breach

(get it in RSS or Atom)

SSCC 166 - A sleeping bag and a camping stove to queue for an iPhone? [PODCAST]

chet-chat-logo-featured-250

For your listening pleasure!

Here's the latest episode in our weekly podcast series...

Is it *really* such a bad idea to use a password twice?

reuse-250

We regularly warn you against using the same password for multiple accounts.

But if you memorise one really long and complex password, isn't that enough?

No! Here's why...

10 security holes that cybercrooks dream about - 60 Sec Security [VIDEO]

60ss-video-250

Here's this week's episode of 60 Second Security.

Enjoy the latest security news in just one minute...

SSCC 165 - "U2 or not U2," that is the question [PODCAST]

chet-chat-logo-featured-250

It's Chet Chat time!

Here's this week's episode of our news-you-can-use security podcast...

Man buys old servers, accuses Ernst & Young of data breach

Broken lock. Image courtesy of Shutterstock

Mark Morris claims he picked up some old servers for $300 and recently found out they're full of customer data. Ernst & Young wants the data deleted or just to get the servers back, but Morris says whoa, not so fast - time is money!

HealthCare.gov breached, injected with malware

HealthCare.gov breached, injected with DoS malware

Federal health officials have discovered that the US insurance exchange site HealthCare.gov was breached in July, when an intruder uploaded malware with the apparent motive of using the system to launch cyberattacks against other sites.

SSCC 159.5 - Black Hat USA 2014 Conference Special [PODCAST]

chet-chat-logo-featured-250

The Black Hat USA 2014 conference is over, and Naked Security's Chester Wisniewski was there in fabulous Las Vegas to take it all in.

And, as we all know, what happens in Vegas...

...gets faithfully reported on the internet!

Hacker claims breach of Wall Street Journal and Vice

Malicious hacker claims breach of Wall Street Journal, Vice

W0rm's been quite busy and has already pulled this on CNET, and likewise is again offering to sell user data and server credentials for one Bitcoin.

eBay becomes the latest online giant to own up to a password breach

Scammers adopt new eBay logo in short order

eBay has admitted to a database breach - go change your password, now!

Bitly breached, gives (shortened) details to customers on blog

bitly-250

Popular URL shortener Bitly is the latest cloud service to say, "Er, looks like crooks have been wandering around in our network."

Paul Ducklin tries to make sense of Bitly's breach notification blog...

Cyber extortionists swipe cosmetic surgery records, try to blackmail Harley Medical Group

Cosmetic surgery. Image courtesy of Shutterstock.

Cyber crooks may have broken into Harley Medical Group, a cosmetic surgery firm with 21 clinics in the UK, to filch the intimate details of about 480,000 potential patients and then try to extort money from the company.

SSCC 139 - PWN2OWN, browser updates, Target alerts, PCI DSS and phishing [PODCAST]

sscc-139-thumb-250

Is a browser less secure if more people like to hack it? Is it OK to ignore alerts simply because you get too many? Do you back yourself to spot every single phish? And just how smart is the Google Play Store?

Chester and Duck dissect these issues with their usual style in this week's Chet Chat podcast...

Browsers pwned, Korean megabreach, hackers phoiled, and Chet Chat turns 4! [VIDEO]

2014-03-15-pwned-250

Which browser plugin withstood PWN2OWN? How big was the latest South Korean megabreach? What happens when hackers attack phishers?

Find out in 60 Second Security...

Employees' bank details stolen from UK supermarket Morrisons

Empoyees' bank details stolen from UK's 4th largest grocer Morrisons

Morrisons is scrambling to tell employees that the staff payroll system has been raided, with the thieves taking names, addresses and bank details of staff.

Hackers steal 12 million customer records from South Korean phone giant

Hackers steal 12 million customer records from South Korean phone giant

In a caper that lasted a year, one or more hackers stole the details for KT Corp customers, then passed them to an accomplice who allegedly sold cell phones posing as a company representative. It's the second mega-breach to rip holes into South Koreans' personal data since January.

Smucker's online store gets stuck in thieves' web

Smucker's online store gets stuck in thieves' web

The US jam and jelly maker is just the latest fly to get stuck in the same web that ensnared dozens of companies last year, including some of the world's largest data brokers and at least one credit card processor.

Kickstarter breached - change your passwords

Kickstarter Breach

Hackers gained unauthorised access to crowdfunding site kickstarter.com earlier this week. Compromised details include usernames, email addresses, mailing addresses, phone numbers and password hashes. Kickstarter users should change their passwords immediately.

Syrian Electronic Army hacks Forbes, spills 1M user records - here's what you need to know

forbes-500

The SEA made off with more than a million records from the Forbes user database - perhaps including yours! - and published them online.

We already "cracked" a quarter of the Forbes staffer's accounts...Paul Ducklin looks at how well everyone else's password might hold up.

Patching XP, Flappy Bird malware, Tesco passwords leaked - 60 Sec Security [VIDEO]

2014-02-15-really-250

Did you really think XP would go patch-free? Is Flappy Bird really dead? Did you really use the same password on more than one site?

60 Sec Security - 15 Feb 2014

Did the crooks who broke into Target tailgate the cleaners?

target-250

Intrepid chronicler of the Target breach, Brian Krebs, has uncovered yet another cog in the criminal gearbox behind Target's data disaster.

Guess what? 2FA and network segregation would have made things a lot harder for the crooks...