Catalin Cimpanu reports: Cyber-security and DDoS mitigation firm Imperva disclosed today a security incident that impacts customers of its cloud web application firewall (WAF), formerly known as Incapsula. “On August 20, 2019, we learned from a third party of a data exposure that impacts a subset of customers of our Cloud WAF product who had…
Category: Business Sector
Hostinger Data Breach Affects Almost 14 Million Customers
Ionut Ilascu reports: Hosting provider Hostinger today announced that it reset the login passwords of 14 million of its customers following a recent security breach that enabled unauthorized access to a client database. The incident occurred on August 23 and a third party was able to access usernames, hashed passwords, emails, first names, and IP…
Valve patches recent Steam zero-days, calls turning away researcher ‘a mistake’
Catalin Cimpanu reports: Gaming giant Valve has called turning away a security researcher who reported a vulnerability in the company’s Steam gaming client “a mistake.” A Valve representative told ZDNet in an email today that the company has shipped fixes for the Steam client, updated its bug bounty program rules, and is reviewing the researcher’s…
UK hacker known as “Courvoisier” who attacked Uber and Sainsbury’s hands over £1m in Bitcoin
The Irish News reports: A British hacker who led cyber attacks on massive companies including Uber, Asda and Sainsbury’s has had a Bitcoin stash worth £1 million confiscated. Grant West, 27, who operated on the dark web under the nickname Courvoisier – the name of a popular French cognac – attacked more than 100 companies…
Intel, Google, Microsoft, and others launch Confidential Computing Consortium for data security
Khari Johnson reports: Major tech companies including Alibaba, Arm, Baidu, IBM, Intel, Google Cloud, Microsoft, and Red Hat today announced intent to form the Confidential Computing Consortium to improve security for data in use. Established by the Linux Foundation, the organization plans to bring together hardware vendors, developers, open source experts, and others to promote…
Breach at Hy-Vee Supermarket Chain Tied to Sale of 5M+ Stolen Credit, Debit Cards
Brian Krebs reports: On Tuesday of this week, one of the more popular underground stores peddling credit and debit card data stolen from hacked merchants announced a blockbuster new sale: More than 5.3 million new accounts belonging to cardholders from 35 U.S. states. Multiple sources now tell KrebsOnSecurity that the card data came from compromised…