João Silva writes: NordVPN, one of the most well-known VPN provider, had confirmed a security breach in early 2018. At fault, there’s the data centre provider from Finland, where the server was hosted. The data centre provider used an insecure remote management system that NordVPN was “unaware” of. Although NordVPN seems to be playing down the occurrence,…
Category: Business Sector
Major German manufacturer still down a week after getting hit by ransomware
Catalin Cimpanu reports: Pilz, one of the world’s largest producers of automation tools, has been down for more than a week after suffering a ransomware infection. “Since Sunday, October 13, 2019, all servers and PC workstations, including the company’s communication, have been affected worldwide,” the Germany-based company wrote on its website. Read more on ZDNet.
UK: Warning issued in Home Group data threat
Gareth Cavanagh reports: Customers’ private details have potentially been compromised after a housing group suffered a data leak. Home Group, which has properties across the county, contacted some customers to warn them that their data was affected. Read more on Time and Star.
Hackers Breach Avast Antivirus Network Through Insecure VPN Profile
Ionut Ilascu reports: Hackers accessed the internal network of Czech cybersecurity company Avast, likely aiming for a supply chain attack targeting CCleaner. Detected on September 25, intrusion attempts started since May 14. Following an investigation, the antivirus maker determined that the attacker was able to gain access using compromised credentials via a temporary VPN account….
Leaky Autoclerk database exposes info on travelers, including military and gov’t personnel
Teri Robinson reports: A leak at Autoclerk, a reservations management system recently acquired by the Western Hotel & Resorts Group, exposed personal and travel information on hotel guests, including members of the U.S. government, military and Department of Homeland Security. […] Even after contacting the United States Computer Emergency Readiness Team (CERT) on Sept. 13…
Equifax used ‘admin’ as username and password for sensitive data: lawsuit
Ethan Wolff-Mann reports: Equifax used the word “admin” as both password and username for a portal that contained sensitive information, according to a class action lawsuit filed in federal court in the Northern District of Georgia. The lawsuit, filed in January, went viral on Twitter Friday after Buzzfeed reporter Jane Lytvynenko came across the detail. Read more…