Navigation

    ML
    • Register
    • Login
    • Search
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    1. Home
    2. Tags
    3. breach
    Log in to post

    • When Anti-Virus Companies Get Hacked: Symantec, Trend Micro, and Intel McAfee
      IT Discussion • intel antivirus breach symantec hacked av mcafee trend micro • • WrCombs  

      10
      0
      Votes
      10
      Posts
      206
      Views

      @Dashrender said in When Anti-Virus Companies Get Hacked: Symantec, Trend Micro, and Intel McAfee: I can't recall if the bad ccleaner was signed or not? Even if it was, that would be a Microsoft compromise. This is about the AV vendors getting hacked.
    • Roll20.net breached
      News • security breach roll20 • • JaredBusch  

      3
      3
      Votes
      3
      Posts
      173
      Views

      @scottalanmiller said in Roll20.net breached: Sucks when a site / business like that gets hit. Just people looking to have fun Yeah. But at least they didn't store the passwords in clear text!
    • 2.7 million calls to Sweden's public healthcare hotline open to the public
      News • security breach • • scottalanmiller  

      5
      0
      Votes
      5
      Posts
      234
      Views

      D

      Another day, another security breach/problem. Note to myself: Am I getting used to that?
    • Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah
      IT Discussion • security ransomware msp breach • • scottalanmiller  

      111
      6
      Votes
      111
      Posts
      2183
      Views

      @PhlipElder said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah: @Pete-S said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah: @PhlipElder said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah: @Dashrender said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah: @dafyre said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah: @PhlipElder said in Protek Support MSP Ransomware Hits Customers in Salt Lake City, Utah: All it takes is one absentminded click or drive-by that's completely shielded from us as we go about the day to day stuff and it's done. Game over. Say, "Bubbye". There's always going to be that risk or one absentminded click. Granted an Air-gapped PWA is a good way to handle it.... but so is not saving passwords in RDP files (I don't do this), and if you use an app like MobaXterm that can encrypt the files for you, use a good pass phrase. However if your admin machine is owned, you have bigger issues to start with. Well, the idea is that the air-gapped machine won't ever be in a situation to become compromised, is my guess. I haven't had a chance to look at the MS link Philip sent earlier. There are several ways to implement with the simplest being the main machine having two VMs installed on it. One for day-to-day and one for client/systems management. Nothing is done on the machine itself with all designated tasks being done in their respective VM. We have a number of laptops that came back from client refreshes. So, we're using them as our dedicated management machines. Asus makes a great external USB3 DisplayLink and DisplayPort external monitor that allows for two screens. That makes the work easier. There is security leakage between VMs on a client machine for instance over clipboard. Have a look at Qubes. https://www.qubes-os.org/ It's probably the best implementation of security separation to date. Using the Hyper-V VM Console without RDS pass-through eliminates any access to the VM beyond console. Same with KVM or whatever.
    • Google+ bug exposes non-public profile data for 52 million users
      News • security ars technica google breach google+ exposure • • mlnews  

      1
      1
      Votes
      1
      Posts
      171
      Views

      No one has replied

    • Hackers breach US defense department travel records
      News • security breach dw • • mlnews  

      1
      1
      Votes
      1
      Posts
      241
      Views

      No one has replied

    • Delta Airlines and Sears Have Large Credit Card Breach Through Third Party Shared Service Firm
      News • security breach delta sears • • mlnews  

      5
      2
      Votes
      5
      Posts
      569
      Views

      @aaronstuder said in Delta Airlines and Sears Have Large Credit Card Breach Through Third Party Shared Service Firm: @harry-lui It is accepted everywhere... Not true.
    • Under Armor Security Breach Exposes 150 Million User Accounts
      News • security privacy breach • • mlnews  

      2
      1
      Votes
      2
      Posts
      367
      Views

      @mlnews said in Under Armor Security Breach Exposes 150 Million User Accounts: Under Armor's MyFitnessPal has been compromised in a breach discovered on March 25 exposing 150 million user accounts. I wonder if it is a state sponsored breach trying to obtain location data for things that are officially not there.
    • Large Data Breach in South Africa
      News • security breach • • mlnews  

      1
      2
      Votes
      1
      Posts
      417
      Views

      No one has replied

    • Microsoft Internal Vulnerability System Breached in 2013, Went Unreported
      News • security windows microsoft software breach closed source software • • mlnews  

      6
      3
      Votes
      6
      Posts
      931
      Views

      Nowadays they wouldn't get away on this. Maybe Troy Hunt will say something
    • Equifax Has 143 Million Americans Data Compromised
      News • security breach equifax • • mlnews  

