Dan Goodin reports: Security researchers have unearthed a sprawling list of login credentials that allows anyone on the Internet to take over home routers and more than 1,700 “Internet of things” devices and make them part of a destructive botnet. The list of telnet-accessible devices, currently posted at this Pastebin address, was first posted in…
Category: Of Note
Uber Settles With FTC Over Allegedly Deceptive Privacy And Data Security Practices
As I reported earlier this month on PogoWasRight.org, Uber settled privacy and data security charges levied by the Federal Trade Commission. Laura Jehl of BakerHostetler recaps the controversy: Uber, the ride-hailing giant, agreed this week to implement a comprehensive privacy program and to undergo 20 years of privacy and data security audits in order to…
Hackers claim to have leaked Game of Thrones season finale details
The newest email from “Mr. Smith” began: Hi, This is 6th Wave of HBO Leak, contains final episode of “Game of Thrones” season 7 and contracts of GOT actors… Spread Well… Attached to the email was a link to a data dump plus files with what appeared to be a 127-page file dated April 26,…
FBI charges Chinese national with distributing malware used in OPM hack
Stephanie Condon reports: The FBI has filed charges against a Chinese malware broker named Yu Pingan, alleging that he provided hackers with malware, including the Sakula trojan, to breach multiple computer networks belonging to companies in the US. The FBI alleges that Yu, also known as “GoldSun,” conspired with two unnamed hackers from around April…
Hacking dominated health data breaches in July – Protenus
Protenus has released its July Breach Barometer, with data supplied by DataBreaches.net. Here’s a snippet from their report: July is the first month in 2017 to have hacking incidents outweigh insider breaches to patient data in both frequency and number of affected patient records. While hacking accounted for almost half of total breach incidents this…
Is The Hutchins Indictment Over Malware Unconstitutional?
Alex Berengaut of Covington & Burling analyzes some of the legal issues raised by the indictment of Marcus Hutchins (@malwaretechblog) for allegedly creating and conspiring to sell malware known as the Kronos banking trojan. He writes, in part: Since Hutchins’ indictment, commentators have questioned whether the creation and selling of malware—without actually using the malware—violates…