DD
MM
YYYY

CATEGORIES

PAGES

DD
MM
YYYY

spot_img

CATEGORIES

PAGES

Home Blog Page 4283

The Twitter’s Source Code Escape

By
Ndubuisi Ekekwe
-
1

Someone dumped Twitter’s source code  on GitHub, an ecosystem where geeks and developers share codes: “Parts of Twitter’s source code — a closely held trade secret — were leaked online, according to court filings. The social network moved Friday to have the code taken down by GitHub”. If you may ask me, the illegal play here is more consequential than a bank hack for a software company. Yes, if not that Twitter is an aggregator, it would be in serious trouble now. 

But as an aggregator whose value is in the user base or data created by the user base, the source code, while valuable, is not that killing, when leaked in this way, except the risk of bad guys seeing paths to hack the company. You can clone a better Twitter on software but without the users, you have no mission.

That is the deal: you can clone Facebook, Quora, LinkedIn and those aggregators, without their users, the products are not comparable. The value of the products come from the users within the tenets of network effect where the more the users, the better the value. The core value of Twitter is not just on the source code, but that it has users which are there.

Contrast this dump with say a Microsoft Office source code dump where the source code gives you the product, untethered from if another person is using it or not. Yes, when you use Microsoft Word or Excel, it is irrelevant if another person is using it. So, the source code creates massive business risks to Microsoft since any pirated one is a lost revenue. Laying hands on those codes can make bad actors build semi-versions of Office or Excel.

For Twitter, this is an escape because aggregators win through users. Of course you need to protect the source code to ensure you keep those users happy!

Twitter needs to close the flanks. No app. No browser. No right click. No disk interface. No savers. On machines with access to the server! Code Protection 101.

Parts of Twitter’s source code — a closely held trade secret — were leaked online, according to court filings. The social network moved Friday to have the code taken down by GitHub — the online forum where it was posted — and while GitHub took the code down that day, reports suggest it may have been public for months. Leaked code risks revealing software vulnerabilities to attackers and can also give competitors an advantage. The responsible party is believed to have left the company last year, The New York Times reports.

Roughly three quarters of Twitter’s staff were laid off or resigned since Elon Musk purchased the company in October. Twitter is looking to identify the user behind the account that shared the code and the information of all users who posted, downloaded or uploaded the data. Musk is offering employees stock grants based on a $20 billion valuation, less than half of the $44 billion he paid for the company last year.

As Twitter escapes, the US financial market may need the same luck: “Cash is leaving banks and flooding into money market funds at the fastest pace since the start of the pandemic, as businesses and investors seek safe havens following the collapse of Silicon Valley Bank. So far this month, more than $286 billion has moved into money market funds — which typically hold low-risk assets such as short-term Treasury bills. Corporations and small businesses, whose bank deposits may exceed the $250,000 covered by federal insurance, are likely leading the flight to safety, Axios reports.”

Proptech Startup HouseAfrica Raises $400,000 Fund to Deepen Its Technology And Grow Adoption

By
Ojukwu Emmanuel
-
0
Zenvus Boundary real estate

PropTech company that enables people to buy shares in multiple properties across Africa and earn returns, HouseAfrica has announced the closing of a $400,000 fund to deepen its technology and grow adoption.

Speaking on the recent funds raised, the startup CEO Nnamdi Uba disclosed that the funding would assist the startup in deepening its technology and growing adoption and its team. He added that close to 95% of lands do not have verifiable titles, which expose genuine retail investors to fraud, hence, the startup solution will enable buyers to make informed decisions when buying land.

Also speaking on HouseAfrica’s remarkable offering is the co-founder of Andela Iyinoluwa Aboyeji who said, “HouseAfrica is helping to create and digitize private land registries. I always thought it was only the public land registries that were slow, inefficient and murky until I heard about the experience of a friend who had to pay two different sets of people to buy land within a private estate. I’m super excited about how by helping private landowners and estates digitize their land records they can start to help create transparency and value that should hopefully soon inspire government land registries to follow suit.”

Founded in 2018, HouseAfrica leverages blockchain & NFT in helping real estate companies issue verifiable certificates of land allocation with ease. In a bid to tackle problems around land ownership that lead to duplicate land titles and illegal sales, as well as low access to mortgages, HouseAfrica provides an immutable ledger alongside a visual map reference, ensuring the integrity of land titles and increasing access to credit.

