Spain’s Gas Natural, and the electrical company Iberdrola have also been hit in this attack.

This is perhaps the biggest ransomware attack recorded in history. Cyber security experts had been cautioning the governments around the world to beware and ready for such hacks.

City services in London, Nottingham, and the counties of Hertfordshire and Cumbria are affected by the latest ransomware attack, the source of which is still unknown.

Experts are calling the latest cyberattack “WannaCry”, or WanaCrypt0r and WCry. This malware infection spreads quickly because it stems from a Windows vulnerability known as EternalBlue that allegedly originated with the NSA. In March, Microsoft released an exploit to patch this exploit, known as MS17-010. But it appears hackers were quicker that the sloppy governments around the world.

Adam Kujawa, director of malware intelligence at Malwarebytes says that he hasn’t seen anything like this.  “The spread is immense. This is nuts,” says Kujawa.

The Trump Tower lobby was evacuated on Tuesday afternoon after reports of an unknown package came streaming in.  New York Police Department spokesman J. Peter Donald tweeted that the department’s bomb squad was responding to the report “out of an abundance of caution.” The spokesman soon tweeted an “all clear.”

Further reports indicate the bag was just filled with children’s toys.

With the President Elect Donald Trump’s security on the line, it’s great they acted so quickly.

Training employees to notice for changes in the operating system

The good news is that there’s still time to address the possibility of a hard drive failure. It’s important that every employee who uses the computers can identify if a problem is occurring prior to a full shutdown of your system. It’s a good idea to hold a meeting and make them aware of the warning signs and the steps they need to take if this happens. Many things can contribute to a hard drive failure, the most common being age. Computers are machines and while you may think they will run forever, this simply is not true. In fact, most computers last between 3 to 5 years before needing repair or replacing.

Warning signs

For the most part, a computer doesn’t just stop working. It gives several indications ahead of time, that if you are in tune with, you’ll know something just isn’t right. It may be slow and sluggish starting up and shutting down, it may freeze up from time to time or you may notice that a file you entered yesterday isn’t there today. There are sometimes noises that go along with a slow system such as a screeching, grinding or clicking sound. That noise is your hard drive. In the case of malware infections you may also experience an error message or in severe cases the dreaded blue screen.

Work leaving the office

Technology now gives employees the ability to work on numerous electronic devices from just about anywhere. Wireless devices like smartphones, iPads, tablets, notebook PCs and laptops are now more than not the go to’s for after hours. This gives employers a way to keep in touch with their key executives and satisfy their clients from around the world. But, it also means that there’s more at stake. If one of these devices go down before the information is transferred to the in-house operating system you could lose valuable time and maybe even lose your work. There’s also the possibility of a head crash while transporting. For these very reasons, it’s important to hire a professional data recovery service so that you regain your files and avoid lengthy downtimes.

Small and medium size businesses are not excluded from cyber crimes

While you may think you’re not big enough for hackers to waste their time getting into your operating system, nothing could be further from the truth. In fact, large businesses are less likely to experience these time crimes because they have sophisticated firewalls and security measures in place. For the smaller company just coming into their own, the emphasis is all about bringing in the revenue. But, the reality is that if you don’t safeguard your system and hire a professional recovery service, you may lose everything. Remember, hackers dedicate 100 percent of their time findings ways to hold companies for ransom.

Prosper without blinders on

You’ve done the work. You started a company from the ground up. You have big plans to expand even further through exciting web designs and multimedia sights. As you take your company to the next level, remember what’s at stake. Update your systems, install sophisticated firewalls and have a company waiting in the wings to assist on a moment’s notice with any computer issues that may come your way.

A new report published by the Guttmacher Institute states that research using fetal tissue may be endangered by last summer’s smear campaign against Planned Parenthood, according to a recent article by thenation.com.

Fetal tissue is often used in traumatic brain injury research, according to an article by Marek Molcanyi, MD PhD, Clinic of Neurosurgery; University of Cologne.

“Stem cell transplantation has been proposed for various indications like Parkinson and Huntington disease, … spinal cord injury … and traumatic brain injury (TBI),” Molcanyi explained in the article.

Scientists like Dr. Lawrence Goldstein at the University of California, San Diego, use fetal tissue for research on the brain and on spinal cord injury. The article on thenation.com says such scientific inquiry is increasingly threatened – often literally.

“We are cautious,” Goldstein says in the article. “We’ve raised physical security in our laboratory building.”

After an anti-abortion organization released videos portraying Planned Parenthood as callously haggling the price of aborted fetuses, thenation.com reports legislators have attempted to restrict research using such material, while scientists have found their work limited and riskier.

“Beyond the attacks on Planned Parenthood,” the report says, “the use of fetal tissue in research also is under direct attack.”

Fetal tissue has been used for scientific research since the 1930s. The tissue is derived from abortion because tissue from miscarriage is often not suitable for research,” according to the article.

Traumatic brain injury is just one of the many issues scientist might use fetal tissue to conduct further research on.

