Krebs on Security

JUNE 21, 2020

Hundreds of thousands of potentially sensitive files from police departments across the United States were leaked online last week. The collection, dubbed “ BlueLeaks ” and made searchable online, stems from a security breach at a Texas web design and hosting company that maintains a number of state law enforcement data-sharing portals. The collection — nearly 270 gigabytes in total — is the latest release from Distributed Denial of Secrets (DDoSecrets), an alternative to

Government 363

Government Accountability Cyber threats Cyber Attacks 363

Troy Hunt

JUNE 1, 2020

The situation in Minneapolis at the moment (and many other places in the US) following George Floyd's death is, I think it's fair to say, extremely volatile. I wouldn't even know where to begin commentary on that, but what I do have a voice on is data breaches which prompted me to tweet this out earlier today: I'm seeing a bunch of tweets along the lines of "Anonymous leaked the email addresses and passwords of the Minneapolis police" with links and screen caps of pastes as "evid

Hacking 364

Hacking Passwords Data breaches Accountability 364

Schneier on Security

JUNE 12, 2020

This is a weird story : Hernandez was able to evade capture for so long because he used Tails, a version of Linux designed for users at high risk of surveillance and which routes all inbound and outbound connections through the open-source Tor network to anonymize it. According to Vice, the FBI had tried to hack into Hernandez's computer but failed, as the approach they used "was not tailored for Tails.

Surveillance 303

Surveillance Accountability Hacking Media 303

Adam Levin

JUNE 8, 2020

Japanese automotive manufacturer Honda is investigating a possible ransomware attack that has caused company-wide network outages. Several news outlets have reported that the company’s servers have been infected with the EKANS ransomware which led to network connectivity issues in Europe and Japan over the weekend. “On Sunday, June 7, Honda experienced a disruption in its computer network that has caused a loss of connectivity, thus impacting our business operations,” said a spokespe

Ransomware 283

Ransomware Manufacturing Malware Data breaches 283

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Tech Republic Security

JUNE 11, 2020

A password alone will not protect sensitive information from hackers--two-factor authentication is also necessary. Here's what security pros and users need to know about two-factor authentication.

Authentication 215

Authentication Passwords 215

Security Affairs

JUNE 26, 2020

A man accused to have developed distributed denial of service (DDoS) botnets based on the Mirai botnet was sentenced to 13 months in federal prison. Kenneth Currin Schuchman, 22, of Vancouver, Washington, was sentenced to 13 months in federal prison because it has developed distributed denial of service (DDoS) botnets based on the source code of Mirai botnet.

DDOS 145

DDOS IoT Advertising Internet 145

Troy Hunt

JUNE 3, 2020

Pwned again. Damn. That's me who's pwned again because my personal data has just turned up in yet another incident from a source I can't attribute. Less than 3 weeks ago I wrote about The Unattributable "db8151dd" Data Breach which, after posting that blog post and a sample of my own data, the community quickly attributed to Covve. My hope is that this blog post helps myself and the 69 million other people in this one work out who collected and then exposed their personal information.

Data breaches 361

Data breaches B2B Marketing Accountability 361

Schneier on Security

JUNE 24, 2020

I fly a lot. Over the past five years, my average speed has been 32 miles an hour. That all changed mid-March. It's been 105 days since I've been on an airplane -- longer than any other time in my adult life -- and I have no future flights scheduled. This is all a prelude to saying that I have been paying a lot of attention to the COVID-related risks of flying.

Risk 362

Risk 362

Threatpost

JUNE 5, 2020

A researcher found that phone numbers tied to WhatsApp accounts are indexed publicly on Google Search creating what he claims is a “privacy issue” for users.

Accountability 142

Accountability Data privacy Mobile 142

Tech Republic Security

JUNE 18, 2020

When factories, notably in China, shuttered during the COVID-19 pandemic, products the US relied on were impacted. Here's how experts see a return to "Made in America" and the incumbent risks.

Manufacturing 210

Manufacturing Risk Cybersecurity 210

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

Security Affairs

JUNE 28, 2020

Asian media firm E27 suffered a security breach and hackers asked for a “donation” to provide information on the flaws they exploited in the attack. Asian media firm E27 has been hacked by a hacking group identifying themselves as “Korean Hackers” and “Team Johnwick”that asked for a “donation” to provide information on the vulnerabilities they have exploited in the attack.

Media 145

Media Hacking Passwords Data breaches 145

Krebs on Security

JUNE 9, 2020

In late May, KrebsOnSecurity alerted numerous officials in Florence, Ala. that their information technology systems had been infiltrated by hackers who specialize in deploying ransomware. Nevertheless, on Friday, June 5, the intruders sprang their attack, deploying ransomware and demanding nearly $300,000 worth of bitcoin. City officials now say they plan to pay the ransom demand, in hopes of keeping the personal data of their citizens off of the Internet.

Ransomware 362

Ransomware System Administration Backups Technology 362

Troy Hunt

JUNE 19, 2020

Today, almost one year after the release of version 5 , I'm happy to release the 6th version of Pwned Passwords. The data set has increased from 555,278,657 known compromised passwords to a grand total of 572,611,621, up 17,332,964? (just over 3%). As with previous releases, I've made the call to push the data now simply because there were enough new records to justify the overhead in doing so.

