Video-sharing Website Dailymotion Hacked; 87 Million Accounts Leaked

December 6th, 2016
by The Feeder

By Waqas

Dailymotion, a world renowned video sharing website has suffered a massive data breach in which a hacker whose identity is unknown successfully stole 87 million accounts and shared with LeakedSource, a data breach notification website. The data breach which took place on 20th October 2016 allowed the hacker to steal usernames, emails and hashed passwords of Dailymotion’s […]

This is a post from HackRead.com Read the original post: Video-sharing Website Dailymotion Hacked; 87 Million Accounts Leaked

Posted in breach, Hacking, hacking news, Internet, leaks, security, videos | Comments (0)

Thieves can guess your secret Visa card details in just seconds

December 5th, 2016
by The Feeder

Enlarge / A website bot as it distributes CVV guesses over multiple sites. (credit: Ali, et al.)

Thieves can guess your secret Visa payment card data in as little as six seconds, according to researchers at Newcastle University in the UK. Bad actors can use browser bots to distribute guesses across hundreds of legitimate online merchants.

The attack starts out with a card's 16-digit number, which can be obtained in a variety of ways. Attackers can buy numbers on black-market websites, often for less than $1 apiece, or use a smartphone equipped with a near-field communication reader to skim them. The numbers can also be inferred by combining your first six digits—which are based on the card brand, issuing bank, and card type—with a verification formula known as the Luhn Algorithm. Once an attacker has a valid 16-digit number, four seconds is all they need to learn the expiration date and the three-digit card-verification value that most sites use to verify the validity of a credit card. Even when sites go a step further by adding the card holder's billing address to the process, the technique can correctly guess the information in about six seconds.

The technique relies on Web bots that spread random guesses across almost 400 e-commerce sites that accept credit card payments. Of those, 26 sites use only two fields to verify cards, while an additional 291 sites use three fields. Because different sites rely on different fields, the bots are able to enter intelligent guesses into the user field of multiple sites until the bots hit on the right ones. Once the correct expiration date is obtained for a given card—typically banks issue cards that are valid for up to 60 months—the bots use a similar process to obtain the CVV number. In other cases, when sites allow the bots to obtain the CVV first—a process that can never require more than 1,000 guesses—the bots then work to obtain the expiration date and, if required, the billing address.

Read 6 remaining paragraphs | Comments

Posted in Law & Disorder, payment cards, Risk Assessment, verification, Visa | Comments (0)

Paul’s Security Weekly #491 – Security News

December 5th, 2016
by The Feeder
A new Mirai worm knocks almost a million Germans offline, time is running out for NTP, the propaganda about Russian propaganda, and who hacked the lights in Ukraine? All that and more in this week’s security news! Full Show Notes Take the Security Weekly Survey Subscribe to YouTube Channel Security Weekly Website Follow us on

Posted in 491, Hacking, Jack Daniels, mirai, news, NTP, paul asadoorian, Paul's Security Weekly, security, security news, SecurityWeekly | Comments (0)

Trying, and failing, to sneak into Amazon’s Skynet take on grocery shopping

December 5th, 2016
by The Feeder

Enlarge / "Let's go shopping!" "No, let's Amazon Go shopping." "Dave, I hate your puns." (credit: Sam Machkovech)

SEATTLE—Amazon's foray into the world of brick-and-mortar grocery shopping has been all but confirmed for nearly a year thanks to leaks such as spotted permit applications. The rumor became reality on Monday with the announcement of Amazon Go, an experiment in grocery shopping that removes the clerks.

This is not just another idle announcement, either: the company's pilot store is now open for business. It's attached to one of Amazon's headquarter buildings in Seattle's South Lake Union neighborhood and is already stocked with food options (and a giant staff of cooks and food preparers). There's just one catch—only full-time "blue badge" Amazon staffers can get in right now.

Never one to take "no" for an answer, I grabbed a camera and walked up to the front door with hopes that my shining blue eyes would make up for my lack of a blue badge. That didn't work out, but I did gather a few more details while receiving death glares from staffers and security personnel.

