Recent Comments



    Archive for Security Breeches

    Comodo: Security “giant” was breeched……twice!

    October 5th, 2019 by

    Cybersecurity giant Comodo can’t even keep its own website secure

    “According to the disclosure, Comodo said the hackers stole usernames, names and email addresses, as well as the user’s last IP address used to access the forum. Some social media handles were also stolen in the breach.

    Comodo said it has about 245,000 registered forum users.

    It’s not the most damaging breach on record, but it’s a bruising security lapse for a company that claims to be half-decent at this stuff.

    This is Comodo’s second security snafu this year following another breach involving an exposed password, which allowed a security researcher access to the company’s intranet — and access to internal files and documents.”

    Posted in Security Breeches | No Comments »

    DoorDash: Latest Breech Victim

    September 27th, 2019 by

    DoorDash confirms data breach affected 4.9 million customers, workers and merchants

    The food delivery company said in a blog post Thursday that 4.9 million customers, delivery workers and merchants had their information stolen by hackers.

    The breach happened on May 4, the company said, but added that customers who joined after April 5, 2018 are not affected by the breach.


    Posted in Security Breeches | No Comments »

    Breech at Imperva Disclosed

    August 28th, 2019 by

    Cybersecurity Firm Imperva Discloses Breach

    Imperva, a leading provider of Internet firewall services that help Web sites block malicious cyberattacks, alerted customers on Tuesday that a recent data breach exposed email addresses, scrambled passwords, API keys and SSL certificates for a subset of its firewall users.

    Redwood Shores, Calif.-based Imperva sells technology and services designed to detect and block various types of malicious Web traffic, from denial-of-service attacks to digital probes aimed at undermining the security of Web-based software applications.”

    Posted in Security Breeches | No Comments »

    Breach at Hy-Vee Supermarket Chain

    August 23rd, 2019 by

    Breach at Hy-Vee Supermarket Chain Tied to Sale of 5M+ Stolen Credit, Debit Cards

    “On Tuesday of this week, one of the more popular underground stores peddling credit and debit card data stolen from hacked merchants announced a blockbuster new sale: More than 5.3 million new accounts belonging to cardholders from 35 U.S. states. Multiple sources now tell KrebsOnSecurity that the card data came from compromised gas pumps, coffee shops and restaurants operated by Hy-Vee, an Iowa-based company that operates a chain of more than 245 supermarkets throughout the Midwestern United States.”

    Posted in Identity Theft, Newsletters, Security Breeches | No Comments »

    Russian meddling in social media and email accounts used by election officials

    July 26th, 2019 by

    The Unsexy Threat to Election Security

    “Much has been written about the need to further secure our elections, from ensuring the integrity of voting machines to combating fake news. But according to a report quietly issued by a California grand jury this week, more attention needs to be paid to securing social media and email accounts used by election officials at the state and local level.”

    Posted in Malware, Newsletters, Security Breeches | No Comments »

    Some HP machines may have a keylogger installed

    July 22nd, 2019 by

    Some HP machines have a keylogger installed with the Audio Driver, here’s how to disable it

    The keylogger, packaged with the Conexant HD Audio Driver Package in version and earlier, has been discovered by researchers. With this audio driver comes a file, MicTray64.exe (or MicTray.exe for non-64-bit users), which has a Scheduled Task to run each time the user logs-on to their machine. Essentially, each time a key on the keyboard is pressed, it records it. The keystrokes are then stored in a plaintext file – definitely not a secure way of storing every key pressed on a machine.

    The keystroke log is stored at C:\users\public\MicTray.log.

    Posted in Malware, Security Breeches | No Comments »

    Have QuickBooks in the cloud? Not a good situation!!

    July 20th, 2019 by

    QuickBooks Cloud Hosting Firm iNSYNQ Hit in Ransomware Attack

    “Cloud hosting provider iNSYNQ says it is trying to recover from a ransomware attack that shut down its network and has left customers unable to access their accounting data for the past three days. Unfortunately for iNSYNQ, the company appears to be turning a deaf ear to the increasingly anxious cries from its users for more information about the incident.”

    Posted in Malware, Security Breeches | No Comments »

    Cloud Solution Provider PCM is the latest Breech

    June 28th, 2019 by

    Breach at Cloud Solution Provider PCM Inc.

    “A digital intrusion at PCM Inc., a major U.S.-based cloud solution provider, allowed hackers to access email and file sharing systems for some of the company’s clients, KrebsOnSecurity has learned.”

    Posted in Newsletters, Security Breeches | No Comments »

    Quest Diagnostics Clients Exposed

    June 4th, 2019 by

    Billing Details for 11.9M Quest Diagnostics Clients Exposed

    Quest Diagnostics Incorporated, a Fortune 500 diagnostic services provider, says that approximately 12 million of its clients may have been impacted by a data breach reported by one of its billing providers.

    The company reported to the U.S. Securities and Exchange Commission (SEC) that it received a notification from its billing collection provider American Medical Collection Agency (AMCA) that their web payment page was breached.

    Posted in Security Breeches | No Comments »

    Yet Another Massive data breech – this time it’s First American Financial!

    May 25th, 2019 by

    First American Financial Corp. Leaked Hundreds of Millions of Title Insurance Records

    “The Web site for Fortune 500 real estate title insurance giant First American Financial Corp. [NYSE:FAF] leaked hundreds of millions of documents related to mortgage deals going back to 2003, until notified this week by KrebsOnSecurity. The digitized records — including bank account numbers and statements, mortgage and tax records, Social Security numbers, wire transaction receipts, and drivers license images — were available without authentication to anyone with a Web browser.”

    Posted in Security Breeches | No Comments »

    « Previous Entries Next Entries »