Allen Cone reports: The Lotte Group said Wednesday its website in China was hacked, one day after South Korea’s retail giant signed a deal to sell land for a U.S. missile defense system in South Korea. The website, www.lotte.cn, was inaccessible since Tuesday afternoon because of a virus planted by hackers, a Lotte official said, citing an analysis of…
Category: Business Sector
Spiral Toys sends something to the California Attorney General, but what is it?
This just gets stranger and stranger in terms of how Spiral Toys is responding to the CloudPets leak and hack reported by Troy Hunt. The following is a Spiral Toy notification, sent to the California Attorney General’s Office today, below. All typos are as in the original. Why they sent this thing to the California Attorney General’s…
Aptos malware breach affected 40 online retail stores
Aptos, Inc. provides e-commerce solutions for a number of online e-tailers. In November, 2016, Aptos discovered it had a malware breach from February, 2016 – December, 2016. At law enforcement’s request, they delayed notification to their clients, so we are first finding out about it now as the clients begin to disclose the breach to their customers. So far,…
Data from connected CloudPets teddy bears leaked due to misconfigured database; 820,000 kids’ files exposed
Troy Hunt reports that a misconfigured MongoDB installation resulted in audio files of children’s and parents’ conversations recorded by CloudPets being exposed in a Shodan search. And as we’ve seen many other times, the exposed files were deleted by an attacker, and a purported “ransom” note left in place of the database – a ransom note that was…
Carders capitalize on Cloudflare problems, claim 150 million logins for sale
Steve Ragan reports: A carder forum is advertising a special deal to VIP members. The website claims to possess more than 150 million logins, from a number of services including Netflix and Uber. The source of this data collection are the accounts exposed due to a recent problem on Cloudflare’s infrastructure. But is this on…
Security lapse exposed New York airport’s critical servers for a year
Zack Whittaker reports: A security lapse at a New York international airport left its server backups exposed on the open internet for almost a year, ZDNet has found. The internet-connected storage drive contained several backup images of servers used by Stewart International Airport, but neither the backup drive nor the disk images were password protected, allowing…