Amazon Recommends Users Change Their Passwords

Who doesn’t have an Amazon account? If you do it may be worth changing your password as Amazon recommends users take the precaution after it discovered that some of their Amazon accounts could be found online.

Amazon discovered the leaked passwords were contained within a password list online, and while not exclusive to Amazon services, it has recommended that users change their passwords, even more, so if they use the same password on several sites. If your accounts email address was found to be on any of the lists then Amazon has taken the precaution to force a password reset on your account.

While many recommend against it, it’s common practice for people to use the same password and email combinations on several sites, thus increasing the chance that if one account is hacked, others will be compromised alongside.

While it’s recommended by some that we get rid of passwords altogether, alternative methods like biometric scanners for your fingerprints have been seen as easily bypassed and companies are even looking at using videos or selfies to access your accounts, a technique that has been met with mixed views. Would you prefer to access your account with a selfie or video of yourself or do you believe that the password still has a while to go if used correctly?

UPDATE: We were asked to remove the image, so one of our own, Robert Ainsworth, provided us with a copy of the email he received.

Is There a Connection Between ISIS and UK Government IP addresses?

Information has been both circulating and updating over the last 48 hours concerning a possible link “that a number of Islamic State supporters’ social media accounts are being run from internet addresses linked to IP addresses from the Department of Work and Pensions” This possible connection has been traced and subsequently exposed by well-known hacking group VandaSec.

Reports have also stated that, as is the norm in the digital age, been unearthed by four teenage computer hackers who claim to have traced “IP addresses from their supposed Saudi Arabia location back to the United Kingdom’s Department of Work and Pensions after using a set of specialized tools to track the IP addresses”. These accounts are at first glance noteworthy due to being utilised to recruit new ISIS members online.

It’s a conspiracy! Probably not, after further analyses by an external source, it has so far been concluded that these IP addresses were part of an unpublicized set of transactions between Britain and Saudi Arabia. It has been discovered that the British government sold a large number of IP addresses to two Saudi Arabian firms (Saudi Telecom and the Saudi-based Mobile Telecommunications Company). After the sale had been finalised around October of this year (2015) extremists piggybacked onto these and utilized the protocol to spread the standard message synonymous with the group.

Jamie Turner, an expert from a firm by the name of PCA Predict, confirmed the trace back to the UK government was more obvious than first thought owning to the fact that records for the IPs had not as yet been fully updated.

At the very least it’s certainly embarrassing for Whitehall, yes, as the government has stated it had no control over what happened to the IP addresses after they had sold them, but, perhaps further vetting of potential clients needs to take place in order to mitigate against unlawful use at the extreme end. I wonder where other sold IP addresses will end up in the future?

Image courtesy of wired

77,000 Steam Accounts “Hijacked” Each Month

The rise of Steam’s digital distribution store is almost indescribable and way beyond Valve’s most optimistic expectations. Some users have even argued Valve saved PC gaming from the depths of despair and made it a popular platform. However, I’m not entirely convinced by this argument and believe the PC would have a strong foothold in the market with or without Valve’s assistance. On the other hand, Valve have done wonders for the PC gaming market and while Steam is far from perfect, it’s a wonderful invention which keeps your entirely game library in one client. A byproduct of this success, is the amount of cyber criminals targeting user accounts. More specifically, Valve’s introduction of the community market with tradable items makes Steam accounts a valuable proposition.

In a blog post, Valve addressed the security concerns and outlined their plans to tackle stolen community items:

“Account theft has been around since Steam began, but with the introduction of Steam Trading, the problem has increased twenty-fold as the number one complaint from our users. Having your account stolen, and your items traded away, is a terrible experience, and we hated that it was becoming more common for our customers.”

“Once an account was compromised, the items would be quickly cleaned out. They’d then be traded again and again, eventually being sold to an innocent user. Looking at their account activity, it wasn’t too hard to figure out what happened, but undoing it was harder because we don’t want to take things away from innocent users. We decided to err on the side of protecting them: we left the stolen goods, and we created duplicates on the original compromised account to replace them. We were fully aware of the tradeoff here. Duplicating the stolen items devalues all the other equivalent items in the economy. This might be fairly minor for common items, but for rare items this had the potential to significantly increase the number in existence.”

