News in brief: 17m passwords stolen from Zomato; laptop ban from EU shelved; hackers target MPs

Készült: 2017. máj. 18
Nyomtatás

Your daily round-up of some of the other stories in the news

Hackers steal 17m passwords from restaurant app

Restaurant app Zomato warned its users around the world on Thursday that it had reset the passwords of about 17m of its users whose details had been stolen from the Indian start-up’s database.

Zomato, which has more than 120m users every month, moved to reassure people that no payment details had been stolen, and said that because some 60% of its users log in via third-party OAuth services such as Facebook or Google, that the company didn’t even have password details for those people. It added that for those passwords it does have, they’re protected by hashing “with a one-way hashing algorithm, with multiple hashing iterations and individual salt per password”.

However, Zomato didn’t say which hashing algorithm it uses, and Motherboard reported on Thursday that “according to a sample of alleged Zomato data posted on the dark web, and additional samples the alleged hacker gave to Motherboard, Zomato used an outdated algorithm to has its customers’ passwords and only took other, minimal, precautions”.

Zomato later said that the alleged hacker had been “very co-operative”, asking the company to “acknowledge security vulnerabilities in our system … his/her key request was that we run a healthy bug bounty program for security researchers”.

No laptop ban from Europe

Good news for travellers to the US from Europe: officials from the EU and the US have decided not to extend the ban on devices bigger than a smartphone in aircraft cabins, though they did say that other security measures were being considered.

The move is also good news for those who aren’t keen on the thought of an aircraft hold full of the lithium batteries of checked laptops, tablets, Kindles etc: lithium batteries have a habit of bursting into flames.

However, talks on airline safety will continue in Washington DC next week to “further assess shared risks and solutions for protecting airline passengers whilst still ensuring the smooth functioning of global air travel”, said the European Commission.

The airline industry had warned that extending the ban to flights from EU countries could cost more than $1bn in lost productivity and cause chaos at airports in the busy summer holiday period.

Lawmakers warned of hacking attempts

A small number of British MPs and their political staff were targeted in an attack by what “a senior security official” told the Financial Times was likely to have been the work of a nation state.

The threat is still present, the security official said. The MPs and their staff had been sent phishing emails designed to get them to reveal login details to accounts.

The UK’s spy agency, GCHQ, has asked Britain’s election regulator, the Electoral Commission, to warn candidates in the upcoming general election to be vigilant about the threat from hackers.

That warning comes as concerns remain about attacks on last year’s US presidential election and on the new French president Emmanuel Macron during his campaign, thought to be the work of the Russian hacking group Fancy Bear and designed to meddle in the outcome of those elections.

Catch up with all of today’s stories on Naked Security


Source: Naked Security

Hozzászólások

Hacktivity 2014

Események

Nincs esemény létrehozva még.

mySec talk #7 (ITBN)

A frissítés nélkül hagyott szoftverek magas aránya még mindig aggodalomra ad okot

A Secunia biztonsági cég jelentése azt mutatja, hogy az Egyesült Államokban rengeteg frissítés nélküli szoftver

Új titkosítási szabvány kerül bevezetésre az Apple-nél és a Google-nél

Az Apple azon bejelentésének nyomán, miszerint egy olyan fejlesztést eszközölnek az iOS8 operációs rendszerükön,

Önmegsemmisítő Facebook- és Twitter-üzeneteket és fotókat kínál a Dstrux

Egy cég, amely az üzleti dokumentumok biztonságba helyezésével foglalkozik, egy „Mission: Impossible” jellegű ö

Az FBI igazgatója szerint az Anonymous veszélyesebb, mint az al-Kaida

Múlt héten rendezték meg San Franciscóban az RSA biztonsági konferenciát, ahol az FBI jelenlegi igazgatója, Robert Mueller

CEO vs. CISO, avagy a biztonság két szemüvegen keresztül

A vállalatok igazgatói továbbra is nagyon eltérően tekintenek a kockázatokra és a védelmi teendőkre, mint a biztonsági v

Alig egy hét múlva Hacktivity

Október 21–22-én, immáron 13. alkalommal gyűlnek össze az etikus

Az Index.hu újságírója lett az „Év információbiztonsági újságírója”

A Hétpecsét Információbiztonsági Egyesület 2006-ban alap&iac

Boldog Új Évet Kívánunk! - 2016.

Az Antivirus.blog nevében Minden Kedves Olvasónknak Egészségben, siker

Ez történt 2015-ben

Nem volt eseménytelen esztendő a 2015. - sem. A legizgalmasabb incidense

mySec Információ