A Deep Dive on the Recent Widespread DNS Hijacking Attacks

Credit to Author: BrianKrebs| Date: Mon, 18 Feb 2019 13:51:01 +0000

The U.S. government — along with a number of leading security companies — recently warned about a series of highly complex and widespread attacks that allowed suspected Iranian hackers to siphon huge volumes of email passwords and other sensitive data from multiple governments and private companies. But to date, the specifics of exactly how that attack went down and who was hit have remained shrouded in secrecy. This post seeks to document the extent of those attacks, and traces the origins of this overwhelmingly successful cyber espionage campaign back to a cascading series of breaches at key Internet infrastructure providers.

Read more

Email Provider VFEmail Suffers ‘Catastrophic’ Hack

Credit to Author: BrianKrebs| Date: Tue, 12 Feb 2019 13:33:31 +0000

Email provider VFEmail has suffered what the company is calling “catastrophic destruction” at the hands of an as-yet unknown intruder who trashed all of the company’s primary and backup data in the United States. The firm’s founder says he now fears some 18 years’ worth of customer email may be gone forever.

Read more

Cloud Hosting Provider DataResolution.net Battling Christmas Eve Ransomware Attack

Credit to Author: BrianKrebs| Date: Wed, 02 Jan 2019 18:32:37 +0000

Cloud hosting provider Dataresolution.net is struggling to bring its systems back online after suffering a ransomware infestation on Christmas Eve, KrebsOnSecurity has learned. The company says its systems were hit by the Ryuk ransomware, the same malware strain that crippled printing and delivery operations for multiple major U.S. newspapers over the weekend.

Read more

2018: The year of the data breach tsunami

Credit to Author: Logan Strain| Date: Fri, 28 Dec 2018 16:00:00 +0000

To get a sense of the grim state of data security today, take a look at this infographic from TruthFinder that explains why 2018 was the year of the data breach tsunami.

Categories:

Tags:

(Read more…)

The post 2018: The year of the data breach tsunami appeared first on Malwarebytes Labs.

Read more

What the Marriott Breach Says About Security

Credit to Author: BrianKrebs| Date: Sat, 01 Dec 2018 21:16:13 +0000

We don’t yet know the root cause(s) that forced Marriott this week to disclose a four-year-long breach involving the personal and financial information of 500 million guests of its Starwood hotel properties. But anytime we see such a colossal intrusion go undetected for so long, the ultimate cause is usually a failure to adopt the most important principle in cybersecurity defense that applies to both corporations and consumers: Assume you are compromised.

Read more

USPS Site Exposed Data on 60 Million Users

Credit to Author: BrianKrebs| Date: Wed, 21 Nov 2018 17:10:18 +0000

U.S. Postal Service just fixed a security weakness that allowed anyone who has an account at usps.com to view account details for some 60 million other users, and in some cases to modify account details on their behalf. KrebsOnSecurity was contacted last week by a researcher who discovered the problem, but who asked to remain anonymous. The researcher said he informed the USPS about his finding more than a year ago yet never received a response. After confirming his findings, this author contacted the USPS, which promptly addressed the issue.

Read more

Compromising vital infrastructure: air traffic control

Credit to Author: Pieter Arntz| Date: Thu, 15 Nov 2018 20:12:06 +0000

The aviation industry and air traffic (control) are vital elements of our infrastructure. While flying is reportedly safe, how does that landscape look cybersecurity-wise?

Categories:

Tags:

(Read more…)

The post Compromising vital infrastructure: air traffic control appeared first on Malwarebytes Labs.

Read more

Equifax Has Chosen Experian. Wait, What?

Credit to Author: BrianKrebs| Date: Thu, 01 Nov 2018 16:47:13 +0000

A year after offering free credit monitoring to all Americans on account of its massive data breach that exposed the personal information of nearly 148 million people, Equifax now says it has chosen to extend the offer by turning to a credit monitoring service offered by a top competitor — Experian. And to do that, it will soon be sharing with Experian contact information that affected consumers gave to Equifax in order to sign up for the service. 

Read more