More on the defense contractor RUAG breach previously noted on this site. Melani has issued a technical report on the breach that may be of interest to some. From the summary: The attackers have been using malware from the Turla family, which has been in the wild for several years. The variant observed in the…
Category: Business Sector
Former Excellon employee’s sentencing delayed in hacking case
Debbie Sklar reports: A sentencing hearing was delayed Monday until Aug. 22 for an Oceanside man who staged repeated attacks on a computer system operated by his former employer, a manufacturer of precision laser and mechanical drilling equipment. Prosecutors are recommending that Conrad Pearson be sentenced to 18 months in federal prison and ordered to pay…
KE: Safaricom calls for police investigation into data leak
Telecompaper reports: Kenyan operator Safaricom wants the police to investigate how confidential financial documents belonging to the firm were leaked. CEO Bob Collymore said the leaked report was in its initial stages, noting that no individuals or organisations benefited inappropriately from the company. After allegations arose of underhand dealings in Safaricom, Collymore commissioned KPMG to…
Eric Donys Simeu extradited from France; Phished GDS companies’ customers for login creds (Updated)
ATLANTA – Eric Donys Simeu, a/k/a Martell Collins, a citizen of Cameroon, has been arraigned on federal charges of conspiracy, wire fraud, computer fraud and access device fraud. Simeu was indicted by a federal grand jury in Atlanta on September 23, 2014. According to U.S. Attorney Horn, the charges, and other information presented in court:…
Standing should not stop data breach suit, civil liberties group says
Worth re-visiting in light of the Supreme Court’s ruling in Spokeo v. Robins: Consumers whose personal information was accessed in a cyberattack should not have to show someone stole their identities or ruined their credit to have standing to sue the hacked company, according to a friend-of-the-court brief filed in a federal appeals court. Washington-based Electronic…
Fur Affinity goes read-only while it strengthens security after recent attacks
First Fur Affinity posted this in their forums: It was brought to our attention last night (May 16) that someone had obtained a copy of Fur Affinity’s source code via the recent “ImageTragick” exploit in the ImageMagick library (a common server-side image processing software). This exploit was patched earlier in this month, but not before a…