Page 1 of 3 123 LastLast
Results 1 to 10 of 27

Thread: Security breach/compromise - 2014

Hybrid View

Previous Post Previous Post   Next Post Next Post
  1. #1
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Security breach/compromise - 2014

    FYI...

    Snapchat leak - 4.6 million users ...
    - http://bgr.com/2014/01/01/snapchat-l...ers-usernames/
    Jan 1, 2014 - "Snapchat users beware: someone has posted the phone numbers and usernames of more than 4.6 million accounts on the site SnapchatDB*, freely available as an SQL dump or CSV text file for anyone to download. The last two digits of each phone number have been censored “in order to minimize spam and abuse”... This giant leak comes just days after Gibson Security’s latest interview in which the company warns of Snapchat’s vulnerabilities. According to Gibson Security, the Snapchat team had taken far too long to address some very serious issues with the coding of the software, and had left the application wide open to exploits that could compromise user information... SnapchatDB claims that the database represents “a vast majority of the Snapchat users”... “This information was acquired through the recently patched Snapchat exploit and is being shared with the public to raise awareness on the issue,” says the owner of SnapchatDB. “The company was too reluctant at patching the exploit until they knew it was too late and companies that we trust with our information should be more careful when dealing with it.”
    * UPDATE: SnapchatDB .info has been suspended and is no longer available.

    - http://www.reuters.com/article/2013/...9BU0K820131231
    Dec 31, 2013 - "Snapchat, Vine, and Candy Crush Saga earned coveted spots on smartphones this year, making them among the most downloaded apps of the year..."

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  2. #2
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Thumbs down Skype hacked to spread anti-MS messages

    FYI...

    Skype hacked to spread anti-MS messages
    - http://www.theregister.co.uk/2014/01...soft_messages/
    2 Jan 2014 - "Entities claiming to represent the Syrian Electronic Army (SEA) have hacked Skype's social media presences and used them to post anti-Microsoft messages. Here's one of the defacements, from Skype's Twitter account.
    - http://regmedia.co.uk/2014/01/02/skype_twitter_hack.png
    ... Skype's blog was also accessed and quickly became host to posts calling for Skype to stop allowing the NSA to access its back end... Skype wrestled control of its social media properties back from the alleged SEA members. The VoIP service has since posted the following all-clear to Twitter.
    'You may have noticed our social media properties were targeted today. No user info was compromised. We’re sorry for the inconvenience. 8:13 PM - 1 Jan 2014'..."

    - https://isc.sans.edu/diary.html?storyid=17330
    Last Updated: 2014-01-01 23:00:26

    Last edited by AplusWebMaster; 2014-01-14 at 05:31.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  3. #3
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Thumbs down Avast forums breached, Spotify unauthorized access ...

    FYI...

    Avast takes down forums after breach hits 400,000 users
    User names, email addresses and hashed passwords were compromised
    - http://www.theinquirer.net/inquirer/...-400-000-users
    May 27 2014

    - https://blog.avast.com/2014/05/26/av...due-to-attack/
    May 26, 2014 - "The AVAST forum is currently offline and will remain so for a brief period. It was hacked over this past weekend and user nicknames, user names, email addresses and hashed (one-way encrypted) passwords were compromised. Even though the passwords were hashed, it could be possible for a sophisticated thief to derive many of the passwords. If you use the same password and user names to log into any other sites, please change those passwords immediately. Once our forum is back online, all users will be required to set new passwords as the compromised passwords will no longer work... We are now rebuilding the forum and moving it to a different software platform. When it returns, it will be faster and more secure. This forum for many years has been hosted on a third-party software platform and how the attacker breached the forum is not yet known. However, we do believe that the attack just occurred and we detected it essentially immediately. We realize that it is serious to have these usernames stolen and regret the concern and inconvenience it causes you. However, this is an isolated third-party system and your sensitive data remains secure.
    Sincerely,
    Vince Steckler
    CEO AVAST Software"