The startup, which took part in last year’s Startupbootcamp AfriTech accelerator in Cape Town and was also one of the winners at AfricArena, has partnered the Nigerian Mortgage Refinancing Company to give it the opportunity to exclusively service 100,000 land titles across six states in the country.

Designed to be easy to use via a slick web app, HouseAfrica’s business model is based on fees for land title validations and commission on mortgage payments. The platform enables end users to buy, sell, rent, and manage properties and ultimately pay rent and utility bills.

Also, developers can use the platform to manage the construction supply chain from yard to development site. International investors will also have access to the growing African real estate market through the HouseAfrica platform property portfolio, and they’ll also be able to buy, sell and manage properties from anywhere in the world.

HouseAfrica’s transparent ecosystem fosters trust between sellers, buyers, renters and landlords with verified information. The startup easy-to-use, easy-to-handle platform is built for growth, ready and able to serve a diverse array of real estate projects.

Bridging the huge housing gap for over 100M people in the continent living in temporary structures, HouseAfrica offers what may well be the future model for the entire industry, effectively creating a whole new category of real estate investment and renting services.

US Lawmakers to Proceed with Legislation to Ban TikTok

By
Samuel Nwite
-
1

Congress will move forward with legislation that will empower President Biden to ban TikTok and other apps perceived as potential threats to national security, the US Speaker of the House, Kevin McCarthy, said on Sunday.

“The House will be moving forward with legislation to protect Americans from the technological tentacles of the Chinese Communist Party,” McCarthy said on Twitter.

The decision came after the testimony of TikTok CEO Shou Zi Chew before House Committee on Thursday, denying that the Chinese government has access to the data of US TikTok users. Both McCarthy and several other members of Congress believe that Chew was not being honest in his testimony.

“It’s very concerning that the CEO of TikTok can’t be honest and admit what we already know to be true—China has access to TikTok user data,” the Speaker said on Twitter.

Chew told US lawmakers that although some TikTok employees in China still have access to some US data from the app, such access will be completely eliminated at the completion of “Project Texas;” a risk mitigation plan the company had activated to ameliorate the national security concern that has become an existential threat to its business in the West.

TikTok said Project Texas involves deleting data from servers in Singapore and Virginia, adding that once that data is deleted those employees will no longer have access to US user data from the app.

The concern that US user data is accessible in China and is subject to Chinese Communist Party (CCP) law which makes it compulsory for companies to turn in data to the government upon demand has fueled calls to ban TikTok.

In 2020, former US President Donald Trump moved to ban TikTok and other Chinese apps, including Wechat, seen as potential tools for Chinese surveillance. The move was halted by court.

The video-sharing app is perceived as a potential conduit pipe for Chinese espionage, and has been at the receiving end of the resulting apathy, which has seen governments outside the US implement a ban on the use on official devices. Canada, the UK, Belgium, Denmark and others, including the European Union Commission, have prohibited the use of TikTok on government-issued devices.

During the bipartisan hearing on Thursday, the House was keen to find out if Beijing is using TikTok to spy on its 150 million American users, including the government. Chew said “no”, that the Chinese government has never requested any data from the company.

TikTok’s ordeal is compounded by Beijing’s increasing espionage operation. In February, a Chinese spy balloon, which took off from China’s Hainan Island, was shot down by American fighter jets off the coast of South Carolina. There is also a report that employees of ByteDance, TikTok’s parent company, had improperly tracked the location of two journalists.

Republican Representative Neal Dunn had made reference to that during the hearing, even though TikTok said the employees were fired. Dunn asked Chew whether the incident means that ByteDance is spying. Chew answered by saying that he doesn’t “think that spying is the right way to describe it.”

Representative Michael McCaul, who chairs the committee that approved the legislation known as “the Restricting the Emergence of Security Threats that Risk Information and Communications Act”, had earlier described TikTok as “a spy balloon.”

“TikTok is a national security threat … It is time to act,” he said, adding that “anyone with TikTok downloaded on their device has given the CCP a backdoor to all their personal information. It’s a spy balloon into their phone.”

TikTok’s ordeal is largely tied to its ownership by Chinese tech giant ByteDance. The short-form video app said it has been working to untie itself from ByteDance by moving its data centers away from China. Its latest effort is “Project Texas.” The company said the project, which is being executed by Oracle, has about 1,500 full-time workers and has gulped more than $1.5 billion.

Unfortunately, these efforts have failed to mitigate the US-led apathy toward TikTok, which is increasingly exposing the app’s operation in the West to permanent ban.

