Displaying items by tag: Breach

Thursday, 04 September 2014 08:39

Apple's iCloud Easy to Crack with Existing Tools

Two days ago we reported on the iCloud controversy which involved an attack on Apple’s Cloud based Find My iPhone application. This attack (which appears to have been a dictionary attack) resulted in the release of nude images of a number of celebrities posted on the internet for all to see. Apple immediately jumped to the defensive and released a statement saying they were not “hacked” and it is not their fault. Now on the surface this is true as there was not a full breach of their security, but it is about as wrong as you can get.

Published in News

Over the weekend a number of articles broke describing a “hack” that allowed nude photos of celebrities to be stolen and then reposted on the internet (4chan). Although the story held minimal interest at the time of its release we did not see it as big news since phone and cloud service hacks are far too common these days, just because it happened to be someone famous did not make it anymore news worthy. If anything it made it less as you should not be storing nude or explicit images of yourself on your phone or in any cloud service these days.

Published in News

It won’t happen to me is the battle cry of far too many companies these days when it comes to security. We have watches this mind set over the course of the last two years as businesses try to get out of the expense (time and money) needed to update or properly protect their companies and customers from data theft. One of the very recent and troubling ones is the Backoff malware that has hit an estimated 1,000 US businesses. Even Dairy Queen has been hit and consumer payment card data stolen.

Published in News
Monday, 12 May 2014 19:49

Bitly user accounts compromised

Popular web service for shortening URLs, Bitly, sent an urgent warning about a possible compromise of user accounts on the service. Although it has not yet been discovered whether the attackers managed to seize the accounts of users, there is a possibility that their email addresses, encrypted passwords, API keys and OAuth tokens were compromised.

Published in News

Malware and breaches are inevitable. Anyone that has been in security knows that this is a simple fact. Every day there are hundreds of attempted (and successful) attacks executed against businesses, consumers, and the government. These attacks have been traditionally met with an incident-response thought process. IT departments monitor their networks for suspicious activity and respond when/if they find someone who is either attempting to or actually has broken in. Sadly, this is probably not the best way to handle security.

Published in Editorials

Recently Adobe had a security breach where they claimed that roughly 3 million user accounts were affected. At the time they said that some accounts even had encrypted credit/debit card information stolen. When the announcement came out Adobe sent out a mass e-mail informing the people affected that their accounts were compromised. The breach was a blow to Adobe’s Creative Cloud service which moves their software from a onetime purchase to a monthly subscription.

Published in News
Wednesday, 09 October 2013 06:45

Did Adobe suffer a second breach?

On October 4th Adobe was forced to send out almost three million emails with the unfortunate news that their network had been attacked, breached and data stolen. The data from that theft included account IDs as well as encrypted passwords and credit/debit card information and even source code for Adobe products. The attack happened not all that long after Adobe pushed their users to a subscription based license for their products. Once a large number of people had joined the Creative Cloud service Adobe was an even more attractive target and due to their history or ignoring security the attackers were able to get in and grab what they wanted.

Published in News
Saturday, 06 July 2013 19:53

Club Nintendo hacked

clubnintendo

Nintendo has announced that their Club Nintendo service where players can collect points for the hardware and the games they buy, and then to win a variety of prizes and gifts, got hacked or that unknown hackers broke into the database of members, and retrieve their data.

Published in News
84

Are you still sure that you want to sign up for that online service? Well you might want to think twice considering recent news. Last year we watched as Blizzard, LastFM, LinkedIn and others had their security breached and user information stolen. Now there is another online service that has had their security broken and their users’ information exposed to attackers. The online deals site LivingSocial fell victim to a cyber-attack that left over 50 Million (yes 50 Million) users’ data exposed.

Published in News
Joker

Someone is claiming that the one million UDIDs posted by Anonymous actually were taken from them and not the FBI or Apple. The company Blue Toad from Orlando FL says that they checked the pastebin file and it was a 98% match for their database. This is an interesting twist in the events that have seen Apple, the FBI and even AT&T linked to surveillance of Apple phones through the use of the UDID (Unique Device IDentifier). Apple has already stated that the UDID will no longer be supported in the next version of their iOS software that is expected to be released to the world tomorrow.

Published in News
Page 3 of 4