A popular WordPress plugin leaked access tokens capable of hijacking Twitter accounts

A popular WordPress plugin, installed on thousands of websites to help users share content on social media sites, left linked Twitter accounts exposed to compromise.
The plugin, Social Network Tabs, was storing so-called account access tokens in the source code of the WordPress website. Anyone who viewed the source code could see the linked Twitter handle and the access tokens. These access tokens keep you logged in to the website on your phone and your computer without having to re-type your password every time or entering your two-factor authentication code.
But if stolen, most sites can’t differentiate between a token used by the account owner, or a hacker who stole the token.
Baptiste Robert, a French security researcher who goes by the online handle Elliot Alderson, found the vulnerability and shared details with TechCrunch. He later tweeted details of the bug on Thursday.
In order to test the bug, Robert found 539 websites using


Original URL: http://feedproxy.google.com/~r/Techcrunch/~3/LR44OlbFhu8/

Original article

Facebook is the new crapware

Welcome to 2019 where we learn Facebook is the new crapware.
Sorry #DeleteFacebook, you never stood a chance.
Yesterday Bloomberg reported that the scandal-beset social media behemoth has inked an unknown number of agreements with Android smartphone makers, mobile carriers and OSes around the world to not only pre-load Facebook’s eponymous app on hardware but render the software undeleteable; a permanent feature of your device, whether you like how the company’s app can track your every move and digital action or not.
Bloomberg spoke to a U.S. owner of a Samsung Galaxy S8 who, after reading forum discussions about Samsung devices, found his own pre-loaded Facebook app could not be removed. It could only be “disabled”, with no explanation available to him as to what exactly that meant.
The Galaxy S8 retailed for $725+ when it went on sale in the U.S. two years ago.
A Facebook spokesperson told Bloomberg that a disabled permanent app doesn’t continue


Original URL: http://feedproxy.google.com/~r/Techcrunch/~3/C2FHmikTbj8/

Original article

Sneaky subscriptions are plaguing the App Store

Subscriptions have turned into a booming business for app developers, accounting for $10.6 billion in consumer spend on the App Store in 2017, and poised to grow to $75.7 billion by 2022. But alongside this healthy growth, a number of scammers are now taking advantage of subscriptions in order to trick users into signing up for expensive and recurring plans. They do this by intentionally confusing users with their app’s design and flow, by making promises of “free trials” that convert after only a matter of days, and other misleading tactics.
Apple will soon have an influx of consumer complaints on its hands if it doesn’t reign in these scammers more quickly.
However, the company’s focus as of late has been more so on getting developers to give subscriptions a try — even holding “secret” meetings where it evangelizes the business model that’s earning developers (and therefore Apple itself) a lot of


Original URL: http://feedproxy.google.com/~r/Techcrunch/~3/OvVF_qqFjDk/

Original article

Here’s how to find out if your Facebook was hacked in the breach

Are you one of the 30 million users hit by Facebook’s access token breach announced two weeks ago? Here’s how to find out.

Facebook breach saw 15M users’ names & contact info accessed, 14M’s bios too

Visit this Facebook Help center link while logged in: https://www.facebook.com/help/securitynotice?ref=sec.
Scroll down to the section “Is my Facebook account impacted by this security issue?”
Here you’ll see a Yes or No answer to whether your account was one of the 30 million users impacted. Those affected will also receive a warning like this atop their News Feed:
If Yes, you’ll be in one of three categories:
A. You’re in the 15 million users’ whose name plus email and/or phone number was accessed.
B. You’re in the 14 million users’ who had that data plus account bio data accessed including “username, gender, locale/language, relationship status, religion, hometown, self-reported current city, birthdate, device types used to access Facebook, education, work, the last 10 places they


Original URL: http://feedproxy.google.com/~r/Techcrunch/~3/4-kAdEAdjnI/

Original article

Amazon’s revamped Alexa app makes it easier to manage your smart home

Amazon’s Alexa app has just been given a major visual overhaul, largely focused on helping users set up and control their smart home. From the app’s new devices tab, users can view all their different Alexa-enabled devices and groups on one screen, as opposed to switching between tabs like before. And the app is much more colorful, too. Instead of a set white icons on a dark background, Alexa’s device groups – like Living Room, Kitchen, Bedroom, etc. – now feature colorful backgrounds, so you can find the one you need with just a glance.
An overhaul of the devices section was needed, not only for aesthetic reasons, but because Alexa owners are stocking their house with more than one smart device.
According to a Nielsen report on smart speaker adoption released earlier this month, 4 out of 10 U.S. smart speaker owners today have more than one device, for example. Smart


