Hacking, Security & Privacy News - Page 13

A cybersecurity company has released its annual Voice Intelligence Report, and their numbers are quite shocking.

According to Pindrop's annual Voice Intelligence Report, voice fraud continues to be a major threat for people as the report finds that between 2014 and 2018 fraud rates have climbed by 350%. The report also mentions the fraud rate for 2018, and it says, "The 2018 fraud rate is 1 in 685, remaining at the top of a five-year peak".

So, what type of voice fraud is occurring? The report mentions that insurance voice fraud has been the main target with widespread increases by 248%. The industries facing the highest fraud risks include insurance with 1 in 7,500 fraudulent calls, retail with 1 in 325 fraudulent calls, banking with 1 in 755 fraudulent calls, card issuers with 1 in 740 fraudulent calls, brokerages with 1 in 1,742 fraudulent calls, and credit unions with 1 in 1,339 fraudulent calls.

Another day, another data breach. Or at least that's what it feels like when you keep up with cyber-security news. This time its not really that surprising though, as a porn website had its entire data base freely open.

Condition:Black, a cyber-security and internet freedom firm discovered that a network of camgirl websites had exposed databases. The sites run by Barcelona-based VTS Media, include amateur.tv, webcampornoxxx.net, and placercams.com. While most of the users were found to be based in Europe, some data logins were found to be in the Untied States and around the world.

What kind of data was exposed? According to Techcrunch, the database contained a month-worth of daily logs, those logs included: Usernames, IP addresses, viewing habits, private chats, failed login attempts and even some details of sex workers. It isn't clear if the data base had been hacked and the data stolen, but since its discovery it has been locked down.

If you watch porn Down Under, you might need to scan your face to get your rocks off in the future... with Australia's Department of Home Affairs seemingly aroused over the idea of scanning your face to verify your age before you can access porn or gambling websites.

The new system is called "The Capability" and feels like it's ripped right out of Fringe, The X-Files and 1984 combined -- and even though the Department of Home Affairs said the facial recognition system is not functional, it is still floating the idea to Parliament in Australia that would change things in a big way for Australians porn and gambling habits.

The department said that its Document Verification Service and Face Verification Service which is used to fight regular crime and identify theft, could be enabled and used by authorities for age verification. The parliamentary submission explains: "This could assist in age verification, for example by preventing a minor from using their parent's driver licence to circumvent age verification controls".

NordVPN has confirmed that it was hacked, after rumors began swirling that the virtual private network provider had an expired internal private key exposed. This means that the ones with that key could impersonate NordVPN, and you know how bad that could get.

While NordVPN says it has a "zero logs policy" by stating that the VPN provider doesn't "track, collect, or share your private data"... I'd dare say this is all in teh air right now. TechCrunch reached out to NordVPN, which spokesperson Laura Tyrell then explained: "One of the data centers in Finland we are renting our servers from was accessed with no authorization".

The hackers got into the NordVPN server by taking advantage of an insecure remote management system that was left open by the data center provider, NordVPN said that it was not aware of this system. NordVPN also didn't name the datacenter provider, for obvious reasons.

As technology advances in cameras, motion sensors and every other form. Users are looking for better ways to protect themselves and their homes via security. Linksys could have the new best way to do it.

Just this pas Tuesday, Linksys announced a brand new service called "Linksys Aware" which allows users to monitor their home for potential intruders. Linksys will be able to this through the Velop mesh routers which can detect the motion of invaders in users' homes through Wi-Fi. Linksys Velop Tri-Band AC2200 router has the ability to be able to detect motion with its "Intelligent MeshTM" network, which could eliminate that use for camera setups in homes.

So how does it work? The service will send push notifications to the users phone via the Linksys Smart Wi-Fi app for both Android and iOS holders. I know what you are thinking, "I don't want to get spammed with notifications of the dog or cat moving around the house", Linksys has already thought of this issue and has equipped the service with a sensitivity setting that won't detect these kind of small movements. Linksys Aware comes in at a price of $24.99 per year, and at the moment the home security option is only available on the Velop routers. Linksys does plan on moving the service over to its other router variants, but no date has been announced for that yet.

Zynga, the creators of the immensely popular Farmville, Draw Something and Zynga Poker have admitted to a data breach that has exposed 200 million accounts personal information.

A statement has recently been issued out by Zynga addressing the cyber attacks and it says that cyber attacks are "one of the unfortunate realities of doing business today." The statement also says that the company recently became aware that a "certain player account information" was possibly "illegally" acquired by "outside hackers".

Zynga has also said that they have launched an immediate investigate to how this hack occured and to assist them in their investigation they have brought in an outside forensic team. It is believed that no financial information was stolen throughout this hack and just "account information" was exposed. If you play any of the apps that fall under Zynga's massive umbrella I would advise you to change your passwords as soon as possible.

Google is in some hot water right now, with 50 state attorneys general (had to Google that, it is indeed attorneys general and not attorney generals) launching a new antitrust probe into Google.

The leader of the 50 strong AGs is Texas Attorney General Ken Paxton, who has said the investigation will kick off looking into Google's advertising business, before it looks deeper into how the company operates itself. On the steps of the Supreme Court, Paxton said: "The facts will lead where the fact lead".

What happens from here? Well, the antitrust probe isn't a lawsuit just yet -- but if the company has broken US antitrust rules then Google could be broken up into smaller pieces. For example, YouTube has long been accused of censoring conservative voices, personalities, channels, and normal everyday people -- yet they can't be held accountable, yet.

HackerOne has announced that they have now rewarded six individuals with over one million dollars each for their bounty bug finding efforts.

The announcement has come via the official HackerOne Twitter account where they say that the ranks of 7-figure-earning hackers has now reached six people. First off, we have Santiago Lopez who is only 19-years old and was the first to cross the $1 million dollar mark.

Mark Litchfield from the UK was next, followed by Frans Rosen from Sweden, then Nathaniel Wakelam from Australia, Ron Chan from Hong Kong and finally Tommy DeVoss from the US. Each of these individuals have reached the 1 million dollar mark or above.

Scamming is becoming more and more prevalent in this day and age, and the new form of scamming that is hitting the internet in waves is 'business email compromise' or BEC for short.

What is a BEC scam? Well, its actually quite simple when you think about it. A BEC scam is when a criminal impersonates a third-party convinces someone at a business to wire them business funds. Usually the criminal will locate someone within the business that has access to the companies funds, once that person is located the criminal might compromise the email account holder or the companies supplier and request funds to be paid to them. Some cases of BEC scams have been based entirely on social engineering through spoofed email accounts.

In the case of Portland Public Schools, the scammer got two employee's at the schools to send him money as the scammer was posing as one of the institution's construction contractors. The employees unknowingly sent the scammer a staggering $2.9 million dollars, luckily Portland Schools moved extremely quickly and contacted the banks to freeze the transaction. The transaction was successfully frozen, and Portland Public School contacted the FBI for further investigation into the matter.

Facebook has been paying contractors to listen to users audio clips and transcribe them, according to anonymous sources who spoke with The Associated Press.

The sources state that the social networking giant has hired outside contractors to go over the audio clips, with every single word (good and bad, secret and explicit conversations) being transcribed. Worse yet, the contractors do not know why Facebook needs the voice clips transcribed.

But don't worry, because Facebook confirmed it had been transcribing users' audio calls but it wouldn't do it anymore. On Tuesday, Facebook said: "Much like Apple and Google, we paused human review of audio more than a week ago". Pegging them into the first week of August 2019 where they stopped transcribing voice chats.