Julia Alexander reports: A security bug that hit Tumblr’s recommended blogs module may have exposed users’ private information, according to an open letter. Information like email addresses, passwords, IP addresses, and self-reported locations may have become exposed due to the bug if individual accounts were hit. It’s unclear if the bug affected individual accounts, according…
Report: Cryptocurrency hackers earned $20M with 51-percent attacks in 2018
David Canellis reports: Powerful attacks on blockchains are increasing. So far this year, hackers have effectively executed a minimum of five separate “51-percent attacks” on cryptocurrency projects, with profits amounting to almost $20 million. This represents a remarkable increase in success, after renowned cybersecurity firm Group-IB recorded no completed 51-percent attacks last year. Group-IB has just released…
Lemoore Navy man convicted of scamming 2,500 credit card numbers
Joshua Yeager reports: A U.S. Navy man will spend three years and six months in prison for his involvement in an identity theft ring that stole more than 2,500 credit card numbers and fraudulently purchased $340,000 in consumer products in 2012. Jarrod Langford, 27, pleaded guilty to conspiracy to commit credit card fraud and aggravated identity theft while he…
Burned malware returns, says Cylance report: Is Hacking Team responsible?
J. M. Porup reports: Burning malware is like Hercules fighting the nine-headed Hydra. For every head he cuts off, two more grow back in its place. That’s the lesson from a new report by Cylance today, and one both enterprise network defenders—and the public at large—should pay attention to. Cyber mercenaries sell malware to oppressive…
A Washington ISP exposed the ‘keys to the kingdom’ after leaving a server unsecured
Zack Whittaker reports: A Washington state internet provider left an unprotected server online without a password, exposing network schematics, passwords and other sensitive files for at least six months. Worse, it took the company a week to shut off the leak, despite several phone calls and emails warning of the exposure. The little-known internet provider,…
This Is What The Morrisons Data Leak Class Action Means For Future Breaches
Kate O’Flaherty reports: UK supermarket Morrisons is facing a massive payout to staff after losing the first data leak class action in the UK. It comes after Andrew Skelton, a senior internal auditor at the retailer’s Bradford headquarters, leaked employee data online in 2014. Last year, a court ruled the firm was liable for his actions….