We’re all familiar with how a login page works. We type in a username and password, and possibly a code sent to our phones, to a form. We click the submit button, and all of that data is sent to a server. That data is checked to a database, and …
Read More »NOT AGAIN: Syrian Electronic Army strikes at another Microsoft website
You would have thought that after a series of embarrassing hacks by the pro-Assad Syrian Electronic Army that Microsoft would have increased the level of security. Well, if they did, then it obviously didn’t work. The Syrian Electronic Army have managed to take over the Office Blogs website. In a series …
Read More »Yep, Snapchat still sucks at security – new anti-spam measure cracked in less than 30 minutes
Image: Screenshot from TechCrunch It’s been a bad few weeks for Snapchat after many people called into questioned how secure users were on the service – especially given how dismissive they were to an exploit which lead to 4.6 million usernames and phone numbers leaked, and a sudden increase in spam. However, …
Read More »Yahoo resets passwords after hackers attacked email service
Yahoo has said that it will be resetting passwords of several users after it identified a “coordinated effort to gain unauthorised access” to those users Yahoo Mail accounts. The company did not share much detail about the attack, like how many accounts were affected. It did say, however, that the …
Read More »Canadian ISP Bell suffers huge data breach – and they’re still quiet
Thousands of customers of Bell Canada – the country’s largest ISP – have had their personal information leaked online by a hacking collective known as NullCrew. The leaked data mainly consists of customer’s email addresses and passwords, but also includes modem passwords and partial credit card numbers of 127 Bell …
Read More »Tumblr turns on SSL encryption – but it’s not by default
Like Facebook and Twitter, Tumblr has announced that it now supports SSL encryption – meaning that you will have an extra layer of security whenever you visit the website. However, there is a catch: it is not turned on by default. You will need to go to your account settings and …
Read More »No, Commonwealth Bank is not running OpenSSL
Everyone is freaking out about Heartbleed – that massive security bug that may have comprised people’s passwords, usernames and other encrypted information. And rightly so. Many people are now asking companies if they used OpenSSL and if they used the versions that contained the bug. But when the Commonwealth Bank tried …
Read More »Google wants to make it easier to encrypt emails with new plugin
Google has today announced that it plans to support end-to-end encryption with Gmail via a Chrome extension, making it harder for others (such as intelligence agencies) to snoop on your emails. End-to-end encryption sees the sender encrypting data (in this case, an email) before it is sent to its intended …
Read More »Tweetdeck vulnerability allowed attackers to execute code in 140 characters
If you happen to be using Tweetdeck, then you would be wondering why you were getting random pop-up messages containing messages such as “Yo!“, “XSS in tweetdeck” and “PENIS“. That’s because users discovered a XSS vulnerability that would attackers to remotely execute JavaScript code – all through a simple tweet. XSS (or “cross-site scripting”) …
Read More »Catch Of The Day reveals user data was stolen – three years after it occured
The massively popular (and occasionally crashing) deals website, Catch Of The Day, has told its customers yesterday that they should change their passwords right now, after confirming they suffered a massive data breach. And while they confirmed that user information, encrypted passwords and a small number of credit card numbers were …
Read More »