Alexander J. Martin reports: Exclusive Terrible infosec practices at Niteworks, the MoD-established business networking organisation, have led to unknown attackers gaining email addresses and passwords of British defence community members. An email seen by The Register, sent to Niteworks’ network members, confessed that “the database holding the login information for the members’ area in the niteworks.net website…
Category: Business Sector
UK: Hacker jailed for eight months after attacking police, council, charity and porn websites
Liverpool Echo reports: A jobless computer hacker was jailed today for eight months after launching a mass cyber attack on The Met Police, Tory Party and British Airways websites – from his bedroom in his parents’ house. Ian Sullivan, 51, flooded the internet servers for police forces, councils, charities and even porn sites as part…
Hacker claims Comcast breach linked to unpatched Zimbra vulnerability noted by NullCrew
There’s a new claim in the Comcast breach first reported by Steve Ragan. Darren Pauli reports that a hacker claiming responsibility for the breach notes that it was NullCrew’s hack and taunting of Comcast in 2014 that set the stage for the theft of hundreds of thousands of users’ information. Well, that and Comcast’s failure to…
FastMail falls over as web service extortionists widen attacks and up their prices
Although the DDoS attack and extortion demand made on ProtonMail was the first to draw a lot of media attention – possibly because ProtonMail paid the demand – Hushmail, Runbox, Zoho, and VFEMail were also hit with DDoS attacks, seemingly by the hackers who call themselves the Armada Collective. Neomailbox was also hit, and now Iain Thompson reports that FastMail was hit, too:…
Massive Hack of 70 Million Prisoner Phone Calls Indicates Violations of Attorney-Client Privilege
Jordan Smith and Micah Lee report: An enormous cache of phone records obtained by The Intercept reveals a major breach of security at Securus Technologies, a leading provider of phone services inside the nation’s prisons and jails. The materials — leaked via SecureDrop by an anonymous hacker who believes that Securus is violating the constitutional rights of inmates — comprise over…
Google, Apple Remove InstaAgent App Due To Password Snooping
Lord Marin writes: Apple (NASDAQ: AAPL) and Google (NASDAQ: GOOGL) have removed InstaAgent, an app for Instagram, because of its malicious behaviour. It was storing and sending the passwords of its users to a third-party server. The app’s advertised function was that it could track who visits an Instagram user’s account. It garnered many downloads…