criticalmass24 writes: As you may have heard by now, some seven million Dropbox credentials have been dumped on the Internet, much to everyone’s exasperation. The company has denied being hacked, pointing the finger to third-party services instead.
Some 420 username and password pairs went public on Pastebin, but the poster says there are 6,937,081 entries in the database, which will get published if Bitcoin donations are made.
criticalmass24 writes: A massive batch of credit and debit card information that went on sale on a criminal Internet site Tuesday may be from Home Depot stores and could be linked to hackers previously responsible for breaches at Target and P.F. Chang’s, security experts say.
The credit card information was first offered up for sale Tuesday on an underground site that trafficks in stolen financial information, security author Brian Krebs reported on his blog, Krebsonsecurity.com.
criticalmass24 writes: It seems like there’s a sort of epidemic going on in the US as online services keep going down. After troubles over at Facebook and Gmail, it seems that ISPs are also getting “infected.” Time Warner Cable has been having troubles for the past few hours. While issues have been signaled in several areas of the country, it looks like the most affected area is the East Coast. Subscribers from North Carolina, New York, Pennsylvania, Maine, Indiana and more are reporting connectivity issues.
criticalmass24 writes: As military police forces gather around Ferguson, trying to quell an angry, frustrated, and betrayed population, some people are taking their fight online. ‘OpFerguson’, being spear-headed by members of the hacktivism collective Anonymous, launched a couple of days ago.
criticalmass24 writes: On July 16th Lookout wrote about a new “police ransomware” on Android. They named it ScarePakage. (aliases : Eset:Android/Locker.B , Kaspersky:Trojan-Ransom.AndroidOS.Aples.a) It (or a variant ? seems Norton focused here) is advertised on underground since beginning of July as “Android Locker” by the seller of a fork of Titan Browlock System.
criticalmass24 writes: On Monday, the hacker group AnonGhost Team (@AnonGhostTeam) announced on Twitter that they managed to break into the systems of the Israeli government and extract the usernames and passwords of 175 user accounts, which they posted in plain text on Pastebin.
criticalmass24 writes: In a profound win for digital privacy rights, the Supreme Court ruled Wednesday that police officers must obtain a warrant before searching your phone. If they don’t, the search is illegal—a violation of the U.S. Constitution’s Fourth Amendment.
criticalmass24 writes: Microsoft is warning customers that the end is soon coming for Windows 7 in much the same way it came for Windows XP earlier this year. Microsoft will end free mainstream support for Windows 7 on January 13, 2015.
That means no more security patches if hackers find holes, no more updated features or performance improvements.
criticalmass24 writes: Cloud storage services like Dropbox have made it simple to store and share files with family, friends, and coworkers. Unsurprisingly, unscrupulous individuals have also managed to pervert those features to spread malware, in particular, the kind that holds your files hostage until you pay a sweet fee, as narrated by anti-phishing company PhishMe.
criticalmass24 writes: On Sunday, all readers trying to access any article on reuters.com were redirected to a landing page on a website controlled by the Syrian Electronic Army (SEA), supporters of Syrian President Bashar al-Assad.
The page contained the message in the image above, and this time, unlike other occasions, the Reuters website or employees were not at fault, as the hackers directed their phishing efforts towards the advertising network Taboola, that loads code dynamically into Reuters’ website in order to display recommendations.
criticalmass24 writes: A modification of the infamous CryptoLocker ransomware Trojan that does not rely on the 2048-bit RSA encryption and does not communicate with a command and control server has been found in the wild.
Although the GameOver Zeus botnet, also used by cybercriminals to distribute CryptoLocker ransomware, has been dealt a heavy blow by law enforcement agencies, variants of the file-encrypting malware are still available in the wild.
criticalmass24 writes: U.S. telecommunications company AT&T has confirmed security breach by its service provider, which compromised personal data of customers such as social security number, call records and more.
AT&T confirmed that the breach occurred between April 9 and April 21, but the company has disclosed the breach to California regulators recently. If such an incident affects at least 500 people, the law in California requires a company to reveal the total number of customers affected by the breach. However, AT&T has not disclosed the number of subscribers whose personal data was compromised as a result of the breach.
criticalmass24 writes: Ryan Gosling isn’t just a famous and talented actor (handsome too!), Ryan Gosling is famous in ways many fellow thespians will never be: he is Tumblr and Reddit famous. He has memes and a very loyal and large fanbase online that would do anything to support him and spread the word on his talent, beauty, and overall awesomeness.
Imagine what happened when Ryan Gosling suddenly decided to break his silence and, for once, share a very personal detail of his life on Facebook. This Sunday was Father’s Day so, when everyone took a moment to celebrate the most important man in their life, Ryan wanted to be a part of the experience and, at the same time, share something with the fans.
criticalmass24 writes: Security researchers appear to have bumped into a new remote access Trojan that manages to view encrypted traffic in plain text by routing the connection through the attacker’s domains.
Naming it Dyre or Dyreza, security researchers point out that the Trojan relies on browser hooking to intercept traffic and direct it to a command and control center owned by the attackers.
By using this technique, the victim is unaware that information is siphoned out to the cybercriminals and the session continues to appear as run through HTTPS.
criticalmass24 writes: 42-year-old Marcel Lehel Lazar, better known as Guccifer, the hacker that gained unauthorized access to email and social network accounts of high-profile public figures, has been charged in the United States.