Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: Cybercrime

Facebook Stored Hundreds of Millions of User Passwords in Plain Text for Years

Krebs on Security – “Hundreds of millions of Facebook users had their account passwords stored in plain text and searchable by thousands of Facebook employees — in some cases going back to 2012, KrebsOnSecurity has learned. Facebook says an ongoing investigation has so far found no indication that employees have abused access to this data.

Facebook is probing a series of security failures in which employees built applications that logged unencrypted password data for Facebook users and stored it in plain text on internal company servers. That’s according to a senior Facebook employee who is familiar with the investigation and who spoke on condition of anonymity because they were not authorized to speak to the press.

The Facebook source said the investigation so far indicates between 200 million and 600 million Facebook users may have had their account passwords stored in plain text and searchable by more than 20,000 Facebook employees. The source said Facebook is still trying to determine how many passwords were exposed and for how long, but so far the inquiry has uncovered archives with plain text user passwords in them dating back to 2012..”

What to do if all your computer files go poof

Washington Post: “As you toil away on your computers and other devices day after day, how many gigabytes of data are you churning out each year in the form of photos, financial records, creative endeavors and other priceless digital files? More importantly, what if the computer or external drive where all those files are stored… Continue Reading

Education and Science Giant Elsevier Left Users’ Passwords Exposed Online

Motherboard: “Elsevier, the company behind scientific journals such as The Lancet, left a server open to the public internet, exposing user email addresses and passwords. The impacted users include people from universities and educational institutions from across the world. It’s not entirely clear how long the server was exposed or how many accounts were impacted,… Continue Reading

How to Block Violent Videos on Facebook, Twitter, and YouTube

Lifehacker: “Because it’s 2019, and livestreaming has had five years or so to really build up into a mainstream activity that people actually do, this means that horrific acts of violence and terror around the world have a greater-than-zero chance of having some video component attached to them. After all, now that plenty of people… Continue Reading

Coming Soon to a Courtroom Near You? What Lawyers Should Know About Deepfake Videos

The Recorder (Law.com / paywall] via free access on Yahoo} “Are rules that guard against forged or tampered evidence enough to prevent deepfake videos from making their way into court cases? …If you follow technology, it’s likely you’re in a panic over deepfakes—altered videos that employ artificial intelligence and are nearly impossible to detect. Or else you’re over… Continue Reading

The perilous life of computer virus cracker making powerful enemies online

BBC: “Fabian is world renowned for destroying ransomware – the viruses sent out by criminal gangs to extort money. Because of this, he lives a reclusive existence, always having to be one step ahead of the cyber criminals. He has moved to an unknown location since this interview was carried out…Ransomware is a particularly nasty… Continue Reading

The World Wide Web Turns 30. Where Does It Go From Here?

Sir Tim Berners Lee via Wired: “Today, 30 years on from my original proposal for an information management system, half the world is online. It’s a moment to celebrate how far we’ve come, but also an opportunity to reflect on how far we have yet to go. The web has become a public square, a… Continue Reading

Identity theft: 7 ways to protect yourself from cybercriminals

USAToday: “Cybercriminals will steal an estimated 33 billion records by 2023, according to Juniper Research, a firm that forecasts digital tech trends. Half of all data breaches globally will occur in the U.S. alone, Juniper says…Here are seven ways to protect your digital assets online…. Use strong, unique passwords Enable two-factor authentication (2FA) Freeze your… Continue Reading

Americans and Cybersecurity

Pew Report – Many Americans do not trust modern institutions to protect their personal data – even as they frequently neglect cybersecurity best practices in their own personal lives. “Cyberattacks and data breaches are facts of life for government agencies, businesses and individuals alike in today’s digitized and networked world. Just a few of the… Continue Reading

Phone numbers are the new Social Security numbers

Axios: “Cellphone numbers have become a primary way for tech companies like Facebook to uniquely identify users and secure accounts, in some ways becoming a proxy for a national ID.Why it matters: That over-reliance on cellphone numbers ironically makes them a less effective and secure authentication method. And the more valuable the phone number becomes… Continue Reading

Pwned Passwords

“Pwned Passwords are 551,509,767 real world passwords previously exposed in data breaches. This exposure makes them unsuitable for ongoing use as they’re at much greater risk of being used to take over other accounts. They’re searchable online below as well as being downloadable for use in other online systems. Read more about how HIBP protects… Continue Reading

Do You Trust Your VPN? Are You Sure?

Slate – Virtual private networks are now a must-have privacy tool. But good luck figuring out which ones will actually make you safer. “…When I set out to find the right VPN, however, I ran into an awkward problem: figuring out which of the scores of VPN providers to trust. The search for a VPN… Continue Reading