To a large portion of the general populace, the idea of autonomous vehicles still draws a lot of skepticism and even flak - considering the incident where Uber’s self-driving car killed a pedestrian a few months back in Tempe, Arizona. A widely talked about accident, it raised concerns on the safety of letting machines run their own course on the roads, with people voicing the need to always have a human behind the wheel to stop such untoward accidents.

Unfortunately, there aren’t enough data points on autonomous driving incidents to conclude on the validity of the claims, especially when the statistics of road accident-related deaths and injuries are taking a turn for the worse every year. The National Highway Traffic Safety Administration (NHTSA) estimated that 37,461 people were killed on the road in 2016, which averages out to 102 people per day. Companies working in the autonomous driving realm believe that technology could help alleviate this.

The sentiment seems to have rubbed off on the Arizona government, which has mostly been welcoming of companies looking to test their autonomous cars. Waymo, an Alphabet-owned self-driving startup has been running fully autonomous tests in Phoenix, Arizona since March, and has successfully stayed away from gaffes over the course of these tests. Last week, the company announced its plans on tying up with Valley Metro, the Phoenix region’s public transportation authority to drive people to bus stops and train and light-rail stations.

Of all the autonomous driving companies out there, Waymo is by far the most sophisticated of the lot, as it has a lot more self-driving miles than its competition and also defines a clear-cut strategy to take the technology to the masses. The curve to autonomy has been arduous, but rewarding - Waymo took more than six years to reach its milestone of driving 1 million miles in 2015, but has racked up 7 million more since then.

Waymo has a four-pronged strategy for approaching the self-driving market - ride-hailing, trucking, personal vehicles, and public transportation - with attention given to each of the verticals. Waymo has inked deals to transform 62,000 hybrid Pacifica minivans and 20,000 electric I-Pace SUVs into self-driving vehicles over the next few years and then add them to its growing fleet. Similarly, it also runs its self-driving fleet of Peterbilt Class 8 semi trucks across Alphabet facilities in Atlanta, albeit with backup drivers in them - a situation which might soon change.

Ground zero at Phoenix, Waymo’s cars would be shuttling Valley Metro’s staff to and from public transportation stops nearby. Waymo believes that the ‘first-and-last mile’ transit facilities would be in sync with the already available public transportation, making the transition seamless for the public.

The unit-economics of self-driving cars are also a revelation. On average, a ride-hailing service costs around $2 per mile which could be reduced to around 70 cents per mile, as self-driving fleets would negate the need to sustain human drivers. Over time, with improvements in route optimization, intelligent fleet management, and reducing human observers in the backend, the costs could reduce further.

However, all this envisioning of self-driving fleets replacing human-driven cars is idealistic at best. Case in point, the reasoning behind autonomous driving companies showing a concerted interest in testing their vehicles on the roads of Arizona. Though it could be interpreted as the state of Arizona’s resolve to bringing in cutting-edge technology to its streets, the environmental and demographic conditions at play in the state cannot be ignored.

Arizona, with its sunny climate, idyllic roads, and a grid-shaped housing topology provides a near utopian-level of cushioning to testing, when considering the fact that self-driving cars need to be trained in radically different and robust environments to attain the goal of full autonomy. Regardless of this, autonomous vehicles would still be a reality in certain locations around the U.S., and if Waymo’s ingenuity sustains over time, we still might end up sighting self-driving cars around us sooner than we thought.

Another day, another significant data breach!

Reddit social media network today announced that it suffered a security breach in June that exposed some of its users' data, including their current email addresses and an old 2007 database backup containing usernames and hashed passwords.

According to Reddit, the unknown hacker(s) managed to gain read-only access to some of its systems that contained its users' backup data, source code, internal logs, and other files.

In a post published to the platform Wednesday, Reddit Chief Technology Officer Christopher Slowe admitted that the hack was a serious one, but assured its users that the hackers did not gain access to Reddit systems.

"[The attackers] were not able to alter Reddit information, and we have taken steps since the event to further lock down and rotate all production secrets and API keys, and to enhance our logging and monitoring systems."

