Web

Dropbox user email addresses stolen: New security features added

dropbox-logo-large

Have you noticed an unusual amount of spam pouring into your email inbox? If so, you’re not alone. Dropbox revealed on Tuesday that, earlier this month, an untold number of the cloud storage service’s users reported receiving spam to email addresses only linked to Dropbox. The company says that it has contacted all users whose accounts were compromised, so if you haven’t received a notice, you should be in the clear.

The spamer-hackers were able to access Dropbox user emails in two ways, according to the company: First, “usernames and passwords recently stolen from other websites were used to sign in to a small number of Dropbox accounts,” wrote Aditya Agarwal, Dropbox’s vice president of engineering in a post on the company blog. Second, a “stolen password was also used to access and employee Dropbox account containing a project document with user email addresses.”

“We believe this improper access is what led to the spam,” wrote Agarwal. “We’re sorry about this, and have put addtional controls in place to make sure it doesn’t happen again.”

As Agarwal writes, these “additional controls” include:

  • Two-factor authentication, a way to optionally require two proofs of identity (such as your password and a temporary code sent to your phone) when signing in. (Coming in a few weeks)
  • New automated mechanisms to help identify suspicious activity. We’ll continue to add more of these over time.
  • A new page that lets you examine all active logins to your account.
  • In some cases, we may require you to change your password. (For example, if it’s commonly used or hasn’t been changed in a long time)

Agarwal goes on to warn users against using the same password across multiple online accounts — good advice, by any measure. Really, you should never, ever, ever use the same password for many accounts, since the hacking of one account means all other accounts using the same login credentials are also compromised. Agarwal recommends that users check out password protection tools like 1Password, which “can help you manage strong passwords across multiple sites.” Again, solid advice.

The leaked passwords were first reported by Sarah Perez of TechCrunch on July 17, after a number of international users began reporting the appearance of spam in their Dropbox-only email inboxes on the Dropbox forums. Within hours, Dropbox responded to its users, saying that it was “actively investigating your reports.”

Social Media

Instagram hackers are changing account info into Russian email addresses

Have you logged in to your Instagram lately? A hack circulating this month has Instagram users locked out of their accounts because a hacker changed all the profile data, according to a report.
Photography

The Nixplay Iris might just make digital picture frames cool again

The digital picture frame's popularity has fizzled because of time-consuming updates and low quality -- but can a Wi-Fi connected frame change that? The Nixplay Iris is an 8-inch smart digital picture frame that wireless updates photos.
Mobile

How to transfer your contacts between iPhone and Android devices

There's nothing worse than getting a new phone and realizing you don't have any of your old contacts listed. Luckily, it's an easy problem to solve. Here's how to transfer your contact list to your new device.
Smart Home

Samsung SmartThings adds A.I.-based Wi-Fi for faster, smarter home networking

Samsung introduced the SmartThings Wifi, an A.I.-based multifunction mesh networking router with an integrated smart home hub. The device intelligently allocates network speed and bandwidth based on device and application needs.
Computing

Network routers with roaming enabled are likely susceptible to a new attack

Jens Steube discovered a new method to break into network routers while researching new ways to attack the WPA3 security standard. He stumbled onto an attack technique capable of cracking hashed WPA-PSK passwords.
Computing

Saving your favorite YouTube videos for posterity is quick, easy with these tools

Learning how to download YouTube videos is easier than you might think. There are plenty of great tools you can use, both online and offline. These are our favorites and a step by step guide on how to use them.
Computing

Hacker plays ‘Doom’ on John McAfee’s ‘unhackable’ BitFi Bitcoin wallet

The BitFi hardware cryptocurrency wallet isn't as unhackable as John McAfee claims. A 15-year-old bedroom hacker has managed to get Doom running on the device, suggesting its days may soon be numbered.
Computing

Having issues with Microsoft Edge? Here's how to fix the most common problems

If you're feeling frustrated with Microsoft Edge, or have run into a serious problem with Windows 10's built-in browser, take a look at these common issues and the solutions that can help you get back on track.
Music

Spotify vs. Pandora: Which music streaming service is better for you?

Which music streaming platform is best for you? We pit Spotify versus Pandora, two mighty streaming services with on-demand music and massive catalogs, comparing every facet of the two services to help you decide which is best.
Photography

The best place to print photos online: Seven top photo labs

Have you been looking around for the best place to print out your favorite photos online? Don't fret, we've pored through dozens of options and narrowed it down to the seven best.
Computing

The browser-based Monero miner Coinhive generates around $250,000 each month

Despite a fall in cryptocurrency mining, the Coinhive Monero miner is still highly active, generating around $250,000 each month. Coinhive also contributes 1.18 percent of the total mining power behind the Monero blockchain.
Computing

The Andromeda botnet still lingers as nations struggle to clean infected PCs

A report by Fortinet suggests that although the FBI and Europe ended the Andromeda botnet’s reign in late 2017, there are still infected PCs. Cleaning up these PCs isn’t progressing at the same pace across various regions.
Web

FatCam: Museum of London’s livestream of a rancid hunk of sewage proves popular

A London museum put part of a fatberg on display earlier this year and the putrid muck proved to be a surprise hit with visitors. Keen to share it with a wider audience, the fatberg is now starring in its very own livestream.
Computing

Australian student hacks into Apple, steals 90GB of data because he’s a ‘fan’

A 16-year-old student in Australia broke into Apple’s network multiple times for an entire year to download 90GB of “secure” data and access customer accounts. He did this because he was a "fan."