online

Lulz Security claims fresh hack of 1 million Sony accounts – Jun. 2, 2011

June 2, 2011 By Global EDD Group Leave a Comment

Sony just can’t catch a break from hackers. A group calling itself “Lulz Security” announced a fresh attack on Thursday, posting online snippets of data it says came from a breach earlier this week of more than 1 million user accounts on Sony’s website.

Lulz began posting messages to Twitter on Thursday about its “Sownage” campaign, and around 4:30 p.m. ET it posted links to download what it claimed was a giant cache of Sony user data.

The documents posted include names, passwords, e-mail addresses, home addresses and dates of birth for thousands of people. Lulz said it grabbed the material by exploiting a vulnerability on a Sony page advertising the company’s Ghostbusters franchise.

Lulz posted the website’s address in its data dump, and encouraged fellow hackers to “tear the living shit out of it while you can; take from them everything!”

via Lulz Security claims fresh hack of 1 million Sony accounts – Jun. 2, 2011.

Filed Under: Tech Bytes Tagged With: breach, Break, dates of birth, e mail addresses, online, security, website

Official Google Blog: Ensuring your information is safe online

June 1, 2011 By Global EDD Group Leave a Comment

The Internet has been an amazing force for good in the world—opening up communications, boosting economic growth and promoting free expression. But like all technologies, it can also be used for bad things. Today, despite the efforts of Internet companies and the security community, identity theft, fraud and the hijacking of people’s email accounts are common problems online.

Bad actors take advantage of the fact that most people aren’t that tech savvy—hijacking accounts by using malware and phishing scams that trick users into sharing their passwords, or by using passwords obtained by hacking other websites. Most account hijackings are not very targeted; they are designed to steal identities, acquire financial data or send spam. But some attacks are targeted at specific individuals.

Through the strength of our cloud-based security and abuse detection systems*, we recently uncovered a campaign to collect user passwords, likely through phishing. This campaign, which appears to originate from Jinan, China, affected what seem to be the personal Gmail accounts of hundreds of users including, among others, senior U.S. government officials, Chinese political activists, officials in several Asian countries (predominantly South Korea), military personnel and journalists.

The goal of this effort seems to have been to monitor the contents of these users’ emails, with the perpetrators apparently using stolen passwords to change peoples’ forwarding and delegation settings. (Gmail enables you to forward your emails automatically, as well as grant others access to your account.)

Google detected and has disrupted this campaign to take users’ passwords and monitor their emails. We have notified victims and secured their accounts. In addition, we have notified relevant government authorities.

It’s important to stress that our internal systems have not been affected—these account hijackings were not the result of a security problem with Gmail itself. But we believe that being open about these security issues helps users better protect their information online.

via Official Google Blog: Ensuring your information is safe online.

Filed Under: Tech Bytes Tagged With: gmail, information, online, phishing scams, political activists, security

Microsoft Apologizes for Email Glitch | News & Opinion | PCMag.com

May 14, 2011 By Global EDD Group Leave a Comment

After a series of glitches causes a massive email backlog, Microsoft has posted a detailed explanation and apology for the problems with the cloud-based Microsoft Exchange subscription service.

As a result of the backlog, some messages were delayed as long as nine hours, while another separate issue with Outlook Web Access raised issues with Exchange ActiveSync devices.

“On Tuesday and today we experienced three separate service issues that impacted customers served from our Americas data center,” explained Dave Thompson, corporate vice president of Microsoft Online Services. “All of these issues have been resolved and the service is now running smoothly. These incidents were unique to BPOS and not related to Office 365 or any other Microsoft services.”

If you’re gleaning a defensive tone, it’s not without merit. Last week Office Live customers were having trouble accessing the cloud-based service. While Office Live is expected to stay online, Office 365 will replace Microsoft’s Business Productivity Online Suite (BPOS)—the service affected today—as well as Office Live Small Business and Live@edu.

via Microsoft Apologizes for Email Glitch | News & Opinion | PCMag.com.

Filed Under: Tech Bytes Tagged With: com, corporate vice president, Glitch, online, PCMag, today

Wall Street Journal launches WikiLeaks rival ‘SafeHouse’ – The China Post

May 8, 2011 By Global EDD Group Leave a Comment

The Wall Street Journal launched a WikiLeaks rival called “SafeHouse” on Thursday, calling for online submissions to help uncover fraud and abuse in business and politics.