“First, enough money now moves around the system that stealing virtual Steam goods has become a real business for skilled hackers. Second, practically every active Steam account is now involved in the economy, via items or trading cards, with enough value to be worth a hacker’s time. Essentially all Steam accounts are now targets.”

“What used to be a handful of hackers is now a highly effective, organized network, in the business of stealing and selling items. It would be easier for them to go after the users who don’t understand how to stay secure online, but the prevalence of items make it worthwhile to target everyone. We see around 77,000 accounts hijacked and pillaged each month. These are not new or naïve users; these are professional CS:GO players, reddit contributors, item traders, etc.”

This is clearly becoming a massive problem for Valve, and it’s quite difficult to trace the individuals in question. The emergence of two-factor authentication should help matters but this relies on the end-user setting up enhanced security. Perhaps in time, Valve will enforce this measure and make it mandatory. Although, some users might feel this is a little too heavy-handed.

Blizzard Kills Over 100,000 WoW Accounts With Six Month Bans

World Of Warcraft can claim to be the start of the MMO craze. Allowing thousands of players to take part in events that shaped Azeroth. With legendary weapons and characters alike to help and hinder players as Mages and Warriors fighting anything from Dragons to Undead Kings. So you can understand when they find that over a hundred thousand are botting, they want to remove them.

Botting is the process of automating an action, anything from killing low-level creatures to gather the resources they drop to taking place in large player based battles to be used as cannon fodder. Normally Blizzard has a particular way to combat these, study their behaviour then block accounts which are using the same behaviour pattern. This process can take months to complete though, all the while players are finding the in-game markets flooded by both items and players with a lot of money and experience earned the easy way.

With six-month bans stopping accounts who are found to be botting players are happy that their game is now cheater-free, but they are also worried. A lot of players use Macro’s, pre-programmed sets of keys used at the press of a single button. In response Bashiok, a community manager, posted a reply to a worried gamer stating that unless your actions are automated you should be ok.

When I started playing online games years ago I quickly found that I had plenty of competition when it came to taking down creatures or harvesting rare materials, all because of plain characters with random names doing the same task over and over again. Have you ever had a game you liked ruined by bots? What do you think about players who use bots to get resources and experience?

Thanks to PCGamesn for providing us with information.

Thanks to pichostp for the image.

GTA V User Accounts Hacked

There has been a lot of news about the popular game GTA V since its release for the PC platform. There have been issues with drivers, download speeds from the Steam network and a whole lot more.

However, it seems as though there is now another issue spreading across the Rockstar platform. Several users have reported their accounts being hacked into and modified within the past hour.

Several people have taken to the Rockstar support forums but are yet to hear a response from Rockstar themselves. One user, song414 posted :

“Apparently 2,400+ PC GTA V accounts were compromised. It was an initial list of 198 that was leaked when my account was hacked and now another list of 2,200+ accounts was a day or so ago.”

It looks as though there are several users on the website Multiplayer Game Hacking that are selling the hacked social club accounts for $15 a piece. More forum users have claimed that they have not been able to log in successfully with the details that were leaked online to the sharing site Pastebin, though this could mean that the account details have already been changed or they are hoax details.

Rockstar has not confirmed any reports or replied to any of the forum posts on their website. We recommend you change your Rockstar password as soon as possible to prevent people getting into your precious account.

Update: We’ve had feedback from our readers that a lot of the hacking issues may be focused around Rockstar not offering a form of double verification. Those who are concerned that Rockstar haven’t replied to your reports of being hacked, keep in mind that it usually takes them up to a week to respond to tickets and that the influx of issues relating to hacking and other issues, that time could be increased.

 

Image courtesy of RockStar Games

Anonymous’ Strike against ISIS Has Begun

Well known hacktivist group Anonymous may attract split opinions about their actions, but I think we can agree that their latest campaign is a good one. A couple of weeks ago the group announced that they would use their abilities to strike against the terrorist group ISIS and their online presence. Today Anonymous announced the beginning of such and posted a new video online. They also listed a lot of Twitter and Facebook accounts they had taken down, accounts used to spread their propaganda and recruit followers; this information is available at the source below.

