It took Asus eight months to address a security flaw in some of its routers
If you own an Asus-brand router, do yourself a favor and check to see if there's a firmware update available. Depending on which model you own, you could be susceptible to an eight-month security flaw that could potentially allow a remote hacker to access your hard drives. A recent firmware release is supposed to plug up the security hole, it's just a shame it took Asus so long to address the issue. So, what happened?
There must not be anything to watch on cable, hence anyone can think of another reason why hackers are finding themselves so restless these days. In addition to Kickstarter suffering a security breach in recent days, Forbes acknowledged on Facebook that it was targeted in a digital attack in which its publishing platform was compromised, along with the email address of every single registered user.
Hackers stole customer data from Kickstarter's database
Kickstarter's rising popularity has apparently made it a target for hackers, some of which recently weaseled their way into the crowdfunding site's database and made off with some sensitive information. Some usernames, email addresses, mailing addresses, phone numbers, and encrypted passwords were compromised in the data breach, though Kickstarter says no credit card data was accessed.
It's surprisingly cheap to purchase stolen credit card details and full blown identities
Your identity is worth around the cost of two movie tickets, or a pair of tickets and a bucket of popcorn, depending on where you live. That's according to a menu of items available in the underground market, a place where you can purchase someone's Visa or MasterCard details, including CCV code, for a mere $4. Fancy yourself an American Express gent? That runs $7, versus $8 for stolen Discover Card details.
Adobe suffered a major security breach last month that compromised at least 38 million user accounts. In the wake of that attack, however, the top 100 passwords used by milliions of Adobe account holders have come to light, and it doesn't look pretty. If you're in a scolding mood, you could say that many Adobe users compromised themselves by using lazy passwords that are easy to guess.
If you're in the business of offering free antivirus protection, beware of hackers mucking up your website. The Palestinian hacker group known as KDSM Team recently targeted several well known companies, including AVG and Avira, makers of popular free (and paid) security solutions, and defaced their homepages (sort of). Whatsapp, a cross-platform messaging app for mobile devices, was also tagged.
Professional networking site LinkedIn recently found itself the recipient of a class action lawsuit alleging that the company has been hacking into its users' email accounts and downloading their contacts, which it would then use to send out marketing materials. Furthermore, the lawsuit alleges that LinkedIn essentially impersonates its users. Blake Lawit, Senior Director of Litigation at LinkedIn, denied the accusations in a blog post.
Apple recently pulled the plug on its developer portal after an "intruder attempted to secure personal information" from the site, the Cupertino company indicated in an email and in a message on its website. The company went on to say that while sensitive information was encrypted and cannot be accessed, it couldn't rule out the possibility that some developers' names, mailing addresses, and/or email addresses may have been accessed, and indeed they were.
Over the past month, hackers apparently bombarded a Nintendo fan site with over 15 million fraudulent login attempts, nearly 24,000 of which were successful. As spelled out in The Japan Times, Nintendo is warning customers in Japan that the massive breach resulted in sensitive user data being compromised, including real names, home addresses, phone numbers, and email addresses of Club Nintendo members.
Nearly 900 million devices running Android 1.6 or later at risk
The Black Hat USA 2013 security conference does not get underway until July 27, 2013, but there is already plenty to look forward to, with the folks at Bluebox Security dropping a bombshell by claiming to have unearthed a yawning hole in Android’s security fabric and promising to shed some technical light on the vulnerability during the upcoming conference.