How Not to Acknowledge a Data Breach

Credit to Author: BrianKrebs| Date: Wed, 17 Apr 2019 17:56:58 +0000

I’m not a huge fan of stories about stories, or those that explore the ins and outs of reporting a breach. But occasionally it seems necessary to publish such accounts when companies respond to a breach report in such a way that it’s crystal clear that they wouldn’t know what to do with a breach if it bit them in the nose, let alone festered unmolested in some dark corner of their operations.

Read more

Experts: Breach at IT Outsourcing Giant Wipro

Credit to Author: BrianKrebs| Date: Mon, 15 Apr 2019 21:19:55 +0000

Indian information technology (IT) outsourcing and consulting giant Wipro [NYSE:WIT] is investigating reports from multiple security experts that Wipro’s systems have been hacked and are being used to launch attacks against the company’s customers, multiple sources tell KrebsOnSecurity. The company has refused to respond to questions about the alleged incident.

Read more

A Month After 2 Million Customer Cards Sold Online, Buca di Beppo Parent Admits Breach

Credit to Author: BrianKrebs| Date: Fri, 29 Mar 2019 19:22:40 +0000

On Feb. 21, 2019, KrebsOnSecurity contacted Italian restaurant chain Buca di Beppo after discovering strong evidence that two million credit and debit card numbers belonging to the company’s customers were being sold in the cybercrime underground. Today, Buca’s parent firm announced it had remediated a 10-month breach of its payment systems at dozens of restaurants, including some locations of its other brands such as Earl of Sandwich and Planet Hollywood.

Read more

Ad Network Sizmek Probes Account Breach

Credit to Author: BrianKrebs| Date: Wed, 13 Mar 2019 20:56:39 +0000

Online advertising firm Sizmek Inc. [NASDAQ: SZMK] says it is investigating a security incident in which a hacker was reselling access to a user account with the ability to modify ads and analytics for a number of big-name advertisers. In a recent posting to a Russian-language cybercrime forum, an individual who’s been known to sell access to hacked online accounts kicked off an auction for “the admin panel of a big American ad platform.” “You can add new users to the ad system, edit existing ones and ad offers,” the seller wrote. The starting bid was $800.

Read more

Hackers Sell Access to Bait-and-Switch Empire

Credit to Author: BrianKrebs| Date: Mon, 04 Mar 2019 22:11:33 +0000

Cybercriminals are auctioning off access to customer information stolen from an online data broker behind a dizzying array of bait-and-switch Web sites that sell access to a vast range of data on U.S. consumers, including DMV and arrest records, genealogy reports, phone number lookups and people searches. In an ironic twist, the marketing empire that owns the hacked online properties appears to be run by a Canadian man who’s been sued for fraud by the U.S. Federal Trade Commission, Microsoft and Oprah Winfrey, to name a few.

Read more

Payroll Provider Gives Extortionists a Payday

Credit to Author: BrianKrebs| Date: Sun, 24 Feb 2019 00:16:06 +0000

Payroll software provider Apex Human Capital Management suffered a ransomware attack this week that severed payroll management services for hundreds of the company’s customers for nearly three days. Faced with the threat of an extended outage, Apex chose to pay the ransom demand and begin the process of restoring service to customers.

Read more

A Deep Dive on the Recent Widespread DNS Hijacking Attacks

Credit to Author: BrianKrebs| Date: Mon, 18 Feb 2019 13:51:01 +0000

The U.S. government — along with a number of leading security companies — recently warned about a series of highly complex and widespread attacks that allowed suspected Iranian hackers to siphon huge volumes of email passwords and other sensitive data from multiple governments and private companies. But to date, the specifics of exactly how that attack went down and who was hit have remained shrouded in secrecy. This post seeks to document the extent of those attacks, and traces the origins of this overwhelmingly successful cyber espionage campaign back to a cascading series of breaches at key Internet infrastructure providers.

Read more

Email Provider VFEmail Suffers ‘Catastrophic’ Hack

Credit to Author: BrianKrebs| Date: Tue, 12 Feb 2019 13:33:31 +0000

Email provider VFEmail has suffered what the company is calling “catastrophic destruction” at the hands of an as-yet unknown intruder who trashed all of the company’s primary and backup data in the United States. The firm’s founder says he now fears some 18 years’ worth of customer email may be gone forever.

Read more

Cloud Hosting Provider DataResolution.net Battling Christmas Eve Ransomware Attack

Credit to Author: BrianKrebs| Date: Wed, 02 Jan 2019 18:32:37 +0000

Cloud hosting provider Dataresolution.net is struggling to bring its systems back online after suffering a ransomware infestation on Christmas Eve, KrebsOnSecurity has learned. The company says its systems were hit by the Ryuk ransomware, the same malware strain that crippled printing and delivery operations for multiple major U.S. newspapers over the weekend.

Read more

2018: The year of the data breach tsunami

Credit to Author: Logan Strain| Date: Fri, 28 Dec 2018 16:00:00 +0000

To get a sense of the grim state of data security today, take a look at this infographic from TruthFinder that explains why 2018 was the year of the data breach tsunami.

Categories:

Tags:

(Read more…)

The post 2018: The year of the data breach tsunami appeared first on Malwarebytes Labs.

Read more