    - http://www.databreaches.net/avast-ta...r-data-breach/
    May 26, 2014
    ___

    Spotify - Important Notice to Our Users
    - http://news.spotify.com/us/2014/05/2...-to-our-users/
    May 27, 2014 Oskar Stål, CTO - "We’ve become aware of some -unauthorized- access to our systems and internal company data and we wanted to let you know the steps we’re taking in response. As soon as we were aware of this issue we immediately launched an investigation. Information security and data protection are of great importance to us at Spotify and that is why I’m posting today. Our evidence shows that only one Spotify user’s data has been accessed and this did not include any password, financial or payment information. We have contacted this one individual. Based on our findings, we are not aware of any increased risk to users as a result of this incident. We take these matters very seriously and as a general precaution will be asking certain Spotify users to re-enter their username and password to log in over the coming days. As an extra safety step, we are going to guide Android app users to upgrade over the next few days**. If Spotify prompts you for an upgrade, please follow the instructions. As always, Spotify does not recommend installing Android applications from anywhere other than Google Play, Amazon Appstore or https://m.spotify.com/. At this time there is no action recommended for iOS and Windows Phone users. Please note that offline playlists will have to be re-downloaded in the new version. We apologise for any inconvenience this causes, but hope you understand that this is a necessary precaution to safeguard the quality of our service and protect our users. We have taken steps to strengthen our security systems in general and help protect you and your data – and we will continue to do so. We will be taking further actions in the coming days to increase security for our users. Please click here* to read more."
    * https://support.spotify.com/problems...android-update

    ** https://play.google.com/store/apps/d...ile.android.ui
    May 28, 2014

    Last edited by AplusWebMaster; 2014-05-29 at 21:40.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  4. #4
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Thumbs down Credit Card breach at Home Depot ...

    FYI...

    Credit Card breach at Home Depot ...
    - http://krebsonsecurity.com/2014/09/b...at-home-depot/
    Sep 2, 2014 - "Multiple banks say they are seeing evidence that Home Depot stores may be the source of a massive new batch of stolen credit and debit cards that went on sale this morning in the cybercrime underground. Home Depot says that it is working with banks and law enforcement agencies to investigate reports of suspicious activity. Contacted by this reporter about information shared from several financial institutions, Home Depot spokesperson Paula Drake confirmed that the company is investigating. “I can confirm we are looking into some unusual activity and we are working with our banking partners and law enforcement to investigate,” Drake said... There are signs that the perpetrators of this apparent breach may be the same group of Russian and Ukrainian hackers responsible for the data breaches at Target, Sally Beauty and P.F. Chang’s, among others. The banks contacted by this reporter all purchased their customers’ cards from the same underground store – rescator[dot]cc — which on Sept. 2 moved two massive new batches of stolen cards onto the market:
    A massive new batch of cards labeled “American Sanctions” and “European Sanctions” went on sale Tuesday, Sept. 2, 2014
    > http://krebsonsecurity.com/wp-conten...nsanctions.png
    ... this crime shop has named its newest batch of cards “American Sanctions.” Stolen cards issued by European banks that were used in compromised US store locations are being sold under a new batch of cards labled “European Sanctions.” It is not clear at this time how many stores may be impacted, but preliminary analysis indicates the breach may extend across all 2,200 Home Depot stores in the United States. Home Depot also operates some 287 stores outside the U.S. including in Canada, Guam, Mexico, and Puerto Rico. This is likely to be a fast-moving story with several updates as more information becomes available. Stay tuned.
    Update: 1:50 p.m. ET: Several banks contacted by this reporter said they believe this breach may extend back to late April or early May 2014. If that is accurate — and if even a majority of Home Depot stores were compromised — this breach could be many times larger than Target, which had 40 million credit and debit cards stolen over a three-week period."

