Security Archives - Page 10 of 16

Spotify gets hacked

Revolutionary digital music streaming service Spotify has revealed a serious security breach that affected its servers before December 19th last year. The company thought that it had managed to fix it before any damage was done, but last week Spotify found out that “a group” of some sort had managed to gain access to information necessary to guess passwords.

Although security breaches are par for the course at most internet startups, so far Spotify had managed to avoid them. It’s almost a rite of passage for new companies. The company is recommending that anyone who hasn’t changed their password since December 19th to change it immediately, and is emailing all its users to that effect.

Official Spotify Blog

5 March 200929 May 2020 Duncan Geere Computer Security, Digital Music

Facebook changes terms of service, outcry ensues

A couple of weeks ago, Facebook changed its terms of service so that users won’t be able to delete their data if they leave the site. The blogosphere immediately erupted with criticism and it prompted a blog post from Mark Zuckerberg himself on who owns the data.

Facebook had been criticized for allowing a situation where someone could take a photo of you, upload it to the site, and then neither of you would be able to stop Facebook from using it for whatever purposes they like. You essentially waive all rights to the data.

Zuckerberg’s response to concerns is basically ‘chill out – we’re not going to take the piss here’. He doesn’t apologize, or even offer to soften the language – just asks users to trust the company. But how can users trust a company slowly eroding their rights?

Sure, odds are that Facebook isn’t going to suddenly abuse millions of people’s personal info, but if that’s the case, then why not retain the original language? Facebook has a history of communicating changes badly, and this is just another in a long line of screwups that include the profile redesign and the “Beacon” fiasco.

17 February 2009 Duncan Geere Intellectual Property, Web 2.0, Websites

Friendly hackers break into Kaspersky's US web site

Unfortunately it’s a fairly common occurrence for web sites to be hacked into these days, but there’s an additional sense of embarrassment when that web site belongs to a security software vendor.

Kaspersky, makers of anti-virus software, has had its US web site compromised by a group of “friendly” hackers. Friendly in the sense that they found the vulnerability that allowed them to gain access to a large amount of personal customer data, but then told the company about it instead of using it their ill-gotten gains…

10 February 200918 December 2015 Andy Merrett Internet

Computer virus leaves France DEFENCELESS from the air

Now let this be a lesson to you in what happens if you forget to keep your McAfee subscription updated. France’s Air Force has been grounded due to the ‘Conficker’ computer virus.

Despite forewarning from Microsoft themselves, the Air Force failed to prevent the spread of the virus, and now several Dassault Rafale fighters are out of commission. I just hope that the British Navy is better at keeping things up to date. Oh, wait.

(via Silicon Valley Insider)

More virus antics: Virus infects Royal Navy computers; sailors lose vital access to Facebook | Introducing the virus that farts at you, fool

9 February 200920 July 2019 Duncan Geere Computer Security

The UK's identity card scheme has one fatal flaw – no one's bought any card READERS yet

EDITOR’S NOTE: Please read this update while playing the theme tune from Benny Hill in the background.

The UK government may well be pushing ahead with its scheme to start rolling out ID cards to airport staff and other key workers in the security sector, but there’s one rather sizeable problem – the card readers. There aren’t any.

The government apparently failed to budget for the thousands upon thousands of card readers that…

6 February 200916 August 2018 Gary Cutlack Biotechnology, Computer Security, Computers, Intellectual Property

$250 kit lets you clone passport RFID chips just by driving past

Chris Paget isn’t a hacker, but he’s got the means to clone the RFID chip in your passport. Think of it as him doing you a favour. Using $250 of off-the-shelf components, Chris built a machine to sniff and clone RFID tags. During a 20-minute drive in downtown San Francisco, he managed to copy two passports completely unbeknownst to their owners.

Paget claims he only built it to show that it’s possible:

“It’s one thing to say that something can be done, it’s another thing completely to actually do it. It’s mainly to defeat the argument that you can’t do it in the real world, that there’s no real-world attack here, that it’s all theoretical.”

For a video of the device in action, click over the jump.

2 February 2009 Duncan Geere Computer Security, Travel Gadgets

VIDEO: Tmsuk T-34 security robot hits the net

Yet more proof that the Japanese rule the world when it comes to hilarious and slightly sweet robots. The latest purports to be a security robot, but I suspect that you’re more likely to be incapacitated with laughter at this dinky machine than genuinely caught.