Original URL: http://feedproxy.google.com/~r/Techcrunch/~3/QZGxdQCwM9Q/

Original article

Microsoft Whiteboard is available to all on Windows, iOS version coming soon

Microsoft previewed White Board last May, alongside the new Surface Pro, eventually rolling it out in public beta in December. The collaboration app just went live to all Windows users, as part of the deluge of announcements tied to the upcoming Inspire conference.
Whiteboard is kind of digital sibling to Microsoft’s large Surface Hub display. The company describes it as an “infinite canvas,” in a phrase cribbed from comics theorist, Scott McCloud. With the drawing app, users can sketch out notes and images with a finger, keyboard or compatible pen.

The app lets teams collaborate remotely, automatically uploading the final project to the cloud. The company says it’s also added a bunch of new features based on feedback during the beta, including, “text notes, the ability to add and manipulate images, enhancements to shape and table recognition, accessibility improvements, compliance with various global standards, and more.”
In addition to Windows availability, it


Original URL: http://feedproxy.google.com/~r/Techcrunch/~3/1h4WUVO2IsQ/

Original article

Browser maker Opera has filed to go public

Norway-based company Opera Ltd. has filed for an initial public offering in the U.S. According to its F-1 document, the company plans to raise up to $115 million.
In 2017, Opera generated $128.9 million in operating revenue, which led to a net income of $6.1 million.
While many people are already familiar with the web browser Opera, the company itself has had a tumultuous history. Opera shareholders separated the company into two different entities — the browser maker and the adtech operations.
The advertising company is now called Otello. And a consortium of Chinese companies acquired the web browser, the consumer products and the Opera brand. That second part is the one that is going public in the U.S.
Opera currently manages a web browser for desktop computers and a handful of web browsers for mobile phones. On Android, you can download Opera, Opera Mini and Opera Touch. On iOS, you’ll only find Opera Mini.


Original URL: http://feedproxy.google.com/~r/Techcrunch/~3/xCEwFPkOuhI/

Original article

Plex adds support for podcasts, debuts personalized mobile apps

At CES in January, TechCrunch broke the news that media software maker Plex was planning to expand its service with the addition of new media content, starting with podcasts. Today, it’s making good on that promise by launching support for podcasts into beta, along with a whole new look and more customization options for its Plex mobile apps.
While Plex got its start as a software application for organizing people’s home media collections, it’s been expanding over the past couple of years to add new features in support of cord cutters who want to watch TV via their antenna, and record those shows. It also acquired the streaming news startup Watchup in order to add a dedicated news hub within its app.
Earlier this year, the company spoke of its ambitions to continue adding more types of content to its media center software, including audio and video podcasts, followed by digital, web-first and


Original URL: http://feedproxy.google.com/~r/Techcrunch/~3/jQlZ2YS9RHU/

Original article

Amazon’s new ‘Alexa Blueprints’ let anyone create custom Alexa skills and responses

Amazon this morning is introducing “Alexa Blueprints,” a new way for any Alexa owner to create their own customized Alexa skills or responses, without needing to know how to code. The idea is to allow Alexa owners to create their own voice apps, like a trivia game or bedtime stories, or teach Alexa to respond to questions with answers they design – like “Who’s the best mom in the world?,” for example.
You could also create a skill that includes helpful information for the babysitter, which could be triggered by the command, “Alexa, open My Sitter,” Amazon suggests.
“Alexa Skill Blueprints is an entirely new way for you to teach Alexa personalized skills just for you and your family,” explained Steve Rabuchin, Vice President, Amazon Alexa, in a statement about the launch. “You don’t need experience building skills or coding to get started—my family created our own jokes skill in a matter


Original URL: http://feedproxy.google.com/~r/Techcrunch/~3/X0snkfMwz1g/

Original article

Proudly powered by WordPress | Theme: Baskerville 2 by Anders Noren.

Up ↑

%d bloggers like this: