2011, Data breaches and Passwords - Cyber Security Informer

The password hall of shame (and 10 tips for better password security)

CSO Magazine

APRIL 15, 2021

Pop quiz: What has been the most popular — and therefore least secure — password every year since 2013? If you answered “password,” you’d be close. Qwerty” is another contender for the dubious distinction, but the champion is the most basic, obvious password imaginable: “123456.”

Passwords

Passwords Data breaches

Air India suffered a data breach, 4.5 million customers impacted

Security Affairs

MAY 22, 2021

Air India disclosed a data breach that impacted roughly 4.5 Air India has disclosed a data breach that impacted 4.5 million of its customers, exposed data includes the personal information of customers registered between August. 26, 2011 and February. The post Air India suffered a data breach, 4.5

Data breaches

Data breaches Passwords Hacking Cyber Attacks

The Link Between AWM Proxy & the Glupteba Botnet

Krebs on Security

JUNE 28, 2022

AWMproxy, the storefront for renting access to infected PCs, circa 2011. In 2011, researchers at Kaspersky Lab showed that virtually all of the hacked systems for rent at AWM Proxy had been compromised by TDSS (a.k.a An example of a cracked software download site distributing Glupteba. Image: Google.com.

Passwords

Passwords Malware Internet Internet

Who Is the Network Access Broker ‘Babam’?

Krebs on Security

DECEMBER 3, 2021

More commonly, that access is purchased from a cybercriminal broker who specializes in acquiring remote access credentials — such as usernames and passwords needed to remotely connect to the target’s network. com back in 2011, and sanjulianhotels[.]com The username associated with that account was “ bo3dom.”

Ransomware

Ransomware Accountability Cybercrime Passwords

LastPass: Password Manager Review for 2021

eSecurity Planet

JULY 23, 2021

LastPass is password management software that’s been popular among business and personal users since it was initially released in 2008. Like other password managers, LastPass provides a secure vault for your login credentials, personal documents, and other sensitive information. When it was acquired by LogMeIn Inc.

Password Management

Password Management Passwords Authentication Architecture

We're Baking Have I Been Pwned into Firefox and 1Password

Troy Hunt

JUNE 25, 2018

Pretty much every day, I get a reminder from someone about how little people know about their exposure in data breaches. Frequently, it's some long-forgotten site they haven't even thought about in years and also frequently, the first people know of these incidents is via HIBP: large @ticketfly data breach.

Passwords

Passwords Data breaches Password Management Accountability

Weekly Update 147

Troy Hunt

JULY 12, 2019

So "Plan A" was to publish Pwned Passwords V5 on Tuesday but a last-minute check showed control characters had snuck in due to the quality (or lack thereof) of the source data. The Zhenai breach from 2011 added another 5M records to HIBP (I'm still working through a ridiculously long backlog of breaches.)

Data breaches

Data breaches Passwords Accountability Hacking

What Game of Thrones Can Teach You About Data Breaches

Adam Levin

JUNE 3, 2019

Like a severed head, stolen data is the proof of success in this arena. Case in point: the hacking group Lulzsec’s 2011 hack of the U.S. Every access point has the potential for a breach, be it from an unprotected drive , a re-used password , an irresponsible click, a compromised cell phone or a bad player.

Data breaches

Data breaches Marketing Firewall Hacking

Twitch Glitch: Livestreaming Service Falls Victim to Data Breach

SecureWorld News

OCTOBER 6, 2021

Livestreaming platform Twitch, frequented by a community of online gamers, experienced a massive data breach. Twitch confirmed a breach had happened through a tweet: We can confirm a breach has taken place. It rebranded as twitch in 2011, so this looks like a long-standing piece of infrastructure.".

Data breaches

Data breaches Cybersecurity Passwords

Pearson agreed to pay $1 million for 2018 Data Theft

CyberSecurity Insiders

AUGUST 17, 2021

Pearson, a London based e-textbook publishing firm that supplies software to Schools and Universities has been slapped with a fine of $1 million for misleading investors about a 2018 data breach that witnessed siphoning of millions of student records by hackers.

Data breaches

Data breaches Education Cyber Risk Cyber Attacks

Three Italian universities hacked by LulzSec_ITA collective

Security Affairs

FEBRUARY 13, 2020

The hacktivists claim that once hacked the universities did not disclose the data breach and attempted to hide the incident, violating the European Privacy Law GDPR. Two weeks after the hack, one of the universities breached by the group, Uniparthenope, sent a data breach notification via email to the impacted students and teachers.