“Rather than appease legislators’ concerns, Mr Chew’s appearance before Congress on Thursday actually increased the likelihood that Congress will take some action,” Representative Mike Gallagher, the Republican chairman of the House select committee on the Chinese Communist Party, told ABC News on Sunday.

Tekedia Live This Week: The Best Teach At Tekedia Mini-MBA

By
Ndubuisi Ekekwe
-
0

It is going to be amazing this week at Tekedia Live, the live session of Tekedia Mini-MBA.

Tue, Mar 28 | 7pm-8pm WAT |  Driving Growth and Operational Excellence Using Lean Six Sigma – Dr. Charles Igwe PH.D, EMBA, PMP, Canadian Nuclear Laboratories

Thur, Mar 30  | 7pm-8pm WAT | Information Security & Digital Forensics – Dr. Francis Nwebonyi, Bath Spa University

Sat, Apr 1 | 7pm-8.30pm WAT | Effective Business Mentoring and Coaching – Dr. Ndubuisi Ekekwe, Tekedia Institute

Learn more about Tekedia Mini-MBA here . Tekedia Mini-MBA >> the best teach here.

Tekedia Institute offers Tekedia Mini-MBA, an innovation management 12-week program, optimized for business execution and growth, with digital operational overlay. It runs 100% online. The theme is Innovation, Growth & Digital Execution – Techniques for Building Category-King Companies. All contents are self-paced, recorded and archived which means participants do not have to be at any scheduled time to consume contents. Besides, programs are designed for ALL sectors, from fintech to construction, healthcare to manufacturing, agriculture to real estate, etc.

Famous Hacking Incidents and Their Implications

By
TI Partners
-
0

Introduction

Undoubtedly, the internet has significantly changed the current era, predominantly for the better. The worldwide web has shaped a more linked world where thoughts, culture, and business may flow freely, thanks to instant connectivity and the accessibility of data from anywhere. Nevertheless, there is also a nasty side to the positive influences the internet has brought forth. Cybercrime and online security are among the major social issues of the twenty-first century, as lawbreakers and fraudsters that operate on the dark web regularly take the opportunity of the liberty and potential the internet offers. It’s high time that IT companies make it mandatory for their employees to go for the best ethical hacking course online to ensure personal and workplace safety.

Cybercrimes occur each day; in fact, one occurs every 39 seconds. Like technology, hacking has evolved into an awful but also incredibly intriguing issue. Hackers utilize a range of techniques to get access, including technical ones like malware, viruses, and social engineering. In the current digital era, a hack can disable a nuclear power unit, block a company’s profits, or capture the information of millions of customers through a spam scam. Hacking has the potential to result in significant levels of upheaval with tremendous financial ramifications, from identity fraud to shutting the IT systems of large corporations, from obtaining credit card info to undermining security services. Below is a history of the most significant hacking incidents to date, along with information on how they were undertaken and the implications they generated.

What Is Hacking?

Hacking is employing technology and software programming knowledge to obtain unauthorized access to digital networks, systems, or data. Hacking can be conducted with either positive or detrimental intent based on the hacker’s motivation. Positive hacking, commonly called “ethical hacking,” is locating security flaws in computer networks or systems to enhance security and thwart harmful intrusion attacks. Conversely, negative hacking entails taking advantage of flaws to access data or computer systems without authorization for self-benefit, such as compromising confidential information, interrupting services, or harming the network.

Most Notorious Hacks and Their Implications

There have been several well-known hacks throughout history that have had a big impact on both individuals and enterprises. Here are some illustrations:

The Citibank Hack (1995)

Overview: The Citibank Hack was a prominent computer security infringement that took place in the initial stages of the internet. Vladimir Levin, a Russian programmer, was the perpetrator of the breach and stole approximately $10 million from Citibank client accounts. Levin accessed the Citibank network by employing the “war dialing” method that entails using a computer to make an enormous amount of calls to locate online modems.

Implications: To guard against future assaults, Citibank was compelled to make significant investments in its security systems, and other financial services organizations likewise improved their security protocols. The $10 million that was stolen from Citibank was very small compared to the millions of dollars that pass through the world’s financial system each day, yet it nevertheless had a big effect on the people who were afflicted and the bank’s credibility.

The Melissa Virus (1999)

Overview: In March 1999, the Melissa computer virus inflicted extensive harm on computer systems all across the globe. Email attachments with what looked to be a catalogue of porn sites were how the Melissa virus got disseminated. The email would be copied and sent to the first 50 people in the user’s contact list as soon as the attachment was viewed, triggering the virus.

