Action copied and removed web shells that provided backdoor access to servers, but additional steps may be required to patch Exchange Server software and expel hackers from victim networks. HOUSTON – Authorities have executed a court-authorized operation to copy and remove malicious web shells from hundreds of vulnerable computers in the United States. They were…
Category: Of Note
Welcome to DataBreaches.net, Chum1ng0!
Regular readers will have already noticed that many of the recent non-American breach stories have been contributed by @Chum1ng0. I’m thrilled to say that he is now getting even more involved in submitting news items to this site. @Chum1ng0 is from Chile and is passionate about cybersecurity and following the news on cybersecurity. I don’t…
A chat with DarkSide
If you would meet us on the street – you would never realize that we are cyberpests, because we are the same normal people like everyone else. Many have families and children, the only thing that these circumstances in which we found themselves in our country are. We have no hatred and desire to cause…
In Memoriam, Kurt Wimmer
One of the most important contributors to this blog will be laid to rest this morning, and I am absolutely gutted. For more than one decade, Kurt Wimmer was this blog and this blogger’s First Amendment defender and counsel. It was only with Kurt’s pro bono help and that of Jason Criss, and their colleagues…
Cyber Breach Disclosures Still Take More Than a Month
Vincent Ryan reports: After being discovered, cybersecurity breaches are not consistently disclosed promptly, found an Audit Analytics study of public companies released on Friday. On average, publicly held companies took 53 days to disclose a breach incident after discovering it. The 53-day average disclosure timeframe is less than the 10-year average of 67 days, but…
No password required: Mobile carrier exposes data for millions of accounts
Dan Goodin reports: Q Link Wireless, a provider of low-cost mobile phone and data services to 2 million US-based customers, has been making sensitive account data available to anyone who knows a valid phone number on the carrier’s network, an analysis of the company’s account management app shows. Read more on The Register. Opinion: I…