Collaborate Disseminate
Joseph Cox at Motherboard reports:
Specialty dating site “Muslim Match” has been hacked. Nearly 150,000 user credentials and profiles have been posted online, as well as over half a million private messages between users.
Launched in 2000, Muslim Match… Continue reading Muslim Match dating site hacked. Private messages and profiles posted online
Apple started selling the Apple iPhone nine years ago today.
Here is what Apple’s press release had to say:
iPhone introduces an entirely new user interface based on a revolutionary multi-touch display and pioneering new software that allows users to c… Continue reading The iPhone is nine years old – and still no significant malware outbreaks
Dave Lee at BBC News reports:
In recent months, in an apparent bid to accelerate adoption of Windows 10, Microsoft altered the way it asked users if they wanted to upgrade. It gave the Windows 10 update “recommended” status, normally reserved for criti… Continue reading Microsoft rethinks Windows 10 upgrade push following complaints
The Seattle Times reports:
A few days after Microsoft released Windows 10 to the public last year, Teri Goldstein’s computer started trying to download and install the new operating system.
The update, which she says she didn’t authorize, failed. Instead, the computer she uses to run her Sausalito, Calif., travel-agency business slowed to a crawl. It would crash, she says, and be unusable for days at a time.
“I had never heard of Windows 10,” Goldstein said. “Nobody ever asked me if I wanted to update.”
When outreach to Microsoft’s customer support didn’t fix the issue, Goldstein took the software giant to court, seeking compensation for lost wages and the cost of a new computer.
She won. Last month, Microsoft dropped an appeal and Goldstein collected a $10,000 judgment from the company.
There is no doubt that Microsoft has taken its aggressive pushing of Windows 10 onto users’ computers too far, with many users claiming that it has been installed on their PCs without their explicit consent.
If a malicious hacker made unauthorised changes to your computer without your permission you would expect the police to take an interest.
So what makes it any different when it’s a company called Microsoft messing around with your computer?
Continue reading Unwanted Windows 10 update wins woman $10,000 from Microsoft
Symantec reports:
Symantec has discovered an app on Google Play that steals photos and videos from the popular social media app Viber. Beaver Gang Counter masquerades as a score keeping app for a popular card game but secretly searches for media files related to the Viber app and sends them to a remote server.
It’s easy to imagine who the personal photos and videos stolen by this malware could be used by online criminals for the purposes of blackmail, stalking, fraud, identity theft or just good old-fashioned voyeurism.
Interestingly, it seems that Beaver Gang Counter waited for instructions from a remote command and control (C&C) server before scooping up personal photos and videos. This functionality appears to have helped the malware waltz past the Google Play store’s vetting process.
Malware on the Android platform is a growing problem, but it’s even worse when it makes its way into the official Android app store.
Symantec says that Google has now removed the offending app and developer from Google Play, but one wonders how long it will be before someone else attempts something similar.
Continue reading Malware on Google Play steals Viber photos and videos
BBC News reports:
An online petition calling for a second EU referendum has been hijacked by automated bots adding false signatures.
Posts on the 4chan message board indicated that some users had scripted programs to automatically sign the petition.
Th… Continue reading Automated bots bombard EU referendum petition with fake signatures
Looks like Comodo has had second thoughts about entering a trademark dispute over the term “Let’s Encrypt”, as Steve Ragan at CSO Online reports:
A Comodo staffer, Robin Alden, said that the company had abandoned their let’s encrypt trademarks.
“Comodo… Continue reading Comodo stands down from trademark tussle with Let’s Encrypt
The Mirror reports on Michael Robinson, who is taking British broadband provider TalkTalk to court after they were hacked and he suffered at the hands of scammers:
Mr Robinson, of Whitburn, near Edinburgh, who is claiming “substantial” compensation said: “We have suffered mentally.”
TalkTalk reveal more than 150,000 customers and 15,000 bank accounts hacked
He says the crooks also got hold of his wife’s details and photos of his children.
His bank refunded £257 after a conman called, saying he was from TalkTalk.
TalkTalk said: “Scammers only had minimal, inconsequential information.”
Minimal? Inconsequential? Hmm. Personally, I think minimal information would have been zero.
The scammers exploited information about TalkTalk customers (including names, dates of birth, address, email address, phone numbers, full bank account numbers and sort codes) seemingly stolen through an elementary SQL injection attack on the TalkTalk website.
In the hands of a criminal such information can easily be used in a scam telephone call to trick the unwary into believing they are talking to a member of TalkTalk staff.
TalkTalk, however, only offered to waive affected customers’ termination fees if victims could show that they had lost money as a direct result of the information above being stolen, not as a consequence of a subsequent scam phone call using the sensitive data.
TalkTalk would be wise to consider that trust takes years to build, seconds to lose, and a lifetime to regain (if you’re lucky).
Every one of those scammed customers will never use TalkTalk again, will tell all of their friends and family never to use TalkTalk, and some may even – like Michael Robinson – be tempted to seek financial redress through the courts.
A long time ago, Intel used to have its own anti-virus product. They called it Intel LanDesk Virus Protect.
Intel LanDesk got gobbled up by Symantec in 1998, and most of us thought that the chip giant had quit the security business.
Fast forward 12 ye… Continue reading Intel to quit the security business (again), and jettison McAfee?
Interesting exploration by Joan Goodchild of CSO Online about the privacy issues facing YouTube vloggers:
Unlike television and movie stars, these online celebrities face a different kind of privacy challenge because, by nature of the work they do, they are expected to be accessible and to interact with fans.
Keeping things private and running a successful video log (vlog) are not exactly two compatible goals. This is because, according to LaToya Forever, an online personality with two popular vlogs on YouTube, one of the secrets of YouTube success is keeping things “100 percent real and genuine.” This means broadcasting everything from adorable kid moments to family drama for the world to see.
“Sometimes it’s hard to wade through and decide what to share and what not to share,” said Nikki Phillipi, a lifestyle vlogger with over a million subscribers.
I understand the appeal to many of watching vloggers who are sharing their personal lives in a “100% real and genuine” fashion, but how on earth can they hope to balance such a lifestyle with privacy?
Read more on CSO Online.
Continue reading Privacy, risk and trolls: Dealing with the security challenges of YouTube fame