Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Discuss] Another tale of social engineering



Once again, humans are the weakest link, and keeping your stuff in the
cloud only increases your exposure to that.

Amazon Quietly Closes Security Hole After Journalist's Devastating Hack
http://www.wired.com/gadgetlab/2012/08/amazon-changes-policy-wont-add-new-credit-cards-to-accounts-over-the-phone/

  Amazon changed its customer privacy policies on Monday, closing
  security gaps that were exploited in the identity hacking of Wired
  reporter Mat Honan on Friday.
  [...]
  The security gap was used by hackers...to gain access to Honan's
  Amazon account on Friday. Once Phobia and another hacker gained access
  to Honan's Amazon account, they were able to view the last four digits
  of a credit card linked to the account.

  The hackers then used those four digits to trick Apple customer
  service into thinking it was dealing with Honan. Apple customer
  service then gave the hackers a temporary password into Honan's Apple
  ID, which the hackers used to wipe his iPhone, iPad and MacBook, and
  gain access to a number of email accounts as well as his Twitter
  account.


This Week in Tech (http://twit.tv/show/this-week-in-tech/365)
interviewed Mat Honan where he gave more details on the attack.

Here's one way to slightly boost your security: create a dedicated email
account for password recovery, and never use that address in public.

 -Tom

-- 
Tom Metro
Venture Logic, Newton, MA, USA
"Enterprise solutions through open source."
Professional Profile: http://tmetro.venturelogic.com/



BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org