Archive for the ‘Security Breach’ Category

U.S. Cyber Firm FireEye Says It Was Breached by Nation-State Hackers

The cybersecurity company said the attack compromised its software tools used to test the defenses of its thousands of customers. “I’ve concluded we are witnessing an attack by a nation with top-tier offensive capabilities,” Kevin Mandia, the chief executive at FireEye and a former Air Force officer, said in a blog post published Tuesday. “The […]

Leave a Comment

Hacker opens 2,732 PickPoint package lockers across Moscow

PickPoint says this is the world’s first targeted cyberattack against a post-gateway network. The attack, which took place on Friday afternoon, December 4, targeted the network of PickPoint, a local delivery service that maintains a network of more than 8,000 package lockers across Moscow and Saint Petersburg. Russians can order products online and choose to […]

Leave a Comment

List of data breaches and cyber attacks in November 2020 – 587 million records breached

We recorded 103 data breaches and cyber attacks in November, which accounted for 586,771,602 leaked records. ITG recorded 103 cyber security incidents in November, which accounted for 586,771,602 leaked records. The majority of those came from a credential-stuffing attack targeting Spotify and a data leak at the messaging app GO SMS Pro, which you can […]

Leave a Comment

Confirmed: Barnes & Noble hacked, systems taken offline for days, miscreants may have swiped personal info

Nook, line and sinker: Servers restored from backups, punters unable to download purchased e-books Source: Confirmed: Barnes & Noble hacked, systems taken offline for days, miscreants may have swiped personal info

Leave a Comment

Hackers use legit tool to take over Docker, Kubernetes platforms

In a recent attack, cybercrime group TeamTNT relied on a legitimate tool to avoid deploying malicious code on compromised cloud infrastructure and still have a good grip on it. Source: Hackers use legit tool to take over Docker, Kubernetes platforms Misusing tool of the trade Analyzing the attack, researchers at Intezer discovered that TeamTNT installed […]

Leave a Comment

Hacker leaks passwords for 900+ Pulse Secure VPN enterprise servers

ZDNet reported in exclusive that a list of passwords for 900+ enterprise VPN servers has been shared on a Russian-speaking hacker forum. Source: Hacker leaks passwords for 900+ Pulse Secure VPN enterprise servers

Leave a Comment

A hacker is selling details of 142 million MGM hotel guests on the dark web

EXCLUSIVE: The MGM Resorts 2019 data breach is much larger than initially reported. Source: A hacker is selling details of 142 million MGM hotel guests on the dark web | ZDNet According to the ad, the hacker is selling the details of 142,479,937 MGM hotel guests for a price just over $2,900. The hacker claims […]

Leave a Comment

Dating Apps Exposed 845 GB of Explicit Photos, Chats, and More

3somes, Gay Daddy Bear, and Herpes Dating are among the nine services that leaked the data of hundreds of thousands of users. Researchers find a developer running multiple dating services left 845GB of explicit photos, chats, and more exposed in AWS buckets Source: Dating Apps Exposed 845 GB of Explicit Photos, Chats, and More Download […]

Leave a Comment

Hacker extorts online shops, sells databases if ransom not paid

More than two dozen SQL databases stolen from online shops in various countries are being offered for sale on a public website. In total, the seller provides over 1.5 million rows of records but the damage is likely much larger. Source: Hacker extorts online shops, sells databases if ransom not paid More than two dozen […]

Leave a Comment

Critical Bug in Infusion System Allows Changing Drug Dose in Medical Pumps

Researchers discovered two vulnerabilities in Alaris Gateway Workstations that are used to deliver fluid medication. One of them is critical and an attacker could leverage it to take full control of the medical devices connecting to it. Source: Critical Bug in Infusion System Allows Changing Drug Dose in Medical Pumps Healthcare privacy and security Enter […]

Leave a Comment

From phish to network compromise in two hours: How Carbanak operates

Cybercriminal group Carbanak has stolen hundreds of millions of dollars from financial institutions. Here’s a detailed analysis by Bitdefender of an attack on one bank. Source: From phish to network compromise in two hours: How Carbanak operates

Leave a Comment

Flipboard says hackers stole user details | ZDNet

Extent of the hack is unknown, but Flipboard said hackers had access to its systems for almost nine months. Source: Flipboard says hackers stole user details | ZDNet Flipboard confirms database hack, resets all user passwords InfoSec Breaches  Subscribe in a reader

Leave a Comment

Maker of US border’s license-plate scanning tech ransacked by hacker, blueprints and files dumped online

Perceptics confirms intrusion and theft, stays quiet on details Source: Maker of US border’s license-plate scanning tech ransacked by hacker, blueprints and files dumped online Car Security Security Breach   Digital License Plates: Convenience or Privacy Risk?  Subscribe in a reader

Leave a Comment

Millions of Instagram influencers had their private contact data scraped and exposed

Millions of Instagram influencers had their private contact data scraped and exposed A massive database containing contact information of millions of Instagram influencers, celebrities and brand accounts has been found online. The database, hosted by Amazon Web Services, was left exposed and without a password allowing anyone to look inside. At the time of writing, […]

Leave a Comment

Hackers exploit Jenkins flaw CVE-2018-1000861 to Kerberods malware

Hackers exploit Jenkins flaw CVE-2018-1000861 to Kerberods malware Threat actors are exploiting a Jenkins vulnerability (CVE-2018-1000861) disclosed in 2018 to deliver a cryptocurrency miner using the Kerberods dropper Follow the numbers in blue to understand each step. Threat actors are exploiting a Jenkins vulnerability (CVE-2018-1000861) disclosed in 2018 to deliver a cryptocurrency miner using the […]

Comments (1)

Unsecured SkyMed Database Exposed PII Data Of 137K Individuals

Unsecured SkyMed Database Exposed PII Data Of 137K Individuals Reportedly, the unsecured SkyMed database exposed huge records having medical and personal information of US citizens online. Source: Unsecured SkyMed Database Exposed PII Data Of 137K Individuals ISO/IEC 27018:2014, 1st Edition: Information technology – Security techniques – Code of practice for protection of personally identifiable information […]

Leave a Comment

The biggest ever data dump just hit a colossal 2.2 billion accounts

Data Security Thought Collection #1 was big? Collection #2-5 just dwarfed it Source: The biggest ever data dump just hit a colossal 2.2 billion accounts

Leave a Comment

Attackers used a LinkedIn job ad and Skype call to breach bank’s defences

#InfoSecBreaches A Chilean Senator has taken to Twitter with alarming news – the company running the country’s ATM network suffered a serious cyberattack. Source: Attackers used a LinkedIn job ad and Skype call to breach bank’s defences

Leave a Comment

Did you win at online casinos? Your data might have had exposed online

Data belonging to online casinos found exposed online on unprotected Elastic search instance, it includes info on 108 million bets and user details Source: Did you win at online casinos? Your data might have had exposed online More on Data Security

Leave a Comment

Equifax fined by ICO over data breach that hit Britons

Credit rating agency Equifax is to be fined £500,000 by the Information Commissioner’s Office (ICO) after it failed to protect the personal data of 15 million Britons. A 2017 cyber-attack exposed information belonging to 146 million people around the world, mostly in the US. The compromised systems were also US-based. But the ICO ruled Equifax’s […]

Leave a Comment