Web Security »
FBI wants backdoor wiretapping access to Google, Facebook, and other popular websites
The Communications Assistance for Law Enforcement Act in the United State allows law enforcement to wiretap internet communications, like VoIP (typically a warrant is needed for such wiretaps but there are so many “national security” loopholes nowadays, it is hard to tell). But the law only applies to internet service [...]
Read More »Google releases Chrome Office Viewer extension, will help you avoid those pesky virus-infected Office files
Google just released a new Chrome extension called the Chrome Office Viewer — it of course let’s you open and view Microsoft Office files (Word, Excel, and PowerPoint only) directly in your browser. It sounds like just another way to make things more convenient (and make Chrome OS sound more [...]
Read More »[Windows] Easily block porn, phishing, and malware websites with DNS Angel
The internet is an extremely dangerous place, even for adults. At any given moment, we can have our sensitive information stolen, run into a phishing scam, catch a virus and come across the occasional site that advocates pornography (some of those ads can get pretty risqué). As adults we know [...]
Bing shows five times more malware websites than Google, according to study
Search engines like Google and Bing index the web. The web contains thousands (millions?) of malware links, either malicious websites or malicious downloads. So it shouldn’t surprise anyone that malware links can be found when searching via a search engine. The people at major search engines, including Google and Bing, [...]
Read More »Apple may have fixed their password security hole, but you should probably enable two-step verification
Just in case you missed it, Apple made a pretty serious boo-boo on the security front yesterday. The security issue was that Apple’s iForgot password reset tool was made vulnerable to hackers — if they managed to manipulate the URL in the date of birth page, they could reset your [...]
Read More »Is Apple losing its touch? Major security hole allowed hackers to easily reset passwords to Apple accounts using iForgot
There was a time when Apple products were popularly recognized as being secure. Or at least more secure than the competition. For example, for the longest time Mac OS X was synonymous with “doesn’t get viruses” (which, of course, has never been true — malware makers just never targeted Macs [...]
Read More »Internet-wide scan reveals millions of devices are exploitable due to use of default passwords like “admin” or “root”
A researcher, who has chosen to remain anonymous, has performed an internet-wide scan to determine the security level of gadgets like printers, webcams, and set-top boxes all across the world.
The scan was done by using the researcher’s custom-written code to send out more than 4 trillion messages. To put [...]
Read More »Evernote is hacked and passwords are stolen
After many famous companies admitting that they have been hacked, it is now the turn of Evernote, the market leader in note taking apps. In a post on the official blog, the developers revealed that they “discovered and blocked suspicious activity on the Evernote network that appears to have been [...]
Read More »Flaw in HTML5 allows websites to bombard you with data until your hard drive is full
So you thought you would be safer with Flash gone and HTML5 taking over? Generally speaking, you are probably right — but not in this particular situation. Computer science graduate Feross Aboukhadijeh has demonstrated a proof-of-concept that allows websites to download unlimited amounts of data to your computer… until your [...]
Read More »Facebook system flaw gave a hacker access to every single person’s entire account
Nir Goldshlager runs a “Web Application Security Blog.” He’s also happened to find a variety of security holes and exploits on sites like Facebook, Twitter and PayPal. His latest discovery, however, was a glaring hole in Facebook’s OAuth system: Nir was able to find a flaw that gave him access [...]
Read More »Microsoft is hacked by same people who hacked Facebook and Apple
Is the Chinese or Eastern Europeans? Maybe someone else? We don’t really know. All we know is there has been a recent string of hacks against multi-million and multi-billion dollar corporations in the past few months. Microsoft is now the latest victim.
According to a blog post, Microsoft “found a [...]
Read More »NBC website is hacked, visitors are infected with malware via drive-by attack
We have had a lot of hacking stories lately on dotTech simply due to a sudden spike in public cybercrime incidents. However, by and large the most recent incidents were either low-key (e.g. Twitter attack hacked) or aimed at the corporate sector rather than ordinary citizens (e.g. Apple hack). That, [...]
