Hacker Falsely Claiming to Breach FireEye Arrested, CEO Says
The hacker who falsely claimed to have breached FireEye — it was just the personal online accounts of one employee — was arrested by international law enforcement and taken into custody on October 26, FireEye CEO Kevin Mandia said Wednesday. “These attackers rarely, if ever get caught and therefore I’m pleased, that in this case…
Don’t Be Catfished: Protecting Yourself From New Account Fraud
Catfishing, the practice of pretending to be someone else online, became a cultural phenomenon through MTV’s popular TV show “Catfish,” driving more attention to our obsession with our online personas. However, it’s not just social media that needs additional scrutiny. In the wake of several recent major data breaches of personally identifiable information (PII) such…
Offshore law firm Appleby confirms data breach
Appleby, a major offshore law firm based in Bermuda, has confirmed it has suffered a data security incident in 2016 that resulted in some of their data being compromised. It’s doubtful that the wider public would have ever known about this were it not from the US-based International Consortium of Investigative Journalists (ICIJ) and partner…
North Korea Hacked Seoul’s War Plans: Report
North Korean computer hackers have stolen hundreds of classified military documents from South Korea including detailed wartime operational plans involving its US ally, a report said Tuesday. Rhee Cheol-Hee, a lawmaker for the ruling Democratic party, said the hackers had broken into the South’s military network last September and gained access to 235 gigabytes of…
Disqus, Forrester Research suffer data breach
Popular blog comment hosting service Disqus and market research company Forrester Research announced late on Friday that they’ve suffered a breach. While the latter was apparently limited to content made available to Forrester clients through Forrester.com, the former resulted in the theft of account data for some 17.5 million users.
The CISO’s Guide to Minimizing Health Care Security Risks
In an ever-changing, dynamic threat landscape, a chief information security officer (CISO) in the health care sector must have knowledge in multiple areas and understand that data breaches have severe repercussions that affect employees, patients and the organization at large. To respond effectively to health care security risks, a CISO must possess well-rounded experience in…
Fast Food Chain Sonic Confirms Card Breach
Sonic Drive-In, a fast food restaurant chain with more than 3,500 locations across the United States, confirmed on Wednesday that cybercriminals may have stolen customers’ credit and debit card information using a piece of malware. The company has provided only little information about the incident, but says it’s working with law enforcement and third-party forensics…
Equifax, former CEO reveal more details about the devastating breach
Mandiant has concluded the forensic part of its Equifax breach investigation, and the results are as follows: 2.5 million additional US consumers were potentially impacted, bringing the total to 145.5 million The initial estimate of some 100,000 Canadian citizens being impacted was incorrect: in the end, the information of some 8,000 Canadian consumers was compromised,…
Equifax CEO Steps Down After Massive Data Breach
Equifax chairman and CEO Richard Smith stepped down Tuesday, just weeks after the company disclosed a massive data breach that exposed more than 143 million U.S. individuals. Paulino do Rego Barros, Jr., who most recently served as President, Asia Pacific, and is a seven-year veteran of the company, has been appointed as interim Chief Executive Officer. The…
Passwords for 540,642 GPS vehicle tracking devices leaked online
Login credentials and other sensitive data from more than a half million vehicle tracking devices, which continually pinpoint vehicles’ locations, were left unprotected online. The exposed records belonging to SVR Tracking, headquartered in San Diego, were discovered by Kromtech security researchers. Thanks to a misconfigured Amazon AWS S3 bucket, 540,642 account IDs which included logins…