“Cell cultures from fetal tissue have been used to develop vaccines for measles, polio and tetanus, among other diseases. Scientists at Colorado State have been conducting HIV research using fetal tissue, while at the University of North Carolina Chapel Hill, cell culture derived from fetal tissue has been central to work on Hepatitis B and C,” the article reads. “The National Institutes of Health awarded grants for 164 research projects using fetal tissue in 2014, according to a survey byNature. Today, fetal tissue is being used in the development of vaccines against Ebola and HIV, the study of human development, and efforts to treat and cure conditions and diseases that afflict millions of Americans.”

Theresa Naluai-Cecchini, a scientist at the University of Washington told Mother Jones last October that the number of tissue donations had dropped dramatically. She worried that if the trend continued, “promising research would stop until a commercial alternative is found. The cost of research would increase dramatically, and new findings would take considerably longer.”

Some scientists have avoided talking to the media all-together, for fear of attacks.

Bills introduced on both the state and federal level would make it more difficult to donate tissue or use fetal tissue in research, according to the report. Some would ban fetal tissue research outright.

For more information, read the full article here.

Thanks to the popularity of e-filing, many states now allow divorces to be filed online. This means, in certain situations, divorces can be initiated, filed, and fees paid for entirely online. But since all divorces are not created equal, only certain circumstances should lead couples to filing for divorce online.

Types Divorces and Online Filing

When couples have an uncontested divorce, that is, they agree on issues like property division, child custody, and support payments, filing for divorce can be done with the help of online services. Often, these websites will provide instruction in filling out forms required in your state. Sometimes, they may even have paralegal services available that will review your documents to ensure they are all properly filled out and ready to be submitted.

For those couples that are unable to agree on the issues that come up during the divorce process – support, custody, property and debt disbursement – filing online is not the best solution. These couples often need assistance settling their divorce. In the most extreme cases, it may even result in a trial. In these scenarios, a family lawyer should be consulted to help divorcing couples sort out their differences.

Remember, once you agree on a divorce settlement, whether filed online or in-person, it is difficult to make any changes to the terms you originally approved. Even if you choose the do-it-yourself approach, having an experienced family law attorney review your divorce documents before finalizing them is a good idea. They can make sure all parties’ best interests are represented and the settlement is fair and equitable.  

How to File for Divorce Online

If you and your spouse have agreed on the major issues involved in your divorce, the next step is to file for divorce. Depending on where you live, there may be several options available to you for filing online.

If your state allows e-filing, you can use their forms to initiate your divorce. Often, these are online PDFs that you will have to fill out yourself. If you’re not comfortable completing these forms on your own, you can always choose to pay a fee to a website that specializes in helping people with online legal services. They will guide you through the process of filing and may even review your documents before submitting them.

Whichever method you choose, remember to make hardcopy duplicates of your paperwork. Once you have prepared all the paperwork necessary for your uncontested divorce, you can pay the filing fee and proceed to the next steps, which usually include serving your spouse with divorce papers and finalizing a divorce agreement.

Attorney Help with Online Divorces

Before finalizing divorce, you may want to seek the services of a family law attorney. While it is convenient and easy to initiate divorce proceedings online, there is no substitute for the expertise of a divorce attorney when reviewing documents that will ultimately be used as part of a divorce decree. Seeking the services of a divorce attorney can be done after you have filled out all your forms and filed for divorce but before your divorce agreement becomes a court order. This gives you the added security of knowing your divorce is fair.

There are other options as well that can help with legal proceedings online. It is easy to schedule appointments with experienced criminal defense attorneys just by visiting a website. Legal help doesn’t always have to be in person.

According to the KrebsOnSecurity blog, the famous adultery website, AshleyMadison.com, has been hacked. Along with the hack they threatened to leak details including credit cards, sexual fantasies, and nude photos. There are as many as 37 million customers on the website.

The dating website AshleyMadison.com’s Canadian parent, Avid Life Media, confirmed the breach on its systems, and said it had since secured the site and was working with law enforcement agencies to trace those behind the attack.

It’s not too surprising a site like Ashley Madison would be targeted since the websites audience has a lot at stake.

Bleep has a ‘Whisper’ feature which lets you send self-destructible messages. A ‘whisper’ will be deleted as soon as it is read.

Bleep supports end to end encryption, which, surprisingly, is not supported by iMessage, WhatsApp or Viber. You can also make secure Voice Calls using Bleep.

Download Bleep By BitTorrent

RadioShack has asked the bankruptcy court for the approval of second round of its auction, which will include the auction of consumer data.

In the first round of auction, RadioShack sold 1,700 of its stores to the famous hedge fund Standard General, which is one of the creditors of RadioShack.

Texas Attorney General Ken Paxton filed a petition in the court on 1^st April, arguing that RadioShack’s decision to sell user data clearly contradicts the promises it made with its consumers.

“We urge RadioShack to make a blanket vow that it will live up to the assurances it provided 117 million customers and entirely rule out any such sale in the future,” said Paxton.

RadioShack’s privacy policy written on its official websites clearly states that the company will not use the personal information of its customers for any purpose other than the business and services in which the company deals.

“Information about you specifically will not be used for any purpose other than to carry out the services you requested from RadioShack and its affiliates. All of our affiliates have agreed to maintain the security and confidentiality of the information we provide to them,” claims RadioShack in its online privacy policy statement.

Last Month, the bankruptcy court ordered the appointment of a consumer privacy ombudsman to look further into the details of a possible sale of PII by RadioShack. RadioShack vowed to assist and work with the ombudsman.

It is also important to note that RadioShack hasn’t declared officially about its plans to sell its user data, but the company silently listed the customer information as its asset during auction. This is also stated on the Hilco Streambank’s website, the intermediary for RadioShack.

RadioShack’s plans to sell user data and get money to pay its creditors are hard to be achieved, keeping in view the massive user data privacy awareness and campaigns in the modern tech industry. Texas is not the only state giving tough time to RadioShack. Last month, New York’s state Attorney General Eric Schneiderman announced that his office will take necessary action if RadioShack attempts to sell the private data of millions of users.

“We were recently able to confirm that there was unauthorized access to a Slack database storing user profile information. We have since blocked this unauthorized access and made additional changes to our technical infrastructure to prevent future incidents,” said the Slack’s statement.

Slack has been hailed as the best communication app for iOS and Android which could be used by companies, co-working environments and anyone for productivity.

Unfortunately, several sources have confirmed that Slack security systems are not that state of the art. It still uses the central server where all the information about users like passwords, usernames, Skype, phone numbers, are saved. The passwords are encrypted with one way authentication. It is also being said that Slack server saves all the chats and no encryption is used for chats whatsoever. Slack is yet to shed light on the cause of this attack and what information was leaked.

Slack has added two-factor authentication after the attack, but the users will have to open their profile first, toggle the two factor authentication on and then use it with their phone number.

]]> https://socialmediaseo.net/2015/03/27/slack-confirms-its-servers-are-hacked/feed/ 0 https://socialmediaseo.net/2015/03/18/apple-pay-fraud-cases-becoming-common-report/#utm_source=rss&utm_medium=rss&utm_campaign=apple-pay-fraud-cases-becoming-common-report https://socialmediaseo.net/2015/03/18/apple-pay-fraud-cases-becoming-common-report/#respond Wed, 18 Mar 2015 16:29:52 +0000 http://preview.socialmediaseo.net/?p=32018 When Apple announced its payment system “Apple Pay”, almost all the major banks in the US said that it is a positive step. JPMorgan Chase, WellsFargo, Citigroup, Bank of American and American Express even lined up in order to give support for Apple Pay NFC backed payment method. But now, the media is reporting a number of fraud cases reported by banks. Banks are now skeptical about Apple Pay’s security. Security is the single most important factor in the modern day payments. ART hacks and credit card information breaches are becoming common and even a single fraud case can tarnish Apple Pay’s user trust.

An article on the New York Times reported that it is true that fraud cases are being reported in the media, but banks are to be asked about this and not the Apple Pay.

The source quoted Cherian Abraham, a payment industry experts, who says that Apple Pay fraud is ‘growing like a weed’. Apple Pay hasn’t even started rolling out all over the country and users are just gearing up to sign-up for the new payment system. Fraud report at this time can kill Apple Payment system before it even gets mainstream.

The source said that Apple has made it practically impossible to breach credit card information via Apple Pay. When an Apple Pay transaction takes place, the vendor sees a new, at-the-sport-generated credit card number and the actual customer data never gets revealed. This means that the fault is at the Banks’ end. Banks, in a hurry to get signed-up for customers’ default credit card bank for Apple Pay service, failed to issue credit cards with improved security and layers. This problem is making it difficult for them to differentiate between intruders and real Apple Pay users.

]]> https://socialmediaseo.net/2015/03/18/apple-pay-fraud-cases-becoming-common-report/feed/ 0 https://socialmediaseo.net/2015/03/17/you-can-now-send-money-to-friends-using-facebook-messenger-app/#utm_source=rss&utm_medium=rss&utm_campaign=you-can-now-send-money-to-friends-using-facebook-messenger-app https://socialmediaseo.net/2015/03/17/you-can-now-send-money-to-friends-using-facebook-messenger-app/#respond Tue, 17 Mar 2015 20:24:12 +0000 http://preview.socialmediaseo.net/?p=32015 Facebook has launched a payment service which will let you pay your friends via Facebook Messenger. The service will be absolutely free. You will be able to connect your VISA or Mastercard debit card with your Facebook account and press “$’ sign which will appear in the Facebook Messenger app. Once you press this button, you can enter the amount and press send in the chat with your friend to who you want to send money. That’s it. The money will be wired.

Facebook has launched this service in an effort to tackle payments behemoth PayPal. Twitter also launched a payment service in partnership with Barclay’s Bank. Facebook wants to make sure that it leaves no domain untapped in the contemporary tech world.

Facebook already processes over 1 million payments daily for its ads and games business. These payments are done via PayPal. SnapChat also signed a deal with Square Cash payment service for its SnapCash payment service. Google Wallet, Venmo are some other competitors Facebook want to compete.

Giving a payments feature in Facebook Messenger app is a smart move by Facebook. People mostly don’t want to open new apps and service for a single task. Just pressing the $ sign and sending money to a friend will be preferred by Facebook users. Security and authentication will be a key factor in the success of Facebook payments service.

Facebook’s plans for its payment service were leaked in some hacked images a few months back. The service is now officially announced.

Facebook payment feature will be rolled out in the US in the coming months. PayPal also issued a statement and said that it has strong working relationships with Facebook and both companies will keep working on joint endeavors in the future as well.

