Catalin Cimpanu reports: Researchers at cyber-security firm Check Point say they’ve tracked one of the sources of the recent rise in sextortion emails to a good ol’ friend — the Phorpiex spam botnet, also known as Trik. Check Point says that since April, they’ve seen the botnet send out multiple spam campaigns with a “sextortion” lure —…
Category: Of Note
Equifax data breach FAQ: What happened, who was affected, what was the impact?
We spent a good amount of time in the cybersecurity forum today talking about the Equifax breach. Here’s a summary of some of their key failures, reported by Josh Fruhlinger and based on A U.S. General Accounting Office’s report, and an in-depth analysis from Bloomberg Businessweek. Here are just two of the findings, as reported by Fruhlinger:…
ANNOUNCE: Trying to build your resume as an ethical researcher and whitehat? Now there’s some help for you.
I won’t have much time to update news over the next few days while I am in Washington DC for the Privacy and Security Forum, but I just couldn’t wait until I got back to share what I hope is encouraging news for some of you. I know that there are a number of young…
UK: Patient’s private answerphone message became Devon hospital’s voicemail
Okay, this is a bit different as far as breaches go. Anita Merritt reports: A Devon hospital has apologised after a caller’s voicemail, containing personal patient details, became the hospital’s answerphone message for more than seven hours. During that time the caller was inundated with calls from patients giving details about their health problems believing…
DHS cyber unit wants to subpoena ISPs to identify vulnerable systems
Zack Whittaker reports: Homeland Security’s cybersecurity division is pushing to change the law that would allow it to demand information from internet providers that would identify the owners of vulnerable systems, TechCrunch has learned. Sources familiar with the proposal say the Cybersecurity and Infrastructure Security Agency (CISA), founded just less than a year ago, wants the…
Hackers breach Volusion and start collecting card details from thousands of sites
Catalin Cimpanu reports: Hackers have breached the infrastructure of Volusion, a provider of cloud-hosted online stores, and are delivering malicious code that records and steals payment card details entered by users in online forms. More than 6,500 stores are impacted, but the number could be even higher. In a press release published last month, Volusion…