Gadget Gestures

Lets Gesture about Gadgets

Thursday, January 28, 2021
Log in
  • News
  • Tablets
  • SmartPhones
  • Laptops
  • Cameras
  • Games
  • Apps/Softwares
  • iPad/iPhone
  • Latest News
    • Lenovo A10000, A30000 and A60000
    • TV Has Never Been this Smart – the New Motto of Samsung Smart TVs
    • Nokia Lumia 1020 on Sale at AT&T
    • How Can a Sniffer Help in Detecting Lost or Stolen Mobile Phones?
    • Amazon expected to launch FireTube TV box before Christmas
    • Nokia Lumia 521 Release Date,Features, Specs, Price- Will be Available through T- Mobile
    • New Mercedes-Maybach S600, Priced At 200,000 dollars
    • Intel unveils Jarvis, Edison and dual-OS processors
    • Blackberry Z10 Problems of over heating, Rebooting: Even New BB 10 OS is not Helping
    • Samsung Galaxy Note 2 Vs Samsung Galaxy Note 3 – Compare Possible Price, Design, Display, Features
    • Evernote Integration of New Google Drive Button
    • White Nexus 4 Release Date Subdue Possibilities of Verizon Nexus 4 LTE

$25K from Pornhub to Hackers

By Leave a Comment

"$25K from Pornhub to Hackers"

Pornhub to Hackers: Who’s in for $25K?

From Pornhub to hackers: “Who’s in for $25K?”

Tuesday, the popular pornography site Pornhub disclosed a hackers bounty program for site bug hacker hunting. Many jokes come to our mind, but the $25K figure is a money cold bucket of reality.

The site, owned by MindGeek, a Canadian private company, will pay ethical hackers dubbed white hat hackers to find vulnerabilities in their site and report the cracks to the administrators.

This program is being run on HackerOne, a start-up company capitalizing on bug bounty. The company began with Facebook and is now operating similar bug-finding programs for General Motors, Twitter, Dropbox, Yahoo, Uber and, you’ll never guess who else – yes, the United States Department of Defense.

Other security problem detection programs like HackerOne are gaining momentum because they can offer outside help for the internal teams working with code.

Synack and Bugcrowd are two of the companies running this type of programs. They work for sharks like Adobe, Snapchat or Square. Heavyweight tech companies like Microsoft and Google have also turned to bounty programs, but they have used their internal platforms for it.

Following the example of the “major tech players”, Corey Price, the vice president of Pornhub stated that they too want to tap into the existing hacking talent as a measure of precaution. This program would mean an addition to their development and security teams.

The bounty rewards range from $5 to $25.000. To receive the prize, hackers must report and detail the vulnerability with screenshots and code. This reporting should be, of course, disclosed only to the Pornhub admins.

More rules say hackers will not interrupt the porn service of the adult entertainment website, will not use automated tools, and the bug should be reported 24 hours after its discovery.

It would take the security team up to a month to reply and depending on the complexity of the bug, up to three months to fix it.

With 60 million – wait for it – daily visitors, Pornhub is the second most popular pornographic site in the world. Yes, almost 1% of the world is accessing this porn site alone, daily. No wonder they’re taking all the available help there is.

They’ve also been the target of someone’s malware before. An advertising malicious scheme attacked the site in November 2015. They recovered and learned from the mistake.

Now, who’s first to crack, not the porn site, but a joke on this $25K from Pornhub to hackers news?

Image source: Wikimedia 

Filed Under: News Tagged With: $25K bounty hacker reward, $25K from Pornhub to Hackers, HackerOne, Hackers, hacking, MindGeek, pornhub reward, security breach, website security breach, website vulnerability, white hat hacking

Russian Hackers Stole more than a Billion Passwords

By Leave a Comment

You were afraid that your password is not strong enough? Fear no more, because it actually might not matter that much. You might have heard about many passwords and email lists being leaked or hacked, but this is the largest action of a kind ever recorded. New York Times reports about a Russian gang who amassed the largest collection of stolen credentials. The Russian hackers stole 1.2 billion usernames and passwords and more than 500 million emails.

Recently Google announced a grandiose project, Project Zero, meant to ensure security over the internet, with the hope that increased trust will attract more internet users. Maybe that will stop this type of large scale hacking.

The Milwaukee-based company Hold Security discovered the fact. They say that more than 420.000 websites are victims of the large scale action. No names have been disclosed yet, but we can imagine that some of the largest and used websites are among them. Hold Security seems to be a reliable source, according to the New York Times, as they uncovered similar actions in the past.

“Hackers did not just target U.S. companies, they targeted any website they could get, ranging from Fortune 500 companies to very small websites,” said Alex Holden, the founder and chief information security officer of Hold Security for the New York Times. “And most of these sites are still vulnerable.”

Russian hackers stole a billion password combinations to use it for social network spamming

Until now, the hackers did not offer databases for sale. Instead, they use the stolen information for spamming. Social networks like Twitter are among the victims, with the hackers spamming users while receiving payments for their actions from clients.

Russian hackers stole 1.2 billion passwords and usernames

“There is a division of labor within the gang,” Mr. Holden said. “Some are writing the programming, some are stealing the data. It’s like you would imagine a small company; everyone is trying to make a living.”

