s down we say data base compromise! And the media is all over it! #Lulz #fail,” the group said in a tweet. […]

Schoolkid finds a security flaw on govt website, and now he might be charged

By on

Public Transport Victoria is now seeking to have a schoolkid charged for cybercrime, despite said schoolkid alerted them to a security vulnerability that would allow someone to access the personal information of nearly 600,000 public transport users. The database was for the old Metcard store – which was shut down as part of the transition from Metlink to Public Transport Victoria – and contained, according to The Age, full names, addresses, phone […]

Edward Snowden delivers ‘Alternative Christmas Message’ in UK

By on

Edward Snowden – the former NSA contractor who leaked documents of mass surveillance by intelligence agencies – has been chosen to present this year’s ‘Alternative Christmas Message’ on Channel 4 in the UK. “A child born today will grow up with no conception of privacy at all” Snowden uses the Alternative Christmas Message – which is now available online (you will need to login to watch it) – to talk about the erosion […]

Yahoo Mail to have HTTPS encryption by default – finally

By on

Yahoo has finally announced that it will turn on HTTPS encryption by default for Yahoo Mail next year – four years after Google announced the same thing for Gmail, and two years for Microsoft during the transition between Hotmail and Outlook (it was an option in Hotmail in 2010). Yahoo may still lag behind its rivals security-wise Incidentally, the switchover – scheduled for January 8, 2014 – falls exactly one year […]

D-Link router backdoor vulnerability discovered

By on

A rather worrying security vulnerability has been discovered which is affecting several D-Link branded modem routers. Posted on a website dedicated to Embedded Device Hacking, /dev/ttyS0, the vulnerability was discovered when one of its writers reverse engineered a firmware update from D-Link. The security vulnerability will allow full access into the configuration page of the router without knowing the username and password. According to the blog post, when you set your […]

WhatsApp CEO: Encryption flaw story is “sensationalised and overblown”

By on

WhatsApp’s CEO Jan Koum has told TechGeek that a Dutch computer science student’s claims that all messages should be considered compromised are “inaccurate”, and that the entire story has been “sensationalised and overblown”. The Dutch computer science student – Thijs Alkemade from Utrecht University – this week found several flaws in WhatsApp encryption. In his blog post, he explained that the app was reusing RC4 keys, which could potentially mean that […]

WhatsApp chats should be considered “compromised”, says Dutch student after finding encryption flaws

By on

A Dutch computer science student has said that all users on WhatsApp, a popular messaging alternative to SMS, should consider their chats compromised after he has found flaws in the encryption used in the app. “You should assume that anyone who is able to eavesdrop on your WhatsApp connection is capable of decrypting your messages, given enough effort. You should consider all your previous WhatsApp conversations compromised.” Thijs Alkemade, a Computer […]

MacTalk hacked and defaced with message purported from Syria

By on

A hacker claiming to be from Syria has defaced Australia’s largest Mac community website MacTalk, posting a message supporting Syrian President Bashar al-Assad. First spotted early this morning by former editor of MacTalk Peter Wells, it appears the site’s defacement only works on mobile devices. Man, Syrians don’t fuck about when they hack your site. Poor lil @mactalk http://t.co/mnAZlEErFj — Peter Wells (@fulltimecasual) September 12, 2013 The message also appears on […]

ACCC investigating ‘Freemium’ apps on Mobiles

By on

The Australian Competition and Consumer Commission (ACCC) have today announced that they, and with 50 agencies globally, have started investigating free applications on mobile markets which offer in-app purchases. The joint effort has been undertaken to improve the education and protection of consumers when using ‘Freemium’ apps. Currently, many app developers are making their apps free to download. However, the apps will have limited functionality without an in-app purchase to enable certain […]