    - http://www.bloomberg.com/news/print/...ta-breach.html
    Sep 2, 2014
    ___

    - https://atlas.arbor.net/briefs/index#908540839
    High Severity
    11 Sep 2014
    ___

    Home Depot hit by same Malware as Target
    - http://krebsonsecurity.com/2014/09/h...are-as-target/
    Sep 7, 2014 - "... new -variant- of the same malicious software program that stole card account data from cash registers at Target last December..."
    > http://blog.trendmicro.com/trendlabs...tail-accounts/
    ___

    - http://www.reuters.com/article/2014/...0H327E20140908
    Sep 8, 2014 - "... Home Depot Inc confirmed on Monday that its payment security systems have been breached, which could impact customers using payment cards at its stores in the United States and Canada. Home Depot, however, said it has found no evidence that personal identification numbers (PINs) have been compromised, it said in a statement*..."
    * http://phx.corporate-ir.net/phoenix....ews&id=1964976
    Sep 8, 2014

    - http://blog.trendmicro.com/trendlabs...ckpos-malware/
    Sep 9, 2014

    Last edited by AplusWebMaster; 2014-09-12 at 13:22.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  5. #5
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Thumbs down Yahoo malware attack - greater than anticipated

    FYI...

    Yahoo malware attack - greater than anticipated
    - http://bgr.com/2014/01/13/yahoo-malware-attack/
    Jan 13, 2014 - "The malware attack that took advantage of Yahoo’s Java-based ad network around Christmas Eve was far greater than anticipated, the company confirmed in a post*... on its help web pages. Initially believed to have affected only European users on January 3, 2014, the malware ad attacks were then said to have occurred during December 31, 2013 – January 3, 2014. But Yahoo on Friday revealed the attack actually took place between December 27, 2013 – January 3, 2014, and affected users -outside- of the European Union as well. It’s not clear how many users may have been affected by the hack..."
    * http://help.yahoo.com/kb/index?local...nt&id=SLN22569
    Jan 10th, 2014

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  6. #6
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Thumbs down SKorea databases hacked ...

    FYI...

    SKorea databases hacked ...
    - https://news.yahoo.com/us-general-sa...074734037.html
    Jun 5, 2014 - "The top U.S. military official in South Korea said a hacking incident might have compromised the personal information of thousands of South Koreans employed by the American command. Gen. Curtis M. Scaparrotti, commander of U.S. Forces in South Korea, apologized Thursday for the "possible theft" from two databases of private details of South Koreans such as names, contact information and work history. About 16,000 current and former workers, almost all of them Korean nationals, and people who have sought jobs with the U.S. military in South Korea, are affected by the incident. The U.S. military said no classified military data was compromised as the databases were on a separate network. South Korean government, broadcasting and finance industry networks have been a frequent target of cyberattacks in the past. Some have been blamed on North Korea, which denies any involvement. Others have been attributed to hackers seeking to profit from data theft... U.S. Forces spokesman Christopher Bush said an investigation by the U.S. Army was underway to determine who was responsible. The U.S. has around 28,500 soldiers in South Korea as a deterrent against the North..."

    - https://www.computerworld.com/s/arti...in_South_Korea
    June 6, 2014

    Last edited by AplusWebMaster; 2014-06-06 at 16:04.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  7. #7
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation 5 million GMail accounts hacked

    FYI...

    5 million GMail accounts hacked
    - http://money.cnn.com/2014/09/10/tech...ty/gmail-hack/
    Sep 10, 2014
    ___