“If you have newsworthy contracts, correspondence, e-mails, financial records or databases from companies, government agencies or non-profits, you can send them to us using the SafeHouse service,” the Journal said at wsj.safehouse.com.

The newspaper said SafeHouse’s security features include file encryption and the possibility for a contributor or whistleblower to remain anonymous.

It said the SafeHouse site was located on secure servers managed directly by Journal editors.

The Journal said SafeHouse’s interests include “politics, government, banking, Wall Street, deals and finance, corporations, labor, law, national security and foreign affairs.”

“SafeHouse will enable the collection of information and documents that could be used in the generation of trustworthy news stories,” Journal managing editor Robert Thomson said in a statement.

via Wall Street Journal launches WikiLeaks rival ‘SafeHouse’ – The China Post.

Filed Under: From The News Tagged With: Business, china post, correspondence, fraud, online, security, wall street journal

Microsoft delivers public beta of its Office 365 cloud bundle | ZDNet

April 18, 2011 By Global EDD Group Leave a Comment

As rumored last week, Microsoft made available on April 18 a public beta of its Office 365 bundle of Microsoft-hosted applications.

Office 365 will include updated versions of SharePoint Online, Exchange Online, Lync Online, Office Web Apps and an optional Office 2010 Professional Plus software package, all available as via subscription. It will bring many, though not all, of the capabilities in the on-premises versions of SharePoint 2010, Exchange 2010 and Lync 2010 to cloud users. (Office 365 is Microsoft-hosted, but not yet hosted on Windows Azure, for the record.)

In October 2010, Microsoft introduced an invitation-only, limited beta of Office 365 — the successor to Microsoft’s Business Productivity Online Suite (BPOS), Live@Edu offering and its Office Live Small Business service. Microsoft officials said that more than 100,000 organizations signed up for the beta.

Those interested in kicking the tires of the new public beta, available in 38 markets and 17 languages, can sign up at http://www.Office365.com

via Microsoft delivers public beta of its Office 365 cloud bundle | ZDNet.

Filed Under: Tech Bytes Tagged With: Business, Lync, Microsoft, microsoft officials, online, public beta, web apps, ZDNet

White House Unveils Plan for Secure Online IDs | News & Opinion | PCMag.com

April 16, 2011 By Global EDD Group Leave a Comment

Are you tired of remembering 10 different passwords for all your online activity? Maybe you use the same password for everything? With data breaches and botnets dominating the news, are you concerned that your private data might end up in the hands of cyber criminals?

The White House on Friday outlined its plan for a secure online identification system intended to allow people to ditch the user ID/password setup for a “trusted identity” they would obtain from a private company that specializes in verifying identities.

You would go to one of these companies, for example, and prove your identity much like you do when you obtain a driver’s license or a passport. The company would then provide you with a smart card, keychain fob, one-time password generator, or even a phone app. Plug the smart card or fob into your computer or fire up the app when accessing online banking, buying something on Amazon, filing your taxes, or anything else that requires personal data. All of your information is stored on the “trusted identity” you received, so you don’t have to enter anything or remember a password.

“The Internet has transformed how we do business, opening up markets and connecting our economy as never before. It has revolutionized the ways in which we communicate with one another, whether with a friend down the street or a colleague across the globe,” President Obama said in a statement. “And as we have seen in recent weeks, it has empowered people all over the world with tools to share information and speak their minds. In short, the growth of the internet has been one of the greatest forces for innovation and progress in history.”

The White House stressed that this system—known as the National Strategy for Trusted Identities in Cyberspace (NSTIC)—will primarily be a private-sector undertaking, though some government agencies, such as those that provide health care or other benefits, may provide trusted IDs directly. The government is not going to require Internet IDs and will not be setting up the online shopping equivalent of the DMV, the White House said.

via White House Unveils Plan for Secure Online IDs | News & Opinion | PCMag.com.

Filed Under: Tech Bytes Tagged With: Amazon, botnets, com, cyber criminals, news, online, password, PCMag, time password

Analysis: Epsilon hacking shows new spear-phishing risks | Reuters

April 4, 2011 By Global EDD Group Leave a Comment

A data breach involving online marketer Epsilon, whose clients are a Who’s Who of major banks and retailers, was only the latest in a string of hacking attacks aimed at getting email records for more thefts, security experts warned on Monday.

The breach, disclosed in stages since Friday, involved the Epsilon unit of Alliance Data Systems Corp, which said some clients’ customer names and email addresses were obtained via an “unauthorized entry.”

