There has been quite a bit in the news this week about “forged cookies” and “forged cookie attacks”, but little to actually explain them. A forged cookie attack is exactly what it sounds like though: a way for hackers to forge the information in your browser cookie, and when that information includes an authentication mechanism, voila! They can log into your account.
A new malware scam is hitting email inboxes. The email sample that we have comes from an email address at thomaskeller.com (ours is specifically from email@example.com), and claims to have received an invoice from your company. They even include your company name in the email, making it seem more legit. But it isn’t.
You know you need to apply the urgent Apple security update on your jailbroken iPhone. While you can’t do it without restoring your iPhone to its unjailbroken state, it’s very easy to get the update installed and then rejailbreak your iPhone. Here’s our step-by-step tutorial for how to install the iOS security update on your jailbroken phone, with screenshots.
Now that the Impact Team hackers put the data of all 37 million Ashley Madison users online, you may be wondering how to check to see whether your email address is exposed in that data dump.
Rob Pegoraro at the Washington Post has a great article which makes tons of sense. It’s all about how to shore up your brand new computer’s protection against Internet nasties before the nasties have a chance to attack. You know, the old “ounce of prevention is worth a pound of cure”.
If you have been searching for cloud-based online backup solutions, and in particular if you are looking for safe, free online backup services or cloud storage, then your best bet may be to create your very own free online backup solution, creating your own backup and storage solution in your own cloud. (This is particularly true given the recent court decision that says that agencies don’t need a warrant to access your personal data if it is stored in a cloud storage service.) You can even create your own DropBox style folders to share your files with others! You will need to make a small investment up front, but we show you how to do it, and you can do it for under $175 total – less than you would pay many online backup services in just the first year.
If you’re wondering “What is blockchain” (also known as “block chain”), you’re not alone. Unless you’ve been following Bitcoin, you may only be hearing the term “blockchain” for the first time now, as it’s been in the news lately.
This morning many large, widely used Internet sites, including Twitter, Spotify, GitHub, Etsy, Vox, Paypal, Starbucks, Airbnb, Netflix, and Reddit, just to name a few, were taken down and offline owing to a massive distributed denial of service (DDoS) against DNS provider Dyn. Below is a list of all of the sites that we know have been affected – and may still be being affected – by the Dyn DDoS outage. Also, until it’s all fixed, here is a workaround. [UPDATE: It has been confirmed that this was the result of hackers taking advantage of unsecured Internet of Things devices, probably using the Mirai malware.]
Yahoo today released a statement indicating that a data breach that occurred in 2014 may be the most massive breach yet. Moreover, Yahoo is claiming that they believe that the 2014 breach was “state-sponsored”.
This is about: A massive data breach has occurred following the hacking of the servers belonging to Active Network, which processes online applications for hunting and fishing licenses in Oregon, Idaho, Kentucky, and Washington state. The hacker, calling himself “Mr. High”, claims to have acquired the personally identifiable information (PII) of those who have applied online for a fishing license or a hunting license in those states. Mr. High says that the information for each applicant includes their name, address,their date of birth (DOB), their height, weight, eye color, and the last four digits of their social security number (SSN). Some records also included email addresses and phone numbers.
Yesterday Apple released an urgent security date for iOS, affecting all iOS devices, such as iPhone, iPad, and iPod. Security update 9.3.5 is essentially a security patch, to fix not one, but three different security holes that have been known to be exploited by spyware created by an American-owned Israeli group known as the NSO Group. NSO Group was acquired by San Francisco-based equity fund Francisco Partners in 2014.
A new report by the UK’s top Independent Reviewer of Terrorism Legislation, David Anderson, says that bulk interception and acquisition of Internet and communications data is of ‘vital utility’ to security and intelligence agencies.
The BBC is reporting that there seems to have been a massive data breach of 200 million Yahoo accounts, with the data – which appears to be from 2012 – being offered for sale for 3 bitcoins ($1805 USD).