Hacked

Did you download a Linux Mint ISO yesterday?

Mike Hudson

Linux Mint have openly admitted that their WordPress installation was compromised yesterday (20th February 2016) and links to their Linux Mint 17.3 Cinnamon edition ISOs where replaced with links to an ISO with a baked in back door!

Users who downloaded the ISO from their HTTP links yesterday may have inadvertently downloaded a copy with the Tsunami Trojan built in. 

Those who downloaded the ISOs via torrent links will not have been affected by the compromised ISOs, due to the way torrents work. However those who used standard HTTP requests may find they’ve a rogue file in /var/lib/man.cy 

Not only did they redirect the download links, they also stole the databases.. These are now for sale on the “dark net” for $86 as the screen shot on the below tweet shows

If you’ve downloaded the ISO, the owners of Linux Mint are strongly recommending you reinstall the OS, you can read more about the attack over at the Linux Mint Blog

Read More

7 million Dropbox account details stolen

Mike Hudson

Popular file sharing and cloud storage service Dropbox has reportedly been hacked. 7 million account details are thought to have been stolen by the hackers..

If you use Dropbox, it’s worth logging on and changing your password. Also ensure that any other online services you use doesn’t have the same password set. If so, you should change that too.

Once you’ve set your new Dropbox password you should enable two factor authentication on your account. This will help prevent data loss should further attacks occur. Check out this link on how to do that https://www.dropbox.com/en/help/363

Read More

Spotify suffers data breach

Mike Hudson Leave a comment
spotify

spotifySpotify have become the latest victim of data breach, as their own network security team became aware of unauthorised access to their systems. It would seem that only one users account details has been accessed. However to ensure no other users suffer the same fate, all users will be asked to re-enter their credentials the next time they attempt to use the Spotify client.

Spotify users who use the iOS, Windows Phone and desktop apps to enjoy the Spotify service will be prompted to re-enter their credentials. Android users will be prompted to perform an app upgrade, and although the upgrade isn’t forced, it’s highly recommended you download and install before use.

It’s worth mentioning, installing applications on your Android device from sources over than Google Play or the Amazon Appstore is a bad idea. Which one small exception, in this case, you can also download the latest Android app from https://m.spotify.com

Once Android users have finished downloading an installing the latest update, they will then have to download any offline playlists once again.

Read More