Alleviating ransomware’s legal headaches with Jake Bernstein: Lock and Code S02E08

Credit to Author: Malwarebytes Labs| Date: Mon, 10 May 2021 14:15:58 +0000

This week on Lock and Code, we speak to cybersecurity and privacy attorney Jake Bernstein about ransomware attacks that can cause legal peril.

Categories: Podcast

Tags:

(Read more…)

The post Alleviating ransomware’s legal headaches with Jake Bernstein: Lock and Code S02E08 appeared first on Malwarebytes Labs.

Read more

ParkMobile Breach Exposes License Plate Data, Mobile Numbers of 21M Users

Credit to Author: BrianKrebs| Date: Mon, 12 Apr 2021 22:18:59 +0000

Someone is selling account information for 21 million customers of ParkMobile, a mobile parking app that’s popular in North America. The stolen data includes customer email addresses, phone numbers, license plate numbers, hashed passwords and mailing addresses.

Read more

Are You One of the 533M People Who Got Facebooked?

Credit to Author: BrianKrebs| Date: Tue, 06 Apr 2021 18:55:53 +0000

Ne’er-do-wells leaked personal data — including phone numbers — for some 553 million Facebook users this week. Facebook says the data was collected before 2020 when it changed things to prevent such information from being scraped from profiles. To my mind, this just reinforces the need to remove mobile phone numbers from all of your online accounts wherever feasible. Meanwhile, if you’re a Facebook product user and want to learn if your data was leaked, there are easy ways to find out.

Read more

Ubiquiti All But Confirms Breach Response Iniquity

Credit to Author: BrianKrebs| Date: Sun, 04 Apr 2021 19:22:03 +0000

For four days this past week, Internet-of-Things giant Ubiquiti failed to respond to requests for comment on a whistleblower’s allegations that the company had massively downplayed a “catastrophic” two-month breach ending in January to save its stock price, and that Ubiquiti’s insinuation that a third-party was to blame was a fabrication. I was happy to add their eventual public response to the top of Tuesday’s story on the whistleblower’s claims, but their statement deserves a post of its own because it actually confirms and reinforces those claims.

Read more

Whistleblower: Ubiquiti Breach “Catastrophic”

Credit to Author: BrianKrebs| Date: Tue, 30 Mar 2021 18:00:49 +0000

On Jan. 11, Ubiquiti Inc. [NYSE:UI] — a major vendor of cloud-enabled Internet of Things (IoT) devices such as routers, network video recorders and security cameras — disclosed that a breach involving a third-party cloud provider had exposed customer account credentials. Now a source who participated in the incident response to that breach alleges Ubiquiti massively downplayed a “catastrophic” incident to minimize the hit to its stock price, and that the third-party cloud provider claim was a fabrication.

Read more

Phish Leads to Breach at Calif. State Controller

Credit to Author: BrianKrebs| Date: Tue, 23 Mar 2021 18:01:13 +0000

A phishing attack last week gave attackers access to email and files at the California State Controller’s Office (SCO), an agency responsible for handling more than $100 billion in public funds each year. The phishers had access for more than 24 hours, and sources tell KrebsOnSecurity the intruders used that time to steal Social Security numbers and sensitive files on thousands of state workers, and to send targeted phishing messages to at least 9,000 other workers and their contacts.

Read more

Ubiquiti: Change Your Password, Enable 2FA

Credit to Author: BrianKrebs| Date: Mon, 11 Jan 2021 21:33:26 +0000

Ubiquiti, a major vendor of cloud-enabled Internet of Things (IoT) devices such as routers, network video recorders, security cameras and access control systems, is urging customers to change their passwords and enable multi-factor authentication. The company says an incident at a third-party cloud provider may have exposed customer account information and credentials used to remotely manage Ubiquiti gear.

Read more

Sealed U.S. Court Records Exposed in SolarWinds Breach

Credit to Author: BrianKrebs| Date: Thu, 07 Jan 2021 23:48:25 +0000

The ongoing breach affecting thousands of organizations that relied on backdoored products by network software firm SolarWinds may have jeopardized the privacy of countless sealed court documents on file with the U.S. federal court system, according to a memo released Wednesday by the Administrative Office (AO) of the U.S. Courts.

Read more