It’s something that no blogger ever wants to see: A message from a reader, telling you that something is wrong with your site. Hackers can do any number of things to your blog if they gain access to it, from installing malware to completely replacing your existing content with something else (usually offensive), to causing redirects to other harmful sites, or even locking you out entirely to make it difficult to reclaim your work. Not only does getting hacked mean several hours — or even days — of work to recreate your blog, but it can also damage your reputation if you don’t handle the recovery right. [Read more…]
Security firm Sucuri says they have already seen a large number of hacking attacks on the WordPress CMS platform. In its very first Website Hacked Report, compiled statistics of these hacking investigations. Most of these websites were running on the WordPress CMS platform for the past six years.
We hear about cybersecurity all the time, and we know “everything” we need to do in order to make sure that we are safe from unscrupulous individuals who branch out their illegal activities online.
Or do we?
On a personal level, you might have to admit that you do not change your passwords regularly or that you use the same password across several accounts. We know what happens when hackers get into the databases of credit card companies and even gaming entities.
On a larger scale, cybersecurity is even a bigger issue.
Twitter announced the inclusion of DMARC, a technology that prevents cybercriminals from sending emails to users via fake Twitter.com addresses.
On the company’s official blog Twitter writes:
“We send out lots of emails every day to our users letting them know what’s happening on Twitter. But there’s no shortage of bad actors sending emails that appear to come from a Twitter.com address in order to trick you into giving away key details about your Twitter account, or other personal information, commonly called ‘phishing’.”
Twitter implemented DMARC earlier in the month but chose to officially roll out its announcement after the Twitter accounts for Jeep and Burger King became the victims of hackers. [Read more…]
Aaron Swartz, a former employee at popular link sharing website Reddit was indicted this week for data theft after it was found that he had stolen more than 4 million documents from MIT and the academic journal and paper archive JSTOR.
District of Massachusetts Carmen M. Ortiz filed charges against Swartz after determining that he had broken into MIT to steal the documents.
Among his various serious charges are wire fraud, computer fraud and “obtaining information from a protected computer” plus criminal forfeiture, charges which could place Swartz behind bars for up to 35 years, while slapping him with a $1 million fine.
When not committing random acts of crime Swartz is actually the found of a non-profit organization called Demand Progress which examined public policy and the internet.
Demand Progress has released a statement in which they state that they don’t believe their founder “broke into” MIT facilities, noting:
“As best as we can tell, he is being charged with allegedly downloading too many scholarly journal articles from the Web. The government contends that downloading said articles is actually felony computer hacking and should be punished with time in prison.” [Read more…]
If you have every accepted a friends request and you weren’t sure if you actually knew the person you could be setting yourself up to have your account hacked. Facebook security protocols, while ever improving still leave a rather large loophole in the company’s infrastructure that hackers are implementing in their favor.
Here’s how the scam works. A Facebook user accepts friends requests from three people they “may have known as some time” at which point the hacker, who started all three accounts attempts to reset your password.
The hacker accomplishes this goal by telling Facebook that they no longer have access to the email account or mobile phone associated with the account (as shown in the screen grab above), they then incorrectly answer the security question you have entered at which point Facebook will ask them to have three friends help them verify your account by sending them a special code. [Read more…]
Over the past few months, I’ve been writing a lot about cyber crime and security vulnerabilities, especially as it impacts social media and blogs. The April 1, 2009, expansion of the Conficker/Downadup Worm Infection worried many as the 1 in 16 ratio of infected computers increased dramatically around the globe and attacks were aimed at social media services like MySpace, Facebook, and Twitter.