NakedSecurity – Ex-student records himself using USB Killer to fry college computers
“The defendant, using his personal iPhone, recorded himself inserting the ‘USB Killer’ device into computers and other hardware owned by the college, and making statements including, “I’m going to kill this guy,” then inserting the ‘USB Killer’ device into a USB port, and – after destroying the host device – stating “it’s dead”, and, in […]
NakedSecurity – Scammer pleads guilty to fleecing Facebook and Google of $121m
“… Use strong passwords and consider 2FA to make it harder for crooks to gather intelligence … Consider a “back to base” VPN for remote users so their online security is kept up, even on the road. Think twice about publicly posting personnel information that could be abused in phishing attacks. …”
NackedSecurity – Sacked IT guy annihilates 23 of his ex-employer’s AWS servers
“2FA would have made it much harder for Needham to traipse through Voova’s AWS account posing as “Speedy.” Of course, you also have to lock the door after employees leave by shutting down their accounts.”
Mondaq – “Knuddels.de” EUR 20.000 fine
” … The company was the victim of a hacker attack in summer 2018 during which hackers captured personal data. One reason they were able to do this was that customers’ passwords were saved in plain text on the company server. In addition to this, Knuddels had neglected to install the new version of the […]
KnowBe4 – Cyberheist On Bank Causes Shutdown Of All Operations
… Generally, this type of hack starts with a successful spear phishing attack that opens up the victim’s network to the bad guys who then move laterally and compromise critical systems.
BleepingComputer – Info on over 500.000 students and staff exposed in San Diego School District hack.
Personal information belonging to over half a million students … may have been compromised in a data breach incident. An unauthorized person baited the staff with phishing emails to collect credentials to log into the district’s network services.
NewsChannel11 – Unauthorized users could have accessed private information of 7,700 people following ETSU breach
University officials tell News Channel 11 that two unidentified employees clicked on a link in the phishing scam that was sent to their e-mail accounts.
Inforisk Today – French cinema chain fires Dutch executives over ‘CEO fraud’
Step one for not falling victim to business email compromise schemes: Senior managers must ensure they have a written and tested plan in place to ensure they don’t fall victim to the schemes, also known as CEO fraud.
TechPulse – Facebook datalek trof 50 miljoen accounts
De website werd namelijk getroffen door de zwaarste hackeraanval in zijn geschiedenis, waardoor de hackers in kwestie toegang kregen tot gebruikersdata van bijna 50 miljoen accounts.
Tripwire – Unencrypted laptop exposes personal details of 37,000 Eir customers
It’s not great when any organisation loses a laptop, but if the contents of the computer’s hard drive have been fully encrypted and a strong password has been used it’s hardly the end of the world.