Antivirus Vendors
13,000 login details including payment card numbers an expiry dates have leaked from online services including Amazon, Xbox Live, Playstation Network and more, according to Tech Crunch.
The post Amazon, Xbox Live, PSN and more: Hackers leak 13,000 passwords appeared first on We Live Security.
Realtime call-monitoring and GPS tracking of partners by domestic abusers is on the rise, both via dedicated electronic listening devices or using sophisticated spyware software.
The post Spyware abuse – partner tracking reaching “epidemic proportions” appeared first on We Live Security.
Earlier this month, as the Sony Entertainment breach was making headlines, Sony’s PlayStation Network (PSN) was knocked offline due to an alleged hacking attack. On Christmas morning, just as kids everywhere were unwrapping their new PlayStation and Xboxes, the PSN and Microsoft’s Xbox Live network were both disrupted leading to speculation that they were once again hacked. A group calling themselves Lizard Squad claiming responsibility for the attacks via Twitter.
As of now, PlayStation is still offline and PSN is directing users to their @AskPlayStation Twitter account for updates.
Please follow @AskPlayStation to get the latest updates as we work to restore full network functionality.
— Ask PlayStation (@AskPlayStation) December 26, 2014
Xbox Live Status reports that its core services are running, but there is limited access to apps for IGN, Maxim, and MLG.tv.
Related article: Sony PlayStation Network down due to hacker attack
Malicious DDoS attack blamed for taking major gaming networks Xbox Live and Playstation Network offline for Christmas…
The post Playstation Network and Xbox Live offline for Xmas appeared first on We Live Security.
A few days ago we published a summary of six of the most important security attacks in 2014.
Today we continue this list with some other notable attacks, which stood out not just because of the stature of the companies attacked, but also because of the volume of compromised data.
banking corea
The Korean financial agency, Korea Credit Bureau (KCB), was the victim of an attack that exposed more than 105,8million user accounts, including credit card details, first names and last names, phone numbers, addresses and even passport numbers.
In this case however, no malware was used. The thief worked for KCB -ironically in the company’s anti-fraud department- and for 11 months had been copying the data before selling it to the highest bidder.
Had the information been adequately encrypted, the damage could have been far less, yet this wasn’t the case.
In February, a vulnerability on the website of the French telecom firm Orange allowed hackers to access the data of hundreds of thousands of customers, including names, addresses and phone numbers.
Fortunately, and despite the security hole, Orange’s systems were sufficiently well set up as to prevent passwords from being compromised, thereby greatly reducing the damage to the 800,000 users affected.
It appears that these passwords were stored on a separate, more secure server.
Also in February, the Syrian Electronic Army (SEA) managed to compromise the website of Forbes. This resulted in the theft of data of more than a million users, including company employees.
Stolen data included names and email addresses, as well as (encrypted) passwords. Worse still, the SEA published the data on the Internet.
In June this year, the Domino’s Pizza fast-food chain was attacked by a group called “Rex Mundi”, and the data of some 650,000 French and Belgian customers was stolen.
In this case, the criminals demanded a ransom for the information, though the company’s chiefs said they were not willing to give in to blackmail.
In September, Home Depot, the home improvements retailer, confirmed there had been an attack on its servers, compromising the data of 56 million credit and debit cards.
Moreover, according to the The Wall Street Journal, some of the accounts associated to these cards had been emptied.
To end 2014, we have witnessed one of the most significant targeted attacks on a company.
Many details of the attack are still unclear, but the effects on Sony have been tremendous: a week without being able to connect to computers, massive deletion of data, theft of internal company information…
The attackers have published five unreleased films and are threatening to leak confidential data.
There have also been reports of malware appearing with Sony’s digital signature, the passwords for which were stolen with the rest of the information.
The post Major security attacks in 2014 – Part 2 appeared first on MediaCenter Panda Security.
An online attack on a German steelworks caused massive damage to the infrastructure, according to reports.
The post Hackers damage German factory appeared first on We Live Security.
As the tale of Sony Entertainment’s victimization at the hands of cyber hackers continues to play out (with new twists in the plot revealed almost daily for the last month), it feels like ultimately there may be something positive to emerge from the unprecedented event for us as a society.
While unfortunately, it may have been at Sony’s expense, the Sony hack attack has made cyber security a top-of-mind issue for mainstream media, businesses and consumers.
(Full disclosure, Sony is a valued AVG partner.)
From the initial reports of hacked celebrity email revelations that first put the incident front and center – to a decision by Sony to pull (for now) the film “The Interview” – to unprecedented charges by the FBI of the involvement of a state-sponsored hacker (North Korea) and our U.S. president vowing a “proportional” response for the ‘cyber vandalism’ attack on Sony and our freedom of speech…to North Korea’s internet subsequently going down (as we publish this blog) without explanation on Dec. 22nd 2014. It has now been confirmed by Sony that there will be a limited release of the movie on Christmas Day.
This incident has been playing out like a plot to a thriller –with all of us watching and trying to identify the bad actors. Unfortunately, it really is reality TV.
But one of the impacts also has been well-deserved attention to the increasing concerns about cyber security – from personal to national.
Cyber security is, without doubt, one of the most serious issues of our time.
Clearly, in 2014 the issue of cyber security has moved from being perceived as a somewhat “wonky” IT issue, to one that average Americans are now concerned with. Unfortunately, it has taken the Sony episode along with a year of high-profile data breaches and hacking at other very high profile businesses (Target, Home Depot, JP Morgan Chase, among them) to bring the issue into the mainstream consciousness and concern.
As we close 2014, it feels like it has been the (unofficial) year of the hacker. But it has made people more appreciative of the need for digital security. For that much we can be thankful. And, perhaps it will prompt us all to make 2015 the year of digital security.
It makes me very proud of what we do here at AVG to contribute to making the digital world safer for everyone.
Hosting and managed cloud provider Rackspace has been taken offline for more than 12 hours by a massive DDoS attack.
The post Rackspace knocked offline by huge DDoS attack appeared first on We Live Security.
Is the Tor Network about to be knocked offline? Insiders certainly seem to think so as intelligence of a credible threat against the network’s relays has been received. Is this a genuine threat to the Tor Network’s ability to function?
The post Tor Network warns of potential attack appeared first on We Live Security.
It’s billed as the hottest new messaging app on the planet, and it’s rocketed into the top ten in the U.S. in just a year. But how safe are you on Yik Yak?
The post Yik Yak – what security-conscious users need to know appeared first on We Live Security.
