Alexander J. Martin reports: Encrypted email provider ProtonMail is still being hit by a DDoS attack from what it claims is a nation state, as well as a secondary and separate lower-level assault from an identified assailant. However, the service is now operating normally, it seems. Switzerland-based ProtonMail offers an encrypted webmail system able to…
Comcast resets nearly 200,000 passwords after customer list goes on sale
Steve Ragan reports: Over the weekend, a reader (@flanvel) directed Salted Hash to a post on a Dark Web marketplace selling a number of questionable, if not outright illegal goods. The post in question offered a list of 590,000 Comcast email addresses and corresponding passwords. As proof, the seller offered a brief list of 112…
We’ve Never Seen a Stolen Credit Card Market as Slick as This
Joseph Cox reports: Buying stolen credit cards can be a fairly drab affair. Apart from the obnoxious flashing banner ads strewn across the top of many fraud and criminal websites, often there’s not much going for them when it comes to presentation. But one site changes all of that completely. Called “Central Shop,” the site…
If the ransomware doesn’t get you, the DDoS might (UPDATE4)
Extortionists are busier than ever. This past week saw more reports on ransomware that corrupts files even if you pay the ransom, and DDoS attacks so powerful that usual defenses may be inadequate. Brian Krebs reports: One of the more common and destructive computer crimes to emerge over the past few years involves ransomware — malicious code that…
IE: 317 civil servants hit by payroll system data breach due to brain fade at PeoplePoint
Irish Times reports: Over 300 civil servants have been hit by a data breach in the civil service’s shared payroll system, involving their personal details being sent to HR departments other than their own. The breach was reported to the Data Protection Commissioner at the end of October. PeoplePoint, the shared human resources and pensions centre based…
Australian Federal Police declined to investigate hack and ransom demand?
More on the Aussie Farmers Direct breach previously noted on this site. Ryan DeSouza reports that a six-figure ransom had been demanded after the hack, and when the firm refused to pay, 5,000 customers’ information was posted online. “A couple of days ago we were able to get the list of customer details pulled…