Welcome to our latest round-up of news from the technology and hosting world. Here’s what we’ve discovered this week.
Why you should always delete your ex
A disgruntled former director of a property management firm in York has been prosecuted for deleting files from the server of a new company, formed out of the remnants of the one she left.
58-year-old Danielle Bulley retained access to the files even after she left the original firm and, once the new company was formed, she took revenge by deleting thousands of its files. The files contained critical business information and the new company was unable to recover from the data loss.
North Yorkshire Police’s Cyber Crime Unit issued a statement reminding businesses that former employees, familiar with the firm’s IT systems, can pose a serious security risk. They advise businesses to put policies in place which ensure the user accounts of ex-staff are deleted and that other internal passwords are changed when an employee leaves.
US boys in blue get red-faced by hacking
Activist group, DDoSecrets, has publicly released over 250GB of files from a wide range of US law enforcement agencies. In what is a major embarrassment, the files have been made available on the activists’ website for anyone to download. According to an announcement from DDoSecrets on Twitter, the haul includes several decade’s worth of data taken from FBI divisions, intelligence centres, analysis centres and over 200 police departments.
Analysis of the files shows they go back as far as 1996 and contain FBI reports, internal documents and personal data, including names, email addresses, phone numbers, bank account numbers, financial data and photographs of suspects.
DDoSecrets only makes the data available online, the identity of the actual hackers remains a mystery; however, it goes to show how even those IT systems regarded as being watertight are not impervious to attack.
Spot for sale
In recent issues, we’ve been following the adventures of a dog-like robot developed by US company, Boston Dynamics, as it enforced social distancing in Singapore and herded sheep in New Zealand. Now officially given the name Spot, the robot has finally been made available for sale with a price tag of £67,000.
Designed to increase human safety and carry out tasks where traditional automation has failed; the robot’s sophisticated software and design enable it to carry out tasks that are both difficult and hazardous.
During trials, it has shown itself capable of automating image capture and data collection on construction sites, detecting dangerous anomalies in energy production facilities and navigating underground terrain, an award-winning job it did for NASA’s Jet Propulsion Lab. With the potential to clear minefields, patrol inside nuclear power stations and wander the deserts of Mars, this is a robot with real potential.
Spy extensions take the shine off Chrome
Cybercriminals have been creating fake Chrome extensions to spy on users, according to researchers at Awake Security. Over 70 different malicious extensions were found in the Chrome web store, most of them claiming to be either file conversion apps or security add-ons warning users over suspect websites.
Instead of carrying out the tasks they claimed, the free to use extensions collected browsing histories and other data in order to obtain login details to business systems. With an estimated 32 million downloads, it is believed to be the largest malware campaign yet to target the Chrome store. The suspect extensions have now been removed from the store; however, you should check the extensions you have installed as some might be labelled as having violated Google’s policies and will need deleting.
Headhunted? No, spear-phished!
The latest phishing technique to do the rounds has been making use of LinkedIn, with attackers posing as recruitment executives headhunting high flying, talented individuals.
During the process, the hacker would send a job seeker details of the post being offered and this would include a password protected PDF that supposedly contained lucrative salary information. In reality, the file was embedded with malware and, once opened, it downloaded further scripts which then began stealing the data on the user’s device.
Those targeted were employees of companies who were likely to have access to valuable technical and business-related information. The hackers, meanwhile, pretended to be HR representatives of larger, better-paying organisations.
LinkedIn has responded by saying that it removes all fake accounts and that its threat intelligence team uses automated technologies, trained reviewers and member reporting to help it detect fake accounts.
Visit our website for more news, blog posts, knowledge base articles and information on our wide range of hosting services.