Networking software giant Citrix Systems says malicious hackers were inside its networks for five months between 2018 and 2019, making off with personal and financial data on company employees, contractors, interns, job candidates and their dependents. The disclosure comes almost a year after Citrix acknowledged that digital intruders had broken in by probing its employee accounts for weak passwords.
To protect query privacy, browser maker will run everything through Cloudflare
On Friday, Mozilla said it plans to implement the DNS-over-HTTPS (DoH) protocol by default in its Firefox browser, with a slow rollout starting in late September.
Under development since 2017, DoH transfers domain-name queries – which try to match domain names with server IP addresses – over a secure, encrypted HTTPS connection to a DNS server, rather than via an unprotected, unencrypted bog-standard DNS connection.
If Uncle Sam could quit using insecure .zip files to swap info across the ‘net, that would be great, says Silicon Ron Wyden
Influential US Senator Ron Wyden (D-OR) is not happy about Uncle Sam’s employees using insecure .zip files and other archive formats to electronically transfer information.
The Oregon Democrat today sent a letter [PDF] to Walter Copan, director of America’s National Institute of Standards and Technology (NIST), asking that the standards body put together a guidance document for government workers on alternatives to .zip archiving tools.
ON TUESDAY, RADIOHEAD guitarist and composer Jonny Greenwood made an announcement on Twitter and Facebook: The band had been “hacked,” and the perpetrator attempted a $150,000 shakedown to prevent the public release of the files. In response? Radiohead dumped all of it online for free. You can stream it below for the next 18 days, or buy it on Bandcamp for about $23. All proceeds will go to a climate protest organization called Extinction Rebellion.
Medical testing giant LabCorp. said today personal and financial data on some 7.7 million consumers were exposed by a breach at a third-party billing collections firm. That third party — the American Medical Collection Agency (AMCA) — also recently notified competing firm Quest Diagnostics that an intrusion in its payments Web site exposed personal, financial and medical data on nearly 12 million Quest patients.
The US Customs and Border Patrol today said hackers broke into one of its bungling technology subcontractors – and made off with images of people and their vehicle license plates as they passed through America’s land border.
The CBP issued a statement outlining how it learned on May 31 that the unnamed contractor, against Uncle Sam’s privacy rules and security measures, copied license plate scans and traveler pictures to its own network, only to have that network invaded by hackers and the data stolen.
We asked cybersecurity experts to scour the dark web for our personal information. What they found was disturbing.
What do Dunkin’ Donuts, Fortnite, Sprint and the Dow Jones company all have in common? They’ve all suffered from massive hacks in 2019 alone.
After every data breach, victim data often surfaces on the encrypted “hidden” internet known as the dark web, a network of sites that can only be accessed with special security software. Dark web markets operate like the ecommerce websites we shop on every day, but often trade in illicit goods like drugs, weapons and stolen data.
Almost exactly one year ago, KrebsOnSecurity reported that a mere two hours of searching revealed more than 100 Facebook groups with some 300,000 members openly advertising services to support all types of cybercrime, including spam, credit card fraud and identity theft. Facebook responded by deleting those groups. Last week, a similar analysis led to the takedown of 74 cybercrime groups operating openly on Facebook with more than 385,000 members.
As companies increase their cybersecurity defenses, fraudsters are now targeting call centers with easily obtained and plentiful personally identifying information and they are sharing it too.
A report from TRUSTID confirms that call center professionals are being inundated with social engineering attempts from fraudsters looking to takeover customer accounts.
The results spotlighted six insights…
Few if any, organizations on the planet operate at the size and scale of Walmart. Scale isn’t just about normal retail operations either; it also comes in play with how the organization handles its own security resiliency testing.
In a session at the RSA Conference here, Jason O’Dell, director of incident response and hunt at Walmart, explained how the world’s largest retailer uses an innovative approach known as purple teaming at scale to improve security and reduce risk.