Cyrus Farivar reports: Uber’s top security official testified at Capitol Hill on Tuesday, saying that Uber had “no justification” for not coming clean sooner when it had been hit by a massive data breach in 2016. In written testimony, John Flynn, Uber’s chief information security officer, told a Senate committee that “it was wrong not…
Category: Of Note
Pittsburg employees notified after their W-2 data stolen in phishing scheme
CORRECTION: I picked this up incorrectly as Pittsburgh in PA. A kind reader pointed out my error. This was Pittsburg in Kansas! Corrected Post: The City of Pittsburg hasn’t disclosed how many former and current employees had their W-2 data stolen in a phishing scam on January 30, but I’m betting it’s more than a…
Man sues T-Mobile for allegedly failing to stop hackers from draining his cryptocurrency account
Shannon Liao reports: A man sued T-Mobile on Sunday, claiming that the company’s lack of security allowed hackers to enter his wireless account last fall and steal cryptocoins worth thousands of dollars. Carlos Tapang of Washington state accuses T-Mobile of having “improperly allowed wrongdoers to access” his wireless account on November 7th last year. The…
NSA exploits leaked by hackers tweaked to work on all versions of Windows since 2000
Mark Wycislik-Wilson writes: A trio of NSA exploits leaked by hacking group TheShadowBrokers has been ported to work on all versions of Windows since Windows 2000. The EternalChampion, EternalRomance and EternalSynergy exploits were made public by the group last year, and now a security researcher has tweaked the source code so they will run on…
Trump’s CFPB Chief Pulls Back on Equifax Data Breach Probe: Report
Patrick Rucker reports: Mick Mulvaney, head of the Consumer Financial Protection Bureau, has pulled back from a full-scale probe of how Equifax Inc. failed to protect the personal data of millions of consumers, according to people familiar with the matter. Equifax (EFX.N) said in September that hackers stole personal data it had collected on some…
Data stealing hacking tool “Luminosity Link” taken out of use: National Crime Agency
A cyber hacking tool that allowed criminals to take full control of victims’ machines is no longer available after an operation co-ordinated by the National Crime Agency. The Luminosity Link RAT (a Remote Access Trojan) enabled hackers to connect to a victim’s machine undetected. They could then disable anti-virus and anti-malware software, carry out commands…