A number of Democratic Congressional leaders wrote Yahoo CEO Marissa Mayer a letter seeking answers about the breach of 500 million customer records.
Tag Archives: Privacy
Germany Orders Facebook to Stop Collecting Data on WhatsApp Users
A German privacy regulator issued an order this week prohibiting Facebook to stop collecting user data on German WhatsApp users.
Top 5 things you are revealing to the world when downloading torrents
Downloading torrents is certainly not as popular as it used to be but people still do it. The fact you may be able to watch a movie free of charge before it is even available in your town’s movie theatre may sound appealing, we wanted to highlight that this is illegal and your actions will have consequences.
In this blog post we are not going to focus on the consequences, we are sure you already know what happens to the bad guys. We want to stress on the type of information you are sharing with the world while downloading torrents;
Username and Password
Very often torrent websites require you to create a profile before you are able to download a torrent. Therefore you are forced to come up with a username and password. Having in mind people don’t enjoy using multiple passwords some folks end up literally giving their username and password without a fight. Imagine what hackers who crack software for fun could do with your personal information. It feels like getting a wolf pack to guard your sheep.
IP Address
You are sharing your IP address with both seeders and leechers. Almost every torrent client has the option to see details about the peers you are connecting with. Sharing your personal IP address with complete strangers is not the safest thing. Not all peers are there to help you, hackers masked as seeders/leechers are lurking around harvesting IP addresses.
ISP – Internet Service Providers
Your ISP knows what you are doing. Even though it is NOT in their interest, sometimes they are forced to share information with the law enforcement. Your ISP provider will not hesitate to share information about you when pressured by the authorities. After all torrents can be heavy and ISP providers are certainly not very happy when they see you abusing the unlimited data stream they offer you.
Traffic Information
Getting to download an actual torrent is not an easy task. You have to go through a whole bunch of shady websites so you can get to the point where you will download the torrent you want. There are a whole lot of ‘download’ buttons that download everything else to your device but the desired torrent. Even if the content you want to download may not be illegal, you share all your traffic information with the website admins. Remember what we discussed about the wolf packs.
Social Media channels
Torrent websites sometimes offer you perks when following them on social media. This immediately gives an idea to everyone interested about the type of people that support those websites. Even if you are not downloading or distributing any illegal content, engaging with them on social media channels and being active on torrent forums may drag you towards a group of people you don’t want to be in.
Peer to peer file sharing is not always illegal but you have to keep in mind that very often cheap things end up being expensive. You should be fully aware about what you exposing to the world on your journey to the next episode of the Big Bang Theory.
If you are in store you don’t just go and grab a DVD and walk out, you pay for it. The reason why you don’t steal is not only because you are a good person but also because you are afraid that your action may ruin your life. Nowadays, being on internet is similar to walking on the street or in the store, your actions are being monitored – let’s make sure you don’t embarrass yourself before the whole world.
The post Top 5 things you are revealing to the world when downloading torrents appeared first on Panda Security Mediacenter.
Germany Bans Facebook From Collecting WhatsApp Data
Just last month, the most popular messaging app WhatsApp updated its privacy policy and T&Cs to start sharing its user data with its parent company, and now both the companies are in trouble, at least in Germany and India.
Both Facebook, as well as WhatsApp, have been told to immediately stop collecting and storing data on roughly 35 Million WhatsApp users in Germany.
The Hamburg
How to: Encrypt your messages in Facebook Messenger
As with What’s app messages now can be encrypted on the Facebook messenger, too. But how does it work exactly?
The post How to: Encrypt your messages in Facebook Messenger appeared first on Avira Blog.
Questions Mount Around Yahoo Breach
Crypto company Venafi points out potential holes in Yahoo’s processes and policies around cryptography and digital certificates, any of which could have been exploited in the breach to move data off the Yahoo network.
What Pippa Middleton can teach us about iCloud security
Pippa Middleton is the latest in a long line of celebrities to have her online accounts broken into by criminals, and private photographs stolen.
Have you properly secured your iCloud account?
The post What Pippa Middleton can teach us about iCloud security appeared first on WeLiveSecurity.
