Many employees are at least curious about their next job. That is the basis for this attack. The attacker sends Linkedin direct messages from a legitimate Linkedin account. If that doesn’t appeal to the target, the attacker sends emails to the targets business email address suggesting a job offer. The links in the email points […]
Continue reading → [DISPLAY_ACURAX_ICONS]Over 5 Billion Records Exposed in 2018 Risk Based Security is reporting that there were 6,515 publicly reported breaches in 2018 exposing over 5 billion records. This is a couple hundred breaches less than 2017, but the final numbers are not in yet as breaches continue to be reported. The number of days between discovery […]
Continue reading → [DISPLAY_ACURAX_ICONS]Last week I wrote about 4 different cases where courts are moving in the direction of making it easier for plaintiffs to sue companies in case of a breach. Now we have another situation. In the past, judges have approved settlements that only made the lawyers rich. The plaintiffs sometimes got, literally, nothing. That is […]
Continue reading → [DISPLAY_ACURAX_ICONS]Text Messaging for Two Factor Authentication is Under Attack We have talked on occasion about a basically theoretical attack against text messages as the second factor for authentication. It is likely that the feds know more than they are telling us about that since the National Institute of Standards and Technology has deprecated the use […]
Continue reading → [DISPLAY_ACURAX_ICONS]GoDaddy has an interesting feature. If a hacker creates a FREE GoDaddy account they can and have created a whole bushel of mischief. If you have a free account, you can use GoDaddy’s managed DNS service for free for a limited amount of time. Only problem is that GoDaddy didn’t validate that you owned the domain […]
Continue reading → [DISPLAY_ACURAX_ICONS]Oklahoma Government Data Left Unprotected The Oklahoma Department of Securities left data going back to at least 1999 unprotected online. Data exposed included state agency passwords and login information, data on FBI investigations, information on thousands of securities brokers and other information. The state says it was unprotected for “a limited duration”. They are investigating. […]
Continue reading → [DISPLAY_ACURAX_ICONS]