From the FBI: A nightmare scenario for many organizations recently became one Atlanta-based tech company’s reality. But the steps the company took before and after their sensitive data was stolen by a hacker in 2018 helped the FBI identify and arrest the culprit. Christian Kight used his computer programming skills to hack into various businesses…
Category: Commentaries and Analyses
Google Alerts catches fake data breach notes pushing malware
Ionut Ilascu reports: Fraudsters recently have started to push fake data breach notifications for big company names to distribute malware and scams. They’re mixing black SEO, Google Sites, and spam pages to direct users to dangerous locations. Google Alerts helps to spread these fake notifications as the service monitors search results for user-defined keywords. Scammers created…
People Are Worth $1,285 on the Dark Web, New Study by Privacy Affairs Finds
A new press release by Privacy Affairs offers an updated estimate about what we are worth on the dark web. The researchers’ Dark Web Price Index indicates: Online banking logins cost an average of $35 Full credit card details including associated data cost $12-20 A full range of documents and account details allowing identity theft can be…
Boffins find that over nine out of ten ‘ethical’ hackers are being a bit naughty when it comes to cloud services
Thomas Claburn reports: Infosec pros and hackers regularly abuse cloud service providers to conduct reconnaissance and attacks, despite efforts by cloud providers to limit such activity. In a recent research paper titled “Cloud as an Attack Platform” [PDF], five boffins from Texas Tech University – Moitrayee Chatterjee, Prerit Datta, Faranak Abri, Akbar Siami-Namin, and Keith…
If you’re despairing at staff sharing admin passwords, look on the bright side. That’s CIA-grade security
Shaun Nichols reports: The CIA was so focused on developing whizzbang exploit code, it left any thought of basic computer security principles on the kitchen counter before dashing off to work each morning. That oversight led to the super-agency inadvertently spilling its hacking tools ultimately into the hands of WikiLeaks, which duly disclosed details of the spies’…
North Korea’s state hackers caught engaging in BEC scams
Catalin Cimpanu reports: At the ESET Virtual World security conference on Tuesday, security researchers from Slovak antivirus maker ESET have disclosed a new operation orchestrated by the Pyongyang regime’s infamous state-sponsored hacker crews. Codenamed “Operation In(ter)ception,” this campaign targeted victims for both cyber-espionage and financial theft. Read more on ZDNet.