Catalin Cimpanu reports: A hacker who made a fortune by breaking into people’s accounts and posting spam on their behalf is now warning users against password reuse. Kyle Milliken, a 29-year-old Arkansas man, was released last week from a federal work camp. He served 17 months for hacking into the servers of several companies and…
Category: Commentaries and Analyses
British Airways ‘tries to limit £3billion payout over data breach that hit more than 500,000 customers by asking victims to claim within 17 weeks’
Mark Duell reports: British Airways was today accused of trying to limit a potential £3billion payout over the data breach that saw cyber-hackers steal more than 500,000 customers’ details. The airline has applied to launch its own class action for victims of the hack – but with the condition that claimants must join within just…
Phishing attacks on Mac users doubling; here’s what to watch for
Ben Lovejoy reports: Phishing attacks reaching macOS users look set to more than double this year, with emails specifically claiming to be from Apple growing at 30%-40% per year. […] Kaspersky says that its figures reflect only attacks on Macs running its own security software — many of which are in corporate environments — suggesting…
Operation reWired: Worldwide Sweep Targets Business Email Compromise
The FBI and federal partners today announced scores of arrests in the United States and overseas in a coordinated law enforcement sweep targeting perpetrators of an insidious scam that tricks businesses and individuals into wiring money to criminals. Operation reWired, a months-long, multi-agency effort to disrupt and dismantle international business email compromise (BEC) schemes, resulted…
Scraping A Public Website Doesn’t Violate the CFAA, Ninth Circuit (Mostly) Holds
Orin Kerr writes: The Ninth Circuit Court of Appeals has handed down a groundbreaking decision today on the federal computer hacking law, the Computer Fraud and Abuse Act (CFAA). In HiQ Labs v. LinkedIn, the court held that scraping a public website is likely not a CFAA violation. Under the new decision, violating the CFAA…
Secret Service Investigates Breach at U.S. Govt IT Contractor
Brian Krebs reports: The U.S. Secret Service is investigating a breach at a Virginia-based government technology contractor that saw access to several of its systems put up for sale in the cybercrime underground, KrebsOnSecurity has learned. The contractor claims the access being auctioned off was to old test systems that do not have direct connections…