Connect with us

Featured

Macy’s, Disney+, get hacked – and teach us a few lessons

Published

on

Two major companies were hit by cybercrime this week: Macy’s suffered a data breach, exposing customer credit cards, and Disney+ customers were victims of “credential stuffing,” a technique attackers use to steal passwords to gain access to accounts. 

Disney denied that a breach had occurred. However, John Shier, senior security advisor at Sophos, pointed out that DIsney itself didn’t need to be hacked for customers to have their accounts accessed by criminals, as the company had not set up adequate safeguards.

“Many Disney+ users are reporting that they have been locked out of their accounts,” he said. “Disney+ has responded by saying they have no evidence of a breach. Our experience suggests that this is likely the result of a credential stuffing attack, a phishing campaign against Disney+ users or the result of credential stealing malware on users’ devices.

“Credential stuffing is when cybercriminals use leaked credentials from one website – which could already be for sale on the dark web – and try those same credentials on other online services. This breach is a prime example of the importance of having unique passwords across all of your online services. As we’ve seen time and time again, cybercriminals are just as lazy as the rest of us. If they can get away with using a person’s previously compromised passwords across different services, that will be their default.”

Shier said excitement had been building for Disney+ and, while it’s in limited release, people will seek out alternative means to use the platform, even if that includes using someone else’s password. 

“It also means that cybercriminals would likely take this opportunity to send out Disney+ phishing campaigns to net as many victims as possible and cash in on the hype. Opportunistic cybercriminals deploying credential stealing malware may be identifying Disney+ accounts in their collected data and offering them for sale separately because of the buzz associated with this new platform.

“Unfortunately, the Disney+ platform does not appear to offer any kind of multi-factor authentication which would thwart these kinds of attacks against online services.”

He said that, whatever the root cause, users of online services should incorporate these everyday cybersecurity practices into their online behaviour:

  • Don’t reuse passwords, as old breaches can come back to haunt you when cybercriminals use passwords from past breaches
  • Provide as little personally identifiable information online as possible
  • All services, such as Disney+, should offer multi-factor authentication to ensure that passwords are protected and not the only means of defense

“Macy’s is a very different example of a breach, but it has similarly failed to properly respond to being compromised and it hasn’t held itself fully accountable. The breach may have only affected a small number of customers, but that’s a cold comfort for the customers whose identity details were compromised.”

Featured

Alexa can now read all messages

For the first time, an Alexa skill is available that makes it possible to listen to any kind of message while driving

Published

on

For the first time, Alexa users can now hear all their messages and email read aloud.

Amazon’s Alexa has become a household name. The world’s most popular virtual assistant is getting smarter every day and now, with Amazon Echo Auto, it’s in cars too. 

“In today’s highly connected world, messaging in the form of emails, texts, Facebook Messenger, WhatsApp and work channels like Slack, are integral to our daily routine,” says Barrie Arnold, chief revenue officer at ping. “However, distracted driving is responsible for more than 25% of car crashes and thousands of preventable fatalities every year.” 

ping, a specialist in voice technology founded by Arnold and South African Garin Toren, has developed a new Alexa skill as a companion to its patented smartphone app, that enables any message type to be read aloud. Designed for safety, productivity and convenience, “pingloud” is the first skill of its kind for keeping users connected when they need a hand or an extra pair of eyes.

“The ping Alexa skill is specifically designed to help drivers stay off their phones while giving them exactly what they want – access to their messages.” says Toren, ping CEO. 

Opening up Alexa to developers has resulted in an explosion of new skills available either for free or for a fee that unlocks premium services or features. These tools magnify the usefulness of Alexa devices beyond common tasks like asking for the weather, playing music or requesting help on a homework assignment. According to App Annie, the most downloaded apps in 2019 were Facebook Messenger, Facebook’s main app and WhatsApp, highlighting the importance of messaging. 

“The ping Android app is available worldwide from the Google Pay Store, reading all messages out loud in 30 languages,” says Toren. “The iOS version is in global beta testing with the US launch coming very soon.” 

Once you’ve signed up for ping, it takes a few seconds to link with Alexa, enabling all messages and emails to be read aloud by a smart speaker or Echo Auto device. Simply say, “Hey Alexa, open pingloud.” ping links an account to a voice profile so unauthorised users with access to the same Alexa cannot ask for the authorised user’s messages.

All major message types are supported, including Texts/SMS, WhatsApp, Facebook Messenger, WeChat, Snapchat, Slack, Telegram, Twitter DM’s, Instagram, and all email types. Promotional and social emails are not read by default.

*For more information, visit www.pingloud.com

Continue Reading

Featured

Coronavirus to hit 5G

Published

on

Global 5G smartphone shipments are expected to reach 199 million units in 2020, after disruption caused by the coronavirus scare put a cap on sales forecasts, according to the latest research from Strategy Analytics.

Ken Hyers, Director at Strategy Analytics, said, “Global 5G smartphone shipments will grow more than tenfold from 19 million units in 2019 to 199 million in 2020. The 5G segment will be the fastest-growing part of the worldwide smartphone industry this year. Consumers want faster 5G smartphones to surf richer content, such as video or games. We forecast 5G penetration to rise from 1 percent of all smartphones shipped globally in 2019 to 15 percent of total in 2020.”

Ville-Petteri Ukonaho, Associate Director at Strategy Analytics, added, “China, United States, South Korea, Japan and Germany are by far the largest 5G smartphone markets this year. The big-five countries together will make up 9 in 10 of all 5G smartphones sold worldwide in 2020. However, other important regions, like India and Indonesia, are lagging way behind and will not be offering mass-market 5G for at least another year or two.”

Neil Mawston, Executive Director at Strategy Analytics, added, “The global 5G smartphone industry is growing quickly, but the ongoing coronavirus scare and subsequent economic slowdown will put a cap on overall 5G demand this year. The COVID-19 outbreak is currently restricting smartphone production in Asia, disrupting supply chains, and deterring consumers from visiting retail stores to buy new 5G devices in some parts of China. The first half of 2020 will be much weaker than expected for the 5G industry, but we expect a strong bounce-back in the second half of the year if the coronavirus spread is brought under control.”

Exhibit 1: Global 5G Smartphone Shipments Forecast in 2020 1

Global Smartphone Shipments (Millions of Units)20192020
5G19199
Rest of Market13941165
Total14131364
 
Global Smartphone Shipments (% of Total)20192020
5G1%15%
Rest of Market99%85%
Total100%100%

Source: Strategy Analytics

The full report, Global Handset Sales for 88 Countries & 19 Technologies, is published by the Strategy Analytics Emerging Device Technologies (EDT) service, details of which can be found here: https://tinyurl.com/wep83gc.

Continue Reading

Trending

Copyright © 2020 World Wide Worx