]]> https://socialmediaseo.net/2015/03/17/you-can-now-send-money-to-friends-using-facebook-messenger-app/feed/ 0 https://socialmediaseo.net/2015/03/16/yahoo-launches-password-free-email-login-and-encrypted-email-features/#utm_source=rss&utm_medium=rss&utm_campaign=yahoo-launches-password-free-email-login-and-encrypted-email-features https://socialmediaseo.net/2015/03/16/yahoo-launches-password-free-email-login-and-encrypted-email-features/#respond Mon, 16 Mar 2015 18:42:15 +0000 http://preview.socialmediaseo.net/?p=32009 Yahoo has announced a new security feature which could be easily labelled as a revolutionary step towards password free yet highly secure technological era. The tech giant said that it is going to let its users login Yahoo’s email service without any password. Instead, users could use an on-demand service which will be using a smartphone as the primary device. So whenever a user wants to login his/her Yahoo account, the password will be sent to the user-owned smartphone. This will not be a onetime password rather it will be randomly and securely generated for every user separately on every request.

This is a daring step by Yahoo. Facebook, Twitter and Google have been trying since long to devise a mechanism to get rid of passwords. Passwords are fairly hackable because of their weak nature. A majority of users don’t spend time making their password. A user prefers a same password for all servers or user a chunk of a word in different password. This compromises the security and we have seen hundreds of hacking attempts in the recent past that went successful.

But Yahoo’s latest on-demand password free service has one potential flaw which could collapse your digital identity. All your security depends upon your smartphone. If an intruder succeeds in getting hands on your smartphone, your Yahoo account could be easily breached.

In a statement, Yahoo said that its on-demand password service is the first step towards enhancing mobile security.

Yahoo’s new service will show you the password in the SMS form even if the phone is locked. This could create massive problems if the phone is placed on a public location. Yahoo could devise a two factor authentication, temporary password or secret questions mechanism to beef up its new system’s strength.

Yahoo said that it is also working on end-to-end encryption algorithm for its email service which will be launched soon.

]]> https://socialmediaseo.net/2015/03/16/yahoo-launches-password-free-email-login-and-encrypted-email-features/feed/ 0 https://socialmediaseo.net/2015/02/24/google-bans-sexually-explicit-content-from-blogger-cracks-down-on-malicious-software-downloads/#utm_source=rss&utm_medium=rss&utm_campaign=google-bans-sexually-explicit-content-from-blogger-cracks-down-on-malicious-software-downloads https://socialmediaseo.net/2015/02/24/google-bans-sexually-explicit-content-from-blogger-cracks-down-on-malicious-software-downloads/#respond Tue, 24 Feb 2015 17:59:28 +0000 http://preview.socialmediaseo.net/?p=31969 Google has announced that it will no longer allow sexually explicit, pornographic content on the blogging platform ‘Blogger’. Google will start making sexually explicit material already hosted on Blogger private from March, 23.

Google announced this news in a public blog post and said that Google has always tried to make web free of sexually explicit, violent and unethical content. However, Google has given a space for a limited kind of sexual content. Websites which post adult content for educational purposes, medical and health reasons will be allowed. Also, in another development, Google has started rolling out warnings about any suspicious web content, adware, potential threat.

Google also banned adult ads from the Blogger platform two years ago. All those who are running and monetizing Blogger platform based on adult content have no choice but to either delete the content or move off the platform. Google’s program ‘Google Takeout’ allows you to export all the Blogger data, content, images and other information to another open source platform. But replacement of ads, money and revenue will certainly not be possible.

Today, Google also gave a revamp to its Unwanted Software Policy after which, any software which does not adhere to commonly secure and proper SOP will not be allowed a download on Chrome. Google will show a warning that the software may harm your computer and the download will not be resumed.

This policies by Google are implemented after news of Super Fish malware and other leaks and report by Security companies that hackers are attacking websites, bank accounts and other user data across the web.

Superfish helps users find and discover products visually, it instantly analyze the images on the website and offer the similar products in lower prices. Lenovo claims that it was unaware of this software which can grant hackers to have access to a user’s secure browser data, allowing third parties to potentially collect passwords, bank details and other sensitive information. Even the CTO of the Lenovo company, Peter Hortensius, said in an interview that they have made a mistake.

This software was included in some models of laptops which were sold worldwide between September and December. After receiving complaints from the users it they discontinued to pre-install it on to the laptops. This software is developed by the company named Superfish (same name as of its software) with base in Tel Aviv and Palo Alto and was also recently ranked 4^th on a list of fastest growing companies in US.

This software actually installs its own self-signed certificate which is a malicious technique known as man-in-middle attack, where the certificate allows the software to decrypt secure requests. The biggest threat in the security point of view is that hackers could use Superfish encryption methods and mistreat them to intercept other people’s traffic. For example, if someone is sitting in a coffee shop and is using public Wi-Fi then the owner could easily spy on any Lenovo user on network, collecting any password entered during the session.

Meanwhile, Lenovo is not pre-installing the software in the Lenovo machines. As some machines still have this software so they have asked the users to post on their forum in case of any concerns and they have also released full instructions on how to fully remove Superfish from their machines. A developer has also made a website which helps Lenovo users to know that if they are affected by security certificate and helps them on how to resolve those issues.

