We End Violence LLC is notifying an unspecified number of students that their personal information may be in the hands of hackers after the Agent of Change web site was accessed by unauthorized individual(s). The compromised personal information includes gender identity, ethnicity, relationship status, sexual identity, and other personally identifiable information. Here is their notice:…
Credentials stored in Ashley Madison’s source code might have helped attackers
Lucian Constantin reports that ongoing examination of the AshleyMadison source code data dump contains evidence that ALM was er…. sloppy: … A London-based security consultant named Gabor Szathmari has now found evidence that ALM’s developers were careless with sensitive credentials, which might have helped attackers once they gained a foothold on the company’s network. In the…
Article: The Good Hacker: A Look at the Role of Hacktivism in Democracy
Ben Monarch, a University of Kentucky College of Law student, has an article that he has uploaded to SSRN that calls for amendments to the Computer Fraud and Abuse Act (CFAA) to recognize hacktivism as a defense. Monarch argues that the U.S. “application of the CFAA and (attempted) simultaneous adherence to Article 19 of the International Covenant on…
Stats: 1,223 arrested for cyber crimes in Uttar Pradesh in 2014
Kapil Dixit of the Times of India reports some statistics for last year for Uttar Pradesh, a state in India that according to Wikipedia, had a population of 204.2 million in 2011: As many as 94 computer professionals and hackers were arrested in UP on charges of cyber fraud in 2014. In all, 1,223 people…
Smart wearables for kids in China found to have security flaws
Chuang Shu-chung reports: … One Chinese “white hat” hacker group, wooyun.org, found 13 models of Chinese-made smartwatches with defects in their information security management systems. The group said hackers could easily break into the smartwatch’s system and steal the wearer’s personal information and tracking history. In other words, the watch could have precisely the opposite…
Ashley Madison users sue Amazon Web Services, GoDaddy, and web site operators
Three John Doe plaintiffs who were paying customers of AshleyMadison.com have sued Amazon Web Services, GoDaddy, and unnamed John Roe web site owners/operators who created sites allowing people to search for individuals who might be in the database. In a complaint filed in Arizona federal court, the plaintiffs – one from California, one from New Jersey,…