The video starts out with a clarification, that they are made up from all sorts of people and that the ISIS doesn’t represent Muslims as they want to make us all believe.

“We are Muslims, Christians, Jews alike.” … “hackers, crackers, Hacktivist, phishers, agents, spies, or just the guy next door … students, administrators, workers, clerks, unemployed, rich, poor.” … “young, or old, gay or straight… from all races, countries, religions, and ethnicity. United as one, divided by zero.” … “the terrorists that are calling themselves [the] Islamic State (ISIS) are not Muslims,” the video states.

“This is just the beginning,” the video continues. “We will hunt you, take down your sites, accounts, emails, and expose you… From now on, no safe place for you online… You will be treated like a virus, and we are the cure… We own the internet… We are Anonymous; we are Legion; we do not forgive, we do not forget, Expect us.”

Source: AnonHQ

Sony Posts Profit After Selling 6.4 Million PS4s in Third-Quarter of 2014

Sony has posted its accounts from the third fiscal quarter of 2014 (1st September to 31st December) and, surprisingly to many, the company made a significant profit, boosted by strong sales of its PlayStation 4 console. The only business area in the red was Sony Pictures, understandable after the hack and The Interview fiasco.

During the recorded financial period, Sony sold 6.4 million PS4 consoles, 1.1 million PS3 consoles, and 1.4 million Vitas. Software sales peaked at 147 billion yen, while network sales earned the company 100 billion yen.

In its projections, Sony has set itself the target of earning between 1,400 and 1,600 billion yen by the fiscal year 2017, with an operating income margin of 3% to 5%.

Source: DualShockers

LinkedIn Facing Lawsuit over Access of Email Accounts

LinkedIn has been ordered to stand trial by a U.S Federal judge over allegations from users that they have been sending and accessing emails without consent.

LinkedIn has been found to be accessing users email accounts, copying their address books and using this information to solicit business. This is seen as a loophole by some as users do agree upon sign up to allow LinkedIn to use their contacts to send an initial recruitment email – but give no authorization to send further reminder emails.

US district Judge, Lucy Koh (San Jose, California) stated:

“This practice could injure users’ reputations by allowing contacts to think that the users are the types of people who spam their contacts or are unable to take the hint that their contacts do not want to join their LinkedIn network.

“In fact, by stating a mere three screens before the disclosure regarding the first invitation that ‘We will not … email anyone without your permission,’ LinkedIn may have actively led users astray.”

Koh has given customers the green light to pursue their claims that LinkedIn has violated their right of publicity. She has dismissed other claims however, such as violation of federal wiretap laws.

Crystal Braswell declared on behalf of LinkedIn:

“We are pleased that the Court rejected plaintiffs’ unfounded “hacking” claims and found that LinkedIn members consented to sharing their email contacts with LinkedIn. We will continue to contest the remaining claims, as we believe they have no merit.”

View the full information on the class action lawsuit here.

Image courtesy of Ben Scholzen

 

Firefox Adds Accounts, Improved Sync and Customizable UI To Its Aurora Browser

Mozilla has announced a few extra features to be added to its Firefox Aurora browser. The features consist of Accounts, a customized UI feature that lets users personalize their interface and an improved Sync feature.

The Accounts feature adds something that is already available in Firefox OS, and that is the ability to sync all personal data including bookmarks, opened tabs, history, etc., and load them on every device that has a Firefox browser and is signed in with the account on which the data was synced to.

The improved Synch feature is designed to help Accounts and the ability to securely transfer all your personal data to the various devices synced. The features added consist of a public key cryptography, a BrowserID protocol, client-side key stretching and end-to-end encryption, all of which are designed to prevent user data falling prey to a hacker in case of Firefox servers being compromised. Firefox is said to include these features into Firefox OS later on.

Another feature mentioned, the ability to customize the Firefox UI, is now available to all Mac, Windows and Linux versions, allowing users to remove any browser buttons, add-ons, as well as drag menus, toolbars and tab bars to fit your preferred visual experience.

All of the above features are now available in Firefox Aurora through and update released recently. If you have not updated your Firefox Aurora yet and want to try out any of the features, you can do it now. Alternatively, you can download Firefox Aurora from the official website.

Thank you TheNextWeb for providing us with this information