February 7th, 2012

Thousands Of Webcams Made Publicly Accessible By Software Bug

TV-IP110_d2_2

26 models of Trendnet webcams have been identified as vulnerable to a bug that lets anyone tap into the video stream with just an IP address. The flaw was noted a month ago and the company has been working to alert people and patch the devices. Unfortunately, the company has no way of contacting non-registered webcam owners, and so the devices may remain accessible if the users never suspect anything.

It’s a bit scary, but certainly not unprecedented. Although it’s not quite the same thing, two years ago a school was accused of spying on its students via the webcams in school-owned laptops (the district later settled). This time, it’s hackers who found their way in, and randoms on the internet who spent long hours watching the feeds. → Read More

February 6th, 2012

Brinno Peephole Viewer Is A Viewer For Peepholes

411I22J8w6L

My Dad, bless his heart, spends all day on the Internet and, like a reverse Cat’s In The Cradle, my dad is just like me in that he loves to find wild junk that he thinks is interesting. To wit: he just found the Brinno Peephole Viewer, an electronic system for looking through a peephole.

To be fair, this is definitely something people need. My parents are getting up in years so they’re getting both blind and paranoid, so anything to assuage those two situations is a plus. This thing attaches to your normal peephole and then displays the scene behind the peephole on an LCD screen. It runs on two AA batteries and costs about $90. → Read More

January 25th, 2012

EU’s Proposed Data Laws Can Only Produce One Thing: Outsourcing User Data

OnesAndZeros

In 2011, Sony had several major security breaches: Sony Online Entertainment, Sony Pictures, and Playstation Network all were attacked and private data was successfully stolen. Their handling of the attacks, particularly the larger PSN one, was widely criticized.

Many users are either unaware or acutely aware of how many sites and services have financially or personally sensitive information on record. Events like the Sony hacks do not reassure them, and actions like Google’s yesterday (though arguably innocuous) may alarm them. Users want more control and more security.

And the EU is looking to give it to them. But with the threat of enormous fines, many companies will find that the most logical thing to do is move away from the entire business of storing and serving user identities. → Read More

January 10th, 2012

Why Cool Startups Are Losers In China

Chinese demographics

Here’s Hongyi Zhou’s advice to Chinese entrepreneurs: “Don’t try to be cool.” Zhou is CEO of Qihoo 360 (NYSE: QIHU), whose company’s core is the definition of uncool: anti-virus software. Yet Qihoo has 370 million monthly active users and a very cool $1.9 billion dollar valuation.

If you want to build a big company in China, don’t build for your iPhone-toting friends, the Chinese tech blogs, or copy the latest fad on TechCrunch. Chinese entrepreneurs must appreciate the vast chasm between white-collar elites and the rest of the country. The Silicon Valley has an echo chamber of its own, but China’s is an order of magnitude louder. → Read More

January 5th, 2012

Why Aren’t Chromebooks Saving Password Changes?

chromebooks

There’s something weird going on with Chromebooks – the Google-branded laptop computers powered by the company’s web-based operating system Chrome OS. They’re not saving the password changes you make to your Google account. Basically, if you change your password, shut down your machine, then reboot, the Chromebook will ask you for your old password instead of the new one.

The problem has to do with Google’s sessions being persistent (that is, they don’t log you out), and leads to a relatively minor security threat. Meaning, if someone was to take advantage of this threat, they would need physical access to your Chromebook. In the grand scheme of things, that puts this threat on the low-end of the risk spectrum. However, because Chromebooks are pitched as low-cost, secure, easy-to-use alternatives to traditional laptops for businesses and educational institutions, it’s important to highlight issues such as this to make the community aware.

Also, I just think it’s annoying. → Read More

December 15th, 2011

About Damn Time: Microsoft Will Silently Upgrade Everyone To Latest Version Of IE

ML_LogoUpdate_IE9Detail

On the surface, the announcement sounds boring: Microsoft said this morning that it will begin automatically upgrading Windows customers to the latest version of Internet Explorer starting next year. But in reality, this was one of the most important things Microsoft could have done for the web, web security and the safety of all those who go online.

Nice move, Microsoft. It’s about time. → Read More

December 8th, 2011

Up Close With A 3D-Printed Card Skimmer

krebsonsecurity

I’ve recently fallen into the habit of pulling and tugging at ATM slots before I slide my card through because I fear that someone nefarious has stuck one of these 3D-printed card skimmers over the opening. This skimmer, found in California, was 3D-printed to resemble the real Chase ATM slot almost perfectly.