Hacking

Hacking Data breaches Advertising Education

Twitter Fined $150 Million for Misuse of 2FA User Data

SecureWorld News

MAY 26, 2022

But instead of using this information for the sole purpose of improving security, Twitter profited by allowing advertisers to use this data to target individuals. This action violated a 2011 FTC order that prohibited the social media site from misrepresenting its privacy and security practices. FTC Chair Lina M.

Advertising

Advertising Media Accountability Account Security

Cyber CEO: The History Of Cybercrime, From 1834 To Present

Herjavec Group

AUGUST 26, 2021

1962 — Allan Scherr — MIT sets up the first computer passwords, for student privacy and time limits. Student Allan Scherr makes a punch card to trick the computer into printing off all passwords and uses them to log in as other people after his time runs out. A DSW data breach also exposes transaction information from 1.4

Cybercrime

Cybercrime Computers and Electronics Banking Hacking

Chicago students lose data to ransomware attackers

Malwarebytes

MAY 23, 2022

Breaching education. Around 490,000 students and 56,000 employees found their data breached by those responsible for the ransomware. The data accessed by criminals, stretching from 2015 to 2019, included a variety of information potentially including: Name School CPS email Employee ID number Battelle for Kids username.

Ransomware

Ransomware Backups Data breaches Encryption

Security Affairs newsletter Round 212 – News of the week

Security Affairs

MAY 5, 2019

Microsoft removes Password-Expiration Policy in security baseline for Windows 10. Over 23 million breached accounts were using ‘123456 as password. Report: Unknown Data Breach Exposes 80 Million US Households. But it was 2011. Amnesty International Hong Kong Office hit by state-sponsored attack.

Cyber Attacks

Cyber Attacks Wireless Advertising Passwords

Hundreds of millions of Facebook users’ phone numbers exposed online

Security Affairs

SEPTEMBER 5, 2019

“But because the server wasn’t protected with a password, anyone could find and access the database.” The server remained online until TechCrunch has contacted the site’s host on September 4, 2019, data appeared to be loaded into the exposed database at the end of August. ” states Techcrunch.

Accountability

Accountability Advertising Mobile Passwords

Multiple schools hit by Vice Society ransomware attack

Malwarebytes

JANUARY 15, 2023

There’s going to be quite a bit of concern for parents and teachers alike, with sensitive data being thrown into the mix. According to the BBC, the data includes: Passport scans of both pupils and parents which date back to 2011. Special Educational Needs (SEN) data. Contractual offers made to members of staff.

Ransomware

Ransomware Backups Education Cyber Insurance

The bleak picture of two-factor authentication adoption in the wild

Elie

DECEMBER 20, 2018

reuse of passwords found in data breaches and phishing attacks. in 2011 almost 10 years ago. Performing a longitudinal analysis highlights that the adoption rate of 2FA (two-factor authentication) has been mostly stagnant over the last five years, despite the ever increasing number of accounts hijacked due to the.

Authentication

Authentication Internet Internet Software

Burnout: The Hidden Cost of Working in Cybersecurity & Other High Risk Fields

Jane Frankland

JUNE 20, 2023

Since 2011, I’ve consistently spoken, and written about the dangers of burnout in cybersecurity, and proposed leadership strategies for employee wellbeing. This increases the likelihood of making mistakes, such as clicking on phishing links, sharing data in insecure ways, using weak passwords, or not spotting cyber threat patterns.

Cybersecurity

Cybersecurity Risk InfoSec CISO

Detecting and Preventing Insider Threats in the Cloud

McAfee

SEPTEMBER 19, 2019

Organizations are less worried about unauthorized consumer cloud applications and are more concerned about the security of sensitive data in strategic enterprise cloud services. Cybersecurity incidents involving sensitive data in the cloud can be less frequent, but more damaging.

Threat Detection

Threat Detection Accountability Risk Data breaches

The Hacker Mind Podcast: Hunting The Next Heartbleed

ForAllSecure

NOVEMBER 24, 2020

So on December 31, 2011, at almost midnight, a developer with direct access to OpenSSL, Robin Seggelmann, committed the change that changed the heartbeat function. And those four hundred and ninety six characters probably included recently used encryption keys, passwords, social security numbers, and other PII.