According to Slowe, the most significant data contained in the backup was account credentials (usernames and their corresponding salted and hashed passwords), email addresses and all content including private messages.
 

Attacker Bypassed SMS-based Two-Factor Authentication

Reddit learned about the data breach on June 19 and said that the attacker compromised a few of the Reddit employees' accounts with its cloud and source code hosting providers between June 14 and June 18.

The hack was accomplished by intercepting SMS messages that were meant to reach Reddit employees with one-time passcodes, eventually circumventing the two-factor authentication (2FA) Reddit had in place attacks.

The security breach should be a wake-up call to those who still rely on SMS-based authentication and believes it is secure. It's time for you to move on from this method and switch to other non-SMS-based two-factor authentication.

Reddit is also encouraging users to move to token-based two-factor authentication, which involves your mobile phone generating a unique one-time passcode over an app.

Reddit said that users can follow a few steps mentioned on the breach announcement page to check if their accounts were involved.

Moreover, Reddit will reset passwords for users who may have had their login credentials stolen in the breach, and also directly notify all affected users with tips on how they can protect themselves.

Using stolen passwords to get a victim's attention, a new sexploitation scam threatens victims with exposing them "doing nasty things." In an emailed threat, the hacker claims to have downloaded malware on the victim's computer that enabled the scammer to take over the victim's webcam.

The scammer also claims to have pilfered email and social media contacts and to have a recording of the victim, filmed from the victim's own webcam, watching porn. Demanding a ransom in bitcoin, the scammer says if the victim doesn't send $1,000 to $2,000 within 24 hours, the crook will share compromising images of the victim with all of the victim's contacts.

"I think $1,400 is a fair price for our little secret," the con artist's email says.

In reality, the crook doesn't have your contacts or access to your webcam, according to Brian Krebs, who operates a top technology security site. However, the scammer does have a password that the victim once used -- or may still use -- with one or more websites.

The email reads as follows:

“I’m aware that <substitute password formerly used by recipient here> is your password,” reads the salutation.

You don’t know me and you’re thinking why you received this e mail, right?

Well, I actually placed a malware on the porn website and guess what, you visited this web site to have fun (you know what I mean). While you were watching the video, your web browser acted as a RDP (Remote Desktop) and a keylogger which provided me access to your display screen and webcam. Right after that, my software gathered all your contacts from your Messenger, Facebook account, and email account.

What exactly did I do?

I made a split-screen video. First part recorded the video you were viewing (you’ve got a fine taste haha), and next part recorded your webcam (Yep! It’s you doing nasty things!).

What should you do?

Well, I believe, $1400 is a fair price for our little secret. You’ll make the payment via Bitcoin to the below address (if you don’t know this, search “how to buy bitcoin” in Google).

BTC Address: 1Dvd7Wb72JBTbAcfTrxSJCZZuf4tsT8V72
(It is cAsE sensitive, so copy and paste it)

Important:

You have 24 hours in order to make the payment. (I have an unique pixel within this email message, and right now I know that you have read this email). If I don’t get the payment, I will send your video to all of your contacts including relatives, coworkers, and so forth. Nonetheless, if I do get paid, I will erase the video immidiately. If you want evidence, reply with “Yes!” and I will send your video recording to your 5 friends. This is a non-negotiable offer, so don’t waste my time and yours by replying to this email.

Sending bitcoin if you get this email is, of course, a bad idea. However, if you received one, changing your passwords is wise. In fact, it might be smart to change passwords for all important accounts even if you don't get targeted.

Why? A series of massive data breaches have exposed password information on hundreds of millions of consumers. These passwords are now floating around the dark web, available to purchase for scammers like this one, as well as those with even more nefarious intent.

Consumers who want to find out whether their passwords have been compromised can go to security website Have I Been Pwned, which has collected data on the email addresses and passwords that were involved in data breaches. Frequently, consumers will find that their email has been subject to many breaches, which means that multiple passwords may be at risk.

There was a time when child identity theft was thought of as a family problem, and it’s true that many cases over the years have been perpetrated by a custodial or non-custodial parent, a close relative, or even a family friend. Once the individual gained access to the child’s sensitive documents, they could open numerous lines of credit with the child’s “untarnished” credit record. In many cases, the identity thief may have been trying to get out of a dire financial situation, and fully intended to pay off any debt incurred in the child’s name; at the same time, some unscrupulous thieves didn’t care what consequences waited for the child down the road.

