Credit to Author: Jeffrey Esposito| Date: Thu, 25 Oct 2018 14:36:35 +0000
In this edition of the Kaspersky Lab podcast, we discuss a pair of data breaches, a Tor SIM card, a leaky Tea Party AWS server, and more.
Read more
Credit to Author: BrianKrebs| Date: Tue, 02 Oct 2018 23:42:24 +0000
A ridiculous number of companies are exposing some or all of their proprietary and customer data by putting it in the cloud without any kind of authentication needed to read, alter or destroy it. When cybercriminals are the first to discover these missteps, usually the outcome is a demand for money in return for the stolen data. But when these screw-ups are unearthed by security professionals seeking to make a name for themselves, the resulting publicity often can leave the breached organization wishing they’d instead been quietly extorted by anonymous crooks.
Read moreCredit to Author: BrianKrebs| Date: Fri, 28 Sep 2018 19:36:45 +0000
Facebook said today some 90 million of its users may get forcibly logged out of their accounts after the company fixed a rather glaring security vulnerability in its Web site that may have let attackers hijack user profiles. In a short blog post published this afternoon, Facebook said hackers have been exploiting a vulnerability in […]
Read more
Credit to Author: BrianKrebs| Date: Mon, 17 Sep 2018 21:57:39 +0000
Government Payment Service Inc. — a company used by thousands of U.S. state and local governments to accept online payments for everything from traffic citations and licensing fees to bail payments and court-ordered fines — has leaked more than 14 million customer records dating back at least six years, including names, addresses, phone numbers and the last four digits of the payer’s credit card.
Read more
Credit to Author: BrianKrebs| Date: Tue, 04 Sep 2018 17:22:41 +0000
mSpy, the makers of a software-as-a-service product that claims to help more than a million paying customers spy on the mobile devices of their kids and partners, has leaked millions of sensitive records online, including passwords, call logs, text messages, contacts, notes and location data secretly collected from phones running the stealthy spyware. Less than a week ago, security researcher Nitish Shah directed KrebsOnSecurity to an open database on the Web that allowed anyone to query up-to-the-minute mSpy records for both customer transactions at mSpy’s site and for mobile phone data collected by mSpy’s software. The database required no authentication.
Read more
Credit to Author: BrianKrebs| Date: Tue, 28 Aug 2018 13:27:55 +0000
Fiserv, Inc., a major provider of technology services to financial institutions, just fixed a glaring weakness in its Web platform that exposed personal and financial details of countless customers across hundreds of bank Web sites, KrebsOnSecurity has learned.
Read more
Credit to Author: BrianKrebs| Date: Fri, 17 Aug 2018 19:27:10 +0000
On Sunday, Aug. 12, KrebsOnSecurity carried an exclusive: The FBI was warning banks about an imminent “ATM cashout” scheme about to unfold across the globe, thanks to a data breach at an unknown financial institution. On Aug. 14, a bank in India disclosed hackers had broken into its servers, stealing nearly $2 million in fraudulent bank transfers and $11.5 million unauthorized ATM withdrawals from more than two dozen cash machines across multiple countries.
Read more
Credit to Author: BrianKrebs| Date: Mon, 13 Aug 2018 00:28:11 +0000
The Federal Bureau of Investigation (FBI) is warning banks that cybercriminals are preparing to carry out a highly choreographed, global fraud scheme known as an “ATM cash-out,” in which crooks hack a bank or payment card processor and use cloned cards at cash machines around the world to fraudulently withdraw millions of dollars in just a few hours.
Read more