Rsync errors lead to data breach at Canadian ISP, KWIC Internet

Rsync errors lead to data breach at Canadian ISP, KWIC Internet

Misconfigured Rsync instances across multiple servers has led to a data breach at a Canadian ISP, exposing sensitive information and affecting all of their customers. The ISP, KWIC Internet in Simcoe, Ontario, fixed the problems after...

01/20/17

Hello Kitty database leaked to the web, 3.3 million fans affected

Hello Kitty database leaked to the web, 3.3 million fans affected

A Sanrio database that was misconfigured and exposed to the public in 2015 was eventually secured by the company. In a statement, Sanrio said they didn’t believe any data was stolen. But that’s exactly what happened. Now, over a year...

01/09/17

ESEA hacked, 1.5 million records leaked after alleged failed extortion attempt

ESEA hacked, 1.5 million records leaked after alleged failed extortion attempt

E-Sports Entertainment Association (ESEA), one of the largest competitive video gaming communities on the planet, was hacked last December. As a result, a database containing 1.5 million player profiles was compromised.

01/08/17

FTC goes after D-Link for security problems

FTC goes after D-Link for security problems

The Federal Trade Commission (FTC) filed a complaint on Thursday against Taiwan’s D-Link and its U.S. subsidiary, D-Link Systems, Inc., alleging the company has put consumer privacy at risk with inadequate security measures.

01/05/17

The power grid hack that wasn’t – Vermont’s Burlington Electric

The power grid hack that wasn’t – Vermont’s Burlington Electric

On Friday, the Washington Post reported that Russian hackers had penetrated the U.S. power grid by compromising a utility in Vermont. The story was altered, and the initial claims were eventually retracted, but by the time this...

01/03/17

Agent applications for Nevada’s medical marijuana program exposed

Agent applications for Nevada’s medical marijuana program exposed

Agent applications for establishments looking to operate within Nevada’s medical marijuana program have been exposed to the public, enabling anyone to view an applicant’s personal details.

12/28/16

Phishing email scams 108 government employees, 756,000 people affected by breach

Phishing email scams 108 government employees, 756,000 people affected by breach

On Friday, The LA County Chief Executive Office issued a public notice that 756,000 Californians were going to be receiving breach notification letters, after a single Phishing email scammed more than one hundred county employees. The...

12/19/16

Data enrichment records for 200 million people up for sale on the Darknet

Data enrichment records for 200 million people up for sale on the Darknet

Full data enrichment profiles for more than 200 million people have been placed up for sale on the Darknet. The person offering the files claims the data is from Experian, and is looking to get $600 for everything.

12/13/16

Netgear working to fix flaw that left thousands of devices open to attack

Netgear working to fix flaw that left thousands of devices open to attack

A remotely exploitable vulnerability in the Nighthawk line of Netgear routers was disclosed on Friday. The flaw leaves customers exposed to having their connections hijacked, as someone exploiting the vulnerability can take complete...

12/12/16

After attack, Indiana county will spend $220,000 on Ransomware recovery

After attack, Indiana county will spend $220,000 on Ransomware recovery

After a Ransomware attack on November 4, Madison County, Indiana will spend more than $200,000 to recover, which includes paying the ransom and securing additional IT contracts to help prevent future attacks and improve recovery and...

12/08/16

FTC spam campaign snares thousands of targeted victims

FTC spam campaign snares thousands of targeted victims

Salted Hash has learned of a spam campaign that is using insurance document requests or the threat of an FTC lawsuit in order to get people to click a link included with the message, but the website doesn’t load anything malicious. In...

12/07/16

85 million accounts exposed in Dailymotion hack

85 million accounts exposed in Dailymotion hack

Breach notification service LeakedSource, announced on Monday that they have obtained 85.2 million records from Dailymotion, one of the largest video platforms on the Web. The compromised data consists of email addresses, usernames,...

12/05/16

Website taking donations for the assassination of Donald Trump and Mike Pence

Website taking donations for the assassination of Donald Trump and Mike Pence

A website launched earlier this week on the Darknet is calling for the assassination of President-elect Donald Trump and Vice President-elect Mike Pence, due to an extreme difference in opinion on their political views.

12/02/16

SF MUNI starts to restore systems, says no data compromised during attack

SF MUNI starts to restore systems, says no data compromised during attack

Focusing on the most critical systems first, the agency responsible for MUNI says IT teams are in the middle of their BCDR process this morning. The IT staff jumped into action after a ransomware attack forced some systems offline...

11/29/16

SF MUNI hacker lashes out, threatens to release 30GBs of compromised data

SF MUNI hacker lashes out, threatens to release 30GBs of compromised data

The person claiming responsibility for the attack on San Francisco’s MUNI says the SFMTA has lax security, and warns that if the ransom isn’t paid, they’ll release 30GB of compromised data.

11/28/16

Ransomware forces SFMTA to give free rides, $73,000 demanded by attackers

Ransomware forces SFMTA to give free rides, $73,000 demanded by attackers

On Saturday evening, reports from San Francisco outlined a malware attack causing problems for SFMTA. MUNI riders were given free access after station payment machines and schedule monitors started displaying a “You Hacked” message,...

11/27/16

Malicious images on Facebook lead to Locky Ransomware

Malicious images on Facebook lead to Locky Ransomware

Researchers have discovered an attack that uses Facebook Messenger to spread Locky, a family of malware that has quickly become a favorite among criminals. The Ransomware is delivered via a downloader, which is able to bypass...

11/21/16

412 million FriendFinder accounts exposed by hackers

412 million FriendFinder accounts exposed by hackers

Six databases from FriendFinder Networks Inc., the company behind some of the world’s largest adult-oriented social websites, have been circulating online since they were compromised in October. LeakedSource, a breach notification...

11/13/16

Salted Hash Live Blog – Election Day 2016

Salted Hash Live Blog – Election Day 2016

Salted Hash will be providing continuous coverage of today’s election. This year’s election is one of the first in living memory where the topic of hacking isn’t just a passive subject – it’s a reality. Throughout 2016, someone (the...

11/08/16

BGP errors are to blame for Monday’s Twitter outage, not DDoS attacks

BGP errors are to blame for Monday’s Twitter outage, not DDoS attacks

Early Monday morning, for about thirty minutes, Twitter went dark. Almost immediately, once service was returned, people started speculating about a massive attack. However, Monday’s outage wasn’t anything malicious, by all accounts...

11/07/16

Load More