The secret security trick that will help protect Yahoo! users
Yawn, another data breach. This time it’s Yahoo! that’s affected. Despite news outlets proclaiming it’s the biggest breach of its kind, how many of us even lifted an eyebrow?
Are we in danger of becoming complacent when data breaches are being disclosed so frequently and seem to grow in size?
Every month, or less, another story hits the press about a data breach and we are told to hurry along and change our passwords. Now, don’t get wrong – this advice is good. Changing passwords, protecting email accounts, enabling two-step authentication and generally being more vigilant and secure about our online activities are all things that will help stop the bad guys getting too much access to our online life and private information.
But let’s consider the fact that the Yahoo! data breach, which happened in 2014, affects an estimated 500m user accounts and the data exposed may include email addresses, phone numbers, date of birth details, encrypted passwords and, in some cases, security questions. Even if you go and change your passwords today, there may already be an opportunity for cyber-criminals to reset or access your other online accounts as some of this information has already been released by the hackers.
In the face of a breach with such far-reaching implications, maybe it is not that we are complacent, but that we simply don’t know what we can do after the fact. There are a few simple actions we can take, however, that will help.
Stop trusting the traditional password and move to two-step authentication, if you haven’t already. This may sound complicated but it’s a concept you already know from every time you use your ATM card. You have the card and you know the PIN; but without both parts, the card will not work in an ATM machine.
For an online account, the two factors might be your phone and the contents of a text message sent to you at login. It doesn’t have to be inconvenient, either. Some companies only invoke this stronger login process when you try accessing an account from a new device, which seems like a good compromise.
For Yahoo! users, it might be a relief to know that Yahoo! has a fairly unique security system that is called account key. If you are about to change your Yahoo! password, I recommend taking the extra step and switching this service on.
It simplifies logging in by connecting your login request with the Yahoo! app on your phone. The browser login screen asks for your Yahoo! ID, then displays a page that says it’s waiting for confirmation to login.
Meanwhile, your phone will receive a notification asking you to confirm the login with a simple click of a button – yes or no.
Yahoo Data Breach: Top 5 things you should do immediately
Yahoo’s biggest nightmare was confirmed yesterday – back in late 2014, a copy of certain user account information has been stolen from Yahoo’s network. The story started developing in early August when a hacker named “Peace” was openly trying to sell personal information of more than 500 million Yahoo account users on the dark web.
According to Yahoo, the account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords and, in some cases, encrypted or unencrypted security questions and answers.
Even though the breach happened two years ago it is not too late to take action, especially if you haven’t changed your password in a while.
Top 5 things you should do immediately
Change your password now!
It is as simple as that. Change not only your Yahoo password on your Yahoo account, but also review all your online accounts on which you’ve used the same or similar information. The sooner you do it, the better!
Turn on the two-step authentication that Yahoo offers.
Two-step verification uses both your password and an extra security code to verify your identity whenever you sign in to your account. If someone else tries to access your account, even if they can guess your password, they still won’t be able to get in without using two-step verification.
Pick better passwords.
We cannot stress more on the fact that using the same passwords for many accounts is not recommended. As you remember Yahoo are not the only one who’ve had similar issues. Back in 2014 eBay asked 145 million of their users to change passwords after a data breach. Changing your passwords often must be a habit!
Update your security questions immediately.
Yahoo says about 1 billion people globally engage with one of its properties each month. The chances your password is in the wrong hands are not minimal and the risk is real. Take action and don’t wait anymore, time is key here.
Go through old emails and remove sensitive content.
If your Yahoo account information is indeed for sale on the dark web, someone can hack into your email at any minute. There is tons of document scans, tax returns, credit card details and invoices that may be laying around your inbox. All these documents contain information you want to keep for yourself.
Remain vigilant! After Yahoo admitted the data breach you may be approached by fraudsters pretending to be someone they are not. It is important for you to not engage with online fee-based, toll-free-number services. Even though the incident happened nearly 2 years ago and you may be off the hook, we advise you to remain cautious and spend some time making sure you are fully protected.
The post Yahoo Data Breach: Top 5 things you should do immediately appeared first on Panda Security Mediacenter.
iSpy Keylogger Targets Passwords, Skype, Webcams
Zscaler identified a keylogger on steroids that targets passwords, webcam and software licenses.