Read 8 remaining paragraphs | Comments

Posted in amazon, amazon fresh, amazon go, Ministry of Innovation | Comments (0)

Credit Cards can be Hacked in Just 6 Seconds—Reveals New Study

December 5th, 2016
by The Feeder

By Waqas

According to the latest research [Pdf] carried out by the University of Newcastle in the UK, hackers only require 6 seconds’ time to acquire sensitive details about your VISA credit or debit card along with its security code and expiry date. This particular study was published in the IEE Security & Privacy journal. As per the […]

This is a post from HackRead.com Read the original post: Credit Cards can be Hacked in Just 6 Seconds—Reveals New Study

Posted in credit card, data, Hacking, hacking news, infosec, Internet, Money, security | Comments (0)

Windows 10 “Home Hub” feature will take on Amazon Echo and more

December 5th, 2016
by The Feeder

Microsoft is going to make the Windows 10 PC a more family-focused device, taking on Amazon's Echo and Google Home as it does, according to the latest reports and rumors about forthcoming features.

The story starts with Twitter user Walking Cat poking around preview builds and finding reference to a feature named Home Hub. This appears to take the multi-user features of Windows 10 in a new direction. In addition to individual per-user accounts on shared machines, Home Hub will enable a shared Family Account and Family Desktop. This account will have its own calendar, music, pictures, and other resources that are used by and shared between several different people.

Mary Jo Foley tied that to job postings from November, where Microsoft outlined its desire to build family-oriented sharing features for Windows and its desire to compete with Google, Amazon, Apple, and AT&T

Read 7 remaining paragraphs | Comments

Posted in amazon echo, Cortana, Gear & Gadgets, Microsoft, Technology Lab, Windows | Comments (0)

Mistrial declared in murder trial of cop filmed shooting fleeing suspect

December 5th, 2016
by The Feeder

Note: this video contains violence.

A Charleston, South Carolina judge declared a mistrial Monday in the case of a white South Carolina police officer on trial for the video-taped shooting of Walter Scott, a 50-year-old black man. The video was secretly taken last year by a passerby, and it has been viewed online millions of times. This week, after four days of deliberations, the 12-member jury announced it was hopelessly deadlocked.

On trial is Michael Slager, a 35-year-old now-fired North Charleston officer. He's accused of killing Scott by shooting the man in the back. Scott was pulled over in April 2015 for a routine traffic stop—a tail-light that was not working. He had a warrant for his arrest and fled the scene, prompting a chase. The officer testified that there was a brief altercation in a park over his Taser, and the cop then shot Scott five times as he fled. Slager has said he acted out of "total fear."

The killing is yet another instance of police shooting a black man in the US. According to various watchdog sources—the Washington Post, The Guardian, and the Killed by Cops database—between 706 and 844 people have been killed by US cops during the first nine months of 2016. Of that total, the North Carolina ACLU notes there were 194 deceased black Americans.

Read 6 remaining paragraphs | Comments

Posted in criminal case, filming cops, filming the police, jury trial, Law & Disorder, michael slager, YouTube, youtube society | Comments (0)

Dirty Cow Vulnerability Patched in Android Security Bulletin

December 5th, 2016
by The Feeder
Today's Android Security Bulletin included a patch for the Dirty Cow vulnerability, a seven-year-old Linux bug that had yet to be patched by Google.

Posted in android, Android patches, Android Security Bulletin, Android vulnerabilities, Dirty Cow, Dirty Cow patch, google, Google Patches, Linux patch, Mobile Security, vulnerabilities | Comments (0)

Google Debuts Continuous Fuzzer for Open Source Software

December 5th, 2016
by The Feeder
A new Google program OSS-Fuzz is aimed at continuously fuzzing open source software and has already detected over 150 bugs.

Posted in CII, Core Infrastructure Initiative, fuzzing, google, Open Source, open source software, OSS-Fuzz, vulnerabilities, Web Security | Comments (0)

Cybersecurity Readiness Confidence Declined In 2016

December 5th, 2016
by The Feeder
New report querying security pros shows increase in worry about risks with mobile and cloud environments.

Posted in Uncategorized | Comments (0)