Recent Comments

    Blogroll

    Search

    Archive for Security Breeches

    Breach at Hy-Vee Supermarket Chain

    August 23rd, 2019 by

    Breach at Hy-Vee Supermarket Chain Tied to Sale of 5M+ Stolen Credit, Debit Cards

    “On Tuesday of this week, one of the more popular underground stores peddling credit and debit card data stolen from hacked merchants announced a blockbuster new sale: More than 5.3 million new accounts belonging to cardholders from 35 U.S. states. Multiple sources now tell KrebsOnSecurity that the card data came from compromised gas pumps, coffee shops and restaurants operated by Hy-Vee, an Iowa-based company that operates a chain of more than 245 supermarkets throughout the Midwestern United States.”

    Posted in Identity Theft, Newsletters, Security Breeches | No Comments »

    Russian meddling in social media and email accounts used by election officials

    July 26th, 2019 by

    The Unsexy Threat to Election Security

    “Much has been written about the need to further secure our elections, from ensuring the integrity of voting machines to combating fake news. But according to a report quietly issued by a California grand jury this week, more attention needs to be paid to securing social media and email accounts used by election officials at the state and local level.”

    Posted in Malware, Newsletters, Security Breeches | No Comments »

    Some HP machines may have a keylogger installed

    July 22nd, 2019 by

    Some HP machines have a keylogger installed with the Audio Driver, here’s how to disable it

    The keylogger, packaged with the Conexant HD Audio Driver Package in version 1.0.0.46 and earlier, has been discovered by researchers. With this audio driver comes a file, MicTray64.exe (or MicTray.exe for non-64-bit users), which has a Scheduled Task to run each time the user logs-on to their machine. Essentially, each time a key on the keyboard is pressed, it records it. The keystrokes are then stored in a plaintext file – definitely not a secure way of storing every key pressed on a machine.

    The keystroke log is stored at C:\users\public\MicTray.log.

    Posted in Malware, Security Breeches | No Comments »

    Have QuickBooks in the cloud? Not a good situation!!

    July 20th, 2019 by

    QuickBooks Cloud Hosting Firm iNSYNQ Hit in Ransomware Attack

    “Cloud hosting provider iNSYNQ says it is trying to recover from a ransomware attack that shut down its network and has left customers unable to access their accounting data for the past three days. Unfortunately for iNSYNQ, the company appears to be turning a deaf ear to the increasingly anxious cries from its users for more information about the incident.”

    Posted in Malware, Security Breeches | No Comments »

    Cloud Solution Provider PCM is the latest Breech

    June 28th, 2019 by

    Breach at Cloud Solution Provider PCM Inc.

    “A digital intrusion at PCM Inc., a major U.S.-based cloud solution provider, allowed hackers to access email and file sharing systems for some of the company’s clients, KrebsOnSecurity has learned.”

    Posted in Newsletters, Security Breeches | No Comments »

    Quest Diagnostics Clients Exposed

    June 4th, 2019 by

    Billing Details for 11.9M Quest Diagnostics Clients Exposed

    Quest Diagnostics Incorporated, a Fortune 500 diagnostic services provider, says that approximately 12 million of its clients may have been impacted by a data breach reported by one of its billing providers.

    The company reported to the U.S. Securities and Exchange Commission (SEC) that it received a notification from its billing collection provider American Medical Collection Agency (AMCA) that their web payment page was breached.

    Posted in Security Breeches | No Comments »

    Yet Another Massive data breech – this time it’s First American Financial!

    May 25th, 2019 by

    First American Financial Corp. Leaked Hundreds of Millions of Title Insurance Records

    “The Web site for Fortune 500 real estate title insurance giant First American Financial Corp. [NYSE:FAF] leaked hundreds of millions of documents related to mortgage deals going back to 2003, until notified this week by KrebsOnSecurity. The digitized records — including bank account numbers and statements, mortgage and tax records, Social Security numbers, wire transaction receipts, and drivers license images — were available without authentication to anyone with a Web browser.”

    Posted in Security Breeches | No Comments »

    Microsoft reveals hackers accessed some Outlook.com accounts for months

    April 14th, 2019 by

    Microsoft reveals hackers accessed some Outlook.com accounts for months

    “Microsoft has started notifying some Outlook.com users that a hacker was able to access accounts for months earlier this year. The software giant discovered that a support agent’s credentials were compromised for its web mail service, allowing unauthorized access to some accounts between January 1st and March 28th, 2019. Microsoft says the hackers could have viewed account email addresses, folder names, and subject lines of emails, but not the content of emails or attachments.”

    Posted in Identity Theft, Security Breeches | No Comments »

    Yet another breach: Buca di Beppo

    March 30th, 2019 by

    Once more a malware installed on Point of Sale terminals…

    A Month After 2 Million Customer Cards Sold Online, Buca di Beppo Parent Admits Breach

    Posted in Identity Theft, Malware, Security Breeches | No Comments »

    Multi-Factor Bypassed (Office 365 and G Suite)?

    March 16th, 2019 by

    Multi-Factor Auth Bypassed in Office 365 and G Suite IMAP Attacks

    “Massive IMAP-based password-spraying attacks successfully breached Microsoft Office 365 and G Suite accounts, circumventing multi-factor authentication (MFA) according to an analysis by Proofpoint.

    This technique takes advantage of the fact that the legacy authentication IMAP protocol bypasses MFA, allowing malicious actors to perform credential stuffing attacks against assets that would have been otherwise protected.”

    Posted in Security Breeches | No Comments »

    « Previous Entries