Graeme Burton reports: Researchers at security consultancy RiskIQ claim that British Airways was breached by the same group, dubbed Magecart, that compromised Ticketmaster earlier this year. And Magecart is now so prolific that RiskIQ claims to be getting hourly alerts of new websites compromised by Magecart’s malicious JavaScript code. For British Airways, though, the group customised…
Category: Business Sector
Click2Gov Payment System Security Breach
A reader kindly alerted me to the fact that the city of Tyler had reported a breach. When I looked into it, I see that it’s yet one more report on Click2Gov by Superion. This has been a known problem since last year, so why haven’t municipal governments updated and patched? RiskBasedSecurity had a more…
British Airways Investigating Customer Data Breach: IAG
Reuters reports: International Airlines Group said on Thursday that its subsidiary British Airways was investigating a customer data breach on the British Airways website and mobile application. The breach compromised personal and financial details of customers making bookings on the website and app between Aug. 21 and Sept. 5 this year, IAG said. Read more…
Crypto Exchange Kraken Denies Rumor of Office Closure, Security Breach
Wolfie Zhao reports: U.S.-based cryptocurrency exchange Kraken has denied a rumor that has emerged on social media claiming the firm is shutting down operations at one of its service centers amid a security issue. Reddit user “throwaway34034324” posted a thread on Thursday claiming that the exchange is closing operations in Halifax, Canada, and has “just laid off…
North Korean Spy to Be Charged in Sony Pictures Hacking
David E. Sanger, Katie Benner and Adam Goldman report: The Justice Department plans to charge a North Korean spy in the hacking of Sony Pictures Entertainment in 2014, according to three government officials familiar with the indictment. The attack wiped out 70 percent of Sony Pictures’ computer capability and was done in retaliation for the…
If an extension goes rogue, everything you do in your browser is compromised
Graham Cluley writes: One popular service which has its own Chrome browser extension is Mega.nz – the cloud-based file-sharing service founded by the shadowy larger-than-life figure of Kim Dotcom (he severed all ties with Mega three years ago.) This week, as ZDNet reports, the official Chrome browser extension for Mega.nz was compromised with a malicious…