WordPress Malware Attack Gaining Steam

Apparently a WordPress malware attack is turning into a real issue. “The malware is called VisitorTracker, and its aim should be self-explanatory. Sucuri said that incidents of infection have had a sharp uptick in recent days, and the firm – which reported on it just two weeks ago – hopes that its reprise and update of the information will inform WordPress and encourage it to take action to mitigate the problem.”

The FBI May Use Your RTs as Evidence

Be careful what you RT — the FBI says retweets are endorsements. “22-year-old Queens resident Ali Saleh was arrested this week following an FBI investigation into his attempts to join ISIS. According to the complaint against him, Saleh began tweeting his plans in 2013. Saleh’s retweets came up repeatedly in the complaint as cause for arrest.”

Class Action Lawsuit Accuses Twitter of Spying on Direct Messages

A class-action lawsuit says Twitter has been spying on direct messages. “While it’s quite obvious that there aren’t humans that work at Twitter reading your direct messages, an algorithm is sweeping over them, to swap out links with shortened T.co (the shortening service owned by Twitter) ones for tracking purposes, presumably. The lawsuit claims that Twitter should collect consent to do such things within the private messages…”

The Trouble With Digitizing History

From Fast Company: the trouble with digitizing history. All those years of copyright extension and other legal foolery has come back to bite us on the nose. “For all of Sound and Vision’s efforts, though, only 2.3% of its digitized archive is publicly available online. Schools and researchers are allowed to access 15% of the archive on Sound and Vision’s website. For the rest, Sound and Vision’s administrators have to ask the copyright holders’ permission to release their clips outside of the building. Frequently, it involves making calls to several people, and sometimes they say no.”

FBI Issues Warning on IoT

The Internet Crime Complaint Center (IC3) has released a warning/alert on the “Internet of Things” (IoT). “As more businesses and homeowners use web-connected devices to enhance company efficiency or lifestyle conveniences, their connection to the Internet also increases the target space for malicious cyber actors. Similar to other computing devices, like computers or Smartphones, IoT devices also pose security risks to consumers. The FBI is warning companies and the general public to be aware of IoT vulnerabilities cybercriminals could exploit, and offers some tips on mitigating those cyber threats.”

Yet Another Health Insurer Hack

Have you heard about the latest health insurer hack? “Excellus has revealed that in August of this year it discovered a nearly 2-year old intrusion campaign in its network that gave hackers access to potentially all its customers’ records. That data includes names, birth dates, Social Security numbers, mailing addresses, telephone numbers, and a variety of account information including claims and financial payment details.”

Hackers Already Messing With Self-Driving Cars

Hackers are already messing with self-driving cars. “Automated cars use laser ranging systems, known as lidar, to image the world around them and allow their computer systems to identify and track objects. But a tool similar to a laser pointer and costing less than $60 can be used to confuse lidar. The attack can be carried out from behind, in front or from the side of the car and without alerting the car’s passengers, according to a security researcher.”

Ashley Madison Hack Analysis: People Still Use Dumb Passwords

Further analysis of the Ashley Madison hack shows us that terrible passwords are still a problem. Warning: the list of stupid passwords contains obscenities. And stupid passwords. “While plenty of aspects of Ashley Madison’s business and operations have raised eyebrows, the firm did apparently use robust and respected encryption for its user passwords. But even bcrypt-hashed passwords can be cracked if the user choses a stupid password, like, er, password. Or 123456.”