Passwords 332

Passwords 332

WIRED Threat Level

JUNE 2, 2020

Over several decades, the 1033 program has shipped over $7.4 billion of Defense Department property to more than 8,000 law enforcement agencies.

145

145

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Threatpost

JUNE 29, 2020

Comparitech’s Paul Bischoff found that Amazon’s facial recognition platform misidentified an alarming number of people, and was racially biased.

Data privacy 144

Data privacy 144

Tech Republic Security

JUNE 8, 2020

The CFO of a small company that was the victim of a ransomware attack and reveals why they paid the ransom (in Bitcoin) to gain back control of their systems.

Small Business 218

Small Business Ransomware 218

Security Affairs

JUNE 27, 2020

The France Télévisions group announced yesterday that it was hit by a cyber attack, targeting one of its broadcasting sites. The France Télévisions group announced Friday that it was the victim of a cyber attack that targeted one of its broadcasting sites. According to the group, the attack did not impact its antennae. “One of its dissemination sites has been infected with a computer virus.” reads a statement issued by the Franch group.

Cyber Attacks 145

Cyber Attacks Backups Advertising Media 145

Krebs on Security

JUNE 3, 2020

An exhaustive inquiry published today by a consortium of investigative journalists says a three-part series KrebsOnSecurity published in 2015 on a Romanian ATM skimming gang operating in Mexico’s top tourist destinations disrupted their highly profitable business, which raked in an estimated $1.2 billion and enjoyed the protection of top Mexican authorities.

Banking 355

Banking Advertising Mobile Marketing 355

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Dark Reading

JUNE 26, 2020

Three ways that security teams can improve processes and collaboration, all while creating the common ground needed to sustain them.

140

140

WIRED Threat Level

JUNE 22, 2020

The so-called BlueLeaks collection includes internal memos, financial records, and more from over 200 state, local, and federal agencies.

Hacking 145

Hacking 145

Threatpost

JUNE 4, 2020

Westech International provides maintenance for the Minuteman III nuclear-missile program and runs programs for multiple branches of the military.

Ransomware 138

Ransomware Government Malware Hacking 138

Tech Republic Security

JUNE 23, 2020

Bad actors have flooded the enterprise with coronavirus-related attacks, but professionals working from home have other worries, Unisys Security found.

218

218

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Security Affairs

JUNE 21, 2020

Shlayer Mac malware is back, the Mac threat is now spreading through new black SEO operations. Researchers spotted a new version of the Shlayer Mac malware that is spreading via poisoned Google search results. Researchers at security firm Intego observed the new variant being spread masqueraded as a fake Adobe Flash Player installer (.DMG disk image) and implementing fresh advanced evasion capabilities. “The new malware tricks victims into bypassing Apple’s built-in macOS security protecti

Engineering 145

Engineering Malware Adware Antivirus 145

Krebs on Security

JUNE 18, 2020

An information technology specialist at the Federal Emergency Management Agency (FEMA) was arrested this week on suspicion of hacking into the human resource databases of University of Pittsburgh Medical Center (UPMC) in 2014, stealing personal data on more than 65,000 UPMC employees, and selling the data on the dark web. On June 16, authorities in Michigan arrested 29-year-old Justin Sean Johnson in connection with a 43-count indictment on charges of conspiracy, wire fraud and aggravated identi

Identity Theft 341

Identity Theft Healthcare Hacking Technology 341

Dark Reading

JUNE 18, 2020

The coronavirus pandemic has forced changes for much of the business world, cybersecurity included. What can we expect going forward?

Cybersecurity 131

Cybersecurity 131

WIRED Threat Level

JUNE 9, 2020

Just like with foods that display health information the package, researchers are exploring a tool that details how connected devices manage data.

IoT 135

IoT 135

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

Threatpost

JUNE 4, 2020

The end-to-end encryption feature will not be offered to free users, Zoom's CEO said, in case Zoom needed to comply with federal and local law enforcement.

Encryption 131

Encryption 131

Tech Republic Security

JUNE 3, 2020

Cybersecurity, remote IT troubleshooting and cloud support will be the most sought-after skills for businesses in the months following the COVID-19 pandemic, according to a survey of CIOs and tech executives.

Cybersecurity 198

Cybersecurity 198

Security Affairs

JUNE 25, 2020

Microsoft researchers are warning of attacks against Exchange servers and published guidance on how to defend them. Microsoft’s Defender ATP Research Team released guidance on how to defend against attacks targeting Exchange servers with the use of behavior-based detection. Microsoft researchers analyzed multiple campaigns targeting Exchange servers in early April which showed how the malicious actors deploying web shells them.

Social Engineering 144

Social Engineering Advertising Engineering Authentication 144

Krebs on Security

JUNE 30, 2020

The COVID-19 pandemic has made it harder for banks to trace the source of payment card data stolen from smaller, hacked online merchants. On the plus side, months of quarantine have massively decreased demand for account information that thieves buy and use to create physical counterfeit credit cards. But fraud experts say recent developments suggest both trends are about to change — and likely for the worse.

Retail 333

Retail Banking Hacking Cybercrime 333

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software