‏إظهار الرسائل ذات التسميات government censorship. إظهار كافة الرسائل
‏إظهار الرسائل ذات التسميات government censorship. إظهار كافة الرسائل

3/02/2014

Largest single personal data hack ever? 360mn stolen account credentials found online

A cyber security firm has reported a “mind boggling” cache of stolen credentials which has been put up for sale on online black markets. A total of 360 million accounts were affected in a series of hacks, one of which seems to be the biggest in history.

Alex Holden, chief information security officer of Hold Security LLC, said that the firm had uncovered the data over the past three weeks.

He said that 360 million personal account records were obtained in separate attacks, but one single attack seems to have obtained some 105 million records which could make it the biggest single data breach to date, Reuters reports. “The sheer volume is overwhelming,” said Holden in a statement on Tuesday.

“These mind boggling figures are not meant to scare you and they are a product of multiple breaches which we are independently investigating. This is a call to action,” he added.

Hold Security said that as well as 360 million credentials, hackers were also selling 1.25 billion email addresses, which may be of interest to spammers.

The huge treasure trove of personal details includes user names, which are most often email addresses, and passwords, which in most cases are unencrypted.

Hold Security uncovered a similar breach in October last year, but the tens of millions of records had encrypted passwords, which made them much more difficult for hackers to use.

“In October 2013, Hold Security identified the biggest ever public disclosure of 153 million stolen credentials from Adobe Systems Inc. One month later we identified another large breach of 42 million credentials from Cupid Media,”
 Hold Security said in statement.

Holden said he believes that in many cases the latest theft has yet to be publically reported and that the companies that have been attacked are unaware of it. He added that he will notify the companies concerned as soon as his staff has identified them. 

“We have staff working around the clock to identify the victims,”
 he said. 

However, he did say that the email addresses in question are from major providers such as AOL Inc, Google Inc, Yahoo Inc, and Microsoft Corp, as well as “almost all” Fortune 500 companies and nonprofit organizations. 

Heather Bearfield, who runs cybersecurity for an accounting firm Marcum LLP, told Reuters that while she had no information about Hold Security’s findings, she believed that it was quite plausible as hackers can do more with stolen credentials than they can with stolen credit cards, as people often use the same login and password for many different accounts. 

“They can get access to your actual bank account. That is huge. That is not necessarily recoverable funds,”she said. 

The latest revelation by Hold Security comes just months after the US retailer Target announced that 110 million of their customers had their data stolen by hackers. Target and the credit and debit card companies concerned said that consumers do not bear much risk as funds are rapidly refunded in fraud losses.

Reuters / Kacper Pempel

6/07/2013

#Twitter notably absent from #NSA #PRISM list


Twitter was notably missing from a leaked list of Internet giants reported to be cooperating with The National Security Agency and the FBI on the surveillance program dubbed PRISM.
Those agencies are siphoning data from the servers of nine U.S. Internet companies including Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube and Apple, according to news reports about the documents. The cloud storage device Dropbox was described as "coming soon," along with other unidentified firms.
Google and Apple have both denied any knowledge of PRISM. Apple stated "any government agency requesting customer data must get a court order." Google said "we disclose user data to government in accordance with the law, and we review all such requests carefully.
There may be two explanations for Twitter's absence.
Twitter has a history of noncompliance and fighting information requests against its users. That may, in part, explain its absence from the list of companies disclosed Thursday. The leaks were reported by The Washington Post and The Guardian.
--> The microblogging service notably defended Malcolm Harris last year. He was being prosecuted by the Manhattan District Attorney's Office on allegations of disorderly conduct related to an Occupy Wall Street protest on the Brooklyn Bridge.
In that instance, Twitter filed a motion in state court in New York in an effort to quash a court order asking it to turn over his communications on Twitter.
"As we've said many times before, Twitter users own their Tweets. They have a right to fight invalid government requests, and we stand with them in that fight. We appealed the Harris decision because it didn't strike the right balance between the rights of users and the interests of law enforcement," said Twitter spokesman Jim Prosser.
--> -->
Twitter is also currently embroiled in another legal skirmish to uphold the rights of user privacy. It's fighting a battle in France to not turn over information about users connected to complaints from a private French Jewish students group regarding anti-Semitic content.
Twitter's Prosser points out that the company tries to be transparent with its semi-annual Transparency Report on government requests.
Another explanation for Twitter's absense is that the bulk of its data — aside from direct messages — is publicly available in the form of tweets. That separates it from the likes of Yahoo and Google, which house years of personal emails and data on people.





5/17/2013

#Saudi Arabia Religious Police Say Twitter Is the Path to Hell

Hell is other Twitter users — according to the head of Saudi Arabia's religious police force, anyway.
Sheikh Abdul Latif Abdul Aziz al-Sheikh said Wednesday that Muslims who use Twitter or other social media have "lost this world and his afterlife," as quoted by BBC News.

Saudi Arabia has a complicated relationship with social media as its usage skyrockets in the country. However, the Saudi government is worried social media could help the political opposition in the country organize in spread, similar to the ways it has been used throughout the Middle East and elsewhere.
"The Kingdom is particularly concerned with how Twitter has been used to keep people informed of human rights activists who have been tried for the crime of free speech," writes Jonathan Turley, professor of law at The George Washington University Law School. "Leaders on the web have been detained while others have been charged with apostasy and other crimes for statements made on these sites."
Software engineer Moxie Marlinspike recently alleged in a blog post that Saudi Arabia wants the ability to spy on Twitter and such popular messaging services as Viber and WhatsApp.
Several years ago, Saudi Arabia threatened to ban BlackBerry devices unless the company made it easier for the government to read users' messages. The company reportedly decided to comply with those demands.
Other religious figures, including the Dalai Lama and the Pope, have embraced social media to varying degrees as a way to spread their message or connect with those inside and outside their faith. Can religion and social media mix? Share your thoughts in the comments.
-->