Graham Cluley reports: …as Brian Krebs reports, recent claims from identity theft protection firms that Dropbox has suffered a massive password breach appear to be erroneous. Troy Hunt – who knows a thing or two about verifying and responsibly disclosing data breaches – also chimed in, decrying that some had jumped to the conclusion that a serious…
Category: Commentaries and Analyses
Fed records show dozens of cybersecurity breaches
Jason Lange and Dustin Volz reports: The U.S. Federal Reserve detected more than 50 cyber breaches between 2011 and 2015, with several incidents described internally as “espionage,” according to Fed records. The central bank’s staff suspected hackers or spies in many of the incidents, the records show. The Fed’s computer systems play a critical role…
Extortion E-mail Schemes Tied to Recent High-Profile Data Breaches
A public service announcement from the FBI (Alert Number I-060116-PSA): The Internet Crime Complaint Center (IC3) continues to receive reports from individuals who have received extortion attempts via e-mail related to recent high-profile data thefts. The recipients are told that personal information, such as their name, phone number, address, credit card information, and other personal details,…
FBI raid on dental IT technician is already chilling disclosures
Over on the Daily Dot this morning, I have a follow-up to my earlier report on an FBI raid on Justin Shafer. There was a lot of anger towards the FBI and Patterson Dental in response to the raid, and I pulled together some of my favorite comments or responses from around the Internet. But more importantly,…
LinkedIn’s disturbing breach notice
Computerworld editor Evan Schuman has an opinion piece that begins: Late last Wednesday (May 25), LinkedIn casually sent a note to its customers that opened with one of the least-calming phrases possible: “You may have heard reports recently about a security issue involving LinkedIn.” It continued to say, in effect, “Let us now distort and…
CERT warns of hardcoded creds in medical app
Darren Pauli reports: The US computer emergency response team has issued a warning after admin credentials were found in a popular medical application used for acquiring patient data. The MEDHOST application is designed for handling the perioperative three stages of surgery including patient tracking, and patient conditions. It can be hosted and managed remotely. About 1,000 healthcare…