Sunday , 24 September 2017
Home » Author Archives: Dean Alvarez (page 126)

Author Archives: Dean Alvarez

Dean is Features Editor at IT Security Guru. Aside from cyber security and all things tech, Dean's interests include wine tasting, roller blading and playing the oboe in his Christian rock band, Noughts & Crosses.

You can reach Dean via email - dean@itsecurityguru.org

Crooks Grab W-2s from Credit Bureau Equifax

Identity thieves stole tax and salary data from big-three credit bureau Equifax Inc., according to a letter that grocery giant Kroger sent to all current and some former employees on Thursday. The nation’s largest grocery chain by revenue appears to be one of several Equifax customers that were similarly victimized this year. View full story ORIGINAL SOURCE: Brian Krebs Read More »

Fling.com breach: Passwords and sexual preferences of 40 million users up for sale on dark web

Tens of millions of credentials reportedly stolen from an adult dating website called Fling.com have been put up for sale on the dark web. Currently listed on an underground marketplace called The Real Deal the information reportedly contains email addresses, plain text passwords, usernames, IP addresses and date of birth records. Additionally, the compromised data includes sexual preferences, whether the account was ... Read More »

Google Suffers Minor Data Breach via Third-Party Benefits Vendor

Google has started notifying affected employees of a data breach that occurred when one of the managers of a third-party benefits vendor sent a file containing sensitive information about Google employees to the wrong person. View full story ORIGINAL SOURCE: Softpedia Read More »

New Report Demonstrating Advancement of ISIS’s Organized Cyber Capabilities

Flashpoint, the global leader in Deep & Dark Web data and intelligence, recently announced the release of a new report analysing the cyber capabilities of the Islamic State (ISIS), titled Hacking for ISIS: The Emergent Cyber Threat Landscape. The report concludes that while the threat that emanates from ISIS-inspired cyber attacks is of high concern, especially in light of the formation of ... Read More »

Immunising against the spear phishing plague

John Wilson,
Agari

Immunising against the spear phishing plague   By John Wilson, Field CTO, Agari Email has become the primary tool of communication for organisations, both within the business and externally with customers and third parties. But with this proliferation, email has also been tirelessly exploited by sophisticated cyber-criminals. With no security authentication built in, there is a fundamental flaw in the ... Read More »

Critical Qualcomm security bug leaves many phones open to attack

For the past five years, a vulnerability in many Android phones has left users’ text messages, call histories, and possibly other sensitive data open to snooping, security researchers said Thursday. The flaw, which is most severe in Android versions 4.3 and earlier, allows low-privileged apps to access sensitive data that’s supposed to be off-limits, according to a blog post published by ... Read More »

Suck on this: White hats replace Locky malware payload with dummy

Pranksters have infiltrated the control system behind the infamous Locky ransomware and replaced the malware’s main payload with a dummy file. Locky normally spreads using malicious and disguised JavaScript inside email attachments supposedly containing an invoice or similar. Malicious messages are sent to prospective marks in spam runs. Those on Windows machines who open the malicious attachment are likely to ... Read More »

Daisy-chained research spells malware worm hell for power plants and other utilities

BlackHat Asia A world-first proof-of-concept worm – if unleashed – could spell disaster for the world’s critical infrastructure, including power utilities by making attacks exponentially more difficult to detect and stop. It is a stand-alone attack but The Register has confirmed a realistic stealthy end-to-end attack scenario can be produced by combining two independent research efforts. The programmable logic controller (PLC) worm is ... Read More »

Crooks Go Deep With ‘Deep Insert’ Skimmers

ATM maker NCR Corp. says it is seeing a rapid rise in reports of what it calls “deep insert skimmers,” wafer-thin fraud devices made to be hidden inside of the card acceptance slot on a cash machine. KrebsOnSecurity’s All About Skimmers series has featured several stories about insert skimmers. But the ATM manufacturer said deep insert skimmers are different from typical insert skimmers because they ... Read More »

Microsoft: Windows Malware Up, Stuxnet Shell Attack Most Popular

The number of Windows systems worldwide hit with malware infection attempts in the second half of last year jumped by nearly 6% over the previous year to 20%. Microsoft’s new Security Intelligence Report (SIR) published today shows vulnerability disclosure was up by more than 9% from June through December of 2015, with some 3,300 bugs reported. “More importantly, high severity ... Read More »