Hold Security has contacts with the hacker world that allow them to trace the activities. They know that this is the action of a Russian gang based in a small city from south central Russia. No more than a dozen men activate compose the gang and they know each other outside of the virtual world as well. Starting as amateurs in 2011, they speeded up their activity in the recent months, possibly after a partnership with another gang. Even if the Russian hackers stole the credentials for spamming, they might use it for other purposes besides spamming.

Filed Under: News Tagged With: hacking, internet, security

Android Hackers Attacked more than 30 Financial Institutions

By 2 Comments

The newest cyber attack is named after the Swiss cheese Emmental, because this is what the Android security system looks right now. Android hackers attacked the bank accounts of smartphone users in six countries by convincing them to install a rogue program on their devices. The emails they thought were sent by major retailers contained a malicious attachment. As in any other classical attack of the kind, if the users downloaded the attachment, a malicious software installed on their smartphones.

Google just launched a new security project called Project Zero. The company aims to fight cybercrime all over the internet, because a safe environment will render more clients for the pervasive Google services.

Trend Micro Inc. explains how the Android hackers attacked the banking system

The fraud was discovered by Trend Micro Inc., a security company. Tom Kellermann, Trend Micro Chief Cyber security Officer, stated the damages rise to a couple million dollars, as banks in Austria, Sweden, Switzerland and Japan suffered from the criminal attack. Allegedly, the authors of the attack are based in Romania and Russia, Reuters reports. Russian slang was found in the app code and some logs indicate Romanian origin. There are not enough hints to identify the original location of the attack.

Android hackers attacked the banking system.

Unfortunately, it is a sign that financial institutions must quickly adapt the login procedures to the mobile apps. Most financial institutions rely on a two stage authentication protocol. Due to the nature of the operation, banks ask for more than one password if you plan to perform mobile online transactions. The first password is the one you already chose, while the second is sent to your mobile device as a text message. The program unwarily installed by fraud victims managed to have access to their bank accounts by redirecting users to fake web pages.

Users thought they are opening emails from well-known retailers.  The emails contained an attachment which seemed to be a receipt. Another step of the attack is the luring of users to download a security oriented app from Google Play Store. Through the respective app, hackers manage to get full control of the bank accounts.

After seeing how the Android hackers attacked the banking system, Trend Micro thinks it is time for a new approach in online banking security. One alternative would be a photo recognition system. A physical card reader is another option suggested by the online security company, but that does not seem feasible in a time when smartphone users want to use only one device. As in every similar attack, users must pay particular attention when they access web pages and download attachments.

 

Filed Under: SmartPhones Tagged With: Android, Android Security, cyber crime, hacking, phishing

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 5 other subscribers

Recent Articles

GitHub stickers displaying a cat-octopus with a human face

Microsoft Acquires GitHub for $7.5 Billion’s Worth of Shares

By Leave a Comment

Teenage girl browsing her smartphone while sitting at the table

Facebook Is No Longer the Top Social Media Platform Among Teenagers

By Leave a Comment

Fake news headline on a laptop screen

Facebook Is Taking Its Fight Against Misinformation to a Whole New Level

By Leave a Comment

Unsolved Rubik cube on a black background

An Australian Professional Speedcuber Broke His Own Record at Solving a Rubik Cube

By Leave a Comment

Cambridge Analytica logo on a computer screen

Soon After the Facebook Scandal, Cambridge Analytica Is Going Bankrupt

By Leave a Comment

Windows restore disk placed in a paper envelope for CDs

Renowned E-Waste Recycler Goes to Jail for Distributing Free Windows Restore Disks

By Leave a Comment

nasa globe and emblem outside a building

NASA Announces its Investments in Future Tech Concepts Such as Biobots and Shapeshifters

By Leave a Comment

YouTube app opened in browser with the logo on top of it

YouTube Increases the Number of Ads to Trick Users into Subscribing to Its Paid Streaming Platform

By Leave a Comment

Facebook dislike button

Facebook Stock Falling for Second Straight Day amid Data Scandal

By Leave a Comment

Permanently Delete Facebook

WhatsApp Founder to Facebook Users: ‘Delete Facebook’

By Leave a Comment

Uber driverless car

Uber Driverless Car Kills Woman in Arizona

By Leave a Comment

Windows 10 Update reaches 35%

Microsoft: Windows 10 Updates To Take No Longer than 30 Min

By Leave a Comment

The Apple Watch

Apple Watch User Awakened by 3 Cops In His Bedroom after Accidental Call

By Leave a Comment

Pokemon Go Character

Pokemon Go Player Attacks Other Player IRL for Losing Gym

By Leave a Comment

Pages

  • About Us
  • Contact Us
  • Privacy Policy GDPR
  • Team

Recent Posts

  • Samsung Tablet 10.1 Review: Perfect for Your Entertainment Needs
  • Take Better Pictures Today With These 9 Helpful IPhone Camera Settings
  • The 6 Best Gaming Desks to Give You a Great View
  • How Much RAM Do I Need for Gaming? Here’s the Sweet Spot for Optimal Performance
  • Lenovo Ideapad Yoga 11s Review: A Teaser
  • Basic Computer Skills – 6 Tips You Need to Know!
  • Why is my Laptop Fan so Loud? Six Possible Reasons for the Noisy Nuisance

Copyright © 2021 GadgetGestures.com

About · Privacy Policy · Terms of Use · Contact

This website uses cookies to ensure you get the best experience on our website. Learn more.