These days it seems that every time you open your favorite news source there is another data breach related headline. Victimized companies of all sizes, cities, counties, and even government agencies have all been the subject of the “headline of shame” over the past several months or years.
If you’re in your mid-twenties or beyond, you will be familiar with people at family gatherings saying ‘remember when we didn’t have all these gadgets, and we used to actually talk to each other?’ The answer to this is ‘no’ – the level of conversation has remained largely unchanged, it’s just now we have gadgets and gizmos to occupy our attention during these moments of strained silence. I put it down to the Mandela effect.
The European Central Bank (ECB) had to shut down one of its websites after it was hacked and infected with malicious software. ECB said the compromised site was on its Banks’ Integrated Reporting Dictionary (BIRD) which provides bankers with information on how to produce statistical and supervisory reports. An EBC spokesman also added that the sever hosting the site contained email addresses, names and titles of the subscribers of the BIRD newsletter which might have been stolen.
She’s the CISO of The Internet Foundation of Sweden (IIS) and one of 14 trusted individuals to hold a Key to the Internet, which means the DNSSEC key generation for the internet root zone. Anne-Marie Eklund Löwinder is also one of the few Swedes who have been inducted into the Internet Hall of Fame.
Amazon Prime Day is in full effect and so are hackers working on elaborate phishing scams targeting Amazon shoppers. Amazon announced that over one million items will be discounted on July 15 and 16, leaving bargain shoppers racing to buy. But while shoppers are busy searching for the best deals on this Prime Day, malicious actors are looking to scam. McAfee reported a popular phishing kit, 16Shop, recently shifted its attention to Amazon.
Xavier Blasco (a.k.a Lerhan) is a 23-year old security researcher on the Detectify Crowdsource Platform. He’s passionate about security and found a way in through bug bounty programs. As an ethical hacker, he is naturally curious in security testing vendors which he is buying from and this time it led to bypassing IDOR protection using URL shorteners. In the following guest blog, he describes this security flaw that led him to access new client contracts on Jazztel’s platform.
A second Florida city has opted to pay a ransom demand to hackers after they took control of the city's municipal computer systems. On Tuesday, June 25, Lake City's Mayor announced that the city would pay hackers $460,000 to regain control of its email and other servers that were seized over two weeks ago.
A report released by the NASA Office of Inspector General (OIG) claims hackers were able to infiltrate NASA's network using a vulnerable, unapproved Raspberry Pi in its April 2018 data breach. In the report, "Cybersecurity Management and Oversight at The Jet Propulsion Laboratory" officials claim that in the April attack, hackers stole over 500 MB of sensitive data.
