News has broken that the unCaptcha automated system can once again bypass Google’s reCAPTCHA challenges, despite major updates to the security service. After unCaptcha was presented by researchers from the University of Maryland (UM), Google improved its security to bypass Google reCAPTCHA. Now unCaptcha has been modified and it is able to bypass Google reCAPTCHA again. The unCaptcha is able to bypass the audio challenges presented by reCAPTCHA, it could be also used to bypass other security systems such as BotDetect, Yahoo, and PayPal image challenges. Expert Comments below: Ryan Wilk, VP at NuData Security: “Captcha in and of itself is only one piece of the authentication puzzle.…
ISBuzz Team
News broke this week that an account posing as PayPal used a paid promotion on Twitter to bait users into sharing their personal information under the guise that they were entering an end-of-year contest, The Next Web reported this week. TNW reporter Matthew Hughes first reported the since-deleted promoted tweet from @PaypalChristm, which he said populated in his timeline. The tweet had several obvious signs of being a scam, which Hughes noted included not only its shady unverified account “with fewer than 100 followers,” but also a sketchy-ass promotional image seemingly designed to insinuate that a car and iPhone were up for grabs.…
In response to the news that Abine Blur Password Manager exposed user data online, a OneSpan expert offers perspective. Expert Comments below: David P. Vergara, Head of Security Product Marketing at OneSpan: “There are two important points to take away from this recent data leak. The first is that regardless of the promotion for “strong passwords,” they do not exist. It is well known that hackers have a wide range of techniques and tools to crack passwords of any complexity through brute force attacks, hybrid attacks (brute force w/ dictionary attack), mathematical systems like Markov chains for more complex passwords amongst others. Multi-factor…
Following the news that hundreds of German politicians have had their personal data – including credit cards details, contact details and private conversations – exposed online by hackers, please see the below comment from Jake Moore, cyber security expert at ESET UK. Jake Moore, cyber security expert at ESET UK: “Releasing personal data on politicians is far more targeted than we usually tend to see. However, officials in high powered positions must be all too aware of the associated risk and consequences of a breach. Luckily this stolen data is over a year old but assuming some credit cards are still active,…
n light of the news that a popular browser-based game called ‘Town of Salem’ suffered a data breach last week in which the personal details of 7.6 million users were stolen, please see the below comment from Jake Moore, cyber security expert at ESET UK. Jake Moore, Cyber Security Expert at ESET UK: “I would suggest this was a pre-planned time of year to release the data to maximise the impact on the community who have had the data stolen. Data breaches like this are far too commonplace nowadays, with an increasing number of people affected each time. However, hopefully there has…
A hacker duo claims to have hijacked thousands of internet-exposed Chromecasts, smart TVs, and Google Home devices to play a video urging users to subscribe to PewDiePie’s YouTube channel.The main hacker behind this hacking campaign –codenamed CastHack– is known online asTheHackerGiraffe. The hacker explained on Twitter that CastHack takes advantage of users who use incorrectly configured routers that have the UPnP (Universal Plug’n’Play) service enabled, service which forwards specific ports from the internal network on the Internet. Expert Comments below: Craig Young,Computer Security Researcher at Tripwire: “Many connected media devices, including Google Chromecast, have made the unfortunate design choice to…
Popular applications are automatically sending off user information without user permission to Facebook as soon as they are opened. Privacy International has pointed out this backend privacy issue and says the apps send information to Facebook even if the consumer is not a Facebook user. Expert Comments below: Chris Olson, CEO at The Media Trust: “While several of the actions can be attributed to analytics and performance purposes, the widespread sharing of consumer information for the purposes of enhancing the user experience is increasingly being called out. As expected, enterprises are finding it difficult to toe the line between delivering the…
Following a number of high profile data breaches at the tail end of 2018, Robin Tombs, CEO, Yoti, offers his advice to businesses looking to ensure they have the right protections in place for the safe storage of their consumers’ data. The Quora.com data hack in December 2018 and the data breach which affected Marriott International in November were no doubt a wakeup call for businesses to ensure they hold the data submitted to them by consumers securely. Across both cases, personal details, passwords, and email addresses of over a 100 million people were exposed – offering up a plethora…
Following the news that a group of hackers known as The Dark Overlord have stolen documents relating to 9/11 and are threatening to make them public if their ransom is not met, Jake Moore, Cyber Security Expert at ESET UK commented below. Expert Comments below: Jake Moore, Cyber Security Expert at ESET: “The problem with these sorts of demands is that there is usually little proof that the threat is as simple as they are suggesting. What’s to say that they even have new evidence? Or even if they did, they could then simply double the demands after the first…
Artificial fingerprints have been created by researchers atNew York University and the Michigan State University that have the potential to unlock devices. Those images could be used to hack into about a third of smartphones. Expert Comments below: Ryan Wilk, VP of Customer Success at NuData Security: “At the end of the day, this will work if you are specifically targeting someone, but will be impossible to scale minimizing the overall risk. While biometrics is a cutting-edge technology, it will have to be used with other identifiers as a piece to the puzzle of authentication. There is no one authentication…