Two former Twitter employees and a Saudi national charged in plot to spy on...
From the U.S. Department of Justice, Northern District of California: SAN FRANCISCO –Ali Alzabarah, Ahmad Abouammo, and Ahmed Almutairi, a/k/a Ahmed Aljbreen, were charged for their respective roles in...
View ArticleMorrisons: £55m payout over 2014 ‘grudge’ leak of payroll data ‘grossly unjust’
Graeme Burton reports: Morrisons has told the Supreme Court in London that it should not be held either directly or vicariously liable for the 2014 payroll data leak of almost 100,000 employees. The...
View ArticleIf Robert Grant didn’t like having Time AI called “snake oil cryptography,”...
When experts in a field accuse you of promoting “snake oil,” is the proper response to: Double down and argue with them Sue them for not showing you proper respect after you paid $115,000 to be able to...
View ArticleRansomware Attacks Hit Everis and Spain’s Largest Radio Network
Sergiu Gatlan reports: Everis, an NTT DATA company and one of Spain’s largest managed service providers (MSP), had its computer systems encrypted today in a ransomware attack, just as it happened to...
View ArticleIn September, VMedia notified members of a vBulletin 0day
Today I learned from one of my readers that VMedia had a breach that they had disclosed back on September 25, but it apparently wasn’t picked up by media outlets until October 31. The following is the...
View ArticleA leak report quietly disappears, leaving questions in its wake
On October 8, Jeremiah Fowler reported that he had discovered a non-password protected database that contained what appeared to be information regarding healthcare workers and traveling nurses. If you...
View ArticleAttempted sextortion leads to call for stricter phone porting rules
Thomas Daigle reports: When Randall Baran-Chong received a notification on his smartphone late one night last week indicating the device was no longer in service, it was the first sign of trouble. […]...
View ArticleMajor ASP.NET hosting provider recovering from ransomware attack
Catalin Cimpanu recently reported: SmarterASP.NET, an ASP.NET hosting provider with more than 440,000 customers, was hit yesterday by ransomware. The company is the third major web hosting firm this...
View ArticleRetailer Orvis.com Leaked Hundreds of Internal Passwords on Pastebin
Brian Krebs reports: Orvis, a Vermont-based retailer that specializes in high-end fly fishing equipment and other sporting goods, leaked hundreds of internal passwords on Pastebin.com for several weeks...
View ArticleMexico’s Pemex Oil Suffers Ransomware Attack, $4.9 Million Demanded
Lawrence Abrams reports: Mexico’s state-owned oil company, Pemex, has suffered a DoppelPaymer ransomware attack that demanded $4.9 million USD in order to decrypt their files. On Sunday, November 10th,...
View ArticlePrank Call Service PrankDial Exposed 138 Million Records Online
Jeremiah Fowler reports: On October 28th I discovered a non-password protected database that contained millions of log files. Upon further research, the records all contained information that...
View ArticleUK Info Commish quietly urged court to swat away 100k Morrisons data breach...
Gareth Corfield reports: The UK’s Information Commissioner urged the Court of Appeal to side with Morrisons in the supermarket’s battle to avoid liability for the theft and leaking of nearly 100,000...
View ArticleGaping ‘hole’ in Qualcomm’s Secure World mobile vault leaked sensitive data
Charlie Osborne reports: A severe “hole” in the Qualcomm Secure World virtual processor, now patched, has been disclosed by researchers. According to cybersecurity researchers from Check Point, the...
View ArticleUtah Company Settles FTC Allegations it Failed to Safeguard Consumer Data
The FTC announced a settlement in a data security enforcement action against InfoTrax Systems, L.C. and its former CEO, Mark Rawlins. Here is their press release, below, followed by InfoTrax’s comments...
View ArticleJudiciary leaks personnel data of company in cocaine investigation; workers...
Janene Pieters reports: Personnel data from a fruit wholesaler in Hedel, Gelderland accidentally ended up in the criminal file of a major cocaine investigation, the Public Prosecution Service in...
View ArticleHackers Breach ZoneAlarm’s Forum Site — Outdated vBulletin to Blame
Swati Khandelwal reports: ZoneAlarm, an internet security software company owned by Israeli cybersecurity firm Check Point Technologies, has suffered a data breach exposing data of its discussion forum...
View ArticleDallas man convicted of computer fraud, aggravated identity theft in hacking...
Mathew Richards reports: Following a five-day trial, a Dallas man was convicted on Friday on charges for computer fraud and aggravated identity theft in connection with his hacking of a New York-based...
View ArticleCISA Releases Cyber Readiness Recommendations for Small Business
Caleb Skeath and Inside Privacy write: Last week, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (“CISA”) released a set of cyber readiness recommendations...
View Article150 infosec bods now know who they’re up against thanks to BT Security cc/bcc...
Gareth Corfield reports: BT Security managed to commit the most basic blunder of all after emailing around 150 infosec professionals who attended a jobs fair – using the “cc” field instead of “bcc”....
View ArticleTW: Online box office EZding liable for data theft and consequential damages
Arthur Shay of Shay and Partners writes: In September 2019 a landmark appeal court decision found an online information service provider liable for consequential damages of data theft. In April 2017...
View Article