Wildly enough, there’s a pinhole camera connected to a full PCB hidden under the plate and the ports designed to assist the visually impaired seem to be unimpeded, which means nothing would seem amiss even as this thing grabbed your card account number, PIN, and, presumably, the security code on the back of your card in some cases. The fact that this barnacle of electronics is attached, parasitically, to one of the most secure and human-proof devices in existence is an amazing feat. → Read More

December 5th, 2011

Secure.me Launches Social Privacy Monitoring Tool For The World After Gaining A Foothold In Germany

Screen Shot 2011-12-05 at 2.51.13 PM

More and more of us are getting comfortable sharing our real-world identities online, but the tools for helping us maintain our online privacy and security are still catching up to our behavior. Witness the porn-and-violence spam links attack that caused many users to accidentally share and see nasty images in their news feeds.

German company Secure.me has a solution, that it has recently launched to the world: an online service that analyzes your Facebook profile for any data that’s putting your privacy at risk.
→ Read More

December 5th, 2011

DARPA Contest Winners Prove Shredders Aren’t Quite As Safe As You Think

Solved_v4

DARPA’s Shredder Challenge, a contest to reconstruct documents from a slurry of shredded paper, has been solved, suggesting that my grandmother may be barking up the wrong tree when she shreds the Campmor catalog. Three scientists with experience in computer vision and mobile technology, Otavio Good, Luke Alonso, and Keith Walker, scanned each chunk for unique characteristics that allowed them to reconstruct the documents automatically on screen. They then put the pages back together by hand.

Their team won a $50,000 prize. → Read More

puzzle1_(1 of 1)_400dpi
December 2nd, 2011

“AllYourShredsAreBelongtoU.S.”Wins$50,000DARPAShredderChallenge

A San Francisco-based team has just won the DARPA Shredder Challenge. DARPA, the government agency whose work led to the creation of the Internet, challenged the public to reconstruct five shredded documents. The winning team, called “All Your Shreds Are Belong to U.S.” completed the task in 33 days, spending nearly 600 man-hours building algorithms and piecing together more than 10,000 shreds.

9,000 teams registered to compete. The winning teams gets a $50,000 prize paid for by the U.S. Treasury. → Read More

November 29th, 2011

Carrier IQ Video Shows Alarming Capabilities Of Mobile Tracking Software

ciq

You may be aware of the growing controversy surrounding Carrier IQ, a piece of software found pre-installed on Sprint phones that, according to developers who have investigated, is capable of detecting, recording, and transmitting various user actions and inputs. Among the data CIQ potentially has access to are location, SMS, apps, and key presses.

News of the software has been percolating for months on development forums, but when Trevor Eckhart recently summarized his findings, he found himself facing a cease and desist while Sprint vigorously denied the charges, saying “We do not and cannot look at the contents of messages, photos, videos, etc., using this tool.”

The C&D was quickly retracted, but Eckhart has now released a video that seems to give the lie to both Sprint and Carrier IQ’s assurances. → Read More

November 10th, 2011

PSA: Steam Hacked, User Info May Be Stolen, But Personal Data Safe

Steam-Logo

Valve CEO Gabe Newell has contacted all users of the Steam game distribution platform to let them know that the company has suffered a security breach. The hack was originally thought to be limited to the official Steam forums, but further investigation has revealed that the hackers had access to a database containing “user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information.” → Read More

November 1st, 2011

Researchers Flood Facebook With Bots, Collect 250GB Of User Data

botherder

In an experiment that reveals as much about the people on Facebook as it does about Facebook itself, researchers from the Unversity of British Columbia Vancouver infiltrated the social network with bots and made off with information from thousands of users.

Around 250GB of data was stolen during the study, including personal and marketable information, and around three thousand users were targeted. Only one in five of the profiles were flagged by the Facebook Immune System, which clearly needs a boost. → Read More

October 28th, 2011

Facebook Sees 600,000 Compromised Logins Per Day

facebook

New figures from Facebook reveal how often the social networking site’s users are hacked. In the blog post announcing the forthcoming “Trusted Friends” feature, Facebook also an included infographic detailing Facebook’s security measures. One figure in particular jumped out at security researchers: every day, “only .06%” of Facebook’s 1 billion logins are compromised. Or, to put it another way, 600,000 logins per day are compromised.
→ Read More

October 27th, 2011

Locked Out Of Facebook? Your Friends Will Soon Be Able To Help You Get Back In

facebook-security

Facebook says it will soon allow you to get help from your friends when you get locked out of your Facebook account. According to a post on Facebook’s official Security page, you’ll be able to designate three to five friends as “Trusted Friends” who will be sent special codes in the event that you’re locked out of your Facebook account and unable to access your email.

