Asus was warned of hacking risks months ago, thanks to leaky passwords

A security researcher warned Asus two months ago that employees were improperly publishing passwords in their GitHub repositories that could be used to access the company’s corporate network. One password, found in an employee repo on the code sharing, allowed the researcher to access an email account used by internal developers and engineers to share […]

View More Asus was warned of hacking risks months ago, thanks to leaky passwords

Microsoft sues to take control of domains involved in Iran hacking campaign

Microsoft has won a restraining order in a U.S. court in order to take control of domains used by an Iranian hacker group. The software and cloud giant applied to the court in order to take control of 99 websites used by the hacker group, known as Phosphorus or APT 35, in various hacking operations. […]

View More Microsoft sues to take control of domains involved in Iran hacking campaign

Some of the biggest web hosting sites were vulnerable to simple account takeover hacks

A security researcher has found, reported, and now disclosed a dozen bugs that made it easy to steal sensitive information or take over any customer’s account from some of the largest web hosting companies on the internet. In some cases, clicking on a simple link would have been enough for Paulos Yibelo, a well-known and respected bug […]

View More Some of the biggest web hosting sites were vulnerable to simple account takeover hacks

Two-factor authentication can save you from hackers

If you find passwords annoying, you might not like two-factor authentication much. But security experts say it’s one of the best ways to protect your online accounts. Simply put, two-factor authentication adds a second step in your usual log-in process. Once you enter your username and password, you’ll be prompted to enter a code sent […]

View More Two-factor authentication can save you from hackers

Amazon admits it exposed customer email addresses, but refuses to give details

Amazon’s renowned secrecy encompasses its response to a new security issue, withholding info that could help victims protect themselves. Amazon emailed users Tuesday, warning them that a it exposed an unknown number of customer email addresses after a “technical error” on its website. When reached for comment, an Amazon spokesperson told TechCrunch that the issue […]

View More Amazon admits it exposed customer email addresses, but refuses to give details

Only half of the Fortune 500 use DMARC for email security

When Homeland Security told all federal government departments last year to roll out a new email security policy to cut down on incoming spam and phishing emails, three-quarters of all federal domains were compliant by the time of their deadline just a few weeks ago. That’s far more than what the Fortune 500 accomplished in […]

View More Only half of the Fortune 500 use DMARC for email security

Justice Department files criminal charges against seven Russian spies over Fancy Bear cyberattacks

U.S. prosecutors have charged seven suspects accused of working for the Russian GRU, the country’s military intelligence unit. The Justice Department’s National Security Division alleged the seven hackers were part of “a conspiracy to use computer hacking to obtain non-public, health information about athletes and others in the files of anti-doping agencies in multiple countries, […]

View More Justice Department files criminal charges against seven Russian spies over Fancy Bear cyberattacks

UK says Russia’s GRU was behind a spate of chaotic cyber attacks between 2015 and 2017

The UK has directly accused Russia’s military intelligence agency, the GRU, of being behind a number of cyber attacks that took place between 2015 and 2017, calling them “indiscriminate and reckless” with a range of target types including political institutions, businesses, media and even sport. It says the chaotic campaign of attacks by the GRU […]

View More UK says Russia’s GRU was behind a spate of chaotic cyber attacks between 2015 and 2017

Northwest fast food chain hack exposed customer credit cards

A beloved regional burger chain in the Pacific Northwest is the latest fast food company to suffer a major data breach. Burgerville, headquartered in Vancouver, Washington, disclosed today that any customers who used a credit or debit card from September 2017 to September 2018 at any of its locations may have had their card details […]

View More Northwest fast food chain hack exposed customer credit cards