Encryption

Encryption Software Marketing Artificial Intelligence

The Hacker Mind Podcast: Hunting The Next Heartbleed

ForAllSecure

NOVEMBER 24, 2020

So on December 31, 2011, at almost midnight, a developer with direct access to OpenSSL, Robin Seggelmann, committed the change that changed the heartbeat function. And those four hundred and ninety six characters probably included recently used encryption keys, passwords, social security numbers, and other PII.

Encryption

Encryption Software Marketing Artificial Intelligence

The Hacker Mind Podcast: Hunting The Next Heartbleed

ForAllSecure

NOVEMBER 24, 2020

So on December 31, 2011, at almost midnight, a developer with direct access to OpenSSL, Robin Seggelmann, committed the change that changed the heartbeat function. And those four hundred and ninety six characters probably included recently used encryption keys, passwords, social security numbers, and other PII.

Encryption

Encryption Software Marketing Artificial Intelligence

If You're Not Paying for the Product, You Are. Possibly Just Consuming Goodwill for Free

Troy Hunt

JULY 18, 2022

How about ASafaWeb in 2011 ? I wanted to build a data breach search service. Ok, obvious answer, but I'd just found both my personal and Pfizer email addresses in the Adobe data breach which was somewhere I never expected to see them. Password Purgatory ? I never made a cent from that. So why do it?

Data breaches

Data breaches Passwords Password Management Software

Hackers Sell Access to Bait-and-Switch Empire

Krebs on Security

MARCH 4, 2019

Earlier this week, a cybercriminal on a Dark Web forum posted an auction notice for access to a Web-based administrative panel for an unidentified “US Search center” that he claimed holds some four million customer records, including names, email addresses, passwords and phone numbers. Jesse Willms’ Linkedin profile.

Marketing

Marketing Passwords Hacking Advertising

ChatGPT: Cybersecurity friend or foe?

Malwarebytes

MAY 21, 2023

From the first Roomba in 2002 to the first virtual assistant (Siri) in 2011, AI has slowly and steadily penetrated the consumer technology market, often with little comprehension from buyers that artificial intelligence is actually powering the functionality behind their favorite devices.

Cybersecurity

Cybersecurity Artificial Intelligence Social Engineering Engineering

Making Light of the "Dark Web" (and Debunking the FUD)

Troy Hunt

FEBRUARY 14, 2018

They were particularly effective at wreaking havoc on the web around 2011 and back then, they too were represented as being another bunch of scary dudes. That's identical to how the massive stash of South African data was exposed last year. Now in fairness, there's a lot of data that's not easily discoverable publicly.

Data breaches

Data breaches Passwords Marketing Hacking

Cyber Security Informer

The password hall of shame (and 10 tips for better password security)

Air India suffered a data breach, 4.5 million customers impacted

Trending Sources

The Link Between AWM Proxy & the Glupteba Botnet

Who Is the Network Access Broker ‘Babam’?

LastPass: Password Manager Review for 2021

We're Baking Have I Been Pwned into Firefox and 1Password

Weekly Update 147

What Game of Thrones Can Teach You About Data Breaches

Twitch Glitch: Livestreaming Service Falls Victim to Data Breach

Pearson agreed to pay $1 million for 2018 Data Theft

Three Italian universities hacked by LulzSec_ITA collective

Twitter Fined $150 Million for Misuse of 2FA User Data

Cyber CEO: The History Of Cybercrime, From 1834 To Present

Chicago students lose data to ransomware attackers

Security Affairs newsletter Round 212 – News of the week

Hundreds of millions of Facebook users’ phone numbers exposed online

Multiple schools hit by Vice Society ransomware attack

The bleak picture of two-factor authentication adoption in the wild

Burnout: The Hidden Cost of Working in Cybersecurity & Other High Risk Fields

Detecting and Preventing Insider Threats in the Cloud

The Hacker Mind Podcast: Hunting The Next Heartbleed

The Hacker Mind Podcast: Hunting The Next Heartbleed

The Hacker Mind Podcast: Hunting The Next Heartbleed

If You're Not Paying for the Product, You Are. Possibly Just Consuming Goodwill for Free

Hackers Sell Access to Bait-and-Switch Empire

ChatGPT: Cybersecurity friend or foe?

Making Light of the "Dark Web" (and Debunking the FUD)

Stay Connected