It will also be introducing something called “App Passwords” to bring increased security to Facebook-enabled applications.
→ Read More

October 19th, 2011

The Facebook Hack That Wasn’t? Facebook Says The 10,000 Hacked Accounts Aren’t Ours

facebook

A hacking group calling themselves “Team Swastika” posted what they claimed was over 10,000 comprised Facebook accounts to Pastebin, a service that serves as an online clipboard. However, according to statements from Facebook PR, these email and password combinations don’t actually represent live Facebook accounts. Instead, it appears that the hackers obtained the accounts using common phishing techniques, where users were tricked into giving away their personal information. → Read More

October 3rd, 2011

Facebook Partners With Websense To Protect Users From Malicious Sites And Malware

facebook

Facebook is announcing a partnership with security firm Websense today, in order to protect its users from dangerous links that lead to malicious websites and malware sites. Going forward, when a Facebook user clicks on a link, the new system will first check the link against Websense’s system to determine whether or not it’s safe. If it’s not, a message is displayed warning the user that the link is potentially harmful and suggests you return to the previous page. → Read More

September 30th, 2011

Microsoft “Accidentally” Tags Chrome As Malware

fmatter3

Oh, Microsoft! You are so cunning. With IE market share plummeting and many users opting for “alternative” web browsers like Firefox and Chrome, your base of power is crumbling. We thought you would succumb to melancholy and accept your fate. But you had a plan all along. Clever girl.

Yes, Microsoft has found a way to stanch the hemorrhaging of its users to other browsers: label them as malware in the built-in Security Essentials suite! → Read More

September 30th, 2011

Wi-Fi Hotspot App Connectify Gets New Funding From IQT – The Firm That Finds New Tech For CIA

Connectify_logo

Remember Connectify? The downloadable software that turns PCs into Wi-Fi hotspots in just a few minutes? It looks like the company now has a new investor: In-Q-Tel (IQT), which just so happens to be the strategic investment firm that seeks out new technologies for the U.S. Intelligence Community, including the CIA.
→ Read More

September 1st, 2011

Bitdefender Launches Anti-Malware Protection For Twitter

bitdefender-bird

“Did you see this photo of you?” “Look on your face in this pix is priceless!” “LMAO this video of you is funny!” 

If you’re a regular Twitter user, you’ve probably see tweets like those come through as @replies or direct messages at some point. And you probably know not to click on the accompanying link. After all, there is no picture of you behind it, only a malicious web page set up by a criminal that wants to scam you, spam you or worse – infect your computer with malware.

But now there’s a tool that gives you added protection against these sorts of threats. Bitdefender’s new Safego protection for Twitter scans your profile for spam, phishing attempts and malware, and automatically notifies you when threats are detected. → Read More

Events

Crunchies Awards
January 31, 2012
Davies Symphony Hall
San Francisco CA
Learn MoreBuy Tickets

Real-Time
Crunchbase

GCI Com — Received £10M in Unattributed funding from Business Growth Fund
2.9.2012
GCI Com — Company added to CrunchBase
2.10.2012
Business Growth Fund — Invested in GCI Com.
2.9.2012
2.9.2012
Jive Software — Went public with stock symbol NASDAQ:JIVE.
2.3.2012
2.9.2012
LetsBuy.com — Acquired by Flipkart.
2.9.2012
Cocoafish — Acquired by Appcelerator.
2.9.2012
Taleo — Acquired by Oracle Corporation for $1.9B.
2.9.2012
Netvibes — Acquired by Dassault Systemes.
2.9.2012
GCI Com — Received £10M in Unattributed funding from Business Growth Fund
2.9.2012
Stripe — Received $18M in Unattributed funding from Sequoia Capital
2.9.2012
BoardProspects — Received $650k in Seed funding from Mike Verrochi
2.9.2012
Altheos — Received $12.5M in Series A funding from Bay City Capital, Novo A/S, and Canaan Partners
2.9.2012
Airstrip Technologies — Received Unattributed funding from Qualcomm
2.9.2012
Business Growth Fund — Invested in GCI Com.
2.9.2012
Sequoia Capital — Invested in Stripe.
2.9.2012
Mike Verrochi — Invested in BoardProspects.
2.9.2012
Novo A/S — Invested in Altheos.
2.9.2012
Bay City Capital — Invested in Altheos.
2.9.2012
Jive Software — Went public with stock symbol NASDAQ:JIVE.
2.3.2012
GCI Com — Company added to CrunchBase
2.10.2012
Lam Research — Company added to CrunchBase
2.10.2012
PointBridge Solutions — Company added to CrunchBase
2.10.2012
BoardProspects — Company added to CrunchBase
2.10.2012
ICT Asset Recovery — Company added to CrunchBase
2.9.2012
Architect — Product added to CrunchBase
2.8.2012
Proctor101 online proctoring — Product added to CrunchBase
2.8.2012
OLP Online proctoring services — Product added to CrunchBase
2.8.2012
Test development — Product added to CrunchBase
2.8.2012
Webassessor Test delivery — Product added to CrunchBase
2.8.2012
CrunchBase