Check if you are affected by this malware by clicking this link

The external hard drives which could be effected are from famous companies like Seagate, Western Digital, Samsung.

Kaspersky lab blog post said that this sophisticated attack targeted countries like Russia, China, Afghanistan, India and Pakistan. The report also claimed that the encryption techniques used by the Equation group had a striking similarity with NSA techniques that were leaked in some documents in 2013.

The lethal firmware malware works in two-pronged fashion. As soon as it gets on the hard drive, it creates sectors and partitions in it which can only be accessed by secret API (application programming interface). Once the malware gets hold, any kind of formatting, partitioning, antivirus scans cannot remove it.

The source said that such kind of sophisticated malware is there in the books but this is the first time it has been practically seen with all its meticulous implementation.

Kaspersky says that most hard drive vendors use ATA commands that are publicly available. These commands and firmware architecture was exploited by the Equation group. The malware is named as ‘Equationdrug’ and ‘GrayFish’.

According to reports, China has ordered its citizens that users of local and international social media services will have to give their real names and identification data in order to be eligible to use the service. The regulatory authorities have said that in the past, many security breaches were surfaced because of fake social media accounts, in which the culprits were impersonating governmental, law enforcing figures to deceive the public.

A statement issued online by the Chinese authorities said that users will have to make their accounts with real name. However, they can use screen names of their choice, provided that they don’t contain any illicit and unreasonable names. Similarly, profile pictures will also be under check from the Chinese regulatory authorities for the social media.

China has always been a staunch and vehement opponent of social media freedom, blogging and US based social media services. A few months ago, Facebook’s Mark Zuckerberg went to China and conducted a public meeting where he delivered a talk in Chinese language, an apparent effort to soften up the Chinese authorities for smooth operations of Facebook inside the country. But that effort seems to not have worked.

Sources think that latest move from the Chinese government is a threat to freedom of speech for local platforms. QQ, Weibo’ Tieba are some of the pronounced social media outlets in China. The internet users in China grew by 649 million in 2014, and the government is worried about increasing freedom of speech enjoyed by users on blogs, comments and social media platforms.

The registration process for social media users for giving their real names will start from 1^st March 2015. All those users who don’t comply to this rule will be banned from using social media in China.

The alert by Avast was issued in the form of a blog post by Fillip Chytry, who is a security expert at the company. He said that a few days ago, a complaint was lodged by an Android use which was not taken seriously. But upon taking a closer look, Chytry discovered that adware malware is hiding itself in apparently legitimate apps which are downloaded by millions of users around the world.

Some of these malware infected apps are Durak ( a famous card game downloaded more than 5 million times from the Google Play Store), IQ test and a history app.

According to the source, the mechanism through which this lethal malware works is pretty smart and deceives the users easily. The malware effected app works normally for more than 30 days. After a specific period of time, whenever the users unlocks the device, a pop-up ad will appear, warning the user about potential vulnerabilities in the device’s security. The worried user clicks the ad and that is when the damage begins. The malware gets active and retrieves the user data from contacts, messages and other sources.

The most bothering factor is that this adware might have effected numerous famous apps which users install and use daily. The source added that many apps are using adware for promotions, which is burgeoning the spread of this malware rapidly.

Google is yet to comment on this flabbergasting claim by Avast.

One of the changes that Facebook announced is that from now on, they will be tracking the time that users spend off-site before returning to Facebook, whenever they click a link within their news feed. Essentially, if it determines that a user clicked a link within a post and quickly goes back to Facebook, the post will be seen as lacking in value and thus rank lower in the news feed. Alternatively, if Facebook determines that a post with a clickable link is receiving an abundance of engagement such as shares and likes, they will be viewed as a high quality post and rank higher in the news feed. By doing this, they proclaimed, that they will be able to filter out content that doesn’t provide real value to its users.

They also mentioned, that they have no intention of penalizing all posts that have clickable headlines. They intend on eradicating posts that fail to deliver on their headline’s promise or posts in general that aim to trick users into clicking on a link that isn’t relevant to the headline that is being portrayed.

This research is to be presented later in San Diego by academicians from Michigan and California University at a Cybersecurity Conference.

Scammers will go to great lengths to steal your information, make money or deceitfully advertise. They’ll send phishing emails to steal passwords or unleash viruses on computers to hijack Web browsers. Scamming victims on the Internet doesn’t even have to be that arduous, especially since scammers can rely on your emotions and good intentions to deceive you.

In early 2014, CNN reported on a story about a photo of a smiling 7-year-old girl without hair posing in her cheerleading uniform. The photo was posted to Facebook and asked for “likes” as messages of support and prayers for her to beat cancer. In reality, the picture was almost six years old and never once posted to Facebook. The girl’s family had no clue it was even stolen from their Photobucket account and used for that purpose. The family, along with everyone who liked or shared the picture, were victims of like-farming — acquiring “likes” for fraudulent Facebook photos, posts and pages. Deceptive Facebook posts and pages garnering mass “likes” and shares are direct threats designed to spread a malware virus or collect personal information. Once scammers have your personalized data, such as location or age, they can use it to target a more dangerous attack like identity theft.

