Andrew Fraser reports: A huge trove of data, containing the personal information of millions of South Africans, including property ownership, employment history, income and company directorships, has been discovered by information security researcher Troy Hunt. Hunt, the founder of HaveIbeenPwned.com, said the breach contains data of more than 30m unique South African ID numbers. The…
Category: Of Note
South Korean Gov’t Investigating Bithumb Security Breach, World’s Largest Cryptocurrency Exchange
Joseph Young reports: Local news publications and leading media outlets in South Korea have reported that Bithumb, the world’s largest cryptocurrency exchange by trading volume, suffered a security breach that affected 30,000 users on the trading platform. Seoul Central Prosecutor’s Office for Advanced Criminal Investigation has announced that it had taken over the case and…
New attack works against all WPA2 WiFi networks: Android & Linux most vulnerable, but iOS and macOS too
Discovered by Mathy Vanhoef of imec-DistriNet, KU Leuven We discovered serious weaknesses in WPA2, a protocol that secures all modern protected Wi-Fi networks. An attacker within range of a victim can exploit these weaknesses using key reinstallation attacks (KRACKs). Concretely, attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted. This can…
Ransomware On The Rise: Dark Web Market Demand Up 2,500%
AJ Dellinger reports: The demand for ransomware attacks on dark web skyrocketed in the last year, with the marketplace showing a growth of more than 2,500 percent, according to a new report. United States-based cybersecurity company Carbon Black published a study titled “the Ransomware Economy” earlier this week that shows ransomware attacks are becoming increasingly…
U.S. Education Dept. responds to TheDarkOverlord attacks with new cyber advisory
It’s gratifying when advocacy efforts have an impact. Last week, this blogger spent a good amount of time talking with Kathleen Styles, Chief Privacy Officer of the U.S. Education Department. We discussed the TheDarkOverlord attacks on the education sector and I had urged the Department to try to warn schools how to better protect themselves. I…
Cybercriminals hijacked a government server to send sophisticated malware to U.S. companies
Chris Bing reports: A Eastern European hacking group hijacked U.S. state government servers to dispense malware through phishing emails that were designed to appear like they had come from the Securities and Exchange Commission, according to research by Cisco’s Talos team and an analysis by other cybersecurity experts familiar with the activity. The technical findings connect…