RSS Reader for Computer Security Articles
Credit to Author: BrianKrebs| Date: Tue, 05 Jun 2018 19:50:12 +0000
MyHeritage, an Israeli-based genealogy and DNA testing company, disclosed today that a security researcher found on the Internet a file containing the email addresses and hashed passwords of more than 92 million of its users.
Read More
Credit to Author: BrianKrebs| Date: Thu, 17 May 2018 18:29:18 +0000
LocationSmart, a U.S. based company that acts as an aggregator of real-time data about the precise location of mobile phone devices, has been leaking this information to anyone via a buggy component of its Web site — without the need for any password or other form of authentication or authorization — KrebsOnSecurity has learned. The company took the vulnerable service offline early this afternoon after being contacted by KrebsOnSecurity, which verified that it could be used to reveal the location of any AT&T, Sprint, T-Mobile or Verizon phone in the United States to an accuracy of within a few hundred yards.
Read More
Credit to Author: BrianKrebs| Date: Wed, 02 May 2018 19:26:47 +0000
Storing passwords in plaintext online is never a good idea, but it’s remarkable how many companies have employees who are doing just that using online collaboration tools like Trello.com. Last week, KrebsOnSecurity notified a host of companies that employees were using Trello to share passwords for sensitive internal resources. Among those put at risk by such activity included an insurance firm, a state government agency and ride-hailing service Uber.com.
Read More
Credit to Author: BrianKrebs| Date: Mon, 23 Apr 2018 21:18:33 +0000
MEDantex, a Kansas-based company that provides medical transcription services for hospitals, clinics and private physicians, took down its customer Web portal last week after being notified by KrebsOnSecurity that it was leaking sensitive patient medical records — apparently for thousands of physicians.
Read More
Credit to Author: BrianKrebs| Date: Mon, 02 Apr 2018 21:37:51 +0000
Panerabread.com, the Web site for the American chain of bakery-cafe fast casual restaurants by the same name, leaked millions of customer records — including names, email and physical addresses, birthdays and the last four digits of the customer’s credit card number — for at least eight months before it was yanked offline earlier today, KrebsOnSecurity has learned. The data available in plain text from Panera’s site appeared to include records for any customer who has signed up for an account to order food online via panerabread.com. The St. Louis-based company, which has more than 2,100 retail locations in the United States and Canada, allows customers to order food online for pickup in stores or for delivery.
Read MoreCredit to Author: Logan Strain| Date: Thu, 29 Mar 2018 16:00:00 +0000
 | |
| By now it’s obvious that data security technology hasn’t kept pace with the needs of consumers. In 2017 alone, we learned about massive data breaches from major organizations like Equifax, Uber, and Verizon. In other words: We’re in the midst of a data breach epidemic. Categories: Tags: data breachdata breachesdata breaches of 2017Equifaxprivacy |
The post The data breach epidemic: no info is safe appeared first on Malwarebytes Labs.
Read More
Credit to Author: BrianKrebs| Date: Thu, 28 Dec 2017 15:36:55 +0000
Dec. 18 marked the fourth anniversary of this site breaking the news about a breach at Target involving some 40 million customer credit and debit cards. It has been fascinating in the years since that epic intrusion to see how organized cyber thieves have shifted from targeting big box retailers to hacking a broad swath of small to mid-sized merchants that accept credit cards.
Read MoreCredit to Author: Malwarebytes Labs| Date: Thu, 21 Dec 2017 16:00:00 +0000
 | |
| This year saw a handful of spectacularly bad security fails that resulted in massive sets of compromised data. Here are the most colossal data breaches of 2017. Categories: Tags: data breachesdata breaches of 2017EdmodoEquifaxUberVerizon |
The post The seven most colossal data breaches of 2017 appeared first on Malwarebytes Labs.
Read More