We-Vibe Tracked Customer Sexual Activity Via ‘Smart’ Sex Toy

security vulnerabilities in Internet enabled devices just reached a new level after We-Vibe was found to have been secretly tracking customers’ sex toys…

Big Turn-Off

Customers of start-up firm Standard Innovation, manufacturers of ‘We-Vibe’ products, have been left red-faced and angry after the company was judged by a court to have been guilty of covertly gathering data about how (and how often) customers used their Wi-Fi enabled sex toy. Continue reading “We-Vibe Tracked Customer Sexual Activity Via ‘Smart’ Sex Toy”

1.5 Million WordPress Pages Hacked. Was Yours?

Anon hackker hacked hack face maskAn estimated 1.5 million WordPress pages were attacked and defaced in January via a vulnerability in the platform’s API.

What Vulnerability?

The vulnerability in the REST API (the Application Programming Interface of the REST architecture that makes up the pages) meant that unauthorised persons could modify the content of any post or page in a WordPress website. The fact that the vulnerability was there, and that attacks were taking place through it, was flagged up to WordPress by web security firm Sucuri on 20th January.

Continue reading “1.5 Million WordPress Pages Hacked. Was Yours?”

Biggest Data Breach in History For Yahoo

As if the data breach of 500 million users’ accounts in 2014 wasn’t bad enough, Yahoo has just discovered that it was the subject of the biggest data breach in history when, back in 2013, more than one billion user accounts were compromised.

What Happened? yahoo-1715856_1920

According to a statement from Yahoo, hackers used a method known as ‘forged cookies’ to enable them to gain access to users’ accounts. These cookies were pieces of code which, when planted in a user’s browser cache, the yahoo website didn’t require a login every time it was accessed. This meant that the cyber criminals behind the scheme were then able to use this vulnerability to pose and be misidentified as a user, and get into their account without needing a password.

Continue reading “Biggest Data Breach in History For Yahoo”

Barclays Trial Contactless Cash Machines

Barclays are taking steps to avoid the threat posed by card skimmers with a new trial of a system that allows customers to withdraw money from ATMS using only their smart-phones.

Cash Machine

The cardless withdrawal system is thought to be a simpler system than the one introduced by RBS four years ago which allowed customers to withdraw up to £130 at a time by typing a special code which had been texted to them by RBS into the ATM.

With the simpler Barclays system, the customer will be able to use their normal PIN in combination with leaving their smart phone handset near to the bank machine, thereby enabling “contactless” near-field communication (NFC) transmission.

Continue reading “Barclays Trial Contactless Cash Machines”