‘Major’

now browsing by tag

 
 

New York is #quietly working to #prevent a major #cyber attack that could bring down the #financial #system

Source: National Cyber Security News

Five months before the 9/11 attacks, US Secretary of Defense Donald Rumsfeld sent a memo to one of his advisers with an ominous message.

“Cyberwar,” read the subject line.

“Please take a look at this article,” Rumsfeld wrote, “and tell me what you think I ought to do about it. Thanks.”

Attached was a 38-page paper, published seven months prior, analyzing the consequences of society’s increasing dependence on the internet.

It was April 30, 2001. Optimistic investors and frenzied tech entrepreneurs were still on a high from the dot-com boom. The World Wide Web was spreading fast.

Once America’s enemies got around to fully embracing the internet, the report predicted, it would be weaponized and turned against the homeland.

The internet would be to modern warfare what the airplane was to strategic bombers during World War I.

The paper’s three authors — two PhD graduates and the founder of a cyber defense research center — imagined the damage a hostile foreign power could inflict on the US. They warned of enemies infecting computers with malicious code, and launching mass denial of service attacks that could bring down networks critical to the functioning of the American economy.

Read More….

advertisement:

View full post on National Cyber Security Ventures

Cash #Converters is #HACKED: Cyber #criminals hold UK #customer #credit card numbers, addresses and #passwords to #ransom after major #security breach

Source: National Cyber Security – Produced By Gregory Evans

Hackers who attacked the now defunct website of second hand goods store Cash Converters may have access to the account details of thousands of customers.

Usernames, passwords, delivery addresses and potentially partial credit card numbers are among the data believed to have been stolen.

The culprits are said to be holding the information to ransom while the firm works with law enforcement authorities to investigate the incident.

It is not known exactly how many customers were impacted in the hack or when it happened.

 

Cash Converters operates high street stores where customers can trade items like jewellery and electronics for money.

The affected website, which was put out of action in September 2017 and replaced with an updated version, lets people purchase these products online.

As well as cash trade ins, the company offers small financial loans to its customers.

The data breech is only believed to affect customers of the Perth-founded firm who are based in the UK.

In a breach notification email sent to customers, a Cash Converters spokesman said: ‘Please be reassured that, alongside the relevant authorities, we are investigating this as a matter of urgency and priority.

‘We are also actively implementing measures to ensure that this cannot happen again.

‘Although some details relating to the cybersecurity breach remain confidential while Cash Converters works with the relevant authorities, we will continue to provide as much detail as possible as it becomes available.

‘The current webshop site was independently and thoroughly security tested as part of its development process.

‘We have no reason to believe it has any vulnerability, however additional testing is being completed to get assurance of this.

‘Our customers truly are at the heart of everything we do and we are both disappointed and saddened that you have been affected.

‘We apologise for this situation.’

Cash Converts reportedly received an email from hackers who claiming to have gained access to the data.

They threatened to release the data if they were not paid, which means anyone who used the old site before September 22 could be at risk.

Customers have been to advised to change their passwords and the firm has forced a reset for all UK webshop users.

Speaking about the breach, Jon Topper, CEO of UK webhosting firm The Scale Factory, said: ‘When migrating away from old solutions it’s important to bear in mind that old digital assets will still be running and available online until such time as they are fully decommissioned.

‘As a result they should still be treated as ‘live” which means maintaining a good security posture around them, keeping up with patching and so forth.

‘In their customer notification, Cash Converters were quick to point out that the old site was operated by a third party, possibly intending to deflect responsibility for this breach.

‘This definitely won’t fly under General Data Protection Regulation regulations coming into force next year.

‘Companies running server infrastructure that handles customer data should be engaging with experts to review their security posture ahead of that, in order to avoid being slapped with a large fine.’

The post Cash #Converters is #HACKED: Cyber #criminals hold UK #customer #credit card numbers, addresses and #passwords to #ransom after major #security breach appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Verticalscope #hacked again: At least 2.7 million #accounts #compromised in second major #data #breach

Source: National Cyber Security – Produced By Gregory Evans

Verticalscope #hacked again: At least 2.7 million #accounts #compromised in second major #data #breach

Hackers have once again targeted Verticalscope, a Canadian firm that manages hundreds of popular web discussion forums with over 45 million user accounts. The breach has compromised at least 2.7 million user accounts. The Toronto-based company runs a network of support forums and online community websites catering to a wide range of interests, from outdoor and automotive to sports and technology.

In June 2016, Verticalscope admitted that it had suffered a data breach that saw at least 45 million user accounts compromised and their data leaked in a blog post on Leakedsource.com.

The latest breach impacted six websites, including Toyotanation.comJeepforum.com – the company’s second-most popular website – and Watchuseek.com, security expert Brian Krebs first reported.

Security researcher and founder of Hold Security, Alex Holden, notified Krebs last week that hackers were selling access to Verticalscope.com and a number of other sites operated by the company.

Holden initially suspected that a nefarious actor was just trying to resell data stolen in the 2016 breach.

