An IT company in Finland has come across a major security bug in WordPress 3 websites that could let hackers post comments on posts with malicious code. The bug is technically able to affect 86 percent of sites running WordPress, meaning that a large number of sites must change their security settings to avoid attacks.
Face it. You have hundreds of different logins and accounts to services and websites all over, and you will never ever remember all passwords for each. That is, unless you reuse some simple password for each. But then the risk of getting hacked and having your accounts and identity compromised shoots into the stratosphere.
The primary email system for the United States State Department has reportedly been shut down temporarily after a hack took place. A planned outage originally took down the unclassified system on Friday, and repairs and upgrades are still being made. A report from the Associated Press states that “activity of concern” was recorded, and that prompted the system’s shut down and investigations into the activity.
The latest major retailer to suffer a security breach is Home Depot, and the company has confirmed hackers targeted a database filled with 53 million customer e-mail addresses. That database was hacked, and point-of-sale systems were also impacted in the United States and Canada.
Major smartphones like the iPhone 5S, iPhone 6, and Galaxy S5 have fingerprint scanners that have all but replaced the need for regular passcodes for most people. Unfortunately, fingerprint locks are not being treated the same way as regular passcodes, and that has been seen in a court case in Virginia. Judge Steven Frucci says cops can force people to hand over their fingerprint just like a physical item such as a key, but the same is not true for passcodes.
A security flaw has been discovered in Find My Device from Samsung, a feature that helps people locate their smartphone or tablet. Security researcher Mohamed Baset has demonstrated the potential for people to use Find My Device to actually take over a Samsung device.
Staples has launched an investigation into a possible security breach that may have left customer credit cards vulnerable. The office supply retailer’s locations in the northeast may have been affected, according to reports. After it was found there was a trend of fraudulent credit transactions that could be tied back to Staples, the company publicly acknowledged an investigation on Tuesday.
Last I checked, USB ports can’t transfer herpes, but perhaps there’s a computer equivalent to STDs that you need to actively avoid. Enter the USB condom, which is now a real thing. When you charge your devices through untrustworthy USB ports (what crazy USB hubs are YOU hanging out at?), you can use the USB condom to create an extra layer of security for your devices. Thus, you don’t have to worry about your device leaking access to all your mobile secrets.
Hackers are very often breaking the law, but that doesn’t seem to phase them according to a new survey. Thycotic, a password protection firm, interviewed a group of 127 hackers during the Black Hat 2014 conference and tried to figure out what motivates them and how they think about getting caught. The majority of hackers just do it for the fun provided by hacking while 19 percent admit to having a financial motive.
Every other week we’re greeted with fresh articles about new malware attacks or network exploits/vulnerability. Even if one hasn’t been directly affected by such incidents, the perpetual flow of news is concerning nonetheless. Considering that internet connectivity is king and the internet-of-everything is touching, well, everything, fears are completely justified.
The NSA’s British counterpart, GCHQ, is now accrediting certain university degrees from some of the top colleges in the United Kingdom, including Oxford. The accreditations are provided with some online security degrees, and they are essentially the GCHQ’s stamp of approval which could help students find jobs at the government agency once they graduate.
There are legitimate reasons for a country like China to worry about the NSA and other spy agencies, but the Chinese government is taking things quite far by banning the use of many foreign security programs. Software from Symantec and Kaspersky Lab has been added to a list of banned security software, meaning programs from either company can no longer be used by members of the Chinese government.