Like-Farming

Like-farming works by sharing viral content that’s fallacious and likely to receive hundreds of thousands of “likes” and shares. The more “likes” and shares a page receives, the higher its value and social visibility.

“It’s a way to trick Facebook’s algorithm,” describes CNN. Scott Kleinberg, a Chicago Tribune contributor, calls the liking scam a “sharing trap” — when people are manipulated into liking an emotionally gripping fake post as a scamming technique.

For example, a scammer may create a page dedicated to inspirational quotes and gain a large following. Then the scammer can strip the popular page to spread a virus, phish or advertise. The new page can be used to sell products or it can be sold to a black market website that now has access to your newsfeed. A scammer can also use the page as a way to spam users to click on links to spammy sweepstakes or giveaways. Information you provide by entering a fake contest could then be used for credit card or bank fraud.

Clickjacking

The threat of viral scammers and exploiting the Facebook “like” button hasn’t just recently shocked social networking. In 2010, scammers took advantage of the “like” button’s Javascript to create clickjacking exploits. Clickjacking tricks a user into clicking on a concealed link or revealing confidential information by accessing and performing actions on a hidden page. A user who clicks on the link implemented with the “like” button basically spreads pages virally throughout the site, explains The Guardian. Clickjacking, a browser-based attack, includes targeted links and catchy display text. Attracted to a sensationalized headline, the user will follow the link to a page that entices visitors to “click here!” After clicking on the page, an invisible iframe with a Facebook “like” button launches, and the link spreads. The “like” button embedded on an iframe enables the clickjacking attack to easily go viral as its exposure grows from newsfeed to newsfeed.

Best Practices for Prevention

Awareness is the first step to protect yourself. “Like” and share on Facebook vigilantly. If something sounds too good to be true or is obviously intended to monopolize on your emotions, it’s a red flag (e.g. an unbelievable trip giveaway or a picture of an abused animal at a pet shelter). Observe low-quality posts keenly, and don’t be afraid to report suspicious posts to Facebook as well. Securing your online activity and information with anti-virus security and even identity theft protection also provides extra assurance. Identity theft protection company LifeLock’s Facebook page offers valuable security information, from preventing identity theft consumer fraud to changing passwords because of the Heartbleed bug. Plus, if you are an AOL member, you can sign up for free LifeLock protection. Our Intego Mac Security Facebook page is another good resource for staying up-to-date on WindowsXP vulnerabilities and security risk mitigation.

“This issue allows remote code execution if users visit a malicious website with an affected browser,” Microsoft said. “This would typically occur by an attacker convincing someone to click a link in an email or instant message.”

The bug affects Internet Explorer 6 – 11.

The Vulnerability enables the hackers to gain control of your system and lets them access and manipulate the data which is quite alarming considering the fact that almost 10% of all government systems still run Windows XP and perfectly vulnerable to this attack.  Microsoft has addressed the issue in a security advisory post and says “it is working on a patch” to fix the issue.

Headlines are flashing scary news, that passwords, emails, and other secure information may be at risk across millions of websites who use vulnerable SSL technology.

Security researchers say the threat, known as Heartbleed, is serious, partly because it remained undiscovered for more two years. Attackers can exploit the vulnerability without leaving any trace, so anything sent during that time has potentially been compromised. It’s not known, though, whether anyone has actually used it to conduct an attack.

Of course, the usual, researchers are urging everyone to change their passwords.  Not a solution to the problem, but if your information is out there it will help.

The update to Mavericks include the following:

• Adds the ability to make and receive FaceTime audio calls
• Adds call waiting support for FaceTime audio and video calls
• Adds the ability to block incoming iMessages from individual senders
• Improves the accuracy of unread counts in Mail
• Resolves an issue that prevented Mail from receiving new messages from certain providers
• Improves AutoFill compatibility in Safari
• Fixes an issue that may cause audio distortion on certain Macs
• Improves reliability when connecting to a file server using SMB2
• Fixes an issue that may cause VPN connections to disconnect
• Improves VoiceOver navigation in Mail and Finder

However, the trend with the most potential long-term impact is the increasing number of women that either head or hold high senior positions in technology companies. It is part of a trend in which female entrepreneurs are increasingly desirable targets for venture capitalists. They still get a relatively small slice of the venture capital pie, but the size of the 2013 slice was 20 percent bigger than that of 2012.

These nine people will help shape the world of technology in 2014.

Francisco Aguilar and David Young

Two M.I.T. business school alumni may make rescue operations dramatically safer for first responders everywhere. Aguilar and Young founded Bounce Imaging Inc. while working on their M.B.A.s.

Their signature product, the Bounce Imaging Explorer, is a throwable camera that is the size of a baseball. Lenses and sensors point in six directions, making precision placement unnecessary. However it lands, responders can get pictures and data on potential hazards such as carbon monoxide and radiation levels.

The Bounce Imaging Explorer makes gathering data on active crime scenes, combat zones, and disasters such as fires or explosions far less risky to first responders than earlier options. It’s the kind of product that invites new and different applications, but its primary benefit will always lie in the number of lives it saves.

Drago Bojkov

Bojkov is an executive with LifeLogger, a company that specializes in “augmented memory.” LifeLogger users record their lives with the aid of a lightweight, wearable streaming video device. LifeLogger technology includes the ability to recognize words that appear on signs, aiding place memory. It is also able to tag place names to images and associate names with faces. Links to a cloud-sharing service let LifeLogger users access these recordings from almost anywhere.