“That was before he contacted one of the hackers selling the data and was given screen shots indicating that Verticalscope.com and several other properties were in fact compromised with a backdoor known as a ‘Web shell’,” Krebs wrote. “With a Web shell installed on a site, anyone can remotely administer the site, upload and delete content at will, or dump entire databases of information — such as usernames, passwords, email addresses and Internet addresses associated with each account.”

The hackers reportedly obfuscated certain details in the screenshots that allowed him to locate at least two backdoors on Verticalscope’s website and Toyotanation.com, one of the company’s most popular forums.

Krebs reported that a simple search on one of Verticalscope’s compromised domains led to a series of Pastebin posts that have since been deleted “suggesting that the individual(s) responsible for this hack may be trying to use it to advertise a legally dicey new online service called LuiDB”.

“Similar to Leakedsource, LuiDB allows registered users to search for account details associated with any data element compromised in a breach — such as login, password, email, first/last name and Internet address,” Krebs noted. “The first search is free, but viewing results requires purchasing a subscription for between $5 and $400 in Bitcoin.”

“The intrusion granted access to each individual website files,” Verticalscope said in a statement to Krebs. “Out of an abundance of caution, we have removed the file manager, expired all passwords on the 6 websites in question, added the malicious file pattern and attack vector to our detection tools, and taken additional steps to lock down access.”

The company did not provide any details regarding when and how the attack took place or who carried out the hack. IBTimes UK has reached out to Verticalscope for further details.

The post Verticalscope #hacked again: At least 2.7 million #accounts #compromised in second major #data #breach appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Cybersecurity breaches: Centre is looking to roll out this major innovative approach

Source: National Cyber Security – Produced By Gregory Evans

The government is working on creating a single framework for reporting breach of cyber security at financial institutions and a working group is soon likely to be formed, sources in the know told FE. The government is working on creating a single framework for reporting breach of cyber security at…

The post Cybersecurity breaches: Centre is looking to roll out this major innovative approach appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Getting the Word Out: How Cyber Security Marketers Can Respond to Major Cyber Attacks

Source: National Cyber Security – Produced By Gregory Evans

As we head into the second half of 2017, cyber attacks and security breaches are increasing in both size and frequency. For example, information from the Computer Crime and Intellectual Property Section of the U.S. Department of Justice shows that more than 4,000 ransomware attacks occurred every day in 2016,…

The post Getting the Word Out: How Cyber Security Marketers Can Respond to Major Cyber Attacks appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Second Major Ethereum Hack In a Week Leads to $34 Million Theft

Source: National Cyber Security – Produced By Gregory Evans

While cryptocurrencies like Bitcoin and Ethereum have enjoyed meteoric popularity over the past several months, there are still many potential investors who remain skeptical. And one of the reasons for this skepticism is the ongoing concern about cryptocurrency security. Now that a second major hack of Ethereum has taken place…

The post Second Major Ethereum Hack In a Week Leads to $34 Million Theft appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Two charged with running hacking service used in ‘major computer intrusions’ of U.S. businesses

To Purchase This Product/Services, Go To The Store Link Above Or Go To http://www.become007.com/store/ Source: National Cyber Security – Produced By Gregory Evans Two men from Latvia ran a malware service that has been in operation for more than a decade and used in major …

The post Two charged with running hacking service used in ‘major computer intrusions’ of U.S. businesses appeared first on Become007.com.

View full post on Become007.com

New York City to become major cybersecurity hub as part of new 10-year plan

Source: National Cyber Security – Produced By Gregory Evans

New York City to become major cybersecurity hub as part of new 10-year plan

New York City may turn into the next cybersecurity hub of the United States, thanks to New York Mayor Bill de Blasio’s 10-year plan to invest in new technological industries, raise wages, train New Yorkers, and overall strengthen the middle class. Today, the mayor announced “New York Works,” a series…

The post New York City to become major cybersecurity hub as part of new 10-year plan appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

BREAKING: OurMine Hack Huge YouTube Channels In Major Security Leak

Source: National Cyber Security – Produced By Gregory Evans A huge security leak has seen major YouTube stars have their accounts hacked by OurMine, the notorious hacking group who have caused major upheaval in the past by hacking accounts belonging to some of the world’s biggest names. Stars including … The post BREAKING: OurMine Hack […]

The post BREAKING: OurMine Hack Huge YouTube Channels In Major Security Leak appeared first on AmIHackerProof.com.

View full post on AmIHackerProof.com | Can You Be Hacked?

Former Major Leaguers Help Erlanger-Elsmere Schools with Anti-Bullying Project

A pair of former Major League Baseball players will be helping a local school district with a project.
Sean Casey, a former Cincinnati Reds first baseman, and Tim Flannery, who played for the San Diego Padres, have been teamed up through The Love Harder Project to support bullying prevention at Erlanger-Elsmere Schools.
They’ll be working on the Buddy Bench Project.
The Erlanger-Elsmere School District stated in a news release that the Buddy Benches will support its bullying prevention systems already in place.

“Through the positive preventative programming and bullying prevention work we do in our schools, our students collaborate daily and demonstrate appreciation and respect for one another,” said Dr.

Read More

The post Former Major Leaguers Help Erlanger-Elsmere Schools with Anti-Bullying Project appeared first on Parent Security Online.

View full post on Parent Security Online