Yessi Bello Perez reports: Australian detectives have arrested a 38-year-old man as part of an investigation into an unregistered cryptocurrency exchange. The man, a resident in Cairnlea — a Melbourne suburb — was arrested at home, where police seized “a substantial amount of cash and false identification documents.” Authorities also seized a cryptocurrency ATM from a shopping mall in nearby Braybrook, which according to Google Maps is approximately 8 kilometres away from Cairnlea. Read more…
Large-scale cyberattack hits Labour Party systems
Danny Palmer reports: The Labour Party has been hit with what it describes as a “sophisticated and large-scale cyberattack”. A Labour spokesperson told ZDNet that the cyberattack affected the party website and online campaigning tools and platforms, which were offline for some time yesterday while the IT and digital teams worked to get things back…
Retailer Orvis.com Leaked Hundreds of Internal Passwords on Pastebin
Brian Krebs reports: Orvis, a Vermont-based retailer that specializes in high-end fly fishing equipment and other sporting goods, leaked hundreds of internal passwords on Pastebin.com for several weeks last month, exposing credentials the company used to manage everything from firewalls and routers to administrator accounts and database servers, KrebsOnSecurity has learned. Orvis says the exposure was…
Enhancing the Security of Data Breach Notifications and Settlement Notices
Ryan Amos, Mihir Kshirsagar, Ed Felten, and Arvind Narayanan write: We couldn’t help noticing that the recent Yahoo and Equifax data breach settlement notifications look a lot like phishing emails. The notifications make it hard for users to distinguish real settlement notifications from scams. For example, they direct users to URLs on unfamiliar domains that are not clearly…
Major ASP.NET hosting provider recovering from ransomware attack
Catalin Cimpanu recently reported: SmarterASP.NET, an ASP.NET hosting provider with more than 440,000 customers, was hit yesterday by ransomware. The company is the third major web hosting firm this year that went down because hackers breached their network and encrypted data on customer servers. Read more on ZDNet. In an update yesterday, Duncan Riley reported…
Attempted sextortion leads to call for stricter phone porting rules
Thomas Daigle reports: When Randall Baran-Chong received a notification on his smartphone late one night last week indicating the device was no longer in service, it was the first sign of trouble. […] In the hours that followed, the 33-year-old Toronto businessman says someone locked down his laptop, purchased an Xbox video game gift card…