Malware Dev Charged with Spying on “Thousands” of Users for 13 Years

The United States Justice Department has charged an alleged malware author with spying on thousands of users for a period of 13 years. An indictment filed with the U.S. District Court for the the Northern District of Ohio (Eastern Division) asserts Phillip R. Durachinsky, 28, of North Royalton Ohio masterminded a scheme by which he … Read More The post Malware Dev Charged with Spying on “Thousands” of Users for 13 Years appeared first on The State of Security.
Read more

Behavioral biometrics will replace passwords by 2022 – Gartner

In just a few years, we can all safely forget those cumbersome passwords we use to secure and unlock our devices. And we will be able to thank on-device artificial intelligence (AI) for easing the strain on our memory, according to a forecast by Gartner. Gartner analysts believe on-device AI, as opposed to cloud-based AI,
Read more

Data Breach Exposes 300K RootsWeb Users’ Login Credentials

A data breach has exposed the login credentials belonging to 300,000 users of RootsWeb, a service owned and sponsored by Ancestry.com. On 4 December 2017, someone posted a file containing the usernames and plaintext passwords of 300,000 users to a hacker forum. An analysis of the dump, which was still available for download as of … Read More The post Data Breach Exposes 300K RootsWeb Users’ Login Credentials appeared first on The State of Security.
Read more

‘Starwars’ is a ‘dangerous’ password to use, says SplashData

‘Starwars’ is one of the newest additions to 2017’s Worst Passwords of the Year list, as determined by SplashData in its annual report. According to the company’s CEO, this password is “dangerous.” Millions continue to use easily guessable passwords despite countless reports of hacks, ransomware attacks, extortion attempts and state-sponsored data breaches in the past
Read more

“123456” Still Reigns Supreme on Worst Passwords List

“123456” has once again topped an annual list of the worst passwords created by users in North America and Western Europe. On 19 December, password management provider SplashData released the 2017 edition of its “Worst Passwords of the Year” list. The dataset comprises five million leaked passwords exposed by data security incidents over the course … Read More The post “123456” Still Reigns Supreme on Worst Passwords List appeared first on The State of Security.
Read more

Security Breach Exposed oBike Users’ Personal Information

A security breach at bicycle-sharing operation oBike has exposed the personal information of users in Singapore and 13 other countries. A spokesperson for the company said the data leak “stemmed from a gap in our that allowed users to refer a friend to our platform.” With the oBike app, users can send … Read More The post Security Breach Exposed oBike Users’ Personal Information appeared first on The State of Security.
Read more

Pentest Toolbox Additions 2017

Last year, I wrote a short blog post about tools I had added to my pentesting toolbox. I’ve decided to make this type of article a yearly tradition. In this post, I highlight some of the useful tools I’ve started to use this past year. Domain Password Audit Tool First, I will shamefully promote a … Read More The post Pentest Toolbox Additions 2017 appeared first on The State of Security.
Read more

Elite UK Club Announces Theft of 5,000 Members’ Data

An elite club in the United Kingdom has announced a data security incident where someone stole data pertaining to 5,000 of its members. The theft occurred when someone stole a backup computer drive for the Oxford and Cambridge Club out of a locked room inside the organization’s headquarters in London. That drive contained the personal … Read More The post Elite UK Club Announces Theft of 5,000 Members’ Data appeared first on The State of Security.
Read more

Australian Broadcasting Corporation Leaked Data through AWS S3 Bucket

The Australian Broadcasting Corporation (ABC) leaked sensitive data online through a publicly accessibly Amazon Web Services (AWS) S3 bucket. Public search engine Censys indexed the misconfigured asset on 14 November during a regular security audit of the S3 environment. Researchers at the Kromtech security center don’t know who might have accessed the AWS S3 bucket … Read More The post Australian Broadcasting Corporation Leaked Data through AWS S3 Bucket appeared first on The State of Security.
Read more
Page 1 of 41234