Gatehub and EpicBot Hacked; 2.2 Million User Accounts Leaked
by Silviu STAHIE, from HotForSecurity , on 21.11.2019
Personal details belonging to approximatively 2.2 million user accounts from GateHub and EpicBot were leaked online, according to Troy Hunt, creator of the Have I Been Pwned? Data breach search website. The websites of GateHub, a cryptocurrency wallet service, and EpicBot, a RuneScape bot service, were compromised sometime this year. It’s difficult to say when [and#8230;] read more
How to Get 360-Degree Visibility and Increased Cyber-Resilience
by Bogdan Carlescu, from Business Insights , on 21.11.2019
Why do organizations get breached? With all the investments in cybersecurity breaches still, occur. Details vary from case to case but if you boil down to the bottom of the incident you will most likely find the same basic story: lack of visibility and ineffective response to the emerging threats. Too many systems and too many tools, combined with limited human resources are usually strong contributors to the problem. read more
Cryptocurrency Monero Website Hacked, Original Binaries Replaced
by Silviu STAHIE, from HotForSecurity , on 20.11.2019
The website of the Monero open-source cryptocurrency was compromised, and some users downloaded a modified binary that contained malware designed to steal funds from people’s wallets. When a Linux user downloaded the latest Monero binary from the website, he did something that we should all do whenever we download a file. He compared the SHA256 [and#8230;] read more
Millions of Android phones may be vulnerable to camera spying vulnerability
by Graham CLULEY, from HotForSecurity , on 20.11.2019
Security researchers have uncovered a vulnerability in Android smartphones that could allow an attacker to secretly take photos and record videos without any permissions being granted. And the exploit works even if the phone is locked or the screen turned off, or even during an actual call and#8211; all without the knowledge of the user, [and#8230;] read more
Smaller DDoS Attacks Against Organizations Quadruple on Year in Q3, Survey Shows
by Silviu Stahie, from Business Insights , on 20.11.2019
Security researchers have uncovered a vulnerability in Android smartphones that could allow an attacker to secretly take photos and record videos without any permissions being granted. And the exploit works even if the phone is locked or the screen turned off, or even during an actual call and#8211; all without the knowledge of the user, [and#8230;] read more
Stalking App Ghosty on Android Allowed Users to See Private Instagram Accounts
by Silviu STAHIE, from HotForSecurity , on 20.11.2019
An application that would allow users to spy on Instagram private profiles was removed from the Google Play Store after Facebook took notice. Ghosty was an Android app that allowed people to access some private Instagram profiles, even though the social network’s terms of service prohibit this action. After Facebook threatened to send a cease [and#8230;] read more
Bluetooth Flaw Could Let Attackers Intercept Data
by Silviu STAHIE, from IoT Security Insights , on 19.11.2019
Ohio State University researchers discovered a flaw in the Bluetooth protocol that could allow attackers to gain control of some devices. While the Bluetooth protocol is reasonably secure, Bluetooth Low Energy is vulnerable in some scenarios during their communication with phones. The researchers built a and#8220;snifferand#8221; that could detect vulnerable Bluetooth devices up to 1,000 ... The post Bluetooth Flaw Could Let Attackers Intercept Data appeared first on Bitdefender. read more
Macys.com checkout page hacked; customers advised to be vigilant of fraud
by Filip TRUTA, from HotForSecurity , on 19.11.2019
American department store chain Macy’s has suffered an embarrassing data breach, leaving hackers with access to customers’ personal and financial information, including credit card numbers and even card security codes. In a letter to affected customers, Macy’s reveals that an unknown cybercriminal or group of hackers targeted macys.com with malicious code placed strategically at the [and#8230;] read more
Man who made $542,925 renting out DDoS services sentenced to prison
by Graham CLULEY, from HotForSecurity , on 19.11.2019
A 21-year-old man who made half a million dollars running DDoS-for-hire services has been sentenced to prison for 13 months. Between August 2015 to November 2017 Sergiy P. Usatyuk of Orland Park, Illinois, and a co-conspirator, operated a number of and#8220;booterand#8221; services that launched millions of distributed denial-of-service attacks that rendered websites slow or inaccessible. [and#8230;] read more
Attackers Outrunning, Outsmarting Healthcare Defenses
by Business Insights , on 19.11.2019
According to a new study, 2019 has been yet another brutal year for healthcare cybersecurity. In 2019, so far, nearly four out of five breaches in the industry struck health care providers. And 53% of those attacks were at the hands of external attackers, respondents to a new survey said. read more
