Tech Beat by Namecheap – 21 April 2023

Doxxing is a term that has become increasingly popular in recent years, but many people still don’t understand what’s involved. The term ‘doxxing” refers to the act of publicly revealing someone’s personal information without their consent. The legality of doxxing varies depending on the circumstances, making it more of a quasi-cybercrime. In many cases, doxxing falls into a legal gray area, as there may not be specific laws that address this type of behavior. Read about high-profile cases of doxxing and how you can protect yourself against it.

In other news

• “Operation Cookie Monster” shuts down hacker marketplace. Ars Technica reports that the U.S. Department of Justice, Dutch police, and Europol have seized the Genesis Market platform as part of an international effort that resulted in 119 arrests. The criminal marketplace had sold packages of account access credentials that were taken from computers infected with malware across the globe. Available on the open web by invitation only, Genesis Market made cybercrime more accessible for hackers and had around 59,000 registered users. It began in 2018 and stole data from over 1.5 million computers around the world. It is thought to be located in Russia. 

• AI can crack passwords quicker than you can read Tech Beat. A cybersecurity firm, Home Security Heroes, ran an experiment using an AI-driven tool called PassGAN to crack passwords. According to PC World, PassGAN was fed over 15 million passwords from the 2009 RockYou breach, and the tool was able to crack 51% of common passwords in under a minute and 65% in under an hour. 

• Police bring robot dogs back to New York. The NYPD has faced criticism in recent years over its use of electronic canines, from concerns about surveillance and weaponization (see our article from 2021). But New York Mayor Eric Adams this month announced that the Digidog is coming back to the streets, according to The Verge. The police will introduce two robot dogs at a cost of $750,000, which will only be used in life-threatening situations. They will also bring in a car-mounted launcher for shooting GPS tags onto moving vehicles and a security robot for outdoor use.  

• FBI warns of public charging stations. ZDNet reports that the FBI has issued a warning about public power outlets that steal your phone’s data in what is known as “juice jacking”. Denver FBI recently said that public charging stations could add malware and surveillance software that drains data from your phone as soon as you connect it to the port. Their advice is to avoid using charging stations in airports, hotels, and shopping centers. One option is to use a USB data blocker (also known as a “USB condom”) that secures your device by preventing any transfer of data.    

• Twitter tries to make money by copying Substack. Elon Musk has announced plans to turn Twitter into a version of Substack, with features that allow users to monetize their followers and offer long-form content. Twitter Blue users can now post tweets up to 10,000 characters long, with bold and italic text formatting. The Register suggests this move is a response to innovations by Substack, a newsletter and podcasting platform that allows creators to charge whatever fee they choose for their content. 

• Indian government can now “fact-check” and delete social media posts. India will launch a state-run fact-checking unit with the power to remove social media posts about the government that they consider “fake, false or misleading.” Rest of World reports that it will impact platforms like Facebook, Twitter, and Instagram, as well as Internet service providers. There is no appeal process, and if tech companies don’t comply with removing flagged posts, they risk facing legal action due to user content. This move concerns Internet freedom advocacy groups due to its potentially adverse implications for press freedom and censorship. 

• Sad day for online journalism. BuzzFeed News, once a prominent digital news outlet and superstar of Internet culture, is shutting down, according to a memo CEO Jonah Peretti sent to the staff on Thursday. As Variety explained, other than HuffPost, which BuzzFeed acquired in 2020, the company will no longer create new articles, generate listicles, or interview celebrities. The decision comes after years of financial struggles and attempts to pivot the business model, which ultimately proved unsuccessful. 

Tip of the week: Stop using weak passwords

Passwords are the first line of defense against cyber threats, keeping phishers, doxxers, and thieves out of your sensitive data. Therefore, it’s crucial to use best practices for keeping your passwords secure. And with AI tech now being used to guess challenging passwords in a matter of minutes, it’s never been more vital to follow secure password protocols. 

• Use a password that is at least 15 characters long. Longer passwords are harder to crack, even for hackers using AI. 
• Never repeat a password, ever. Reusing a password makes it easier for cyber criminals to access multiple accounts if they compromise one password. 
• Use a random combination of upper and lowercase letters, numbers, and special characters. This randomization makes your password more complex and harder for AI software to guess. All password managers include a generation tool to help with this. 
• Get a password manager. Most people have 70-80 passwords to keep track of, and when you’re using secure, random strings of characters, there’s no way to remember them all without a secure, encrypted password manager. 
• Avoid using personal information such as your name, date of birth, or address as a password. Cybercriminals can easily find this information and use it to crack your password. 
• Enable two-factor authentication everywhere you can. With 2FA in place, even if a hacker cracks your password, they won’t be able to access your account.