Implications: Numerous companies and people improved their cybersecurity safeguards as a result of the Melissa virus. Businesses started spending money on antivirus software as well as other security procedures to stave off assaults in the future, while people started being warier regarding accepting email links or attachments and clicking on dubious links.

The Mafiaboy Attacks (2000)

Overview: A sequence of DDoS (distributed denial-of-service) assaults, the Mafiaboy Attacks of 2000, targeted several well-known internet sites, such as Yahoo!, eBay, and Amazon. Michael Calce, a Canadian adolescent who went by the alias “Mafiaboy,” was the perpetrator of the attacks. Calce flooded the targeted sites with a tremendous quantity of traffic, resulting in them becoming saturated and inaccessible for visitors, utilizing a botnet or network of hacked machines.

Implications: The attacks necessitated improved cooperation across law enforcement departments and tech firms and heightened public and governmental scrutiny of cybersecurity policies. Following the assaults, Calce was detained and found convicted of many offenses. This incident was a message to other young folks about the dire repercussions of cybercrime, and he was punished for eight months in a youth correctional facility.

The American Military Hack (2001 – 2002)-

Overview: A spate of hacks known as the American Military Hack, also referred to as the Solar Sunrise incident, occurred in 2001 and 2002. The US Department of Defence and various other US government institutions, notably NASA and the FBI, were the targets of the strikes on their computer systems. Two young hackers from Israel and the United States, Ehud Tenenbaum and Timothy M. Lloyd, along with a handful of collaborators, carried out the operations.

Implications: The U.S. government responded to the incident by implementing several improvements to its cybersecurity architecture, along with the formation of the U.S. Cyber Command and innovative cybersecurity procedures and standards. The American Military Hack highlighted the growing danger of cyber-attacks to vital infrastructure and national security, which has repercussions beyond the U.S. government.

The American Businesses Hacks (2005 – 2012)

Overview: Several high-profile intrusions and data leaks at American companies occurred between 2005 and 2012. Below is a summary of the most important events that happened during that period:

TJX Companies (2005): TJX Companies revealed that millions of its customer’s credit card data had been compromised by hackers.

Heartland Payment Systems (2008): Heartland Payment Systems experienced a data breach in 2009, during which hackers obtained millions of credit card numbers.

Sony Pictures (2011): Computer systems at Sony Pictures were infiltrated by hackers thought to be affiliated with North Korea, who then exposed private emails, personnel information, and unreleased movies.

Target (2013): Target had a security breach in which millions of customers’ credit and debit card details were hacked.

Implications: These cyberattacks exposed the susceptibility of American companies to such attacks and proved the necessity of tighter security controls. Also, they prompted more regulation and examination of the sectors impacted by the breaches, including processing payments and retailing. Businesses impacted by the breaches experienced reputational harm and were compelled to make significant payments to impacted clients. Overall, the American company hacks between 2005 and 2012 acted as a warning for both firms and consumers, highlighting the significance of cybersecurity in a world that is becoming more and more digital.

The Iceman Hacks (2006)

Overview: In 2006, a hacker going by the name of “Iceman” committed many cyberattacks. The assaults targeted a range of financial organizations, credit card issuers, and online retailers. Confidential data, such as credit card numbers, identities, locations, and other private details, were accessible to the hacker.

Implications: The attacks underlined the need to put in place robust security measures to safeguard sensitive data and showed how susceptible finance and e-commerce platforms are to cyberattacks. The Iceman hacks further highlighted the significance of swiftly identifying and countering cyber threats. While the accused hacker was finally apprehended and prosecuted, the targeted businesses suffered considerable financial difficulties and damaged reputations as a result of the attacks.

The Heartland Payment Systems Hack (2008)

Overview: The Heartland Payment Systems attack in 2008 was among the most severe data breaches in existence, with more than 130 million debit and credit cardholders implicated. A group of hackers entered Heartland’s computer systems using the method known as SQL injection to carry out the hack. The intruders robbed billions of debit and credit card details while going unnoticed for several months.

Implications: Following the hack, Heartland was the target of multiple lawsuits, along with a class-action lawsuit filed by impacted clients. In the end, the corporation had to pay over $100 million in compensation and penalties for the infringement. The event also prompted regulatory organizations, such as the FTC (Federal Trade Commission) and the Payment Card Industry Security Standards Council, to examine payment processors more closely.