      57
      2
      Votes
      57
      Posts
      4702
      Views

      @nerdydad said in Equifax Has 143 Million Americans Data Compromised: Because of this contract, now the government has a stake in the game. They will probably do a full investigation to see if their information was compromised, who was incompetent, who made the decisions, etc. https://techcrunch.com/2017/10/03/former-equifax-ceo-says-breach-boiled-down-to-one-person-not-doing-their-job/ http://money.cnn.com/2017/10/03/news/companies/equifax-ceo-congress/index.html This contract with the IRS that was just rewarded on Friday? I doubt there will be any governmental or organizational blow back. Everyone is already on to the next big thing that comes from twitter.
    • Apache Struts - Critical Security Flaw
      News • apache breach vulnerability httpd equifax struts millions • • DustinB3403  

      21
      0
      Votes
      21
      Posts
      2312
      Views

      @jaredbusch said in Apache Struts - Critical Security Flaw: Was the Eqifax breech because of the march strus flaw or a more recent one? Just making sure the actual facts are known. The one from March.
    • Another Gov't (maybe) Breach
      IT Discussion • security breach govenment • • stacksofplates  

      6
      1
      Votes
      6
      Posts
      977
      Views

      @stacksofplates said in Another Gov't (maybe) Breach: @scottalanmiller said in Another Gov't Breach: When you hire the lowest bidder in a market segment with no pride in their work, the number of resources isn't really a factor. im just trying to understand from my experience with this. Money is thrown at things, not people. Very expensive things are purchased and sometimes never used and just sit there. But they can't "afford" to pay for real talent. That's what I meant with unlimited resources. Again only in my experience, the money is thrown in the most incorrect place possible. I'm seeing this all the time, everywhere right now.
    • Terrestrial Broadcast Television Signals Hack Smart TVs
      News • security youtube ars technica breach samsung • • mlnews  

      1
      3
      Votes
      1
      Posts
      585
      Views

      No one has replied

    • One Billion Additional Yahoo Accounts Compromised
      News • security breach bbc yahoo • • scottalanmiller  

      4
      0
      Votes
      4
      Posts
      859
      Views

      LOL That company just needs to turn off all of it's servers, sell off everything and divy up the money to the shareholders!
    • HPE Laptop Compromises US Navy Sailor's Personal Data
      News • security hpe breach • • scottalanmiller  

      5
      0
      Votes
      5
      Posts
      1111
      Views

      @scottalanmiller said in HPE Laptop Compromises US Navy Sailor's Personal Data: @DustinB3403 said in HPE Laptop Compromises US Navy Sailor's Personal Data: If it doesn't effect the government overall why do I really care? all hardware developers (and mainstream software) are culpable when it comes to this. Why the military hasn't moved to Linux "globally" is insane. I'm very lost as to what you are saying. What does the OS, hardware developers or anything else random have to do with the situation? http://i1.kym-cdn.com/entries/icons/original/000/005/848/ancient-aliens.jpg
    • Yahoo Caught Giving Email Contents to Government Agencies
      Water Closet • security breach yahoo • • scottalanmiller  

      22
      3
      Votes
      22
      Posts
      2990
      Views

      @Dashrender said in Yahoo Caught Giving Email Contents to Government Agencies: Can't gmail act like a Pop3 client and go get the mail? So this really doesn't keep people from using another service like gmail. O365 does too. And any client like Thunderbird or Outlook would fix this too.
    • Yahoo Breach Hit Half Billion Users
      News • security breach yahoo • • scottalanmiller  

      10
      5
      Votes
      10
      Posts
      1537
      Views

      @scottalanmiller said in Yahoo Breach Hit Half Billion Users: Attack on Yahoo hit 500 million users http://www.bbc.co.uk/news/world-us-canada-37447016 I was wondering when it was going to be confirmed. Yahoo kept wiping their brow and saying "Man, this is going to lower our value to Verizon... how do we spin this?"
    • Seagate Sued by Own Employees Over Security Breach
      News • security spiceworks breach seagate • • StrongBad  

      10
      0
      Votes
      10
      Posts
      1706
      Views

      @travisdh1 said in Seagate Sued by Own Employees Over Security Breach: @IRJ said in Seagate Sued by Own Employees Over Security Breach: @scottalanmiller said in Seagate Sued by Own Employees Over Security Breach: Tagging @stus I read the Knowbe4 Blog Daily. I love it! I saw this attack on there this morning. I signed up for the email summaries. Great blog site. I love how their blog articles are technical, but also include a summary for non-technical people.
    • NSA Hack Shows Apple Was Right to Fight the FBI
      News • security apple breach fbi business insider • • mlnews  

