Dmitry Bestuzhev of Kaspersky writes: There were some recent comments about Amazon Cloud as a platform for successful attacks on Sony… Well, today I found that Amazon Web services (Cloud) now is being used to spread financial data stealers. The evidence indicates that the criminals behind the attack are from Brazil and they used several…
Category: Breach Incidents
Pointer/reference: Chronology of recent Sony incidents
Great thanks to attrition.org for compiling a detailed chronology of recent Sony security incidents together to help us all.
What impact will the Sony and Infragard hacks have?
Chester Wisniewski writes: In a self-titled hack attack called “F**k FBI Friday” the hacking group known as LulzSec has published details on users and associates of the non-profit organization known as Infragard. Infragard describes itself as a non-profit focused on being an interface between the private sector and individuals with the FBI. LulzSec published 180…
Sony Europe hacked by Lebanese hacker… Again
Chester Wisniewski writes: By my count this is unlucky hack number 13 for Sony. A Lebanese hacker known as Idahc dumped another user database at Sony Europe containing approximately 120 usernames, passwords (plain text), mobile phone numbers, work emails and website addresses. Read more on Naked Security.
How the Epsilon Breach Hurts Consumers
Yesterday, following the Congressional hearing where Sony and Epsilon testified, we had a bit of a lively – if truncated – debate on Twitter about breach notification. Not surprisingly, George V. Hulme raised the issue of breach notice fatigue and how notifications should be confined to situations where there is some real risk. Also not…
Global Financial Aid Services reports a completely avoidable security breach
For those who remember the Peter, Paul, and Mary song, feel free to sing along with me: “When will they ever learn? Oh when will they ever learn?” Global Financial Aid Services of Gulfport, Mississippi recently notified the New Hampshire Attorney General’s Office that a laptop containing unencrypted student names, addresses, and Social Security Numbers…