Tom Hays And Jake Pearson report: A prolific foreign hacker behind cyberattacks that netted an estimated $55 million is facing sentencing by a U.S. judge in a conviction considered an unusual win for law enforcement officials who have identified hundreds of others like him but failed to put them in handcuffs. Ercan Findikoglu, a Turkish…
Cn: Jail sentences for selling data on 200,000 newborns
Zhang Ningning reports: Eight people involved in stealing, selling and buying information of more than 200,000 newborns have been sentenced for infringing citizens’ personal information. The Pudong New Area People’s Court said yesterday that the defendants included two former employees of the city’s Center for Disease Control and Prevention. The eight were sentenced from seven to…
Clusters f**ked: Insecure Hadoop file systems wiped by miscreants
Thomas Claburn reports: Administrators of Hadoop Distributed File System (HDFS) clusters have evidently not heeded warnings that surfaced last month about securing software with insecure default settings. Attacks on Hadoop clusters have wiped the data of at least 165 installations, according to GDI Foundation security researchers Victor Gevers, Niall Merrigan, and Matt Bromiley. The trio report that…
Device on computers used to steal ID of University of Iowa students, staff
KCRG reports: The University of Iowa is investigating devices left on campus computers that it believes compromised the personal information for 250 students and staff. Officials with the University of Iowa tell KCRG-TV9 News the breach may be linked to attempts at cheating. “The University of Iowa is investigating a handful of potential cases of…
Fast Food Chain Arby’s Acknowledges Breach at Hundreds of Locations
Brian Krebs reports: Sources at nearly a half-dozen banks and credit unions independently reached out over the past 48 hours to inquire if I’d heard anything about a data breach at Arby’s fast-food restaurants. Asked about the rumors, Arby’s told KrebsOnSecurity that it recently remediated a breach involving malicious software installed on payment card systems at hundreds of…
Hackers Using RDP Attacks to Install CRYSIS Ransomware
How many times do folks need to be told to disable Remote Desktop Protocol (RDP) if it’s not necessary and in use? As Ionut Arghire reports,here’s another reason if you still haven’t addressed the risks to your security. CRYSIS, a ransomware family that emerged last year, is being distributed via Remote Desktop Protocol (RDP) brute…