      1
      3
      Votes
      1
      Posts
      575
      Views

      No one has replied

    • US Cyber Arsenal Compromised
      News • security breach nda • • scottalanmiller  

      4
      1
      Votes
      4
      Posts
      951
      Views

      @scottalanmiller said in US Cyber Arsenal Compromised: Or if the government tries to secure it with the lowest bidders.... That's not trying, that's handballing (reference) in attempt to avoid responsibility... aka passing the buck.
    • Continuum Security Breach Reported on Reddit
      News • security breach continuum • • mlnews  

      2
      2
      Votes
      2
      Posts
      1173
      Views

      Interesting to note that people compared it a bit to the TeamViewer breach, but it was quickly pointed out that, while a PR disaster, TeamViewer did not actually have a breach. I wonder if that is what the final verdict was.
    • Security Breach on the Ubuntu Forums
      News • security ubuntu breach • • mlnews  

      12
      2
      Votes
      12
      Posts
      1396
      Views

      @Minion-Queen said in Security Breach on the Ubuntu Forums: Our Plan: Let you all know immediately. Honesty and transparency is something we have tried to really keep, well.... transparent here on ML. FTFY.
    • Big data breaches found at major email services
      IT Discussion • email breach hacking • • JaredBusch  

      24
      3
      Votes
      24
      Posts
      3998
      Views

      @nadnerB gaahhhhhhhh I was staring at it waiting for it to load
    • IRS Authentication System for Preventing Hacking Has Been Hacked
      News • security breach irs • • mlnews  

      6
      5
      Votes
      6
      Posts
      1222
      Views

      @Dashrender said: @travisdh1 said: Just think, we have to deal with these incompetent people every year. Maybe @scottalanmiller got out at the right time? He still has to file though. Sadly
    • Most SMBs Will Go Out of Business Within Six Months of Being Hacked
      News • security breach knowbe4 • • StrongBad  

      5
      1
      Votes
      5
      Posts
      1013
      Views

      Here is a more import question about that stat, it's what I call the "Influenza Stat Problem." Sure, 60% of hacked SMBs will be out of business in six months. But how many would have been out of business anyway? Meaning there are two factors not considered in the statement: Are companies about to go out of business more likely to be hacked in the first place? Are all SMBs roughly about 60% likely to go out of business in six months? With influenza when we had a huge epidemic in the US a few years ago they stated the rate of flu deaths and people started to panic. The number was crazy. But only to the clueless. What they didn't point out, and should never have needed to, was what the death rate was in the general population. It was as if people just forgot that people die naturally too. If you looked, influenza did not increase your average chance of death... it lowered it. Presumably because people with the flu stopped doing dangerous things, stayed in bed, were constantly monitored, etc. People are most likely to die from things like car accidents, but car accidents are much less likely when you are home sick!
    • Symantec Intelligence Report: September 2014
      IT Discussion • ransomware breach vulnerability symantec phishing norton symantec endpoint • • PackMatt73  

      19
      0
      Votes
      19
      Posts
      4480
      Views

      @Reid-Cooper somebody once said... "bow ties are cool"
    • SuperMicro Servers Exposing IPMI Password
      News • security breach supermicro • • scottalanmiller  

      3
      0
      Votes
      3
      Posts
      1916
      Views

      As an update, CERT even put out an advisory to have folks not expose their management interface: http://www.us-cert.gov/ncas/alerts/TA13-207A. I'd like to suggest taking it a step further. Other management interfaces, such as hypervisors, web control panels, SSH logins, etc. should not be exposed to the Internet.
    • Target Knew About Data Breach Longer Than Stated
      News • security breach target • • Bill Kindle  

      7
      1
      Votes
      7
      Posts
      1445
      Views

      @Bill-Kindle Not so much apathy as the impacted people have little clue where to go and how to resolve. Seems you can get one "cause" per year with Syria, North Korea, MH370, "the economy", and other issues...not much remaining bandwidth for outrage. Security != convenience, else people would've jumped en mass to MSFT's own EMET ages ago— http://support.microsoft.com/kb/2458544 Still not perfect, but better than default
    • Nice visualization of data breaches
      IT Discussion • security breach infographic informationisbeautiful • • Nic  

      6
      3
      Votes
      6
      Posts
      1976
      Views

      @Reid-Cooper Yes TED has some great stuff.