Following the recent attacks against DYN (and Krebs, OVH and others) by the Merai botnet, there has been chatter about ‘hacking back’ as a means of active defense. If you missed the story or aren’t really sure what happened, there’s a good video on it here from Threatwire to get you up to speed but, […]
Category: Events
Additional information on Friday’s massive DDoS against DYN (affecting sites like Twitter, Reddit, Amazon and more)
The Internet is just coming back to life after a massive DDoS attack against Internet Performance Management company DYN on Friday. The attack affected a number of high profile sites including Twitter, Reddit and Amazon as well as thousands of smaller sites that use DYN’s services. Details are still a bit sketchy but most are […]
Massive DDoS against high profile websites highlight flaws in IoT
The Internet of Things (IoT) is the nickname / moniker that’s been given to the now prolific network of ‘smart’ and ‘connected’ devices like thermostats, cameras, DVRs, toasters, refrigerators and the like making their way into homes and businesses across the planet. It’s made the news quite a bit lately (so much that the IoT […]
Seagate employees sue after tax data exposed in phishing attack
Many of you may remember the previous post regarding the phishing attack at Seagate where an employee, responding to a phishing email that claimed to be from the CEO, forwarded the W-2 ‘and other data’ to an attacker. According to this article from the Inquirer, a number of affected employees have now filed a class […]
Insider breach at Sage and potentially exposed on-premise Sage servers
Insider breach may have led to unauthorized access to UK customer data According to this article at Data Breach today, Sage UK accounts may have been affected by an insider breach. British police arrested a 32 year old woman at Heathrow Airport on suspicion of conspiracy to defraud and confirm that the woman is currently […]
Possible NSA Breach included bypass tools for Cisco, Juniper and Fortinet firewalls
Details are still a bit sketchy but, according to several news outlets, a group calling itself “Shadow Brokers” claims to have breached the Equation Group, a nation-state spying group suspected to be linked to the U.S. National Security Agency and has posted evidence to confirm the breach. They are offering to release all of the […]
Legitimate remote admin tool compromised to spread trojan
According to this article at Ars, the remote admin tool Ammyy Admin was compromised and has been being used by a criminal gang to install a banking trojan to drain the bank accounts of it’s victims. The article does an excellent job of detailing it but the short story seems to be the following: A […]
New Mac trojan disguised as Easy Doc Converter.app
Interesting article over at C|Net on a new trojan that’s been spotted in the wild actively targeting Mac users. According to the article, the trojan gives the attackers remote access to vulnerable Macs to access data, the webcam and presumably use the infected Mac as a pivot point further into the network. Mac users have […]
Another healthcare breach exposes hundreds of thousands of patient records
Data breaches in three different locations including Farmington Missouri (48,000 records), Atlanta Georgia (397,000 records) and the Central / Midwest US (210,000 records) allegedly including Social Security numbers, full names, physical addresses, dates of birth and insurance information. The names of the organizations have not yet been released and the attacker has advised that a […]
Massive zero day vulnerability in most Symantec / Norton security products
If you’re using a Symantec or Norton security product, update it now, we’ll wait (yup, another zero day, and it’s a big deal). According to this article at The Register, Google Project Zero initiative researcher Tavis Ormandy discovered a vulnerability in the Norton / Symantec products that is 100% reliable, works on the default configuration, […]