Security_eBook_blog_Banner

Bitcoin belly flops as Bitfinex braves burgalry

It’s been a hacky kind of a week in tech. Bitcoins were stolen, and allegedly Yahoo accounts too. Cars were controlled by people who weren’t driving them, and government spooks used trawled messaging networks. Read on to find out why you should be paranoid.


ID-100238473 copy

Bitcoin’s price plummeted by 20 per cent after someone stole millions of dollars in the cryptocurrency from Hong Kong-based exchange Bitfinex. Some 120,000 bitcoins (around US$72 million) went missing from the exchange. Bitfinex is the largest exchange for bitcoin outside China, so this is a big deal, mirroring the theft of bitcoins from Mt Gox in 2014 that sent the digital currency’s value reeling.

Yahoo steels itself for data breach scandal

Yahoo’s core business isn’t all that was up for sale this month, apparently. Security experts were exploring claims that 200 million Yahoo accounts were available on the dark web. The advertisement was created by a seller known as Peace, who has a successful seller history, having sold 167 million LinkedIn accounts and 300 million MySpace accounts. The accounts are likely to have been from a 2012 hack.

Some of the email addresses checked out, according to Motherboard, but it also said that many addresses were undeliverable, suggesting that if they are indeed legitimate, they’re old ones. But the data could still be used for criminal gain, said experts.

If a hacker crashes your car, is it your fault?

Canadians will still be liable for car crashes, even if their vehicle has self-driving features, just so long as it still has a steering wheel, said a Canadian legal firm. So what happens if someone else happens to be driving your vehicle at the time from halfway across the world?

At the Black Hat security conference, hackers who unveiled a cybersecurity flaw in Chrysler cars last year are back with some new ones. They can turn the wheel 180 degrees or slam on the brakes at speed. Unlike last year’s hack, this one requires a laptop to be plugged directly into the car, but sooner or later, hackers will gain another wireless foothold into vehicles, they say. Researchers also plan to demonstrate similar hacks with big rig semi trucks next week.

Protect your workers from online curmudgeons: Ruling

Canadian companies must take care of their employees on social media, according to a ruling uncovered by the CBC this week. The Toronto Transit Commission didn’t act effectively when disgruntled customers posted pictures of its workers on social media, according to a ruling by an Ontario arbiter.

Offensive tweeters should be asked to remove posts about individual staff members and blocked if they don’t comply, it said. Even firms who thought their social media policy was solid may have to go in and add a few lines now.

Dingbat of the week

This week’s dingbat award probably goes to the Iranian government. We say ‘probably,’ because it’s hard to know for sure. Hacking group Rocket Kitten managed to obtain the phone numbers of 15 million Iranians who use the Telegram secure messaging service.

Telegram uses SMS messages to sign new devices up to the system. Researchers claim the hacking group was able to intercept SMS messages sent to those users, thus identifying their phone numbers. That would enable it to map accounts to particular individuals, it said. Telegram played down the hack, arguing that other secure messaging services are based on phone numbers too. If nothing else, it shows how two-factor SMS is becoming less feasible by the minute.

Rocket Kitten has carried out attacks on targets that are in line with the Iranian government’s interests. Experts believe that it’s a state group, but as with the Sony Pictures takedown in 2014 and the DNC hack, it’s practically impossible to attribute an attack with complete certainty.

Illustration courtesy of Free Digital Photos

SIP eBook 2014 expertIP bottom banner update
Comments are closed.