Violet Blue reports that NullCrew teamed up with the Horsemen of Lulz and used the same unpatched vulnerability in Zimbra that it used to hack Comcast to now hack Al Arabiya, the second largest media company in the Middle East. Read more on ZDNet.
Category: Business Sector
Your employee info is in the mail….. somewhere….
So TrustHCS hires Human Resource Advantage (“HR Advantage”) to provide employment resources support. HR Advantage stupidly (yes, I said stupidly) sends unencrypted employee information on a thumb drive via U.S. mail to TrustHCS. The information included names, Social Security numbers, dates of birth, bank account information, postal and email addresses, and any leave of absence…
Bitcoin wallet service Coinbase denies security breach as user names posted online
Tim Hornyak reports: Bitcoin wallet service Coinbase has denied it suffered a security breach, but acknowledged that a list of some of its users has been circulating on the Web. “Despite speculation on a few forums, there has been no data breach of names or emails at Coinbase,” the service said in a blog post….
BBC confirms ‘data protection breach’
BBC reports: The BBC has said it is “urgently investigating” a breach of data protection by a former TV researcher. The researcher, employed by an independent production company, spent four days working on Monday’s Panorama. The show found that Lutfur Rahman, Tower Hamlets’ mayor, had increased funding to some Bengali-run charities. Opponents accused him of…
Hack of Boxee.tv exposes password data, messages for 158,000 users
Dan Goodin reports: Hackers posted names, e-mail addresses, message histories, and partially protected login credentials for more than 158,000 forum users of Boxee.tv, the Web-based television service that was acquired by Samsung last year, researchers said. The breach occurred no later than last week, when a full copy of the purloined forum data became widely available,…
Password bug let me see shoppers’ credit cards in eBay ProStores, claims infosec bod
John Leyden reports: A serious vulnerability that potentially allowed shoplifters to empty eBay ProStores shops and swipe customer credit cards has been fixed – according to the security researcher who says he found the hole. Mark Litchfield, an infosec pro at Securatary, told us he discovered a flaw in eBay-owned ProStores that not only opened the door…