HackDig : Dig high-quality web security articles for hackers

Ubiquiti: Change Your Password, Enable 2FA

Ubiquiti, a major vendor of cloud-enabled Internet of Things (IoT) devices such as routers, network video recorders, security cameras and access control systems, is urging customers to change their passwords and enable multi-factor authentication. The company says an incident at a third-party cloud provider may have exposed customer account information and c
Publish At:2021-01-11 20:00 | Read:123 | Comments:0 | Tags:Data Breaches Ubiquiti breach

Sealed U.S. Court Records Exposed in SolarWinds Breach

The ongoing breach affecting thousands of organizations that relied on backdoored products by network software firm SolarWinds may have jeopardized the privacy of countless sealed court documents on file with the U.S. federal court system, according to a memo released Wednesday by the Administrative Office (AO) of the U.S. Courts. The judicial branch agency
Publish At:2021-01-07 22:24 | Read:76 | Comments:0 | Tags:Data Breaches Administrative Office of the U.S. Courts Nicho

Top data breaches of 2020 – Security Affairs

Data from major cyber security firms revealed that tens of billion records have been exposed in data breaches exposed in 2020. Below a list of top incidents: There were a number of major data breaches that took place in 2020, in many cases stolen records flooded the cybercrime underground and were used credential stuffing attacks. Below the list of top
Publish At:2021-01-03 11:12 | Read:347 | Comments:0 | Tags:Breaking News Data Breach data breaches data leak security

VMware Flaw a Vector in SolarWinds Breach?

U.S. government cybersecurity agencies warned this week that the attackers behind the widespread hacking spree stemming from the compromise at network software firm SolarWinds used weaknesses in other, non-SolarWinds products to attack high-value targets. According to sources, among those was a flaw in software virtualization platform VMware, which the U.S.
Publish At:2020-12-18 14:54 | Read:197 | Comments:0 | Tags:Data Breaches The Coming Storm APT 29 Ars Technica Cozy Bear

Malicious Domain in SolarWinds Hack Turned into ‘Killswitch’

A key malicious domain name used to control potentially thousands of computer systems compromised via the months-long breach at network monitoring software vendor SolarWinds was commandeered by security experts and used as a “killswitch” designed to turn the sprawling cybercrime operation against itself, KrebsOnSecurity has learned. Austin, Texa
Publish At:2020-12-16 16:06 | Read:218 | Comments:0 | Tags:Data Breaches FireEye GoDaddy microsoft Orion RedDrip Team S

SolarWinds Hack Could Affect 18K Customers

The still-unfolding breach at network management software firm SolarWinds may have resulted in malicious code being pushed to nearly 18,000 customers, the company said in a legal filing on Monday. Meanwhile, Microsoft should soon have some idea which and how many SolarWinds customers were affected, as it recently took possession of a key domain name used by
Publish At:2020-12-15 16:42 | Read:247 | Comments:0 | Tags:Data Breaches Alan Paller Andrew Morris Center for Strategic

U.S. Treasury, Commerce Depts. Hacked Through SolarWinds Compromise

Communications at the U.S. Treasury and Commerce Departments were reportedly compromised by a supply chain attack on SolarWinds, a security vendor that helps the federal government and a range of Fortune 500 companies monitor the health of their IT networks. Given the breadth of the company’s customer base, experts say the incident may be just the firs
Publish At:2020-12-14 13:24 | Read:209 | Comments:0 | Tags:Data Breaches The Coming Storm APT29 Cybersecurity and Infra

Payment Processing Giant TSYS: Ransomware Incident “Immaterial” to Company

Payment card processing giant TSYS suffered a ransomware attack earlier this month. Since then reams of data stolen from the company have been posted online, with the attackers promising to publish more in the coming days. But the company says the malware did not jeopardize card data, and that the incident was limited to administrative areas of its business.
Publish At:2020-12-10 14:20 | Read:297 | Comments:0 | Tags:Data Breaches Ransomware Conti fs-isac global payments Ryuk

Account Hijacking Site OGUsers Hacked, Again

For at least the third time in its existence, OGUsers — a forum overrun with people looking to buy, sell and trade access to compromised social media accounts — has been hacked. An offer by the apparent hackers of OGUsers, offering to remove account information from the eventual database leak in exchange for payment. Roughly a week ago, the OGUse
Publish At:2020-12-02 12:48 | Read:417 | Comments:0 | Tags:Data Breaches Ne'er-Do-Well News Disco Payments Discoli ogus

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

In March 2020, KrebsOnSecurity alerted Swedish security giant Gunnebo Group that hackers had broken into its network and sold the access to a criminal group which specializes in deploying ransomware. In August, Gunnebo said it had successfully thwarted a ransomware attack, but this week it emerged that the intruders stole and published online tens of thousan
Publish At:2020-10-28 14:17 | Read:353 | Comments:0 | Tags:Data Breaches Ransomware Dagens Nyheter Gunnebo Group breach

Breach at Dickey’s BBQ Smokes 3M Cards

One of the digital underground’s most popular stores for peddling stolen credit card information began selling a batch of more than three million new card records this week. KrebsOnSecurity has learned the data was stolen in a lengthy data breach at more than 100 Dickey’s Barbeque Restaurant locations around the country. An ad on the popular card
Publish At:2020-10-15 18:11 | Read:441 | Comments:0 | Tags:Data Breaches Latest Warnings Dickey's Barbeque breach Eli D

Using the Cost of a Data Breach to Maximize Your ROI on Your Security Tools

The 2020 Cost of Data Breach report from IBM and the Ponemon is out. It provides a detailed analysis of causes, costs and controls that appeared in their sampling of data breaches. The report is full of data, and the website allows you to interact with its information so that you can do your own analysis and/or dig into aspects relevant to you and your indus
Publish At:2020-09-15 01:50 | Read:600 | Comments:0 | Tags:IT Security and Data Protection Cost of Data Breach Study Da

Hacked Data Broker Accounts Fueled Phony COVID Loans, Unemployment Claims

A group of thieves thought to be responsible for collecting millions in fraudulent small business loans and unemployment insurance benefits from COVID-19 economic relief efforts gathered personal data on people and businesses they were impersonating by leveraging several compromised accounts at a little-known U.S. consumer data broker, KrebsOnSecurity has le
Publish At:2020-08-06 19:42 | Read:582 | Comments:0 | Tags:Data Breaches The Coming Storm COVID-19 Derek Dubner Economi

Robocall Legal Advocate Leaks Customer Data

A California company that helps telemarketing firms avoid getting sued for violating a federal law that seeks to curb robocalls has leaked the phone numbers, email addresses and passwords of all its customers, as well as the mobile phone numbers and other data on people who have hired lawyers to go after telemarketers. The Blacklist Alliance provides techno
Publish At:2020-08-03 18:21 | Read:535 | Comments:0 | Tags:A Little Sunshine Data Breaches Call Protect Jolly Roger Tel

Here’s Why Credit Card Fraud is Still a Thing

Most of the civilized world years ago shifted to requiring computer chips in payment cards that make it far more expensive and difficult for thieves to clone and use them for fraud. One notable exception is the United States, which is still lurching toward this goal. Here’s a look at the havoc that lag has wrought, as seen through the purchasing patter
Publish At:2020-07-29 18:40 | Read:583 | Comments:0 | Tags:A Little Sunshine Data Breaches briansclub hack Damon McCoy

Tools

Tag Cloud