LifeLogger technology has potential for educational and business applications as well. For example, teachers could log a museum visit for use by absent students; businesses could log their processes for training and audit purposes.

Rana el Kaliouby and Rosalind Picard

El Kaliouby and Picard are the founders of Affectiva, a company that literally brings a new face to the art of gauging consumer opinion.

Affectiva’s technology uses facial-recognition technology to assess non-verbal responses to a product. In particular, it measures the consumer’s emotional response. Participants in Affectiva surveys use a webcam to record their reactions to client products. Once the survey is over, participants can either share their responses or disconnect the webcam. Roughly half choose to share.

The company plans to introduce its Affdex survey software to the smartphone market with an app development kit for Apple’s iOS.

Leila Janah

Leila Janah sees her Samasource startup as her way of using technology to fight poverty worldwide.

In its first six years, Samasource built a 4,000-person workforce and contracts worth $5 million. It has brought living wages to impoverished workers in places like sub-Sahara Africa, southern Asia, and the Caribbean by providing opportunities in data augmentation, digital transcription, and machine learning.

These opportunities build skill sets, provide part-time income and jobs to American community college students, and double the incomes of poverty-strapped employees abroad.

Tej Kohli

Kohli made his fortune in technology with Grafix Softech, a payment processing firm with its headquarters in Costa Rica.

Since 2005, Kohli has used his Tej Kohli Foundation to raise the living standards of poor women and children. Much of the foundation’s work takes place in India, where long-standing social taboos limit women’s access to education. Kohli aims to improve poor children’s standard of living by providing their mothers with educational opportunities they otherwise might not have, in addition to improving their quality of food, water, and housing.

Another major Foundation project is fighting blindness in India by providing corneal transplants and vision care.

Michelle Rowley

Many technology professionals used books, websites, and friends to pick up skills on their own. Michelle Rowley was one of them, but she realized that making more structured training available more widely would bring the benefits of a technical career to those who had traditionally not sought one: women. As the executive director of Code Scouts, Rowley seeks to bring the diversity that has penetrated much of the working world to the male-dominated world of programming.

Code Scouts began in Portland, Oregon, but looks to expand. There has already been interest from groups in major cities such as Austin, London, New York, and San Francisco. In years to come, Code Scouts may well bring a woman’s touch to software development worldwide.

Caryn Seidman-Becker

Airport security lines are the bane of many travelers’ existence. Caryn Seidman-Becker’s rescue of biometrics company Clear may make airport security less burdensome. Members use a card that incorporates a biometric chip to confirm their identities at company-supplied kiosks.

Clear had a promising start, with 200,000 members, about 12 airports under contract, and $75 million in venture capital, but the theft of a laptop holding customer data, $33 million of debt, and a declining economy led to bankruptcy in 2009.

Seidman-Becker, however, took control of Clear after the Algood Holdings investment firm bought the company in 2010. From there she has battled to re-establish the brand and rebuild confidence with customers, airports, and the Transportation Security Agency. It’s working, between 2010 and 2013 membership grew from 200,000 to 250,000. Airport participation stands at nine.

If swiping a biometric card to get through airport security becomes widespread, travelers will have Caryn Seidman-Becker to thank.

Many of these leaders will not grab headlines. With the possible exceptions of LifeLogger and Clear membership, they don’t represent products with mass market appeal. But these leaders’ impact will leave its mark on a broader scale. Their legacy, whether through risk-reducing devices or economic opportunities, is better quality of life.

Developer Tal Ater observed a strange phenomenon related to the microphone permission policies of Chrome that enables the malicious sites to listen to the user’s offline activities. Such malicious websites can generate pop-ups hidden in the background that will keep listening to the user. Tal Ater revealed that a pop-up window still remains open even if he closes all the tabs of Chrome.

 The root-cause of the problem lies in the settings related to microphone in Google Chrome. Once the user enables the microphone for certain HTTPS-enabled website, the rule is applied to all the linked pages of the website. If a pop-up is integrated with the website, then it will also use a microphone to listen to the user. This activity doesn’t disturb the tasks of the computer, but it spies on the user. You will not have any idea about this hidden activity since everything is going on in the background. You will have to disable microphone as the only way of defense.

Google engineers have analyzed the problems in detail when the problem was first identified in September last year. They emphasized the fact that there is no immediate threat to the users of Chrome since they have to enable the microphone for speech recognition websites.

Beyond the influence of Chrome, the use of browsers like Hangouts causes significant destruction that doesn’t require reauthorization of microphone. In these cases, your microphone might be enabled forever until you disable it after noticing. Plethora of Apps has approached the market that requires threatening permissions for the users.

The bug of turning microphone on for malicious sites has become destructive with the innovation of apps that don’t ask for enabling the microphone in every new session. Keeping a close eye on the use of your microphone may be a good idea to avoid any hacker to listen to your offline activities.

The bug reported by Tal Ater was considered for the award of Chromium. The problem was eventually resolved by the engineers of Chrome. However, the fix of the problem couldn’t make to the user’s computer yet.

