Free tools and resources for Data Protection Officers!

Tag Archives for " hacking "

Risks from stolen Marriott data: espionage, ID theft, home burglaries

The data stolen from the Marriott hotel empire in a massive breach is so rich and specific it could be used for espionage, identity theft, reputational attacks and even home burglaries, security experts say.

Affected reservation system could be extremely enticing to nation-state spies interested in the travels of military and senior government officials.

Full article: Risks from stolen Marriott data: espionage, ID theft, home burglaries – East Bay Times

Marriott Hacking Exposes Data of Up to 500 Million Guests

Marriott International acknowledged on Friday that an “unauthorized party had copied and encrypted information” belonging to about 500 million customers on its Starwood reservations system.

The personal information of customers that was stolen includes names, dates of birth, passport numbers and payment numbers.

Full article: Marriott Hacking Exposes Data of Up to 500 Million Guests – The New York Times

Thefts, Hacks And Surveillance: Whose Side Is Blockchain On?

Crypto is in the news for the recent hacks and breaches, becoming the favorite currency of cybercriminals. This article examines what is actually going on, the fundamentals of security and what the crypto-community is actually doing to prevent hacks and surveillance.

Full article: Thefts, Hacks And Surveillance: Whose Side Is Blockchain On?

Stop focusing your information security efforts on the wrong things!

There once was a time not all that long ago when security teams could plead ignorant to IT security risks, with minimal possible consequence in terms of any significant damage coming to the company. Those days are long gone. In today’s era of advanced cyberattacks, information security is too important an element of business success to dismiss.

Full article: Stop focusing your information security efforts on the wrong things!

Widely used open source software contained bitcoin-stealing backdoor

A hacker or hackers sneaked a backdoor into a widely used open source code library with the aim of surreptitiously stealing funds stored in bitcoin wallets. The malicious code was inserted in two stages into event-stream, a code library with 2 million downloads that’s used by Fortune 500 companies and small startups alike.

In stage one, version 3.3.6, published on September 8, included a benign module known as flatmap-stream. Stage two was implemented on October 5 when flatmap-steam was updated to include malicious code that attempted to steal bitcoin wallets and transfer their balances to a server located in Kuala Lumpur. The backdoor came to light last Tuesday with this report from Github user Ayrton Sparling.

Full article: Widely used open source software contained bitcoin-stealing backdoor | Ars Technica

Microchip implants are threatening workers’ rights

Initially, the chips are being used in place of ID cards as a way of opening secure doors. But there’s good reason to think the use of implants could expand to more sinister purposes, giving employers much greater control over their workers and raising serious concerns over issues related to human dignity, ethics and health.

Full article: Microchip implants are threatening workers’ rights

How Password Constraints Give You a False Sense of Security

The next time you’re forced to make a password—especially if a site requires you to use a crazy combination of uppercase and lowercase letters, or a number, or a symbol—don’t assume that these attempts at obfuscation automatically mean that your password is incredible and secure.

Full article: How Password Constraints Give You a False Sense of Security

6 mobile security threats you should take seriously in 2019

While it’s easy to focus on the sensational subject of malware, the truth is that mobile malware infections are incredibly uncommon in the real world — with your odds of being infected significantly less than your odds of being struck by lightning, according to one estimate.

However, the more realistic mobile security hazards lie in some easily overlooked areas, all of which are only expected to become more pressing in the coming year.

Full article: 6 mobile security threats you should take seriously in 2019 | CSO Online

Hackers erase 6,500 sites from the Dark Web in one attack

One of the most popular Dark Web hosting services – Daniel’s Hosting – was slaughtered last week when attackers hosed it clean of about 6,500 hidden services. The admin says they’re gone for good: he hasn’t even figured out where the vulnerability is yet.

Source: Hackers erase 6,500 sites from the Dark Web in one attack – Naked Security

The Hack Millions of People Are Installing Themselves

Security conscious users keep their operating system and other software up to date, but a huge risk is often overlooked: the underground trade of malicious browser extensions that people install themselves.

Extensions are in such as prime position for hackers because, depending on the purpose of the extension, they may have special permissions to access information inside the web browser. These can range from the data on all the websites you visit, which lets the extension potentially read, request, or modify data on anything, from your online banking site to Facebook. Others may request access to your browsing history, your clipboard, or bookmarks. The security of the particular browser may be great—it is getting more and more expensive for someone to remotely hack Chrome, for example—but that protection can be undermined if a malicious extension is just sitting inside the browser.

Full article: The Hack Millions of People Are Installing Themselves – Motherboard

1 2 3 17
>