Recent Comments

    Blogroll

    Search

    Archive for Security Breeches

    3.2 billion unique pairs of cleartext emails and passwords have just been leaked

    February 8th, 2021 by

    Largest compilation of emails and passwords leaked for free on public forum

    “More than 3.2 billion unique pairs of cleartext emails and passwords have just been leaked on a popular hacking forum, aggregating past leaks from Netflix, LinkedIn, Exploit.in, Bitcoin and more. This leak is comparable to the Breach Compilation of 2017, in which 1.4 billion credentials were leaked.

    However, the current breach, known as “Compilation of Many Breaches” (COMB), contains more than double the unique email and password pairs. The data is currently archived and put in an encrypted, password-protected container.”

    Posted in Identity Theft, Security Breeches | No Comments »

    Wind River Security Incident

    February 3rd, 2021 by

    Wind River Security Incident Affects SSNs, Passport Numbers

    “Wind River Systems, which develops embedded system software, on Friday warned of a “security incident” that had exposed personnel records.

    One or more files were downloaded from the company’s network on or around September 29, it said. Affected data included information maintained within the company’s personnel records – including critical data like Social-Security numbers, driver’s license numbers and passport numbers.

    “We have been working with law enforcement and outside experts to investigate a security incident that occurred toward the end of September,” according to the security-incident notice, filed with California’s Attorney General as part of the state’s data-breach notification requirements. “We have no indication that any information in these files has been misused.””

    Posted in Identity Theft, Security Breeches | No Comments »

    SonicWall Breach

    January 28th, 2021 by

    SonicWall Breach Stems from ‘Probable’ Zero-Days

    Posted January 25, 2021:

    “SonicWall is investigating “probable” zero-day flaws in its remote access security products that have been targeted by “highly-sophisticated” attackers. The company says it is investigating the attack and will update customers within 24 hours.”

    Posted in Identity Theft, Malware, Security Breeches | No Comments »

    IObit forums hacked

    January 21st, 2021 by

    IObit forums hacked to spread ransomware to its members

    “Windows utility developer IObit was hacked over the weekend to perform a widespread attack to distribute the strange DeroHE ransomware to its forum members.”

    Posted in Security Breeches | No Comments »

    Attackers can hijack DNS on millions of devices

    January 20th, 2021 by

    DNSpooq bugs let attackers hijack DNS on millions of devices

    “Israel-based security consultancy firm JSOF disclosed today seven Dnsmasq vulnerabilities, collectively known as DNSpooq, that can be exploited to launch DNS cache poisoning, remote code execution, and denial-of-service attacks against millions of affected devices.

    Dnsmasq is a popular and open-source Domain Name System (DNS) forwarding software regularly used that adds DNS caching and Dynamic Host Configuration Protocol (DHCP) server capabilities to Internet-of-Things (IoT) and various other embedded devices.”

    Posted in Malware, Network, Security Breeches | No Comments »

    Security Mailer (2020 #52)

    January 19th, 2021 by

    Security Mailer Volume 20 #52

    • Cisco security advisories
      Linux updates and patches

    Posted in Newsletters, Patches, Security Breeches, Updates | No Comments »

    SolarWinds Security Advisory

    December 15th, 2020 by

    SolarWinds hit by FireEye attack.

    “We have just been made aware our systems experienced a highly sophisticated, manual supply chain attack on SolarWinds® Orion® Platform software builds for versions 2019.4 through 2020.2.1. We have been advised this attack was likely conducted by an outside nation state and intended to be a narrow, extremely targeted, and manually executed incident, as opposed to a broad, system-wide attack.”

    Posted in Malware, Security Breeches | No Comments »

    Did you eat at Dickey’s BBQ? 3 Million card data stolen!

    October 16th, 2020 by

    Breach at Dickey’s BBQ Smokes 3M Cards

    “One of the digital underground’s most popular stores for peddling stolen credit card information began selling a batch of more than three million new card records this week. KrebsOnSecurity has learned the data was stolen in a lengthy data breach at more than 100 Dickey’s Barbeque Restaurant locations around the country.”

    Posted in Identity Theft, Security Breeches | No Comments »

    Security Mailer (2020 #38)

    September 20th, 2020 by

    Security Mailer Volume 20 Number 38

    • Apple Security Updates
    • Cisco security advisories
    • Linux updates and patches
    • Microsoft Security updates revised
    • General Security reviews

    Posted in Newsletters, Patches, Security Breeches, Updates | No Comments »

    ‘Mathway’ app has been hacked – 25 million passwords stolen

    May 29th, 2020 by

    Scam alert: The popular ‘Mathway’ app has been hacked, resulting in 25 million stolen email address and passwords.

    Do you (or someone you know) use the hugely popular ‘Mathway’ app?

    If so, the email address and password you use with that app are now probably being sold on the dark web.

    Mathway is one of the world’s most popular educational apps, and according to ZDnet and other news sources 25 million Mathway users have had their login information stolen by hackers.”

    Posted in Malware, Security Breeches | No Comments »

    « Previous Entries