Read More »Is China innocent? New reports claim cyber attacks on Facebook, Twitter, and Apple came from Eastern Europe
After recent cyber attacks on high-profile companies like Facebook, Twitter and then Apple, everyone seemed to be pointing fingers at China. But now reports have surfaced claiming that the attacks on those companies originated from Eastern Europe.
An Eastern European gang, that is determined to sell company secrets like research [...]
Read More »Nobody is safe: Apple is attacked by Chinese hackers through Java vulnerability
In a statement released yestreday, Apple has disclosed that a number of their employees’ Macs have been compromised by malware through a vulnerability in the Java plug-in for browsers.
The website that was infected and considered responsible for hosing the malware has been identified as ‘iPhoneDevSDK’, an online forum for [...]
Read More »Seductive women are tricking men into stripping on webcam, then blackmailing them [Video]
The Singapore Police Force has reported a sudden rise in the number of “cyber blackmail” cases being reported. The cases are also similar in that the primary target are men, and that they are tricked through social media networks.
There have been 50 cases in the last year alone that [...]
Read More »Burger King Twitter account is hacked, turned into “McDonalds” [Image]
![Burger King Twitter account is hacked, turned into “McDonalds” [Image]](http://cdn.dottech.org/media/2013/02/burger_king_hacked_image-290x160.jpg)
As with most companies nowadays, Burger King has an official Twitter account. (Yes, even dotTech has a Twitter account even though I don’t consider us a company per se.) It is not entirely clear who did it or how they did it, but today Burger King’s Twitter was hacked… and [...]
Read More »Browser toolbars aren’t just annoying — they can be dangerous, too [Image]
![Browser toolbars aren’t just annoying — they can be dangerous, too [Image]](http://cdn.dottech.org/media/2013/02/bad_toolbar-290x160.png)
Most of us dislike having toolbars in our browsers because they are annoying; not only do they tend to hijack our homepages, but they use up a lot of screen real estate, making it more difficult to surf the web… especially if you have 12 toolbars installed in one browser. [...]
Read More »Facebook was hacked last month and is only admitting it now
The same time the Wall Street Journal, New York Times and Twitter were attacked, there was a fourth company that also fell victim to a “sophisticated attack.”
Facebook, which is home to more than a billion users worldwide, was hit by a zero-day exploit that installed malware on [...]
Read More »WARNING: Someone is spoofing dotTech’s email to send spam, don’t be fooled!
Hi dotTechies,
I just wanted to give everyone a head-up that some scumbag is using dotTech’s email to spend spam emails.
If you receive an e-mail from “admin@dottech.org” that is not characteristic of the emails we send (i.e. not an article or comment notification), then the email is probably spam. [...]
Read More »US Federal Reserve website is hacked, and the stolen data is published online by the hackers
Hackers have managed to access one of the US Federal Reserve’s websites and steal a “limited amount of data,” according to a statement. The notice that was sent via the Fed’s Emergency Communication System, however, warned that email addresses, phone numbers and other contact information had been stolen and published.[...]
Read More »In the wake of (alleged) cyberwarfare by China, US president now has the power to order (preemptive) cyber attacks
According to a report by The New York Times, a secret White House legal review has granted the president of the United States the legal authority to order preemptive cyber attacks against a target (which can be a country), when there is credible evidence of a pending attack.
Officials [...]
Read More »China is “the most sophisticated and prolific” hacker of foreign firms, says Google’s Eric Schmidt
An upcoming book co-authored by Google’s Eric Schmidt and Jared Cohen was previewed by The Wall Street Journal, and it looks like China’s reputation as of late isn’t going anywhere anytime soon.
The book is called The New Digital Age, and it says that China is the ”the [...]
Read More »Twitter is hacked: 250,000 user accounts compromised
No one’s really safe from hackers these days, with Twitter joining the New York Times as one of the recent victims of security breaches recently. Twitter announced in a blog post that it detected unusual access patterns during the week, which led them to discovering attempts to access user data. [...]
