Capital One Breached – 100+ Million Applicants Compromised Among the data compromised are 140,000 US social security numbers and 80,000 bank account numbers. Also in the mix were one million Canadian social security numbers plus names, addresses, phone numbers, birth dates and incomes. The data included applicants who applied between 2005 and 2019. Yes, 15 […]
Continue reading → [DISPLAY_ACURAX_ICONS]Even though we keep telling people not to enable Microsoft’s Remote Desktop Protocol (RDP) on Internet facing servers, a recent check showed there were still a million servers vulnerable. “In recent years, criminals deploying targeted ransomware like BitPaymer, Ryuk, Matrix, and SamSam have almost completely abandoned other methods of network ingress in favor of using […]
Continue reading → [DISPLAY_ACURAX_ICONS]You moved your applications to the cloud. Now you don’t have to worry about managing IT systems. The headaches are someone else’s. Well sort of. Here is what customers of Quickbooks cloud hosting provider iNSYNNQ are seeing when they try to log on: This is what they have been seeing for the last three days. […]
Continue reading → [DISPLAY_ACURAX_ICONS]All smartphones are data collection machines; hopefully everyone understands that. There are an amazing number of sensors on the device and many apps just ask for everything. If the user grants that, then the app can harvest all that data and likely sell it, either individually or in the aggregate. Researchers took a tiny sample […]
Continue reading → [DISPLAY_ACURAX_ICONS]In one research report researchers have discovered Magecart attacks affecting 17,000 web domains including some in the Alexa Top 2000. You may remember that Magecart is what took down British Airways and likely caused them to be fined 183 million Pounds by the UK Information Commissioner’s Office. Magecart is not a single hacker or even […]
Continue reading → [DISPLAY_ACURAX_ICONS]This is What Spies Do It has come out that western (read one or more of the five eyes countries) inserted malware into Yandex (Russia’s equivalent of Google) in order to steal administrative credentials. The purpose was, apparently, to read emails of interest to the western spies. We need to understand that we do it […]
Continue reading → [DISPLAY_ACURAX_ICONS]