    - http://www.webroot.com/blog/2014/09/...-breached-one/
    Sep 10, 2014 - "... This morning, we found out that there was a breach of over 5 million Gmail accounts, all hosted in a plain text file on Russian hacker forums. Naturally, we wanted to see what the data was like, and there it was, plain as day for everyone to see. We started to look up our various accounts, and out of my whole team, I was the only one to appear. Right in front of me, on a list with 5 million other people, was my information.... Every three months is the average for a company for changing of passwords, often not allowing you to repeat for at least 10 passwords. This may be an annoyance, but with breaches like this occurring on a daily basis, it’s a necessary step that you should be following at home as well. It’s no longer simply about someone figuring your password out, but rather the idea that any level of breach can grab your standard password and e-mail address, and attempt it across multiple channels until success is found. Changing your password removes this ability... With cell phones being at the ready in almost all aspects of our daily lives, this is one of the most convenient and easy layers to implement. By adding this layer, the service will authenticate any login attempt through an independent channel, allowing you to know if someone is attempting unauthorized access. Below are links to the sites listed above for their steps on enabling this step.
    Gmail: https://www.google.com/landing/2step/
    Amazon: http://aws.amazon.com/iam/details/mfa/
    PayPal: https://www.paypal.com/us/cgi-bin?cm...outside&bn_r=o
    Facebook: https://www.facebook.com/note.php?no...50172618258920
    Twitter: https://blog.twitter.com/2013/gettin...n-verification
    While we are still unsure how the hacker was able to get all this information, it’s clear as day that it is out there, and because of that, vigilance is key. Just as you wouldn’t leave your credit cards laying around, you shouldn’t risk your passwords being out there either. Data is valuable, and the more private or financially focused it is, the more we need to take it seriously. So take these simple steps, get another layer of security established, and make it a habit to change passwords so you don’t become another name on the list as I did. In the mean time, you can check and see if your e-mail is apart of the breach by following this link:
    - https://isleaked.com/en.php

    Google Two-Step authentication: https://support.google.com/a/answer/175197?hl=en
    ___

    - http://www.theinquirer.net/inquirer/...-password-dump
    Sep 11 2014 - "... Google talked about "credential dumps"*, which is described as the uploading of a lot of usernames and passwords on the web. It called them a 'recent phenomenon', adding that it regularly scans them for evidence of impact. It said that a recent leak from earlier this week, which was thought to include data from around five million Google and other provider email accounts, had a failure rate of around 98 percent, meaning that fewer than two out of every hundred credentials could be used... The firm took the opportunity to remind people that they probably use the same login credentials on a range of websites and that this is like bathing in gasoline while smoking a pipe..."
    * http://googleonlinesecurity.blogspot...ord-dumps.html

    Last edited by AplusWebMaster; 2014-09-11 at 16:07.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  8. #8
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Security firm IDs malware used in Target attack

    FYI...

    Security firm IDs malware used in Target attack
    - http://www.computerworld.com/s/artic..._Target_attack
    Jan 16, 2014 - " A security company that worked with the U.S. Secret Service to investigate the data breach at Target identified the malware used in the attack as a sophisticated derivative of a previously known Trojan program designed to steal data from Point-of-Sale (POS) systems. In a report released Thursday, iSight Partners identified the tool as Trojan.POSRAM, which it described as software that can find, store and transmit credit card and PIN numbers from POS systems. The Trojan is being used in a "persistent, wide ranging, and sophisticated" cyber campaign dubbed KAPTOXA targeting "many operators" of POS systems, the company warned. Some affected companies may not yet know they've been compromised or have already lost data, the iSight report noted... the POSRAM Trojan as a customized version of BlackPOS*, a piece of malware that has been available in the cyber underground since at least last February. Like BlackPOS, the POSRAM Trojan is designed to steal a card's magnetic stripe data while it is stored momentarily in a POS system's memory, just after a credit or debit card is swiped at the terminal. After infecting a POS terminal, the malware monitors the memory address spaces on the device for specific information. When it finds something of interest, the software saves the data to a local file and then transfers it to the attackers at preset times. It then is coded to delete the local file to cover its tracks... At the time the code was discovered, even fully updated antivirus tools would not have been able to detect the malware..."
    * http://www.symantec.com/connect/foru...abber-blackpos

    Malware Targeting Point of Sale Systems
    - https://www.us-cert.gov/ncas/alerts/TA14-002A
    Jan 2, 2014
    ___

    KAPTOXA POS Report
    - http://www.isightpartners.com/2014/0...os-report-faq/
    Jan. 16, 2014

    Last edited by AplusWebMaster; 2014-01-20 at 20:38.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  9. #9
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Exclamation Security incident on forum.eset.com

    FYI...

