Robinhood may have stored your password in plaintext

first_img Equifax breach: You can now file a claim for your share of the $700M settlement John McAfee ‘released from confinement’ How to become a privacy ninja: Use these journalist tools NSA aims to up its cybersecurity game Now playing: Watch this: Annette Riedl/picture alliance via Getty Images Robinhood warned its customers in an email Wednesday that their passwords may have been stored in plaintext. The stock trading service said it discovered the issue on Monday night, when it found “some user credentials” stored in readable formats on its internal systems.”Your Robinhood password may have been included,” Robinhood said in the email. “We resolved this issue, and after thorough review, found no evidence that this information was accessed by anyone outside of our response team.”Still, it recommends changing your password.A Robinhood spokesperson told CNET sister site ZDNet via phone that not all users were impacted, but did not say how many were. Passwords are now being hashed using the Bcrypt algorithm, according to a help page, ZDNet added. Share your voice Inside a password-free future Tags 2:46 Security on CNET null Computers Security 0last_img read more

Analysis of crocodile retina reveals trait that makes lying in wait easier

first_img More information: Nicolas Nagloo et al. Spatial resolving power and spectral sensitivity of the saltwater crocodile,, and the freshwater crocodile,, The Journal of Experimental Biology (2016). DOI: 10.1242/jeb.135673ABSTRACTCrocodilians are apex amphibious predators that occupy a range of tropical habitats. In this study, we examined whether their semi-aquatic lifestyle and ambush hunting mode are reflected in specific adaptations in the peripheral visual system. Design-based stereology and microspectrophotometry were used to assess spatial resolving power and spectral sensitivity of saltwater (Crocodylus porosus) and freshwater crocodiles (Crocodylus johnstoni). Both species possess a foveal streak that spans the naso-temporal axis and mediates high spatial acuity across the central visual field. The saltwater crocodile and freshwater crocodile have a peak spatial resolving power of 8.8 and 8.0 cycles deg−1, respectively. Measurement of the outer segment dimensions and spectral absorbance revealed five distinct photoreceptor types consisting of three single cones, one twin cone and a rod. The three single cones (saltwater/freshwater crocodile) are violet (424/426 nm λmax), green (502/510 nm λmax) and red (546/554 nm λmax) sensitive, indicating the potential for trichromatic colour vision. The visual pigments of both members of the twin cones have the same λmax as the red-sensitive single cone and the rod has a λmax at 503/510 nm (saltwater/freshwater). The λmax values of all types of visual pigment occur at longer wavelengths in the freshwater crocodile compared with the saltwater crocodile. Given that there is a greater abundance of long wavelength light in freshwater compared with a saltwater environment, the photoreceptors would be more effective at detecting light in their respective habitats. This suggests that the visual systems of both species are adapted to the photic conditions of their respective ecological niche. New look at crocodile eyes Most people have seen, if only on video, the silent means by which crocodiles hunt—with their bodies just below the surface and only their eyes and part of their snout visible—they wait for prey to wander close enough to grab with their long tooth filled maws. Now, in this new effort, the researchers have found a feature of their eyes that assists them in this type of hunting; the fovea, which is an area of receptors in the back of the eyeball that are set very close to one another, and in the case of crocodiles, they are formed as a long streak, rather than as a circular spot seen in other animals. It allows, the team explains, the animal to scan the near horizon without having to move its head at all—that makes it easier to sneak up on unsuspecting animals.The researchers report that they also found a major difference between the eyes of the saltwater crocs, versus their freshwater counterparts—the numbers of different types of photoreceptors in the retina. Freshies, as they are called, had more that were responsive to red light, whereas salties had more that were responsive to blue light. This, the team reports, makes sense because saltwater tends to have more blue light in it, while freshwater has more red in it. But, that is only a partial explanation, the team adds, because but both types of crocs have blurry vision when underwater. This, they suggest, means that the crocs do something under water that is still unknown, which is odd, because they do most of their hunting and mating on land. Both types do have the stretched fovea, they note, allowing them to lurk beneath the water without having to lift their heads, making their presence easier to mask—a feature, they report, that has not been seen in any other animal. Freshwater crocodile at Australia Zoo. Credit: Benchill /Wikipedia CC BY 3.0 Citation: Analysis of crocodile retina reveals trait that makes lying in wait easier (2016, May 9) retrieved 18 August 2019 from https://phys.org/news/2016-05-analysis-crocodile-retina-reveals-trait.html Journal information: Journal of Experimental Biologycenter_img (Phys.org)—A team of researchers with the University of Western Australia, Crawley has discovered new details about crocodile vision that helps explain how it is they are so adept at waiting just under the water surface to capture prey that wanders too near. In their paper published in the Journal of Experimental Biology, the team describes their study of the eyeballs of both saltwater and freshwater crocodiles living in Australia, the differences between them, and a unique part of the retina they found. Explore further © 2016 Phys.org This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.last_img read more

FireEyes Global DNS Hijacking Campaign suspects Iranianbased group as the prime source

first_imgFireEye, a US cybersecurity firm, have disclosed details about their DNS hijacking campaign. In their recent report, the company shared that they have identified huge DNS hijacking affecting multiple domains belonging to government, telecommunications and internet infrastructure entities across the Middle East and North Africa, Europe and North America. FireEye analysts believe an Iranian-based group is the source behind these attacks, although they do not have a definitive proof. The analysts also said that “they have been tracking this activity for several months, mapping and understanding the innovative tactics, techniques and procedures (TTPs) deployed by the attacker”. The FireEye Intelligence team has also identified an access from Iranian IPs to machines used to intercept, record and forward network traffic. The team also mentions that these IP addresses were previously observed during the response to an intrusion attributed to Iranian cyber espionage actors. The FireEye report highlights three different techniques used to conduct these attacks. Techniques to manipulate the DNS records and enable victim compromises 1. Altering DNS A Records Source: FireEye Here the attackers first logged into a proxy box used to conduct non-attributed browsing and as a jumpbox to other infrastructure. The attacker then logs into the DNS provider’s administration panel, utilising previously compromised credentials. Attackers change the DNS records for victim’s mail server in order to redirect it to their own mail server. They have used Let’s Encrypt certificates to support HTTPS traffic, and a load balancer to redirect victims back to the real email server after they’ve collected login credentials from victims on their shadow server. The username, password and domain credentials are harvested and stored. 2. Altering DNS NS Records Source: FireEye This technique is the same as the previous one. However, here the attacker exploits a previously compromised registrar or ccTLD. 3. A DNS Redirector Source: FireEye This technique is a conjunction of the previous two. The DNS Redirector is an attacker operations box which responds to DNS requests. Here, if the domain is from inside the company, OP2 responds with an attacker-controlled IP address, and the user is re-directed to the attacker-controlled infrastructure. Analysts said that a large number of organizations have been affected by this pattern of DNS record manipulation and fraudulent SSL certificates. These include telecoms and ISP providers, internet infrastructure providers, government and sensitive commercial entities. According to FireEye report, “While the precise mechanism by which the DNS records were changed is unknown, we believe that at least some records were changed by compromising a victim’s domain registrar account.” To know more about this news in detail, read the FireEye report. Read Next FireEye reports North Korean state sponsored hacking group, APT38 is targeting financial institutions Reddit posts an update to the FireEye’s report on suspected Iranian influence operation Justice Department’s indictment report claims Chinese hackersbreached business and government networklast_img read more