Too often, the children didn’t even know they’d been victimized until they reached adulthood and tried to use their legitimate credit.

In more recent years, though, hackers and identity thieves have begun targeting kids in order to take advantage of clean credit that no one will be monitoring for years to come. Schools, doctor’s offices, daycare centers, even school lunch computers have suffered data breaches intent on nabbing kids’ personal identifiable information.

According to Javelin Strategy and Research’s 2018 Child Identity Fraud Study, there were more than one million reported cases of child identity theft in the US last year, with the majority of those cases victimizing children under the age of eight. Another 20 percent of the victims were between the ages of eight and twelve.

Unfortunately, those are just the cases that were reported, which means the actual number of victims may be much higher.

But this new avenue of data breaches leading to identity theft doesn’t mean that parents can let their guards down about friends or relatives. The same Javelin study found that in 60 percent of the cases last year, the child knew their identity thief; that’s very different from the data point that says only 7 percent of adult victims know their identity thief.

One of the increasingly common methods of using children’s stolen credentials is to grab a Social Security number and combine it with a fake name, address, phone number, and more. Known as “synthetic identity theft,” the thief isn’t using the child’s complete identity, but rather has created a whole new person with this information. That makes it a little harder for victims and law enforcement to notice the problem in the first place or take action after the fact.

Concerned parents or guardians have a few steps they can take, though. If the child in question is over 14, they can request a credit report in the same way that any consumer does. Visiting annualcreditreport.com will provide the minor in question with a free credit report, and allow them to look it over for signs of suspicious activity. If the child is under the age of 14, the steps are a little harder. The adult must prove they have a right to access and see the information, but it’s a worthwhile step if there’s reason to believe a child’s identity may have been compromised.

Social media has become an inevitable part of our lives. Networks such as Facebook and Instagram have billions of users, many of whom share personal information. This leaves hackers, burglars and identity thieves with limitless opportunities to cause harm.

During summer season, many people are taking time off, traveling and posting digital updates more than usual, making it more important than ever to pay attention to online security and privacy.

Here are some practical tips on how to stay safer and more secure on social media while enjoying the summer fun.

Pay Attention to Privacy Settings

Each social media platform has privacy settings that you can customize to your comfort level.

On most platforms you decide who can view your posts, friend lists and the pages you follow or like. You can also limit friend requests and prevent people from seeing your email address and other personal information. To get the most out of these privacy features, we recommend reviewing your settings regularly.

Don’t Reveal Everything

Have you ever posted a photo of your home or shared your address on social media? How many times have you told the internet that you are out of town or abroad? As benign as it may seem, such practices could put you in harm’s way.

A lot of burglars scout social profiles to find out whether someone is home. If thieves know you are away, it allows them more time to break in and steal. Save the vacation pictures and updates for when you return!

Choose Friends Carefully

An average social media user is glad to see new friend requests. After all, you want to feel acknowledged and appreciated by your peers. But popularity isn’t everything. A best practice is to only accept friend requests from people you know or have met in real life.

Criminals are known to create fake accounts and befriend thousands of users in order to gain access to their personal information. If a name doesn’t ring a bell, check out the profile to learn more details. If it seems strange or you don’t know them, we strongly suggest you reject their request to be friends.

Links May Lead to Malware

When in doubt, throw it out: Links in emails, social media posts and online advertising are often how cybercriminals try to steal your personal information. Even if you know the source, if something looks suspicious, delete or ignore it.

Strengthen Passwords

We saved the best for last. Most hackers use gigantic databases to break passwords; a weak password  will increase the odds of your account being accessed. A strong password is a sentence that is at least 12 characters long. Focus on positive sentences or phrases that you like to think about and are easy to remember (for example, “I love country music.”). On many sites, you can even use spaces!

Millions of people post personal information online without even realizing it, allowing burglars and digital thieves to exploit their private data. If you want to avoid this problem and use social networks safely, keep these five tips in mind.