Companies that have said they were exposed since then include banks Citigroup Inc and Capital One Financial Corp, and retailers Walgreen Co and Best Buy Co.

Compromised files apparently did not include the payment card data that has created scares in the past, such as at retailer TJX Cos.

But security experts said just having email addresses — plus knowing where someone shops — can help thieves write more sophisticated emails to steal financial data or spread malicious software, or malware.

That practice — using emails that appear to come from a trustworthy source to steal data — is sometimes known “spear-phishing” because such emails are more focused than traditional “phishing” emails.

via Analysis: Epsilon hacking shows new spear-phishing risks | Reuters.

Filed Under: Tech Bytes Tagged With: Alliance, alliance data systems, Data, online, Reuters, security

Is Your Online Presence Property or Person? – BusinessWeek

January 14, 2011 By Global EDD Group Leave a Comment

Online data privacy has been in the spotlight for a variety of reasons over the past year, from Facebook’s privacy settings to government subpoenas for WikiLeaks data. Before Congress, regulators, and courts can give the issue legal clarity, they will need to answer some fundamental questions about which areas of law even apply.

A panel on data privacy earlier this week at the Consumer Electronics Show laid out the broad issues that need to be determined before any meaningful attempts at institutional reform can get underway. Central among them is the question of whether online privacy is a matter of personal property or of human rights.

Rep. Marsha Blackburn (R-Tenn.) kicked off the CES discussion, explaining that Congress is looking at regulating online consumer privacy, but that it first needs to figure out what exactly is meant by data privacy, what precisely it wants to regulate, and how to balance protection for consumers with protection for emerging commerce. Determining the latter two should be relatively easy—those are the questions inherent in any lawmaking process—but answering the first question could be a struggle.

ONLINE, WHAT CONSTITUTES A PERSON?

The crux of the issue is whether or not an online persona is an extension of a human being—as Marc Davis, a partner architect in Microsoft’s online services division, believes—or a mere collection of bits that can be bartered away for access to free e-mail or a social network. Davis sees the issue of data privacy as nothing less than defining what it means to be a person in a digital world.

Beyond the issues of storing and mining data, there are questions about who or what entities have the right to publish readily available public data about individuals and what it means to have digital identities that individuals might not even have created—and which will live on after they die.

Fred Carter, senior adviser to Ontario’s Office of the Information and Privacy Commissioner, boiled it down to how we characterize personal data. Whereas the U.S. government and U.S. citizens tend to view data as a property issue (i.e., we own our data and we’ll do with it what we please), the rest of the world views it as a human rights issue (i.e., there are defined limits to what Web companies can and cannot do with people’s data). That’s a big distinction: Although we can contract away property rights, basic human rights are not legally negotiable.

via Is Your Online Presence Property or Person? – BusinessWeek.

Filed Under: From The News Tagged With: Congress, consumer electronics show, issue, online, privacy, protection

Podcast: Online Tracking and Privacy – Tech Talk – NYTimes.com

December 14, 2010 By Global EDD Group Leave a Comment

The Times reporter Tanzina Vega discusses the Federal Trade Commission’s proposal that would allow consumers to opt out of online tracking from Web adverstisers. Personal Technology editor Sam Grobart explains the concept of soundbars and Christopher Coppola shares his insights on modern movie-making and his “Digivanglist” reality show.

via Tech Talk – NYTimes.com.

Filed Under: From The News Tagged With: com, federal trade commission, online, Podcast, tanzina, Times, times reporter, trade

Official Google Blog: A curious guide to browsers and the web

November 18, 2010 By Global EDD Group Leave a Comment

Twenty years ago this month, Tim Berners-Lee published his proposal for the World Wide Web. Today, the web is an explosion of pages and apps teeming with videos, photos and interactive content. These powerful new web experiences—such as “The Wilderness Downtown,” our HTML5 collaboration with the band Arcade Fire—are possible thanks to cutting-edge web technologies that bring all this content to life in the modern browser.

But how do browsers and the web actually work? What is HTML5—or HTML, for that matter? What do terms like “cookies” or “cloud computing” even mean? More practically, how can we keep ourselves safe from security threats like viruses when we’re online?

To help answer these questions, we collaborated with the wonderful illustrator Christoph Niemann to publish an online guidebook called “20 Things I Learned about Browsers and the Web.” This handy guide is for those of us who’d like to better understand the technologies we use every day.

via Official Google Blog: A curious guide to browsers and the web.

Filed Under: Tech Bytes Tagged With: content, Google, guide, online, tim berners lee, Web, Wide