3.1 C
London
Saturday, November 18, 2017
Home Tags Rihanna

Tag: Rihanna

The retweets were for innocent, "positive" stories.

And that was the point.
One of two CelebGate hackers goes down, but uploader remains at large The 36 year-old hacker behind some of a massive public leak of private celebrity photos has been sentenced to 18 months prison. 36 year-old Ryan Collins, of Pennsylvania, was one of two suspects in the September 2014 leaks known online as the Fappening or CelebGate. Celebrities impacted include Jennifer Lawrence, Kate Upton, Rihanna, and Avril Lavigne. He was arrested in March and charged with hacking 50 iCloud and 72 Gmail accounts owned by Hollywood stars. A second man, Edward Majerczyk, 28, of Illinois, was collared in July and charged with hacking 300 iCloud and Gmail accounts of which 30 belonged to Silver Screeners. Together they hacked some 600 victims. Both have pled guilty to the charges involving sophisticated phishing attacks that saw the pair send mails purporting to come from Apple and Google.

Those efforts, which took place between November 2012 and September 2014, harvested account logins for entertainers and other prominent persons. Collins received a lighter penalty than the five years prison initially on the table for the guilty plea. The uploader or 'leaker' of the stolen images has not been found. ®
Wikimedia Commons user Tabercilreader comments 10 Share this story A 36-year-old Ryan Collins from Pennsylvania was sentenced to 18 months in prison after pleading guilty to hacking the Apple and Google accounts of more than 100 celebrities, including Jennifer Lawrence, Aubrey Plaza, Rihanna, and Avril Lavigne.

Collins stole personal information, including nude photos, from the celebrities. The photos were famously posted on 4chan and reddit in 2014.

Collins pleaded guilty to hacking the celebrities’ accounts in May, but he did not plead guilty to posting the images on the Internet. “Investigators have not uncovered any evidence linking Collins to the actual leaks or that Collins shared or uploaded the information he obtained,” the Department of Justice (DOJ) noted. According to The Guardian, Collins ran a phishing scheme from November 2012 to September 2014, sending celebrities e-mails that appeared to be from Apple and Google, requesting their user names and passwords. In a press statement, the DOJ wrote that Collins would illegally access respondents’ accounts and search for nude photos and videos. “In some instances, Collins would use a software program to download the entire contents of the victims' Apple iCloud backups,” the DOJ wrote. “In addition, Collins ran a modeling scam in which he tricked his victims into sending him nude photographs.” Collins apparently accessed at least 50 iCloud accounts and 72 Gmail accounts and stole information from more than 600 victims, not all of whom were celebrities. From the beginning, Apple maintained that the hacks weren’t the result of an iCloud vulnerability, but the fruit of a “very targeted attack on user names, passwords and security questions.” In the aftermath of the hack, some celebrities threatened Google with a $100 million lawsuit for failing to "act expeditiously and responsibly to remove the Images."
Apple has confirmed celebrities' iCloud accounts were compromised, but says the security of its automatic backup system was not breached. The private photographs of celebrities such as Jennifer Lawrence (pictured), Kate Upton, Kelly Brook and Rihanna were obtained in a “carefully targeted attack on user names, passwords and security questions”, Apple said in a statement. But Apple gave no details of how the attackers obtained these pieces of information from all the celebrities involved. In the days since the photographs were leaked, there has been speculation they were obtained by exploiting a vulnerability in Apple’s Find My iPhone service, which the company denied. “None of the cases we have investigated has resulted from any breach in any of Apple’s systems including iCloud or Find My iPhone,” Apple said. Despite the denial, Apple quietly fixed the vulnerability after researchers went public with the fact that Find My iPhone had no limit on the number of password guesses attempted, which allowed hacking tools to make multiple attempts at a fast rate until the correct password was identified. Apple confirmed its investigators are working with the FBI to identify those responsible for breaking into the iCloud accounts. Cloud security concerns The incident has renewed security concerns about cloud-based services and prompted calls for better authentication processes. The traditional model – that relies on user names, passwords and security questions – is widely considered flawed because attackers can easily get around these checks. Independent security consultant Graham Cluley said Apple should make two-factor authentication mandatory for all users of its services. Currently, two-factor authentication that improves security by requiring a one-time password is optional, but Cluley said not all users know it is available. “It would be great to see Apple make such protection mandatory, rather than an opt-in choice for the few that know about it,” he wrote in a blog post. Following the compromise of the celebrities’ iCloud accounts, Apple recommended users choose a strong password and enable two-factor authentication. Some security experts suggested going a step further to improve security for cloud-based services. Calls to reduce risk Authentication processes should be bolstered further by incorporating biometric technologies, said Raj Samani, chief technology officer in Europe for Intel-owned McAfee. “Biometric authentication replaces passwords, taking into account human attributes such as fingerprints, voice or even facial recognition to provide a higher level of security,” he said. The incident prompted calls for businesses to tighten their security processes to ensure they are not exposed to risk through employee use of cloud-based services. “Corporations should be thinking about the cloud services their employees may be using store company information and making sure that it is protected or removed from those services," said Bob Doyle, security consultant at risk management firm Neohapsis. Email Alerts Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox. By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy Read More Related content from ComputerWeekly.com RELATED CONTENT FROM THE TECHTARGET NETWORK
Apple and FBI are investigating the publication of nude celebrity photos online after Apple’s iCloud was allegedly hacked. The private photographs of celebrities such as Jennifer Lawrence, Kate Upton, Kelly Brook and Rihanna were uploaded by hackers. But Apple has so far remained tight-lipped about claims that hackers managed to access photographs automatically backed-up on its iCloud service. A piece of software called iBrute has been linked to the alleged attack because of its ability to exploit a vulnerability in Apple's Find My iPhone service. Apple had no limit on the number of password guesses, which allowed the malicious script to make multiple attempts at a fast rate until the correct password was identified. But Apple has patched the flaw, and the service now has a five-attempt limit, according to Digital Spy. There is still no concrete evidence that the images were stolen from iCloud and some commentators have suggested multiple breaches may have been used to access the photographs from the mobile phones of A-list celebrities including Jennifer Lawrence and Kate Upton. Lawyers acting on behalf of Jennifer Lawrence and Kate Upton have threatened to prosecute anyone found disseminating or duplicating the illegally obtained images. Calls for Apple to tighten security Despite the lack of evidence of an iCloud leak, the incident has prompted calls for Apple to make two-factor authentication mandatory for all users of its services. Currently, two-factor authentication that improves security by requiring a one-time password is optional. But independent security consultant Graham Cluley said not all users know it is available. “It would be great to see Apple make such protection mandatory, rather than an opt-in choice for the few that know about it,” Cluley wrote in a blog post.    The hack has also raised renewed concerns about the security of cloud-based backup and storage services. Data transparency and biometrics But some security commentators say the shift from data stored in one physical location to seamless cloud synchronisation creates a near total lack of transparency about the location of data. “When you take an action on your phone, and it synchronises to your laptop and tablet, that data is almost certainly going somewhere else, stored and backed-up,” said Tim Erlin, director of security and risk at Tripwire. “Each of these locations and systems in which the data exists creates a vector for attack that must be protected. We are largely at the point where nothing you do on your iPhone can be considered private.” To stay ahead of hackers it is important to use a new trust model that incorporates technologies such as biometric authentication, said Raj Samani, chief technology officer in Europe for Intel-owned McAfee. “Biometric authentication replaces passwords, taking into account human attributes such as fingerprints, voice or even facial recognition to provide a higher level of security during the authentication process,” Samani said. Cloud security warning to businesses The alleged iCloud breach should be a warning to businesses, said Eduard Meelhuysen, vice-president for Europe at cloud analytics and policy enforcement firm, Netskope. “Even if organisations do not think they ares using iCloud, their employees undoubtedly are,” Meelhuysen said. But with services such as iCloud an essential part of users' lives, Meelhuysen said blocking their use in a business environment is not an option. “To protect sensitive corporate data, organisations need to understand what data is being moved into cloud-based services and what users are doing with that content,” he said. “Rather than block iCloud, or any app for that matter, organisations should try to shape usage by stopping risky behaviours such as uploading personal identifiable information or sharing sensitive content outside the company. “That way you can mitigate risk while enabling the use of cloud in your business.” Email Alerts Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox. By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy Read More Related content from ComputerWeekly.com RELATED CONTENT FROM THE TECHTARGET NETWORK
Hundreds of revealing photographs of female celebrities have been leaked online, reportedly after Apple’s iCloud service was hacked. Jennifer Lawrence, Kirsten Dunst and Ariana Grande are said to be among the celebrities shown in the photographs posted on web forum 4chan. Anonymous 4chan users claim the images had been taken from the celebrities’ iCloud accounts, according to The Verge. Apple’s iCloud service is designed to enable iPhone, iPad and Mac users to synchronise images, settings, calendar information and other data between devices. But concerns over iCloud security have led many enterprises to implement mobile device management systems that enable administrators to enforce policies which control what data is passed on to iCloud. More than 100 A-list celebrities are thought to have been targeted, including reality TV star Kim Kardashian, singer Rihanna and models Candice Swanepoel, Cara Delevingne and Kelly Brook. It is unclear when the iCloud service was compromised as one celebrity whose photos were stolen, Mary Elizabeth Winstead, said the images concerned had been deleted years ago. This either means the hacker has been collecting the images for some years, or the images are still available in iCloud to those who know where to find them. While Winstead and Lawrence have confirmed the pictures of them are real, Ariana Grande and Victoria Justice have said the images are fake. A spokesperson for Jennifer Lawrence warned that anyone posting the stolen pictures will be prosecuted. In 2012, a man was sentenced to 10 years in prison for hacking the private email accounts of celebrities including Mila Kunis and Scarlett Johansson. Apple has so far not responded to media requests for comment on the alleged compromise of its iCloud service. Email Alerts Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox. By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy Read More Related content from ComputerWeekly.com RELATED CONTENT FROM THE TECHTARGET NETWORK