Compromise News, Articles and Updates

Magento sites brute forced by cryptominers

Brute force attacks are being used to compromise Magento sites to scrape payment card data and deliver cryptomining malware.

Russia behind compromise of seven US states' voter registration systems

During the waning days of his administration after he'd ordered a probe into election interference, the US intelligence community reportedly told former US President Obama that Russian hackers compromised voter registration systems.

Making sense of indicators in security

An Indicator of Compromise is typically observed after an initial attack or compromise, whereas Indicators of attack (IOAs) are events that may reveal an active attack before IOCs become visible.

Cyber-criminals exploiting traditional trust measures for compromises

Cyber-criminals are exploiting traditional measures of trust to gain a foothold on users systems by compromising trusted sites via background initiated requests, using phishing sites, and typo-squatting.

Hide 'N Seek IoT botnet caught using Peer-to-Peer communication

An emerging botnet comprised of compromised IoT devices dubbed "Hide 'N Seek" or HNS is using custom built Peer-to-Peer communication to exploit victims and build its infrastructure.

Monero crypto miner leveraging Apache Struts vulnerability

Cryptocurrency miners have begun using two older and already patched vulnerabilities to compromise servers to mine the Monero digital currency.

Forever 21 blames malware, lapses in encryption, for card data compromise

A POS malware infection was responsible for compromising payment card data collected at certain Forever 21 stores last year - an attack that was exacerbated by a lack of encryption on some devices, the retailer stated last week.

Report: Vietnamese unit formed to fight controversial ideas on internet

The Vietnamese government has reportedly deployed a military cyber-warfare unit compromised of more than 10,000 digital soldiers to combat and censor views on the internet that it finds threatening or "wrong."

AVGater hijacks functionality of AV tools to turn them against themselves

Researcher uncovers method of hijacking the functionality of some AV tools in order to compromise endpoints. Trend Micro, Emisoft, Ikarus, Kaspersky, Check Point's ZoneAlarm and Malwarebytes have fixed their offerings.

Uber prevents fraud and protects driver accounts with selfies

Uber will now require drivers to take selfies to prevent fraud and protect their accounts from compromise.

Was Spotify breached? Account info shows up on Pastebin

Spotify may have experienced a security breach based on a list of customer account credentials discovered on Pastebin.

WITCHCOVEN causes havoc to gather government data

An attack campaign described as having plenty of potential has collected extensive information from the internet and compromised selected websites.

Benevolent virus treats home routers against cyber-attack

According to Symantec, a virus known as Wifatch has been used to treat more than 10,000 home routers against cyber-attacks.

Turn off WPS on routers for WiFi security

A Swiss researcher is advocating turning off WPS to secure routers after finding a flaw that eliminates the randomness of codes generated by some routers when WPS is switched on...

NSA plants backdoors in exported routers

High-tech exports from the US are routinely compromised by backdoors inserted by the NSA; UK intellegence agency oversight also criticised.

Windigo malware infects 25,000 Unix servers

Systems administrators urged to take the 'tough medicine' and wipe all affected computers

Honeypot Valentine

From being drawn in by a honypot, through to being compromised, lessons from life can have parallels with what happens online suggests Calum MacLeod.

Microsoft becomes third company to suffer compromise via malicious website visit

Microsoft has confessed that it has fallen victim to the same attack as both Facebook and Apple.

Site behind Facebook Java hack apologises for inconvenience

The website behind the attack on Facebook has been identified.