Jeremy Kirk reports: Capital One has been ordered by a federal judge to turn over the results of a digital forensics investigation into its 2019 data breach, which has been sought by plaintiffs in a class-action lawsuit. The report could provide further insight into what went wrong in one of the most significant breaches of…
Category: Commentaries and Analyses
U.S. Accuses Russian Military Hackers of Attack on Email Servers
Julian E. Barnes and David E. Sanger report: The National Security Agency publicly accused Russian government hackers of targeting email servers around the world in an unusual announcement on Thursday, showing that the agency is becoming more aggressive in calling out Moscow’s action as the presidential election approaches. While the Trump administration has publicly attributed…
Bringing VandaTheGod down to Earth: Exposing the person behind a 7-year hacktivism campaign
This site has reported on VandaTheGod more than half a dozen times over the past years. Now Check Point researchers report on how an open tab in a screenshot ultimately enabled them to identify him: Since 2013, many official websites belonging to governments worldwide were hacked and defaced by an attacker who self-identified as ’VandaTheGod.’…
NZ: ASB Securities hit with $80,000 fine for 14-year privacy breach
The New Zealand Herald reports: ASB Securities has been fined $80,000 for a privacy breach which left hundreds of online accounts able to be viewed and traded by users without permission. The New Zealand Markets Disciplinary Tribunal censured the online share trading platform after 576 of its trading accounts were made vulnerable to unauthorised use…
StrandHogg 2.0 flaw allows hackers to hijack almost any Android app
Keumars Afifi-Sabet reports: Google has patched a critical vulnerability, resembling 2019’s infamous StrandHogg flaw, that allows hackers to hijack almost any app on the Android mobile operating system. The flaw, assigned CVE-2020-0096, has been dubbed StrandHogg 2.0 due to the similarities with the original flaw discovered in December. The successor allows for broader attacks and is…
KS: ‘In the hands of cyber criminals’: Man sues WSU over hack of decades-old student data
Amy Renee Leiker reports a follow-up to a breach previously reported on this site: A December data breach that jeopardized the personal information of thousands of current and former Wichita State University students — some of whom attended the school decades ago — is now the subject of a federal lawsuit. Michael Bahnmaier of Wichita…