]]> https://socialmediaseo.net/2014/01/28/pop-up-behind-chrome-listens-to-users-offline-conversations/feed/ 2 https://socialmediaseo.net/2014/01/28/report-99-percent-of-mobile-malware-targets-android/#utm_source=rss&utm_medium=rss&utm_campaign=report-99-percent-of-mobile-malware-targets-android https://socialmediaseo.net/2014/01/28/report-99-percent-of-mobile-malware-targets-android/#respond Tue, 28 Jan 2014 15:10:54 +0000 http://preview.socialmediaseo.net/?p=31426 Mobile phones are becoming a necessary component of our lives. Specially, smartphones are so popular among people that they consider it as a basic need of their lives. Among the smartphones, Android is the most popular mobile operating software, which is admired by majority of the smartphones users followed by iOS and Windows operating systems. Due to its reputation it is widely targeted by mobile malwares such as viruses. This virus damages the functions of the phone and helps in the effusion of confidential information. Good news for the iOS and Windows users, bad news for Anroid fans, Cisco’s 2014 Annual Security Report suggests that 99% of mobile malware software target Android platform.

It seems to be good news for other operating systems like iOS, Windows and Blackberry but awful for the Android users. From the Cisco’s 2014 Annual Security Report it can be easily concluded that these malwares enter the phone through SMS or Apps installed from non official market places. Malware is generated by the people that know the coding in Android. There are Malwares that are specially designed for Android, which means that if an iOS user install that infected app he will not get infected but, if the same infected app is downloaded by an Android user it will adversely result into a system collapse or slight damage to the software.

Android have attracted most consideration of malicious elements due to its growing popularity and comparative openness as compared to iOS and Windows.

Eric Schmidt has openly said that Android is more secure than iOS, but due to increasing issues of security and privacy this does not seem to be true. This doesn’t mean that all the Android devices are malware effected but it is more likely to solve the security issues in Android. Android is too disintegrated, manufacturers and carriers don’t want to release updates of which some are security updates. They need to solve this problem out. These burning issues are very hard to resolve as they are properly backed by organized crime elements. Rather than identifying the malware after its penetration in the system, it must be identified at the time of its entrance in the device.

In order to minimize the security risks, the security systems should be designed which must be operated directly by the user. Users can install the updates for security issues on the regular basis, plus using a password or pin and setting your phone to lock after a period of inactivity could be a more positive step for a secure and fast operating system.

]]> https://socialmediaseo.net/2014/01/28/report-99-percent-of-mobile-malware-targets-android/feed/ 0 https://socialmediaseo.net/2014/01/20/the-25-most-popular-passwords-of-2013-hint-123456-is-one/#utm_source=rss&utm_medium=rss&utm_campaign=the-25-most-popular-passwords-of-2013-hint-123456-is-one https://socialmediaseo.net/2014/01/20/the-25-most-popular-passwords-of-2013-hint-123456-is-one/#respond Mon, 20 Jan 2014 18:58:33 +0000 http://preview.socialmediaseo.net/?p=31406

Come on people, really?  You are still using these passwords? Whether user’s have been hacked or not, they still continue to use horrible password combinations that make it easy for hackers to guess or break.  The most popular password was 123456 and “password” was in second.  It’s crazy to me that people would use these passwords.  The sad part is, they use them for secure logins and not just accounts that don’t mean much.

The list from SplashData was compiled from the millions of stolen passwords last year that were ultimately made public.

1. 123456
2. password
3. 12345678
4. qwerty
5. abc123
6. 123456789
7. 111111
8. 1234567
9. iloveyou
10. adobe123
11. 123123
12. admin
13. 1234567890
14. letmein
15. photoshop
16. 1234
17. monkey
18. shadow
19. sunshine
20. 12345
21. password1
22. princess
23. azerty
24. trustno1
25. 000000

The 25 most popular passwords of 2013

Privacy is the main worry of people who own smartphones. They think about who’s listening to their calls, seeing their conversations, etc. The private information of a person is personal. What they do on their phone should not be recorded or noted by anyone. Blackphone will have a security-first Android type OS called PrivatOS. It will still have the high-quality processor, but it will be unlocked and free of any geographical restrictions. It is also compatible with any GSM network. Users will be able to make completely secure and safe calls and video chats. While it may not be as powerful as the top smartphone right now, the CEO of Silent Circle has claimed that it will be a “high-end” smartphone.

Of course, the number one priority isn’t the specifications. If you wanted that, go buy the Galaxy S4. The number one priority for this smartphone is security. There hasn’t been any hands-on impression of the smartphone, it will make it’s first appearance at the Mobile World Congress in Barcelona of the 24th of February. More details will be discovered by then.

Smartphone security is a major issue. With Apple announcing that everything you say to Siri is recorded or the NSA knowing nearly everything you do on your smartphone, it’s a very uncomfortable and difficult situation. People are hesitant when they do things on their phone, wondering if someone can see what they’re doing or can listen in on their calls. If Blackphone really does the things it advertises, it could play a major role in the upcoming smartphone generation. It’s still going to be a high-quality smartphone, but also offer you the superb security that the other major smartphones don’t offer. Who wouldn’t be interested in buying the Blackphone? I know I would be, and many other people too. Look out iPhone and Samsung Galaxy, Blackphone is on the way.