The Conficker worm (2008 – Present)

Overview: The Conficker worm is a persistent computer infection that initially surfaced in 2008. The malware propagates by taking advantage of holes in the Windows operating system. The worm has been associated with a multitude of nefarious activities, such as the theft of confidential data, the installation of ancillary malware, and the unveiling of significant cyberattacks. Conficker is also recognized for using cutting-edge encryption strategies as a means of avoiding identification via antivirus programs and security features.

Implications: The worm can inflict massive disruption and devastation, and its ongoing expansion emphasizes the need for more robust cybersecurity safeguards and improved anti-malware. It is crucial to make sure that operating systems and applications are updated with the most recent security updates and patches to fight against Conficker as well as other malware hazards.

The Nasdaq Hacks (2010)

Overview: The Nasdaq Hacks are a group of cyberattacks that happened in 2010 and were directed at the Nasdaq stock exchange. A hacking team was able to breach the computer networks of the Nasdaq and acquire access to private data, which they used to carry out the assaults. The hackers broke into the Nasdaq systems using specialized technology, allowing them access to the exchange’s operations and the ability to subvert stock values.

Implications: The Nasdaq Attacks sparked worries about the safety of financial systems and the possible effects of cyberattacks on the sustainability of the world economy. Wake of the attack, the Nasdaq and many other financial organizations increased their security protocols to guard against reiterating the same errors. The event sparked calls for more financial market surveillance and regulation as well as intensified scrutinizing of cybersecurity procedures across sectors.

The Spamhaus DDoS Attack (2013)

Overview: “Spamhaus DDoS attack of 2013” was launched against Spamhaus, a non-profit organization devoted to combating spam and related online crimes. One of the biggest and longest DDoS attacks ever, it started on March 15, 2013, and lasted for many weeks. Attackers named CyberBunker purported to be a Dutch hosting company and carried out the attack. Spamhaus was the target of a significant DDoS attack by CyberBunker, which flooded the firm’s servers with traffic via a network of botnets.

Implications: Spamhaus and other businesses improved their DDoS defenses in the wake of the attack by using cloud-based DDoS mitigation services. A stronger coordination and information exchange effort were also required to counter the rising threat of DDoS attacks as a result of the attack, which also escalated the monitoring of Internet infrastructure suppliers.

The Yahoo Hacks (2013 & 2014)

Overview: The two Yahoo hacks in 2013 and 2014, which compromised all of Yahoo’s three billion user profiles at the time, were among the most catastrophic data breaches ever recorded. After the breaches were uncovered in 2016, it was determined that the attackers had seized hashed passwords, login details, email accounts, birth dates, and contact information. A state-sponsored actor was blamed for the 2013 intrusion, and a different gang of hackers is thought to have been responsible for the 2014 hack. Yahoo’s approach to the matter came under fire when the breaches weren’t made public until many years later.

Implications: After it was discovered that the hacks had affected Verizon’s purchase of Yahoo in 2017, the purchase value was reduced by $350 million. The scandal also prompted the CEO of Yahoo and several top execs to resign. The Yahoo attacks serve as a lesson on the value of robust cybersecurity safeguards and the requirement for businesses to give user privacy protection a top priority.

The iCloud Celebrity Hacks (2014)

Overview: The “Fappening,” also known as the “iCloud Celebrity Hacking,” was a well-publicized occurrence in 2014. It involved unauthorized access to and sharing of secretive and intimate images and videos of various celebs kept on Apple’s iCloud account. The event was initially brought to light on August 31, 2014, when an attacker published a link to a compilation of scores of notable celebrities’ confidential photos and videos on the digital message board 4chan.

Implications: Apple made many tweaks to its iCloud services in reaction to the event, including the integration of two-factor verification and stringent password constraints. The incident also resulted in a class action lawsuit against the corporation, which was subsequently resolved for an unknown sum. Ultimately, the iCloud Celebrity Hacks was a lesson on the value of data privacy and the necessity for people and businesses to take preventative measures to shield sensitive data from illegal access and release.

Conclusion

In conclusion, it’s critical to remember how harmful the internet may be despite all of its miracles and advantages. The occurrences above show how much of a menace cybercriminal are becoming and how important it is for people and businesses to safeguard their digital assets. Learning about these threats is a fantastic place to start, but the best course of action is to take proactive measures to strengthen your security. Get more about the field of cybersecurity with the best ethical hacking course online from reputed digital platforms such as KnowledgeHut.

1...4,2824,2834,284...7,978Page 4,283 of 7,978

© Tekedia. All rights reserved.

Term & Privacy

© Tekedia. All rights reserved.

Term & Privacy