email address

Nearly half of all leading websites are vulnerable to an audacious hacking method according to a new report. The attacks involve hijacking an account before it has even been created. The scam uses various methods, but usually involves creating an ... account using an email address, then waiting for the actual owner of that email address to attempt to create an account on a specific website. Microsoft's Andrew Paverd and independent researcher Avinash Sudhodanan detailed the problems in a research paper and blog post. (Source: microsoft.com ) They say the "root cause" of the problem is that many ... (view more)

Apple has paid $100,000 reward to a security researcher who discovered a simple but potentially damaging bug. Until it was fixed, the bug could have let hackers take over a user's account. The problem was with "Sign in with Apple" - a system that ... lets users sign up to websites via their Apple account rather than having to create specific login details for each site, or go through an email confirmation process it. As with similar systems from Facebook and Google, it only works on websites that support the "Sign in with Apple" feature. When the user visits the third-party site, it ... (view more)

A third-party Android app store has been hit by a big data breach. Aptoide users who registered between 21 July 2016 and 28 January 2018 may be affected. Aptoide works in a same way as Google's own Play app store, but isn't subject to its content ... regulations or security vettings. As with all third-party stores, users must confirm they accept security risks when installing apps from it. A hacker has published data from 20 million users and claims to have details of another 19 million users altogether. That's a big chunk of the 150 million people Aptoide claims have used its service at some ... (view more)

Twitter has apologized for using customer security contact details for advertising purposes. Its underwhelming announcing has gone down badly with privacy groups and could have legal consequences. The blunder involved Twitter's advertising services, ... specifically tools called "Tailored Audiences" and "Partner Audiences." It works like this: advertisers upload their own marketing lists of email addresses and phone numbers to Twitter, along with an ad. Twitter then compares the marketing list to its own database of customers. It then shows the ad only to people who appear on ... (view more)

Scammers have found a creative way to bypass spam filters, effectively tricking legitimate sites into sending the message on their behalf. It's a reminder that human skepticism is always a key part of cyber security. The new scam was spotted by Sam ... Cook of Comparitech who spotted something amiss in an email from the British Newspaper "Archive," - a perfectly legitimate organization. The scam email asked him to confirm his email address for registering an account with the site. The problem there was that Cook hadn't attempted to register. In fact, this was the first time he ever ... (view more)

The way Twitter handles 'dormant' accounts has been hijacked to promote terrorist material, according to a report. It's all to do with the way Twitter associates its accounts with email addresses. The report comes from TechCrunch and follows a ... sudden upsurge in posts that don't seem connected to the account in question, but instead appear to come from members or supporters of Islamic State. (Source: techcrunch.com ) The problem appears to stem from the fact that Twitter doesn't delete accounts even if they aren't regularly used and may even have been abandoned by their original users. ... (view more)

Google is to shut its social network Google+. Although the service was something of a flop, the closure is more to do with a massive data exposure. Google+ launched back in 2011 and was one of several attempts by the company to compete with the ... likes of Facebook. Its main selling point was the concept of Circles, which meant that users weren't restricted to sharing posts and updates with a fixed set of friends. Instead, they could write a post that was seen by a particular group, such as work colleagues or people with a shared hobby. Facebook does have such a feature, but it's not as ... (view more)

Infopackets Reader Pat C. writes: " Dear Dennis, I have been using Microsoft Outlook for a number of years as it is my go-to email client. Every so often I need to reinstall Windows for various reasons; when this happens I have to reinstall Outlook ... and create a new Outlook .PST file, which stores my Outlook data including emails and calendar. The problem is that I have 8 .PST files from each time I've had to reinstall Windows over the years, as Outlook simply - will not - allow you to continue using the same .PST file from where you last left off. From what I can tell, each time the .PST file ... (view more)

T-Mobile has fixed a bug that let hackers get sensitive personal data just by using a phone number. In theory, it could have been possible to collect details on all the company's customers, though T-Mobile denies this. The problem was discovered by ... Karan Saini, a security researcher who discussed the problem with the Motherboard Vice website. The site then approached T-Mobile about the problem. It said "we were alerted to an issue that we investigated and fully resolved in less than 24 hours. There is no indication that it was shared more broadly." (Source: vice.com ) The bug had to do with T ... (view more)

Stolen Yahoo account details could be changing hands for as little as three-hundredths of a cent according to security researchers. It follows a hack of more than a billion accounts. It's the second Yahoo breach reported this year. Back in September ... the news broke that details of more than 500,000 accounts had been accessed by hackers in 2014. Now Yahoo has confirmed a separate attack in 2013 involved the theft of data for more than a billion accounts, something security experts believe makes it a record breach. It's suggested that the stolen data includes email addresses and passwords, ... (view more)