Huge database leak reveals 1.37 billion email addresses and exposes illegal spam operation

Spam

A faulty backup has inadvertently exposed the entire working database of notorious spam operator River City Media (RCM). In all, the database contains more than 1.37 billion email addresses, and for some records there are additional details such as names, real-world addresses, and IP addresses. It's a situation that's described as "a tangible threat to online privacy and security."

Details about the leak come courtesy of Chris Vickery from macOS security firm MacKeeper who -- with a team of helpers -- has been investigating since January. River City Media's database ended up online thanks to incorrectly-configured Rsync backups. In the words of Vickery: "Chances are you, or at least someone you know, is affected."

Continue reading

Vice President Pence used personal email account for state work, and it was hacked

mike-pence

A new report suggests that Mike Pence not only used a personal email account to handle state business, but also that the email address was hacked. The US Vice President was one of many who were very vocal in denigrating Hillary Clinton for her use of a private email server in the run-up to the election.

The Indy Star says that Pence used an AOL email address to conduct public business during his time as governor of Indiana. The report also says that his email account was hacked, with a perpetrator gaining access to it in the middle of last year and sending out a fake email to his contacts.

Continue reading

Marissa Mayer misses out on Yahoo bonus as true scale of forged cookies security breach is revealed

yahoo_sign_in

Yahoo CEO Marissa Mayer is not going to receive her annual bonus this year as the company punishes her for failing to react quickly enough to a security breach in 2014. Her bonus is to be shared between staff instead.

The security breach, followed by another in 2016 involving the use of forged cookies, meant Yahoo's sale to Verizon had to be renegotiated, slashing millions of dollars from the price. The company has revealed that around 32 million user accounts were accessed using forged cookies, and while this is nothing like the 500 million accounts affected by the 2014 breach, it rocked faith in Yahoo and Mayer felt it best to also pass on her stock award.

Continue reading

Yahoo notifies users about 'forged cookie' security breaches and it could cost the company millions

Yahoo sign logo building

Yahoo -- or, rather, its users -- have not been doing very well recently when it comes to security. Having already revealed details of a huge historic attack that led to the theft of details for millions of accounts, Yahoo is now notifying an unknown number of users that their accounts may have been breached by hackers using forged cookies.

At the same time, Bloomberg is suggesting that the impending deal with Verizon has been renegotiated. The latest revelations coupled with the previous security issues could have just cost Yahoo $250 million.

Continue reading

Cyber attacks against the UK are increasing

Attack button

The number of cyber attacks launched against the UK has increased significantly with 188 high-level attacks occurring within just the last three months.

The news of the attacks came from Ciaran Martin, chief executive of the National Cyber Security Centre (NCSC), who told the Sunday Times that a number of the attacks were sophisticated enough to threaten national security.

Continue reading

Hiring a hacker: Why and how you should do it

hiring

The global cost of cybercrime could reach £4.9 trillion annually by 2021, according to a recent report from Cybersecurity Ventures. Cyber crime incidents continue to plague organizations globally, even as businesses pour money into boosting their security.

But how do businesses deal with vulnerabilities they cannot identify? It only takes one smart hacker to discover a backdoor and get access to your sensitive data and systems. Organizations must identify the weaknesses in their cyber security, before -- not after -- they’re exploited by hackers. However, to beat a hacker you’ll need to think like one. Here’s how -- and why -- you should hire a hacker.

Continue reading

Most banks aren't confident they can detect a data breach

data breach

Consumers are quite confident banks and insurers can keep their data safe, but these organizations aren’t that sure. A new report by Capgemini has shown that financial institutions lack a significant amount of confidence when it comes to data protection.

Just one in five (21 percent) of financial service organizations admitted they’re "highly confident" they could detect a data breach. On the other hand, 83 percent of consumers trust banks and insurers with their data.

Continue reading

Get Hacking For Dummies, 5th Edition ($20 Value) FREE for a limited time

hacking for dummies

Ethical hacking, also called penetration testing, entails thinking like the bad guys to find and plug any vulnerabilities in your system to keep it secure.

Hacking For Dummies explains how to protect your computers from malicious attacks. It usually retails for $20, but for a limited time you can download the fully updated 5th edition ebook version for free.

Continue reading

The effect of cybercrime on businesses and consumers

Cybercrime scene

Here we are, at the end of the first month of a new year and where are we? Well, I guess that very much depends on who you are. If you're a hacker, then things are looking good for you. If you're a consumer, the evidence suggests you won't be fooled twice, but is that good enough? And if you're a business, you've got the same security problems as last year but with enhanced threats from hackers and careless employees as well as enhanced expectations from consumers.

So, exactly what is happening in today's security world and what does it mean for you?

Continue reading

Lloyds bank hit by DDoS attack

DDoS attack

The Lloyds Banking Group fell victim to a massive cyberattack this week, that was responsible for temporarily disrupting its services.

The attack is being attributed to an international hacking group. It launched a distributed denial of service (DDoS) attack against the company's online services that lasted for two days. During this time, customers were reportedly unable to make payments online or check their account balances.

Continue reading

Hacking group uses Google services to control malware

Hackers laptops

Carbanak, a powerful cyber-crime group, is using certain Google services as command and control for its malware and other malicious elements. The news was released by cybersecurity firm Forcepoint this week.

Forcepoint uncovered a trojanized RTF document, which, once ran, will "send and receive commands to and from Google Apps Script, Google Sheets, and Google Forms services."

Continue reading

We know email can be hacked, but what could be next? (Shhhh it's voice)

voicecomntr

If you are like most people, you are beginning to wonder if anyone has even a tenth of a clue about how to protect email. We all watched, for example, as reams of stolen political correspondence from a major email provider were posted each day leading up to the recent election, more than likely influencing the outcome.

And we all watched as another major email provider lost 500 million accounts to hackers who seemed to barely break a sweat in doing so. And, as if that’s not bad enough, the criminal underground put these swiped email goods up for sale at about a millionth of a cent per user account. Sadly, that’s just how trivial the bad guys think it has now become to break into our email. Criminal theft of email has officially become commoditized. The old Pony Express was safer.

Continue reading

FBI-helping phone-cracking firm Cellebrite hit by 900GB hack

Hacker

Cellebrite -- the Israeli security company famed for helping the FBI crack the iPhone at center of the San Bernardino case -- has been hit by hackers. The attack resulted in the theft of 900GB of data.

While the website Motherboard -- which was handed a copy of the data -- reports that "the cache includes customer information, databases, and a vast amount of technical data regarding Cellebrite's products", the company has downplayed the incident.

Continue reading

Why you should be thanking hackers

hands shaking computer monitors

With titles like "cyber terrorist" floating around, hackers have been associated with all things criminal, malicious, and in some cases, just plain psychotic. A fair argument, considering how many cases of identity theft, loss of income, slander, and more have come from a data breach thanks to a keyboard and a few hours.

So why should you be thanking hackers?

Continue reading

Yahoo's security is a huge mess

Yahoo sign logo building

The latest reports on the data breach revelations at Yahoo, suggest that the company lost data for more than one billion users as far back as August 2013 and that the data is suspected to contain names, email addresses, hashed passwords, security questions and associated answers. In addition, Yahoo has stated that the attackers have accessed Yahoo proprietary code used to generate cookies for user access without credentials.

This major breach raises a number of questions, including: why did it take so long to identify and notify authorities about it? What are the implications for Yahoo users? What might this mean for Yahoo going forward? And what can other companies learn from these events?

Continue reading

Load More Articles