Skip to main content

Thursday Threat Report: Microsoft's epic password fail, a new facial recognition app threatens privacy, and Google+ gets hacked

Welcome to ITProPortal's Thursday Threat Report, where we round up the three greatest security threats facing Internet users, smooth-running enterprise, and occasionally even the survival of the world as we know it. Hold onto your hats - things are about to get scary.

Microsoft's password fail

After days of pressure, Microsoft has admitted that an attack on its Twitter accounts and one official blog also compromised some of its internal emails.

The attack was carried out by the pro-Assad Syrian Electronic Army (SEA), who have made headlines over the past year with hacks of several high profile sites.

The SEA posted several screen captures of emails purporting to be from Steve Clayton, the man in charge of the Twitter accounts and blog. While at first it wasn't clear whether the emails were genuine, Microsoft have now confirmed that they are.

The culprit, as in so many attacks, seems to be weak password choices.

"A Microsoft employee wanted to make his password more stronger, so he changed it from 'Microsoft2' to 'Microsoft3' #happened," the SEA scoffed in a recent tweet.

Although if it's any comfort to Microsoft, the SEA itself became the victim of a cyber attack earlier today, as Turkish hackers TurkGuvenligi defaced their official website.

Is that you?

If you've got your photo up on any websites that you might find embarrassing, now is the time to take it down.

That's because a new facial recognition app called Name Tag has been labelled a "serious threat" by privacy groups for its potential to divulge people's information against their will.

The US-based app is able to match photos taken of a subject to social media and dating profiles online, allowing users to find out information about strangers they see in person.

It will soon be available for Android, iOS and unofficially on Google Glass, with the creators claiming the app will make life easier for people looking for a date.

Google Minus

The official Google+ pages of guest houses and hotels from around the world have had details "hijacked" by an unknown third party, leading to their official websites redirecting to an external web address.

The web addresses listed were altered to point to a third-party booking services, RoomsToBook.Info and RoomsToBook.Net. The comprehensive and sprawling hack has led to accusations of an "inside job" at Google.

RoomsToBook.Info and RoomsToBook.Net have refused to comment when contacted by journalists.