Dennis Fisher and Mike Mimoso talk about the big security stories of the last couple of weeks, including the developments in the Target data breach, the president’s speech on NSA surveillance reforms and SCADA security woes.
Browsing Tag: data breach
The attackers who infiltrated Target’s network several weeks ago and made off with 40 million credit and debit card numbers used a multi-stage attack, funneling their stolen data through an FTP server and then a VPS server in Russia. It took more than two weeks, but the attackers eventually exfiltrated about 11 GB of data, researchers say.
The attackers behind the Target data breach likely had broad network access, and used memory scraping malware such as RAM scrapers to steal payment card data.
Hackers exploited a previously disclosed vulnerability in the popular photo sharing application Snapchat and leaked 4.6 million of the service’s usernames and partial phone numbers online yesterday.
Target’s admission that encrypted PIN data was stolen and secured with 3DES encryption has experts concerned because of the age of the algorithm and the availability of stronger options.
Target confirms that encrypted PIN data was stolen in the Black Friday breach.
Target Corp., is investigating a data breach that could end up being one of the biggest retail hacks in U.S. history, reports said.
On November 4, someone broke into the offices of Horizon Blue Cross Blue Shield of New Jersey and stole two laptops containing the sensitive information of more than 800,000 members.
An Inspector General report on a July breach at the Department of Energy points the finger at a number of technical and management missteps that facilitated the theft of personal data on 104,000 people.
Close to a half million Ucard users’ personal information may have been accessed in a breach at JP Morgan & Chase.