When everyone started working from home, one of the first predictions was that there would be more breaches related to the use of Remote Desktop Protocol (RDP). RDP is used by vendors or business associates to connect to their clients’ systems. As such, it’s a valuable tool, but left enabled instead of disabled, it provides…
Category: Hack
SitePoint hacked: Hashed, salted passwords pinched from web dev learning site via GitHub tool pwnage
Gareth Corfield reports: SitePoint, an Australian learn-to-code publishing website, has been compromised while promoting the book Hacking for Dummies on its homepage. Reg reader Andy told us: “Got an email from SitePoint this morning saying that they had been hacked and some non-important (to them) stuff like names, email addresses, hashed passwords etc might have been stolen. Coincided with…
Alleged breaches impacting Indians, Malaysians, under investigation
India: Airtel continues to deny that it had a breach affecting more than 2.5 million subscribers’ data, despite reports and seeming evidence to the contrary. According to a statement they issued, the threat actors who call themselves “Red Rabbit Team” have made various claims over the past 15 months. “This group has been in touch…
Oxfam Australia investigates data breach after database sold online
Lawrence Abrams reports: Oxfam Australia is a charity focused on alleviating poverty within the indigenous Australian people and people from Africa, Asia, and the middle east. The charity is part of a confederation of twenty charities worldwide operating under the Oxfam umbrella. Last week, BleepingComputer learned of a threat actor claiming to be selling a database…
Security firm Stormshield discloses data breach, theft of source code
Catalin Cimpanu reports: French cyber-security firm Stormshield, a major provider of security services and network security devices to the French government, said today that a threat actor gained access to one of its customer support portals and stole information on some of its clients. The company is also reporting that attackers managed to steal parts…
Oklahoma Tourism and Recreation Department investigates potential data security incident
Tiffany Bechtel reports: The Oklahoma Tourism and Recreation Department has received notice that an unknown person has been claiming to have stolen data from TravelOK.com and related websites. Officials say once the department was made aware of the claims they immediately contacted the Oklahoma Cyber Command to launch an investigation into the incident. They also took…