Archiving this, which was posted on Pastebin on June 3 by YDKLIJNSMA (Yonathan Klijnsma, 0x3a) Dear users, Just one month ago, in one instant, all what I’ve studied for months fused in one brilliant idea, which was then named Tox. I knew it was something new, something that was completely different from what was already there. I started designing…
Category: Of Note
OPM notifying 4 million current and former federal employees of hack
Oh my. From the U.S. Office of Personnel Management, 4 million federal employees may have had their information compromised. But it’s not just OPM that was hacked. It appears that China may have successfully hacked not just OPM, but the Interior Department, and possibly every federal agency. Here’s the press release from OPM: The…
CT Governor Malloy Expected To Sign Data-Breach Bill Requiring One Year Of Identity-Theft Protection
Matthew Sturdevant reports: In the wake of several major data breaches in recent years at The Home Depot, Target and Anthem, Connecticut’s legislature has passed a bill that would provide greater consumer protections. One of the key provisions is at least one-year of identity-theft protection for any customer that is a victim of a data…
Ca: Ontario Securities Commission lays criminal charges in patient records privacy breach at two Toronto hospitals
Diana Mehta reports: Criminal charges have been laid after thousands of confidential records were allegedly stolen from two Toronto hospitals and used to market registered education savings plans to new mothers. The alleged incidents involved the Rouge Valley Health System and the Scarborough Hospital and were investigated by Ontario’s financial regulator, which oversees the sale…
56 MEEELLION credentials exposed by apps say infosec boffins
Darren Pauli reports: Researchers from the University of Darmstadt say app developers have exposed 56 million credentials by borking login processes using services from Google, Amazon, and Facebook. The research team tested 750,000 Android and iOS applications, examining the way they used the federated identity services to make authentication smooth across different devices. The team…
Locker ransomware author dumps database of private keys, apologizes
Wow. Seen on Pastebin last night: Hi, I am the author of the Locker ransomware and I’m very sorry about that has happened. It was never my intention to release this. I uploaded the database to mega.co.nz containing “bitcoin address, public key, private key” as CSV. This is a dump of the complete database and…