It travels at 10kph, has microphones and body heat sensors, and it’s controlled by an external operator. It’ll catch your thief, but you’ll need a real person on the scene before the person can make it out of the net. It’ll be available in a couple of years, and will cost ¥800,000 (£6,700 or so). For a video of it in action, click over the jump.

23 January 2009 Duncan Geere Robots

Knockoff of iWork '09 contains Mac-unfriendly Trojan Horse

There’s a new Trojan Horse for Mac in town and it’s riding around in pirate copies of iWork ’09.

OSX.Trojan.iServices.A secretes itself in otherwise fully-functioning copies of Apple’s latest office software. It installs itself in a startup directory and gives itself full root privileges (in other words, it’s God to your Mac).

Security firm Intego is warning anyone who has downloaded installer software from filesharing/Torrent sites that they could now be infected. Intego’s latest updates for VirusBarrier X4 and X5 will now protect against and disinfect the virus…

23 January 200914 March 2021 Andy Merrett Software

Hackers planned massive bank swindle using keyloggers

Let me tell you a story. In 2004, in the dark of night, a gang of hackers broke into Sumitomo Mitsui Banking Corporation in the City of London. With the help of a security guard who was their ‘inside man’, they crept through the dark aisles of cubicles, installing keyloggers on the PCs to record employee’s login details.

22 January 200911 December 2017 Duncan Geere Computer Security, Computers

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie records the user consent for the cookies in the "Advertisement" category.
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent	1 year	CookieYes sets this cookie to record the default button state of the corresponding category and the status of CCPA. It works only in coordination with the primary cookie.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
__atuvc	1 year 1 month	AddThis sets this cookie to ensure that the updated count is seen when one shares a page and returns to it before the share count cache is updated.
__atuvs	30 minutes	AddThis sets this cookie to ensure that the updated count is seen when one shares a page and returns to it before the share count cache is updated.

Cookie	Duration	Description
at-rand	never	AddThis sets this cookie to track page visits, sources of traffic and share counts.
disqus_unique	1 year	Set to record internal statistics for anonymous visitors.
uvc	1 year 1 month	addthis.com sets this cookie to determine the usage of addthis.com service.
_ga	1 year 1 month 4 days	Google Analytics sets this cookie to calculate visitor, session and campaign data and track site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognise unique visitors.
_gat_gtag_UA_*	1 minute	Google Analytics sets this cookie to store a unique user ID.
_ga_*	1 year 1 month 4 days	Google Analytics sets this cookie to store and count page views.
_gid	1 day	Google Analytics sets this cookie to store information on how visitors use a website while also creating an analytics report of the website's performance. Some of the collected data includes the number of visitors, their source, and the pages they visit anonymously.
__gads	1 year 24 days	Google sets this cookie under the DoubleClick domain, tracks the number of times users see an advert, measures the campaign's success, and calculates its revenue. This cookie can only be read from the domain they are currently on and will not track any data while they are browsing other sites.

Cookie	Duration	Description
IDE	1 year 24 days	Google DoubleClick IDE cookies store information about how the user uses the website to present them with relevant ads according to the user profile.
loc	1 year 1 month	AddThis sets this geolocation cookie to help understand the location of users who share the information.
skimGUID	10 years	Set by Slimlinks, this cookie is a unique identifier provided to each device for log analysis to determine the number of unique users for various parts of skimresources.com.
test_cookie	15 minutes	doubleclick.net sets this cookie to determine if the user's browser supports cookies.
_ir	session	This is a Pinterest cookie that collects information on visitor behaviour on multiple websites. This information is used on the website, in order to optimize the relevance of advertisement.
__gpi	1 year 24 days	Google Ads Service uses this cookie to collect information about from multiple websites for retargeting ads.

Cookie	Duration	Description
wp_api	past	Description is currently not available.
wp_api_sec	past	Description is currently not available.
xtc	1 year 1 month	Description is currently not available.

Slowest broadband streets in UK revealed in new survey

Millions scammed online since tech giants pledged to tackle fraud

Temu shares slump with China slowdown, Oppo Find X8 series launches globally

Bluesky boss unable to give correct age limit for platform, Google forced to sell Chrome browser?

‘Black November’ gets off to slow start for e-commerce, research shows

Instagram to release algorithm reset feature, UK approves Google’s $2 billion Anthropic investment

Tag: Security