What We Can Learn from the Capital One Hack

KrebsOnSecurity brings us an overview on what we can learn from the Capital One hack and information about the ongoing investigation. On Monday, a former Amazon employee was arrested and charged with stealing more than 100 million consumer applications for credit from Capital One. Since then, many have speculated the breach was perhaps the result of a previously unknown “zero-day” flaw, or an “insider” attack in which the accused took advantage of access surreptitiously...

Read More

CrowdStrike CTO Explains “Breakout Time” — A Critical Metric in Stopping Breaches

This video features CrowdStrike® Co-founder and CTO Dmitri Alperovitch discussing why “breakout time” is a critical measurement for organizations trying to stop a breach. As Alperovitch explains, “Breakout time is the time between when an intruder gets on a machine, whether it’s through spear phishing or some sort of strategic web compromise, and when they break out of the beachhead they’ve established and compromise other systems.” Breakout time was first introduced...

Read More
Canada Post admits thousands of Ontario cannabis buyers' information breached

Canada Post admits thousands of Ontario cannabis buyers’ information breached

Canada Post acknowledged Wednesday that thousands of Ontario customers buying cannabis had their information breached. The national mail service has not notified the buyers behind 4,500 orders who had their data compromised. The breach became public after the Ontario Cannabis Store issued a statement on Wednesday and e-mailed affected customers the same day. Ontario’s only legal outlet for recreational cannabis said it was notified last Thursday by Canada Post that someone had...

Read More
Hacky Hack Hack

Hacky Hack Hack

A 14-year-old Australian boy hacked into Apple servers and downloaded 90GB in documents The 14-year-old teen from Melbourne Australia was found to have broken into Apple servers and downloaded approximately 90GB of information. When law enforcement intercepted him, they confiscated two laptops, a mobile phone and a hard drive. Following this confiscation, the officers found a folder on the network labeled ‘Hacky Hack Hack’, within lay the stolen Apple files. The teen...

Read More
Has Tennis Turned into a Cybersecurity Battle Ground?

Has Tennis Turned into a Cybersecurity Battle Ground?

Wimbledon ended earlier in the summer, yet, their cybersecurity team works year round Often dubbed the grandest tennis tournament, Wimbledon hosts the greatest stars in the world for a few weeks of tennis. Founded in 1877 the tournament stays true to many of its founding roots, including the original grass playing surface and the all-white tennis attire. Yet, to stay up to date with current times Wimbledon has greatly adjusted their...

Read More
What You Need to Know About the Reddit Breach

What You Need to Know About the Reddit Breach

On August 1st, Reddit announced a breach where an attacker was able to access user data. In an official Reddit post, Reddit made a quick statement and said; A hacker broke into a few of Reddit’s systems and managed to access some user data, including some current email addresses and a 2007 database backup containing old salted and hashed passwords. Since then we’ve been conducting a painstaking investigation to figure out just...

Read More

Saks Fifth Avenue and Lord & Taylor Suffer Massive Payment Card Breach

A few weeks ago, Saks Fifth Avenue, Saks OFF 5TH and Lord & Taylor stores located in North America suffered a massive data breach where hackers stole millions of shopper’s payment card information. This includes credit cards, debit cards, cardholder name, payment card number and expiration date. Security researchers at Gemini Advisory believe “a well-known professional hacker group has broken into the ‘entire network’ of Lord & Taylor and dozens of branches...

Read More
Forever 21 Breach Lasted Over Seven Months

Forever 21 Breach Lasted Over Seven Months

If you shopped in a brick-and-mortar Forever 21 store this year, your credit card information may have been compromised due to the company’s failure to turn on encryption in some of its point-of-sale (POS) terminals which resulted in a 7-month Forever 21 breach. Encryption was not turned on at some of the point of sale (POS) devices used in Forever 21 stores, exposing customers card data to info-stealing malware last year,...

Read More
Sonic Data Breach Could Have Affected Millions

Sonic Data Breach Could Have Affected Millions

Sonic first heard about the data breach when its credit-card processor detected unusual activity on customers' payment cards. Fast-food giant Sonic has disclosed a data breach potentially affecting millions of customers. The chain has nearly 3,600 stores across 45 US states but as the investigation is ongoing, it does not yet know how many store payment systems were affected. KrebsOnSecurity first reported the breach, which Sonic discovered last week when its credit-card...

Read More
CCleaner malware infected 2.27M users

CCleaner malware infected 2.27M users

The popular and free software, CCleaner has been reported to have infected 2.27 million users with malware. Here's what you need to know. Users of a free software tool designed to optimize system performance on Windows PCs and Android mobile devices got a nasty shock this morning when Piriform, the company which makes the CCleaner tool, revealed in a blog post that certain versions of the software had been compromised by hackers —...

Read More