Tag Archives: GitHub

Security Never Sleeps- Uber Breach, LA Cybersecurity

FTC: Uber Failed To Protect 100,000 Drivers In 2014 Hack

“Uber lacking security in several areas”

The Federal Trade Commission had ruled that Uber must upgrade its security systems after reviewing its current programs and finding them lacking. The review revealed evidence that a 2014 data theft had been twice as large as originally reported,where details of 100,000 drivers leaked to an intruder. The leak was made possible when the cybercriminal  was able to view driver data on an Amazon Web Services store in plain text.

Los Angeles plans to launch a cybersecurity threat-sharing group with city businesses

“Expected to lead as part of larger trend between state and business”

The city of Los Angeles has now officially announced a collaboration of cybersecurity threats with businesses that operate in the city. Industry organizations and federal agencies have made certain agreements that threat-share with each other in the past, however none have reached the scope and incorporation of SME’s that Los Angeles is orchestrating. Initial partners include video game production firm Riot Games, law firm O’Melveny and Myers and mall operator Westfield.

Automating cloud compliance

“Headchange needed for quality security”

Security systems are often viewed by individuals and firms as point-in-time activities. Standards and regulations are often based on this model, especially in cloud computing where customers are generally more in flux and rarely static. But in reality, constant compliance, auditing, and assurance programs are the only real way to ensure the viability of your protection.

Greed drives malevolent insider to steal former employer’s IP

“Remote IP theft”

Design and engineering firm Allen & Hoshall has fallen victim to a growing trend in IP crime. Remote theft of company data and ideas is growing, and Jason Needham, after founding the competing firm HNA-Engineering, helped himself to their ideas and research remotely via hacking.

Enjoy your read? Check out our other content here.

10Fold- Security Never Sleeps- 139

Windows SMB Zero-Day Exploit On The Loose

“As of now, no patch available”

US-CERT and many other organizations have been warning since Friday of a zero-day vulnerability in several versions of Microsoft Windows. The corruption bug is capable of giving hackers the ability to remotely crash and reboot a users system. The PoC code that allows for the exploitation is publicly available for any cybercriminal to use has been released on GitHub.

InterContinental Confirms Breach at 12 Hotels

“Credit card vulnerabilities acknowledged”

The parent company for thousands of different hotel has announced that at least 12 of its properties were affected by a breach of its servers, possible allowing credit card information to be stolen from its customers. KrebsOnSecurity first reported the story over a month ago, however InterContinental Hotels Group have only recently publicly acknowledged the incident.

29,000 taxpayers affected by W-2 scams

“IRS issues new warning amidst reports of compromised W-2 increases”

The newest warning advisory from the IRS coincides with additional plans that the agency has recently announced, including delays on refunds for early filings among others in an effort to combat identity theft and fraudulent activities. Employers have also been informed that the W-2 scam has moved to schools, nonprofits and tribal ogranizations.

Hacker hijacks thousands of publicly exposed printers to warn owners

“Rogue messages sent to prove a point about vulnerability of internet connected devices”

Recent research has has shown that many connected printer models are vulnerable to attack, a point that a hacker known under the alias as Stackoverflowin made reality to thousands of exposed devices. Messages were sent via the printer by Stackoverflowin, that depicted the dangers of unsecured devices.

Polish Banks Hacked via Malware Coming from Financial Regulator

“Largest hack in nations history”

Malware has been discovered on the servers pf many Polish banks, seemingly installed by the Polish Financial Supervision Authority (KNF). The banking sector considers this n attack on the financial sector.