    Security incident on forum.eset.com
    - https://forum.eset.com/topic/2590-se...-forumesetcom/
    June 5, 2014 - "We have been informed by our third-party forum provider that user login details of ESET Security Forum members have been compromised. At this time we have confirmed that login data (user name/email and hashed forum passwords) have been accessed. We have requested details about the incident from our provider and have launched a full-scale investigation with them. ESET Security Forum has around 2,700 registered users and the only information stored are login details: no financial or other sensitive data are affected. ESET-operated infrastructure and ESET software users were not affected in any way by this incident. We recommend that all ESET Security Forum users change their passwords. Having different passwords for different services is a good practice: if you used your ESET Security Forum password for other services, we recommend that you also change those passwords immediately too... We apologize for any inconvenience.
    ESET Security Forum"

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  10. #10
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Thumbs down Home Depot breach - 56 million cards ...

    FYI...

    Home Depot breach - 56 million cards ...
    - http://www.reuters.com/article/2014/...0HD2J420140918
    Sep 18, 2014 - "Home Depot Inc Thursday said some 56 million payment cards were likely compromised in a cyberattack at its stores, suggesting the hacking attack at the home improvement chain was larger than last year's unprecedented breach at Target Corp. Home Depot, in providing the first clues to how much the breach would cost, said that so far it has estimated costs of $62 million. But it indicated that costs could reach much higher. It will take -months- to determine the full scope of the fraud, which affected Home Depot stores in both the United States and Canada and ran from April to September. Retailer Target incurred costs of $148 million in its second fiscal quarter related to its breach. Target hackers stole at least 40 million payment card numbers and 70 million other pieces of customer data. Home Depot said that criminals used unique, custom-built software that had not been seen in previous attacks and was designed to evade detection in its most complete account of what had happened since it first disclosed the breach on Sept. 8. The company said that the hackers’ method of entry has been closed off, the malware eliminated from its network, and that it had rolled out "enhanced encryption of payment data" to all U.S. stores... Of the estimated cost so far of $62 million, which covers such items as credit monitoring, increased call center staffing, and legal and professional services, Home Depot said it believes that $27 million of the amount will be paid for by insurers. But the company said it has not yet estimated the impact of "probable losses" related to the possible need to reimburse banks for fraud and card replacement, as well as covering costs of lawsuits and government investigations... Criminals have frequently used software that evades detection, but retailers are expected to closely monitor their networks using tools that are designed to uncover signs of a crime in progress..."
    ___

    - http://www.reuters.com/article/2014/...0IQ2L120141107
    Nov 6, 2014 - "... Criminals used a third-party vendor's user name and password to enter the perimeter of its network, Home Depot said in a statement on Thursday. The hackers then acquired "elevated rights" that allowed them to navigate parts of Home Depot's network and to deploy unique, custom-built malware on its self-checkout systems in the U.S. and Canada, according to the company. Home Depot said the stolen credentials did not alone provide direct access to the company's point-of-sale devices. Since September, the company has implemented enhanced encryption of payment data in all U.S. stores and said the rollout to Canadian stores will be completed by early 2015. This, however, was "really lipstick on a pig" and the proper solution was to add chip and PIN, or EMV technology, to U.S. credit cards, said David Campbell, chief security officer at SendGrid, a cloud-based email delivery service. Home Depot said it was already rolling out the EMV technology*..."
    * https://en.wikipedia.org/wiki/EMV

    Last edited by AplusWebMaster; 2014-11-07 at 16:40.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •