05 Feb 2019

You Can Hack This Headline for $200

Cybersecurity firm Sixgill is warning that more and more threat actors are selling stolen login credentials for the online portals of news websites, digital magazines and other online media. By obtaining access through such credentials, buyers can post new content on targeted websites, manipulate or remove existing articles, or inject

Read More
05 Feb 2019

Exposed Consumer Data Skyrocketed 126% in 2018

According to a new report by the Identity Theft Resource Center (ITRC), around 446.5 million sensitive consumer records were exposed in 2018. This is a 126% increase compared to 2017, when the number of exposed records containing personally identifiable information (PII) was about 197.6 million. However, 2018 did see 23%

Read More
05 Feb 2019

‘Collection #1’ Data Dump Hacker Identified

Security researchers with Recorded Future are claiming that a hacker by the monikor “C0rpz” first created and distributed the enormous “Collection #1” database containing about 773 million stolen records, which was discovered on an underground forum on January 17. While various other hackers have presented themselves as the original creators and sellers of

Read More
05 Feb 2019

Two hacker groups responsible for 60 percent of all publicly reported hacks

New research by Chainalysis indicates that two hacker groups, dubbed Alpha and Beta, are behind a significant majority (60%) of all reported hacks of cryptocurrency exchanges. The total amount of cryptocurrency stolen by Alpha and Beta is worth about $1 billion. Chainalysis describes Alpha as “a giant, tightly controlled organization at least

Read More
04 Feb 2019

Home Improvement Site Houzz Suffers Data Breach

Houzz, a popular home improvement website with headquarters in California, suffered a data breach in December 2018. It is unknown how many of the website’s 40 million members are affected, but the compromised information may include first and last names, city, state, country, IP addresses, one-way encrypted passwords and user

Read More
04 Feb 2019

Google pulls these 29 bogus photo apps that led millions to porn, phishing sites

Once again, security researchers have found a collection of malicious apps in the Google Play Store. Google has removed the 29 apps that had been downloaded more than four millions times in total. Trend Micro discovered the apps, many of which served users with tons of adds, including full-screen adds

Read More
04 Feb 2019

Email authentication use growing steadily in every industry sector

According to a new report by Valimail, the vast majority of U.S. federal government agencies have successfully adopted Domain-based Message Authentication Reporting & Conformance (DMARC), a security standard to combat fake emails. Adoption of standards like DMARC is also on the rise among major companies and in the health care sector, although

Read More
01 Feb 2019

Hackers Are Passing Around a Megaleak of 2.2 Billion Records

Two weeks ago, news broke of a massive data leak in which nearly 773 million records where exposed. As it turns out, that data set, dubbed Collection #1, was only one part of a much larger collection of compromised records from multiple data breaches. Security researchers have found an enormous database labeled

Read More
01 Feb 2019

Black hat hackers, white collar criminals snuggle up to operate insider trading schemes

According to research by Splunk, the past year has seen a steady increase of insider trading schemes, in which white collar criminals collaborate with black hat hackers in order to monetize valuable business data. This development is linked to the decreasing profitability of more traditional cybercrimes, such as cyber extortion

Read More
01 Feb 2019

IoT botnet used in YouTube ad fraud scheme

Security researchers with CenturyLink have released a report documenting the recent evolution of TheMoon, an internet of things (IoT) botnet that was first detected in 2014. While TheMoon was originally used by cybercriminals to carry out DDoS attacks, it is now being used for other malicious purposes, such as brute-force attacks

Read More