Let's take a quick trip back to some of the big news from earlier this summer, and discuss LinkedIn again: LinkedIn: Breach Cost Up to $1M, Says $2-3 Million in Security Upgrades Coming. SecurityWeek's article touches on the overall cost, and a hazy, "improvement," cost - but the real item in this story is that even with the breach, LinkedIn seems to be pushing along very strongly with a great increase in page views and activity. While it seems to affect their bottom line, it looks like networking site is none the worse for wear after the breach. Is this a good sign of LinkedIn's popularity or a bad sign that the average user isn't worried about the data they store being compromised?
In other news from websites that I use a great deal, looks like Dropbox is on the list of recently attacked as well: Dropbox confirms it got hacked, will offer two-factor authentication | Ars Technica. When several members of the service started getting emails to their accounts they only use with Dropbox, things started to look suspicious. I'm assuming they're using separate email addresses like I do on there, for deniability and to share big files with their friends that have nothing to do with music or movies. Right... Luckily in this case, it looks like the email addresses themselves were the only thing accessed, but Dropbox is doing their part, allowing their users to see all active logins to their accounts so people can track when and where it's been active. There is a report of some accounts being hacked as well, but the official statement is that hacking is unrelated to this current problem. We'll see if this pops up again in the next few weeks.
Continuing on with my theme of companies getting attacked: Reuters hacked, fake news posted, and Reuters Twitter account hacked. On the surface, this seems like a relatively run of the mill story: Twitter account and blog gets hacked, fake news stories uploaded and tweeted. If any of your friends or co-workers have suddenly taken an interest in selling you diet pills, you know how commonly this can actually happen. The interesting piece here is that since the updates are related to the current unrest in Syria, it could be politically motivated to undermine or spread false information about the Free Syrian Army, the group of rebels currently fighting the existing Syrian Government. Reuters has said it doesn't have any information yet on the hacking itself and took down its blog to try to fix everything on Friday, but looks like everything is back to business as usual this morning.
Shifting focus a bit, one of the most retweeted articles on my app this weekend was this post from Cnet: Woz: The cloud is a nightmare. I think Wozniack is fantastic, in that he pretty much says whatever's on his mind at the time, and has enough clout in the computing world that people pay attention. For instance, this article: The Amazing Contents of Steve Wozniak's Travel Backpack, from mid-July is pretty run of the mill, but gives a good look into Wozniak's fascinating weirdness and incredibly strong back. Woz's criticism of the cloud isn't anything new - he's on the same page as a great deal of people who are concerned with keeping their data on a server they have no control over. What are your thoughts on cloud storage? Any concerns or misgivings?
The cloud and Apple figure prominently in this story as well: Hackers Got Into Reporter's iCloud Account With Deception, No Password Required. Social Engineering is to blame in this attack, in which an attacker was able to get into the accounts by working their way around the security questions instead of answering them directly. I'm always impressed at the verbal dexterity needed to work past these barriers, but apparently the reporter who was hacked originally thought he was bruteforced. His blog about the entire attack is here: Emptyage; Yes, I was hacked. Hard. and is a good deconstruction of the slow crawl back to secure.
I'll leave you, as per usual, with a lighter and funnier story from the weeks' news: US Pentagon tells Missile Defense Agency workers to quit surfing porn | Naked Security. Now, not to be sensational - only a half dozen of the Missile Defense Agency's 8000 employees have been found to have accessed inappropriate content, but porn site malware on a computer that sends missles into the atmosphere? That's a bit of a sensitive subject.
That's it for this week - feel free to drop me a line or comment below with your own favorite stories of the week, and I'll see you next Monday.