Zhang Ningning reports: Eight people involved in stealing, selling and buying information of more than 200,000 newborns have been sentenced for infringing citizens’ personal information. The Pudong New Area People’s Court said yesterday that the defendants included two former employees of the city’s Center for Disease Control and Prevention. The eight were sentenced from seven to…
Clusters f**ked: Insecure Hadoop file systems wiped by miscreants
Thomas Claburn reports: Administrators of Hadoop Distributed File System (HDFS) clusters have evidently not heeded warnings that surfaced last month about securing software with insecure default settings. Attacks on Hadoop clusters have wiped the data of at least 165 installations, according to GDI Foundation security researchers Victor Gevers, Niall Merrigan, and Matt Bromiley. The trio report that…
Device on computers used to steal ID of University of Iowa students, staff
KCRG reports: The University of Iowa is investigating devices left on campus computers that it believes compromised the personal information for 250 students and staff. Officials with the University of Iowa tell KCRG-TV9 News the breach may be linked to attempts at cheating. “The University of Iowa is investigating a handful of potential cases of…
Fast Food Chain Arby’s Acknowledges Breach at Hundreds of Locations
Brian Krebs reports: Sources at nearly a half-dozen banks and credit unions independently reached out over the past 48 hours to inquire if I’d heard anything about a data breach at Arby’s fast-food restaurants. Asked about the rumors, Arby’s told KrebsOnSecurity that it recently remediated a breach involving malicious software installed on payment card systems at hundreds of…
Hackers Using RDP Attacks to Install CRYSIS Ransomware
How many times do folks need to be told to disable Remote Desktop Protocol (RDP) if it’s not necessary and in use? As Ionut Arghire reports,here’s another reason if you still haven’t addressed the risks to your security. CRYSIS, a ransomware family that emerged last year, is being distributed via Remote Desktop Protocol (RDP) brute…
Hacker steals 83,000 accounts from UPI news agency
Patrick O’Neill reports: A hacker is selling a database supposedly containing 83,000 compromised accounts from UPI.com, the website of the 110-year-old American news agency United Press International. After being contacted by CyberScoop, UPI alerted its entire email subscriber base Tuesday and removed login pages and entire sections of its website. Read more on CyberScoop.