(FoxNews.com): Real-life pirates are holding Disney’s most valuable pirate for ransom. Digital hackers have reportedly gotten their mitts on a copy of Disney’s new “Pirates of the Caribbean” film. Deadline reports the hackers are demanding a lot of Bitcoin loot, or they will release the film online before its May 26 premiere date. According to the Hollywood Reporter, Disney will not pay the ransom and is working with the FBI. A rep for Disney did not return Fox News’ request for comment. Walt Disney CEO Bob Iger said during a town hall meeting with ABC employees Monday that hackers claimed to Click Here to Read more
An update to this story can be found here. LONDON (CNN) – Hospitals in the UK were crippled by a “large-scale” cyber attack on Friday that forced operations to be canceled and ambulances to be diverted. Health workers reported being locked out of their systems and seeing messages demanding ransom payment to regain access. NHS England described the incident as a “ransomware” attack. At least 16 organizations connected to the National Health Service (NHS) in England reported being affected. “The investigation is at an early stage but we believe the malware variant is Wanna Decryptor,” NHS Digital said in a statement. Click Here to Read more
Over the weekend, a hacker group by the name of “Thedarkoverlord” claimed that they had broken into Netflix and downloaded the entire new season of the Orange Is The New Black season and that it will upload it to file sharing sites unless Netflix paid the “modest” ransom demand. Netflix has not commented on the situation nor have they given into the hacker’s demands.
(PCWorld.com): Hundreds of thousands of internet gateway devices around the world, primarily residential cable modems, are vulnerable to hacking because of a serious weakness in their Simple Network Management Protocol implementation. SNMP is used for automated network device identification, monitoring and remote configuration. It is supported and enabled by default in many devices, including servers, printers, networking hubs, switches and routers. Independent researchers Ezequiel Fernandez and Bertin Bervis recently found a way to bypass SNMP authentication on 78 models of cable modems that ISPs from around the world have provided to their customers. Their internet scans revealed hundreds of thousands of devices Click Here to Read more
PHILADELPHIA (CBS) – The Internal Revenue Service says the personal data of as many as 100,000 taxpayers may have been compromised. They say hackers posed as students using an online “data retrieval tool” to apply for financial aid. The tool is used by families to import tax information on applications. The IRS shut down the retrieval tool last month, they say it will be secure and operational by this fall.
With all of the discussion on popular services being hacked, we here at CompuScoop are continuing to show our readers how to protect their accounts from being taken over. This week, we’ll focus on how to add two factor verification to an iCloud account. What IS two-factor verification? Two factor verification means that nobody would be able to login to iCloud from an unknown (new) device, even if its you. When this happens, a window will pop-up with a map showing where the computer is from. If the person verifies the location of the login, they will then be giving a special ID number Click Here to Read more
Unless you’ve been under a rock, you probably heard about the Twitter message that was put out by McDonald’s about President Donald Trump. The company later removed the Tweet and issued a statement apologizing for it. The company then said that their account was “compromised.” That hack has sparked a discussion here at CompuScoop on securing your Twitter (and Facebook) account with what is known as a two step verification process. While it can become a pain-in-the-ass to set up and use, it can help avoid situations such as the one above. Here’s what to do: 1. Login to your Twitter Account. 2. Click Here to Read more
“A company that sells ‘smart’ teddy bears leaked 800,000 user account credentials — and then hackers locked it and held it for ransom,” Lorenzo Franceschi-Bicchierai reports for Motherboard. “A company that sells internet-connected teddy bears that allow kids and their far-away parents to exchange heartfelt messages left more than 800,000 customer credentials, as well as two million message recordings, totally exposed online for anyone to see and listen,” Franceschi-Bicchierai reports. “Since Christmas day of last year and at least until the first week of January, Spiral Toys left customer data of its CloudPets brand on a database that wasn’t behind Click Here to Read more
(MacRumors.com): A number of Mac apps failed to launch for users over the weekend because of a change to the way Apple certifies apps that have not been bought directly from the Mac App Store. Several users of apps including Soulver and PDFPen who had downloaded the apps from the developers’ websites all reported immediate crashes on launch. Developers of the apps quickly apologized and said that the issue was down to the apps’ code signing certificates reaching their expiration date. Apple issues developer signing certificates to assure users that an app they have downloaded outside of the Mac App Store is legitimate, comes Click Here to Read more
Forbes reports that security researchers at Elcomsoft discovered that Apple was retaining an iCloud record that kept deleted web history “by accident.” Using software developed by Elcomsoft only released today, researcher Vladimir Katalov downloaded his own data, and discovered records going back to Nov. 2015. Other information retrievable by the forensics tool on an iCloud-synced iPhone with Safari history retention turned on, were full Google search terms back to 2015, and “cleared” Notes for the last 30 days. According to an unnamed forensics expert contacted by Forbes separate from Elcomsoft, the retention isn’t malicious. The second expert noted that the failure by Apple Click Here to Read more
A new vulnerability has been discovered in all Netgear Routers and Modems, which could let a hacker gain control of a network and install a botnet, or even gain control of an entire network. The issue has already been submitted to the U.S. government’s National Vulnerability Database, and acknowledged by Netgear, which has put up a list of exposed models. The company has also issued updated firmware which should close the vulnerability, but only on some devices. The full list of patched hardware includes: R8500 R8300 R7000 R6400 R7300DST R7100LG R6300v2 WNDR3400v3 WNR3500Lv2 R6250 R6700 R6900 R8000 R7900 WNDR4500v2 R6200v2 WNDR3400v2 D6220 D6400 Click Here to Read more
(LA Times): Malicious software tied to Russian intelligence agencies has been found on a computer of a small electric utility in northern Vermont, raising concerns of Russian attempts to interfere with critical infrastructure as well as the 2016 presidential race. The laptop computer was not connected to the electric system, and the malware did not disrupt electric grid operations or compromise customer data, according to the Burlington Electric Department and a U.S. law enforcement official speaking on condition of anonymity. The disclosure comes amid rising tensions with Russia over U.S. charges that Russia’s two largest intelligence agencies, known as the Click Here to Read more
(9to5Mac.com): After an off-duty police officer shot dead the Russian ambassador to Turkey, Apple has been asked to help unlock an iPhone 4s recovered from the killer. MacReports and other local media say that Apple is expected to refuse the request from Turkish authorities, but report that the Russian government has said it will help … Russia is planning to send a special technical team to Turkey to unlock the iPhone, a senior Turkish official told us. The case of course echoes that of the San Bernardino shooting, where Apple refused to help the FBI unlock a work phone used by one of the killers on the basis that any backdoor it created Click Here to Read more
We need web browsers to surf the web. But did you know that it is also broadcasting information about you to other web sites? I did a little experiment. I went to a retail web site, and surfed the site for a few minutes. I then went back to my home page, and then on another web site. Within a few minutes, I started getting banner ads from the store that I was just at of products that were available at my local store. But how could this be? The answer is easier than you think. Your web browser is Click Here to Read more
While not new for Mac people that use the invite feature in iCal (Apple’s Calendar app) users have seen a serious increase in Spam related invites over the past few weeks. In a statement given to iMore‘s Rene Ritchie, an Apple spokesperson said the company working to block spam invites. We are sorry that some of our users are receiving spam calendar invitations. We are actively working to address this issue by identifying and blocking suspicious senders and spam in the invites being sent. However, you can create a new Calendar, name it Spam, move the spam invitation to the Spam Click Here to Read more