All aboard the cybersecurity train! CHOOO CHOOOO! Each week we bring you the greatest and most terrifying cybersecurity and hacking-related news on the web. This is….THIS WEEK IN GETTING HACKED!
On to the links…
Hey did you know that the Internet of Things is basically a giant free-for-all for your data? It is. Also, all of these IoT devices can be hijacked and used to DDoS a website, sorta like how they were recently used to take down Krebs on Security, a major cybersecurity researcher. According to reports, the attack still hasn’t died down as there were an additional 6857 cameras that were added to the DDoS attack in a span of 48 hours.
Last week, we reported on the NSA’s hacking tools being leaked out onto the web. This week, more info is coming out on the leak, and it seems that the tools were stolen after an employee left them open on a computer.
Not some super cool spy thingy where someone rappels into a secure room and steals a USB stick or something, or a hero goes against the tyrannical rule of the NSA and leaks the tools; Nope—just someone being super incompetent.
The FBI recommends you cover up your webcam. That’s a pretty helpful tip considering THEY USE YOUR LAPTOP’S MICROPHONE TO LISTEN TO YOU!!1! CHEMTRAILS!11!! In all seriousness, hacking a webcam is a lucrative business. Here’s a choice quote:
“Aside from institutional malfeasance, there’s been a thriving black market for compromised webcams and the video or photos they can produce — for many years. A clearly startled 2013 BBC reporter claimed the going price for access to a woman’s webcam was priced at $1 per girl, whereas computer webcams belonging to men cost $1 — for one hundred. And even then, three years ago, it was old news. The programs that capture images, take videos and record audio are not expensive, and they do their jobs surreptitiously by overriding the “record” light so victims don’t know they’re being spied on.”
The social site for teenagers, i-Dressup, is currently leaking passwords like a poorly constructed dam. Some 5.5 million users are being exposed, and the worst part is that all the passwords are plaintext. Zero encryption. Just out in the open passwords. Good stuff, everyone!
Way to stay secure! Attackers were able to get the information by exploiting vulnerabilities of the site with an SQL injection attack.
Stay safe out there!