Free tools and resources for Data Protection Officers!

Tag Archives for " hacking "

Hackers erase 6,500 sites from the Dark Web in one attack

One of the most popular Dark Web hosting services – Daniel’s Hosting – was slaughtered last week when attackers hosed it clean of about 6,500 hidden services. The admin says they’re gone for good: he hasn’t even figured out where the vulnerability is yet.

Source: Hackers erase 6,500 sites from the Dark Web in one attack – Naked Security

The Hack Millions of People Are Installing Themselves

Security conscious users keep their operating system and other software up to date, but a huge risk is often overlooked: the underground trade of malicious browser extensions that people install themselves.

Extensions are in such as prime position for hackers because, depending on the purpose of the extension, they may have special permissions to access information inside the web browser. These can range from the data on all the websites you visit, which lets the extension potentially read, request, or modify data on anything, from your online banking site to Facebook. Others may request access to your browsing history, your clipboard, or bookmarks. The security of the particular browser may be great—it is getting more and more expensive for someone to remotely hack Chrome, for example—but that protection can be undermined if a malicious extension is just sitting inside the browser.

Full article: The Hack Millions of People Are Installing Themselves – Motherboard

More than 50 nations, but not U.S., sign onto cybersecurity pact

French President Emmanuel Macron released an international agreement on cybersecurity principles Monday as part of the Paris Peace Forum. The original signatories included more than 50 nations, 130 private sector groups and 90 charitable groups and universities, but not the United States, Russia or China.

The Paris Call for Trust and Security in Cyberspace is another step in the disjointed effort to create international norms and laws for cybersecurity and warfare. In most international matters of regulating the internet, there tends to be a wide split between the liberal Western order and authoritarian nations like Russia and China.

Full article: More than 50 nations, but not U.S., sign onto cybersecurity pact – Axios

Another Facebook vulnerability could have exposed user information

The security company Imperva has released new details on a Facebook vulnerability that could have exposed user data. The bug allowed websites to obtain private information about Facebook users and their friends through unauthorized access to a company API, playing off a specific behavior in the Chrome browser. The bug was disclosed to Facebook and resolved in May.

Source: Another Facebook vulnerability could have exposed information about users and their friends – The Verge

‘Stalkerware’ Website Let Anyone Intercept Texts of Tens of Thousands of People

A hacker exposes the awful security of two companies that sell spyware for consumers. By simply viewing the HTML of a particular website, anyone could log in and rummage through Facebook messages, texts, and phone call data.

Source: ‘Stalkerware’ Website Let Anyone Intercept Texts of Tens of Thousands of People – Motherboard

Thousands of WordPress sites backdoored with malicious code

Thousands of WordPress sites have been hacked and compromised with malicious code this month, according to security researchers at Sucuri and Malwarebytes.

All compromises seem to follow a similar pattern –to load malicious code from a known threat actor– although the entry vector for all these incidents appears to be different.

Researchers believe intruders are gaining access to these sites not by exploiting flaws in the WordPress CMS itself, but vulnerabilities in outdated themes and plugins.

Source: Thousands of WordPress sites backdoored with malicious code | ZDNet

The 6 most popular cyberattack methods hackers use to attack your business

Cyberattacks show no sign of slowing down this year, according to a Wednesday report from Positive Technologies. Q2 2018 saw a 47% increase in cyberattacks over Q2 2017, with targeted attacks outnumbering mass campaigns as cybercriminals grow more sophisticated. Most cases involved targeted attacks on companies and their clients, as well as cryptocurrency exchanges, the report found. This article looks at six most popular cyberattack methods criminals used in Q2 2018, according to the report.

Read article: The 6 most popular cyberattack methods hackers use to attack your business – TechRepublic

Facebook Hack Puts Thousands of Other Sites at Risk

Ten years ago, the social network introduced a password system that connected it to a broad swath of the internet. Now we are seeing the downside. The hack and its fallout underscore the lengths to which Facebook has cemented itself as the identity of the internet, and what happens when the security systems of one company — trusted by so many — fail.

Full article: Facebook Hack Puts Thousands of Other Sites at Risk – The New York Times

The Facebook hack could be Europe’s first big online privacy battle

In a massive breach more than 50 million Facebook accounts has been compromised using a series of unpublished vulnerabilities to hijack session keys on an unprecedented scale. The new breach is a real contrast with previous GDPR fights, which have largely had to do with policy decisions and terms of service. It is not a clash about wording of privacy policies or providing advertisers with access to data but rather liability of service provider to ensure security of it’s service.

Source: The Facebook hack could be Europe’s first big online privacy battle – The Verge

>