Social applications are leaving you vulnerable.
Snapchat is a photo messaging application that allows users to take photos, videos, and drawings and send them to specific recipients. Over 20 million ‘snaps’ are shared each day and Snapchat has quickly grown into one of the most popular apps. Unfortunately, this startup company’s growth has led to weakened security. Just recently, a breach occurred in which anonymous hackers posted 4.6 million user names and phone numbers on the Web.
According to a senior security engineer for Security Innovation, there were a number of errors made in cryptography and key management that made Snapchat an easy target for hackers looking to expose the vulnerability of user information. Any app that uses cryptography needs to have a third party security team perform an audit to identify security vulnerabilities. This can help to ensure that the back end of apps are as secure as the front ends.
Sadly, Snapchat was warned about this attack a few days before it occurred. They immediately responded that their information was protected and that they didn’t display phone numbers to other users and don’t have the ability to look up phone numbers based on just a username. The hackers responded promptly by posting the sensitive data on a website.
The hackers had this to say about the attack:
“This information was acquired through the recently patched Snapchat exploit and is being shared with the public to raise awareness on the issue. The company was too reluctant at patching the exploit until they knew it was too late and companies that we trust with our information should be more careful when dealing with it.” Source: http://snapchatdb.info
In a separate cyber attack, Microsoft’s Web calling service Skype was recently hacked by the Syrian Electronic Army. The group published a post on the official Skype blog, as well as the contact information of Steve Ballmer, Microsoft Corp’s retiring chief executive. They took to Twitter to post the following message: ” Don’t use Microsoft emails (Hotmail, Outlook), They are monitoring your accounts and selling the data to the governments. More details soon. #SEA”
While none of Skype’s user information seems to have been compromised, the results were just as poignant. The Syrian Electronic Army’s social media defacement of Skype seems to be directed at last year’s shocking revelations that Skype calls were monitored by the U.S. National Security Agency.
At Forensicon, we have the technology and the experience to assist your company or firm with all digital and electronic security breaches. With over a decade of experience tracking rogue hackers, we can help your company after a hacker has compromised your data or breached your security. More importantly we can help prevent the attack from even beginning. To learn more about how our computer forensic specialists can assist your firm, call us at 1-888-427-5667 or visit us on the web at www.forensicon.com.
- Staff Recognized for Departing Employee Investigations - The first issue of Corporate Counsel Business Journal, CCBJ, includes an interview with our Director of Digital Forensics, Yaniv Schiff, and Solutions Architect, Curtis Collette, on the evolution of departing employee investigations. Departing Employee: When Do Investigations Become Necessary? appeared in the print publication, online edition, and on CCBJ’s In-House Tech website. For Increasing Numbers of Employers, Departing Employee Investigations[...Read More]
- Chicago Office Food Drive – The Results Are In - QDiscovery’s Chicago Office collected nearly 1,000 containers of food for the local food bank this Holiday Season! Our office competed with sister offices in Indiana and Connecticut. Alas, we came in third. Our sister offices each collected nearly 2,000 containers for their local food banks. Relatively new to the company-wide food drive, the Forensics Division[...Read More]
- QDiscovery QMobile App Wins Innovation Award - QDiscovery’s QMobile is winner of a 2017 Relativity Innovation Award. Presented at Relativity Fest, the Innovation Award celebrates organizations that create apps or integrations that extend the functionality of Relativity’s eDiscovery software. Our development team created an application that makes the analysis of mobile collections much more manageable. Relativity users can now produce and review mobile[...Read More]
- Moving and Changing - Acquired by Connecticut-based QDiscovery in 2016, Forensicon’s capabilities multiplied overnight, both in forensics brain power and eDiscovery expertise. As part of a leading provider of end to end litigation support, moving to larger offices that are more central to the Chicago legal community was inevitable.
- QDiscovery Named One of the Top 20 Providers of Legal Services! - Leading industry publication, CIO Magazine, has named Forensicon’s parent company, QDiscovery, to it’s Top 20 Providers of Legal Services. The annual listing includes 20 companies that are at the forefront of providing legal solutions and impacting the marketplace. Read the whole article here. Featured in the publication alongside QDiscovery President, Dave Barrett, is Director of Digital Forensics, Yaniv[...Read More]