Facebook hoovered up 1.5 million users’ email contacts without permission… “unintentionally”

April 18, 2019

For such an allegedly smart company, Facebook doesn’t half do some dumb things. Kudos to the team at Business Insider who were as bewildered as the rest of us as to why Facebook was asking some users to hand over the password of their email account, but also noted that the site appeared to then be scooping up users’ address books without requesting prior permission. As security-savvy folks around the…

Read More >>

Facebook’s role in Brexit – and the threat to democracy

April 18, 2019

British investigative journalist Carole Cadwalladr gave a passionate speech at the TED conference in Vancouver this week. Carole, you may remember, is the Observer journalist who helped expose Cambridge Analytica’s use of Facebook user data despite the social network’s threat to sue her newspaper if it published the story. In her speech, she challenges Facebook to acknowledge the extent to which it has become a tool for the spread of…

Read More >>

Man fried over 50 college computers with weaponized USB stick

April 18, 2019

It’s not as though 27-year-old Vishwanath Akuthota made it hard for authorities to prove that he was the person who destroyed $58,000 worth of college equipment in February this year. On Valentine’s Day, February 14th 2019, Akuthota walked around the campus of the College of Saint Rose in Albany, New York. He had graduated from the college in 2017 with an MBA, but as he was no longer enrolled, he…

Read More >>

Smashing Security #124: Poisoned porn ads, the A word, and why why why Wipro?

April 18, 2019

LastPass Enterprise makes password security effortless for your organization. LastPass Enterprise simplifies password management for companies of every size, with the right tools to secure your business with centralized control of employee passwords and apps. But, LastPass isn’t just for enterprises, it’s an equally great solution for business teams, families and single users. Go to lastpass.com/smashing to see why LastPass is the trusted enterprise password manager of over 33 thousand…

Read More >>

A third-party patch for Microsoft’s Internet Explorer zero-day vulnerability

April 17, 2019

The news that Windows users could potentially be at risk from an Internet Explorer vulnerability (even if they didn’t use Internet Explorer as their browser) was made all the more worrying by Microsoft’s seeming lack of urgency to produce a patch. Maybe Microsoft will produce a fix in due course, but in the meantime the smartypants at ACROS Security say that they have developed a micropatch that can protect against…

Read More >>

Extortion emails a go-go

April 17, 2019

Recent months seem to have seen a rise in extortion emails, designed to scare users into handing over their money. Last month, the folks at the My Online Security website warned of a sextortion email campaign that pretended to be from the CIA. The email claimed that your name, and personal details (including home, work and relatives’ details), had cropped up as part of an investigation into an international child…

Read More >>

It doesn’t matter if you don’t use Internet Explorer, you could still be at risk from this IE zero-day vulnerability

April 17, 2019

You might think that any security issues with Internet Explorer shouldn’t be much of a problem anymore. After all, most computer users have moved on to more modern alternative browsers like Chrome, Brave, Firefox, Safari, or Microsoft Edge. And even Microsoft itself has been warning companies of the “perils” of setting Internet Explorer as their default browser, as it is no longer being updated to support new web standards and…

Read More >>

High school election hacked by candidate who exploited weak passwords

April 15, 2019

Berkeley High School in California held its first ever elections for student government last month. Surprise surprise, as the Westport News reports, things didn’t run quite as smoothly as the school might have hoped. One day before voting was due to close, there was a sudden surge of votes for one of the candidates running for the position of class president. John Villavicencio, the school’s director of student activities, was…

Read More >>

Hackers could read users’ Outlook, Hotmail, and MSN email via compromised Microsoft support account

April 15, 2019

Over the weekend Microsoft confirmed that a “limited” number of Outlook.com webmail accounts had been compromised, allowing hackers to access users’ email addresses, folder names, subject lines, and the names of other email addresses with whom they corresponded. The tech giant told TechCrunch that the attached “affected a limited subset of consumer accounts”, but that paid-for enterprise customers were not affected. One of the unfortunate victims of the security breach…

Read More >>

Bayrob malware gang convicted of infecting over 400,000 computers worldwide, stealing millions through online auction fraud

April 12, 2019

A US court has convicted two Romanian hackers belonging to the Bayrob malware gang after they infected over 400,000 computers around the world, and stole millions of dollars. Bogdan Nicolescu (aka “Masterfraud”) and Radu Miclaus (aka “Minolta”), both of Bucharest, Romania, have been convicted by a federal jury of 21 counts related to the infection of hundreds of thousands of computers with malware in order to steal credit card details,…

Read More >>