breach

(get it in RSS or Atom)

How the "Great SIM Heist" could have been avoided

by Paul Ducklin on February 23, 2015 | 19 Comments

Apparently, intelligence services managed to penetrate the network of a major SIM card manufacturer, grab loads of SIM keys, and now we're all liable to be listened in on.

But why? What is it about SIM cards that made this possible?

The end of the Silk Road for Dread Pirate Roberts - 60 Sec Security [VIDEO]

by Paul Ducklin on February 7, 2015 | Leave a comment

Here's our weekly "60 Second Security" video.

Enjoy a fresh and entertaining take on the latest security news in just one minute...

US health insurer Anthem drained of 80 million records

by Lisa Vaas on February 6, 2015 | 7 Comments

Attackers have invaded a database at Anthem, the US's second largest health insurer, getting at all the personal details that comprise a veritable tool kit for identity theft.

Hackers breach password database at Atlassian's "HipChat" collaboration service

by Paul Ducklin on February 2, 2015 | 3 Comments

Hip software company Atlassian has had the hackers in.

It sounds as though the outcome won't be too bad, but it does remind you: choose a better password than everyone else!

Why the US was so sure North Korea hacked Sony: it had a front-row seat

by Lisa Vaas on January 19, 2015 | 17 Comments

US and North Korea. Image courtesy of Shutterstock.

A newly released, top-secret document traces the NSA's infiltration of North Korean systems back to 2010, when it piggybacked on South Korean "implants" on North Korea's networks and "sucked back the data".

'Sloppy' North Korean Sony attackers let their IP addresses slip, says FBI

by Lisa Vaas on January 9, 2015 | 4 Comments

FBI: 'Sloppy' North Korean Sony attackers let their IP addresses slip

FBI director James Comey has stuck to the bureau’s conclusion that the North Korean government is behind the mammoth cyber attack on Sony Pictures, giving out a few more crumbs to explain his conviction.

Malware infection suspected at ISC, providers of the BIND DNS server software

by Paul Ducklin on January 1, 2015 | 4 Comments

The Internet Systems Consortium, better known as ISC, thinks it might have had a malware infection.

An insecure installation of WordPress seems to be behind the problem...

3 tips for a quieter Christmas than Sony

by Paul Ducklin on December 22, 2014 | 2 Comments

What can you do so that, when your users return from vacation, you reduce the chance of a 'Sony moment' all of your own?

Here's our advice...

Spear-phishers grab emails from internet overseer ICANN

by Lisa Vaas on December 19, 2014 | 1 Comment

Yes, the DNS overlord fell for spear phishing. No, the internet's spine was NOT broken, given that the intruders only gained "read", not "write", access. Thank goodness!

Sony tormentors leak celebrities' phone numbers, aliases

by Lisa Vaas on December 10, 2014 | 1 Comment

Brad Pitt. Image courtesy of s_bukley and Shutterstock.

Those affected include Brad Pitt, Julia Roberts, Tom Hanks, Daniel Craig, Natalie Portman, Tobey Maguire and Sarah Michelle Gellar.

Sony Pictures feels the pain as megabreach claims expand

by Lisa Vaas on December 8, 2014 | 3 Comments

The breach involves taxpayer IDs for 47,000 employees and actors, including Sylvester Stallone, Judd Apatow and Rebel Wilson, as well as medical histories, salary information and much more.

If the government confiscates your spyware, where does it end up? 60 Sec Security [VIDEO]

by Paul Ducklin on November 29, 2014 | Leave a comment

Here's the latest episode of our weekly "60 Second Security" video.

An entertaining way to turn news into knowledge...and it only takes a minute!

SSCC 175 - "My, what an ENORMOUS malware infection you have!" [PODCAST]

by Paul Ducklin on November 27, 2014 | 1 Comment

Here's the latest episode of our weekly security podcast.

For your listening pleasure - the news you can use!

Home Depot facing 44 lawsuits over data breach as clean-up cost reaches $43m

by Lee Munson on November 26, 2014 | 10 Comments

Home Depot. Image courtesy of Rob Wilson / Shutterstock.com

Home Depot, which revealed a huge data breach in September, said it now faces at least 44 civil lawsuits across the US and Canada after the security slip that left 56 million credit cards and 53 million email addresses exposed.

Sony Pictures breached - or was it?

by Paul Ducklin on November 26, 2014 | Leave a comment

Sony has been in the computer security spotlight several times before, from rootkits and jailbreaking to industrial-scale data breaches.

The company is back in the limelight again after a claimed "megahack"...

Breached US State Department takes email offline to update security

by Lisa Vaas on November 18, 2014 | 3 Comments

The US State Department spent the weekend trying to mop up its unclassified email system and public sites in the aftermath of a recent attack.

White House networks hacked

by Lisa Vaas on October 30, 2014 | 1 Comment

White House. Image courtesy of Shutterstock

Attackers broke into unclassified White House computer networks in the past 2-3 weeks. It's far from surprising, one unnamed official said, given that it's a "constant battle" between the government, trying to secure its sensitive systems, and bad actors seeking to intrude on them.

Dropbox passwords leaked, third-party services blamed

by Lisa Vaas on October 14, 2014 | 2 Comments

Hundreds of Dropbox logins were posted on Pastebin and Reddit, but it turns out they were stolen from a third-party service months ago, Dropbox says. So why did some of those passwords work, as Reddit users claimed? Think password reuse.