Read More »New York Times hack shows your antivirus won’t protect you from zero-day attacks
Some may call it obvious but just having antivirus software installed isn’t going to help you much if hit by zero-day attacks. The New York Times had antivirus from Symantec (Norton) installed on the devices connected to their network, but that didn’t stop Chinese hackers from retrieving usernames and passwords [...]
Read More »Google wants your next password to be your phone or a ring on your finger
The traditional password is now considered by many to be a security flaw. A combination of characters that can be cracked or even guessed is probably not the best way to safeguard our online lives today, and services like LastPass or 1Password provide an alternative through their software-generated passwords. But [...]
Read More »Oracle issues Java update to fix latest exploit, but security experts say to still stay away
You know that latest Java exploit that had the world up in arms, with Firefox and Apple blocking Java and U.S. Department of Homeland Security recommending people disable Java? Yeah, well, Oracle has issued updates to Java to address and plug the exploit.
According to update notes released by Oracle [...]
Read More »Dangerous Ruby on Rails bug makes more than 240,000 sites vulnerable, including Hulu and Github
A critical vulnerability in the Ruby on Rails framework has been discovered to bring devastating effects to those affected. One of the developers that confirmed its existence, Ben Murphy, says that it “gives hackers a simple and reliable way to pilfer database contents, run system commands, and cause websites to [...]
Read More »Yahoo! Mail quietly adds HTTPS security option
It looks like Yahoo! has learned its lesson when it comes to security. After its mail service was recently hacked by an XSS exploit, the company has not only patched the problem but is also quietly rolling out an HTTPS option for its users.
HTTPS or Hypertext Transfer Protocol Secure [...]
Read More »Firefox is going to start forcing HTTPS usage for sensitive websites, to thwart man-in-the-middle attacks
After reading the title of this article, you must be thinking “sounds like what HTTPS Everywhere does”. No, not exactly.
You see there are some websites out there that use HTTP Strict Transport Security (HSTS), a protocol that forces browsers to default to HTTPS when connecting to the website in [...]
Read More »Fake e-mail from “Microsoft Windows 8 Team” claims to give you free Windows 8 but is actually a phishing attack
We have seen many e-mail scams, ranging from e-mails that try to steal your information to e-mails that try to infect your computer with malware. In particular one fake e-mail was particularly clever because it used the cover of a real Microsoft e-mail to infect your computer. Now there is [...]
Read More »These are the top 25 most used passwords for 2012 — can you guess what they are?
Ever wonder what are the passwords people use the most? SplashData, a software company that makes password management programs and apps, has compiled its annual “Worst Passwords” list for 2012, which gives us some insights on what the most popular bad passwords used by people. The top three most used [...]
Read More »How to create strong passwords and have secure accounts [Tip]
It seems like with the increasing level of access to technology on a global scale, there are increasing numbers of scam artists, hackers, pricks, punks, assholes, scumbags, etc. that try to find ways to make everyone’s digital life a bigger pain than it needs to be. There are [...]
Read More »India sends more spam than any other country, followed by Italy and the United States
Curious as to who you can thank for those glorious spam emails you receive? India, Italy, and United States, the top three countries when it comes to number of spam sent from July 2012 to September 2012.
According to the “Dirty Dozen” report by SophosLabs, a UK-based digital security firm, [...]
Read More »These are seven new malicious emails you should stay clear of — emails from YouTube, Google, Facebook, LinkedIn, British Airways, and DHL Express
dotTech has gotten into the habit of warning our readers about web security issues, namely malicious emails that make their rounds in the inboxes of people around the world — such as the fake Windows Update password stealing email and the fake email from Microsoft. The following are seven new [...]
Read More »All Chrome users need to check for a “Settings Protector” extension — it may be malicious
Reports are emerging of an extension by the name of “Settings Protector” is installing itself in Google Chrome for some users. It isn’t entirely clear where this extension comes from, how it is being installed, what it does, or if it is Windows-only or affects other platforms too. However, because [...]
Read More »12