As it turns out, not all smartphone users are made alike. researchers can detect and identify users simply comparing gestures and usage of each individual. The findings are based on a study by cybersecurity researchers at the Georgia Institute of Technology. Called LatentGesture, it’s capable of an accuracy 98% of the time on smartphones. Read more
Freelancing 101 starts in less than a week! Don’t miss your last chance to save $25 on full registration for this online boot camp with code FLANCE25! Starting April 28, this online event will show you the best way to start your freelancing career, from the first steps of self-advertising and marketing, to building your schedule and managing clients. Register now!
Malware is following us from our computer to our phones – so much so it’s now easier to obtain malicious malware from any mobile ads, even if you’re not using your phone to watch porn.
The findings come from Blue Coat: in February of 2014, 1 in 5 attacks on mobile phones actually came from malicious ads. That’s a 400% increase insect Nov. 2012, compared to porn, which fell to only 16% of all attacks. Read more
Security researcher, Jaime Sanchez has been blocked by Snapchat after publishing vulnerabilities about the ephemeral texting app. According to the cyber security-consultant, the app can be used to stage a denial of service attack (DDoS). This means, anyone using the app can lose their ability to use their phone if hackers were to target large numbers of Snapchat users.
The security flaw uses a weakness in Snapchat’s system that allows any sender to reuse old tokens, a code used to verify user’s identities. By re-using old tokens, hackers can disable a user’s phone by using computers to send thousands of Snapchat messages, usually causing the device to shut down. Read more
Snapchat’s security issues are aplenty, and the latest attempt to keep out the robots with the app’s mascot ghost was no real deterrent for hackers. The app introduced the new feature on Wednesday – users had to select illustrations with the ghost mascot in order to proceed as a real person. Unfortunately, since the ghost is a repeating image with no real geometrical changes, a simple image detection hack took a developer less than one hour to crack.
In a blog post about the techniques, computer programmer, Steven Hickson said he was able to hack the app’s Ghost Captchas in less than 100 lines in about one hour: Read more
Between the dates of December 23,2013 and January 16, 2014, waves of malicious emails were being sent in blurts of 100,000 spam messages several times every day. The culprit? Hacked devices like smart televisions, security cameras, and even one television, which accounted for more than 25% of the malicious messages.
The findings were made by UK security firm, Proofpoint, who pointed out that the internet of things can be just as valuable to hackers as your laptop, desktop, or mobile devices, especially when they are set up with default passwords or just misconfigured. Since these items are not subjected to malware filters or security software like typical computers, they are easily targeted by hackers. Read more
The year’s two popular subjects, healthcare and security makes an uneasy companion, but with the State Department terminating its contract with the site’s developer’s, CGI Federal, it was only a matter of time until the security gaps started to leak from Healthcare.gov with millions of Americans signed on for national health coverage.
For security researcher, David Kennedy, CEO of TrustTec, the site’s problematic lack of security has always been a problem, and he’s able to prove it. Kennedy was able to gain access to 70,000 records in just four minutes. He could have gotten more data, but at that point, his passive reconnaissance proved what security experts have been saying all along: You can literally just open up your browser, go to this and extract all this information without actually having to hack the website itself. Read more
App security, and security in general have been a major focus for most developers and retailers, especially since the security hack of Neiman Marcus and Target during the holiday season. Now, the latest, is the negligent storage of usernames and passwords of Starbuck’s payment app, which was reported to be simply accessible by plugging a smartphone into a computer.
High end retailer, Neiman Marcus, is the latest victim of credit card hackers – the department store reported that it has been receiving notices from fraud claims following accounts of unauthorized payment activities, just weeks after Target announced a major security breach. According to previous reports, upwards of 70 million Target customers have had personal data exposed – names, phone numbers, emails, mailing addresses, and more.
The findings indicate that the breach of data occurred in mid-December, around the same time that Target reportedly had its major breach of credit card data. According to undisclosed sources, the attacks also targeted three other retailers besides Target and Neiman Marcus, prompting the involvement of the US Secret Service as well as the Department of Justice. Unconfirmed sources point to Eastern Europe for the source of cyber hackers, but no one or even groups of individuals have been accused. Read more
In a much belated blog post, Snapchat finally apologizes for the large security breach of the app, which left 4.6 million usernames and numbers accessible for hackers to find and distribute.
The software company first acknowledged the data leak during an announcement on January 2, 2014, but offered not so much as an apology, but an I told you so. In that same blog post, the company admitted to knowing about a report detailing the Find Friend security flaw in August of 2013 – a finding that should have alerted the company to potential hacks, and subsequent changes.
A smartphone killswitch is the beacon of hope for lawmakers and law enforcers. When activated, it would prevent a smartphone from being used once stolen or lost, which would deter phone thieves and the violent crimes that phone theft have been inducing.
Unfortunately, the killswitch has been met with a lot of resistance from cellular carriers who have little to profit from protecting phones from being stolen, but that resistance might be futile if San Francisco’s Attorney General, George Gascon gets his way this January when state Senator Mark Leno will introduce a bill mandating kill switches for all new smartphones in California. Read more
NEXT PAGE >>