Former Employees Confirm that Lyft Staffers Spied on Passengers

Share this

Just like Uber’s  scandal, Lyft staffers have been abusing customer insight software to view the personal contact info and ride history of the startup’s passengers. One source that formerly worked with Lyft says that widespread access to the company’s back end let staffers “see pretty much everything including feedback, and yes, pick up and drop off coordinates.” When asked if staffers, ranging from core team members to customer service reps, abused this privilege, the source said “Hell yes. I definitely looked at my friends’ rider history and looked at what…

Share this
Read More

Hackers can see your Tinder photos and figure out your matches

Share this

Tinder isn’t using encryption to keep your photos safe from strangers who are sharing the same coffee shop Wi-Fi as you, security researchers have found out. Researchers from the Tel Aviv-based firm Checkmarx found that Tinder’s iOS and Android mobile apps still lack basic HTTPS encryption, meaning that anyone sharing the same Wi-Fi as you can see your Tinder photos or add their own into the photostream. The firm built a proof-of-concept app called TinderDrift, demoed on YouTube, that can reconstruct a user’s session on Tinder if that person is…

Share this
Read More

Intel tells users to stop installing chip patches

Share this

Software patches issued to fix serious security flaws on Intel chips should no longer be applied, the company has said. The patches tried to tackle flaws called Meltdown and Spectre that, if exploited, could expose important data. Many reported that their machines slowed down or stopped working when they applied Intel’s updates. Intel said it now knew what caused these problems and was developing fresh patches that would work better. In a statement, Intel spokesman Navin Shenoy said it had been investigating why the earlier patches caused “higher-than-expected reboots and…

Share this
Read More

Hackers breach National Bank systems making off with Ksh 29m

Share this

Hackers have breached the National Bank of Kenya systems making away with Ksh 29 million. Confirming the incident through a statement on their twitter handle, @National_Bank,  National Bank confirmed the incident stating that indeed there was an attempt fraud in normal course of business on 17th January but the bank’s monitoring and security resources frustrated the attempt “The amount of attempted fraud is about Ksh 29 million and we are confident we will recover most of that money,” read the statement. The bank also confirmed that security are in pursuit…

Share this
Read More

Data-stealing spyware traced to Lebanon

Share this

A security bug that has infected thousands of smartphones has been uncovered by campaign group the Electronic Frontier Foundation (EFF). Working with mobile security firm Lookout, researchers discovered that malware in fake messaging designed to look like WhatsApp and Signal had stolen gigabytes of data. Targets included military personnel, activists, journalists and lawyers. Researchers say they traced the malware to a Lebanese government building. The threat, dubbed Dark Caracal by the researchers, looks as if it could come from a nation state and appears to use shared infrastructure linked to…

Share this
Read More

New Intel security flaw allows remote access to corporate laptops by hackers

Share this

Remember the latest “Spectre” and “Meltdown” vulnerabilities recently found in the micro-chips that are used in almost all computers, tablets and smartphones today? A new security flaw has been found in Intel hardware by Finish company F-Secure. The new vulnerability could enable hackers to access corporate laptops remotely. F-Secure said in a statement that the flaw was an issue within Intel Active Management Technology (AMT), “which is commonly found in most corporate laptops, (and) allows an attacker to take complete control over a user’s device in a matter of seconds,”…

Share this
Read More

Rush to fix serious computer chips flaws

Share this

Tech firms are working to fix two major bugs in computer chips that could allow hackers to steal sensitive data. Google researchers said one of the “serious security flaws”, dubbed “Spectre”, was found in chips made by Intel, AMD and ARM. The other, known as “Meltdown” affects Intel-made chips alone.The industry has been aware of the problem for months and hoped to solve it before details were made public. The UK’s National Cyber Security Centre (NCSC) said there was no evidence that the vulnerability had been exploited. According to the…

Share this
Read More

Germany starts enforcing hate speech law

Share this

Germany is set to start enforcing a law that demands social media sites move quickly to remove hate speech, fake news and illegal material. Sites that do not remove “obviously illegal” posts could face fines of up to 50m euro (£44.3m). The law gives the networks 24 hours to act after they have been told about law-breaking material. Social networks and media sites with more than two million members will fall under the law’s provisions. Facebook, Twitter and YouTube will be the law’s main focus but it is also likely…

Share this
Read More

Hundreds of HP laptop models found to have hidden keylogging software

Share this

A security researcher has revealed that some HP laptops have hidden software which can log everything typed on its keypads. More than 460 models have been affected, dating back to 2012, according to the list released by the Company. The discovery was made by researcher Michael Myng who found the keylogging code in the pre-installed Synaptics Touchpad software on these laptops.Keyloggers record every key that is pressed on a keyboard. This means the laptop users are at risk of having their passwords, bank details, private communications and search history recorded…

Share this
Read More

German spy agency warns of Chinese LinkedIn espionage

Share this

China is using fake LinkedIn profiles to gather information on German officials and politicians, the German intelligence agency (BfV) has said. The agency alleges that Chinese intelligence used the networking site to target at least 10,000 Germans, possibly to recruit them as informants. It released a number of fake profiles allegedly used for this purpose. BfV head Hans-Georg Maassen said the accounts show China’s efforts to subvert top-level German politics. “This is a broad-based attempt to infiltrate in particular parliaments, ministries and government agencies,” he said. China has denied similar…

Share this
Read More