Ticketmaster breach part of massive credit card skimming campaign
RiskIQ researchers have discovered that the recent breach of Ticketmaster was not a one-off event as initially reported, but part of a massive digital credit card-skimming …
data theft
Former SunTrust employee stole data on 1.5 million clients
US commercial bank SunTrust has announced on Friday that they’ve fallen victim to insider threat, and that customer records of some 1.5 million of its customers had been …
Researchers use power lines to exfiltrate data from air-gapped computers
Researchers from the Ben-Gurion University of the Negev have come up with another way to exfiltrate data from air-gapped computers: this time, it’s via malware that can …
Hackers steal payment card data of 5 million Saks, Lord & Taylor customers
Hackers have apparently managed to compromise the cash register systems at Saks Fifth Avenue and Lord & Taylor stores in the US and Canada, and have stolen payment card …
How to prepare for the future of digital extortion
Digital extortion has evolved into the most successful criminal business model in the current threat landscape, and Trend Micro researchers predict that it will continue to …
DHS insider breach resulted in theft of personal info of staff and people involved in investigations
The US DHS Office of Inspector General (OIG) has confirmed that the “privacy incident” discovered in May 2017 resulted in the theft of personally identifiable …
Tizi backdoor rooted Android devices by exploiting old vulnerabilities
Google has discovered and removed from Google Play a number of apps that contained the Tizi backdoor, which installs spyware to steal sensitive data from popular social media …
Imgur confirms breach, 1.7 million users affected
Popular image hosting website Imgur has announced on Friday that hackers stole usernames and passwords of 1.7 million of its users. The breach dates back to 2014, when Imgur …
Data exfiltration tool PTP-RAT encodes data in pixel colour values
How to exfiltrate data from a machine that doesn’t have file transfer capabilities or whose Remote Desktop Protocol (RDP) connection has been locked down, making it …
Malicious Chrome extension steals all data
There’s a glut of malicious Google Chrome extensions out there, but some are more harmful than others. The one that SANS ISC incident handler Renato Marinho has dubbed …
Defense contractors, manufacturers targeted with malware-as-a-service infostealer
Information stealing FormBook malware is being lobbed at defense contractors, manufacturers and firms in the aerospace sector in the US and South Korea. Delivery methods The …
Disqus, Forrester Research suffer data breach
Popular blog comment hosting service Disqus and market research company Forrester Research announced late on Friday that they’ve suffered a breach. While the latter was …