Tag Archives: OurMine

Security Never Sleeps- BitGlass Talks Infosec, Equifax Failure

OurMine hacks video hosting service Vevo; leaks 3.12TB data online

“White hat hacking group strikes again”

The self proclaimed White Hat Hacking group OurMine is back in the news and this time it has targeted Vevo and released nearly 3.12TB of its internal data online. According to analysis, some of the documents released online are of sensitive nature.

Rich Campagna, CEO of 10Fold client Bitglass has commented on situations likes this before, saying that: “Acquiring credentials to access sensitive data is increasingly easy and incredibly lucrative for today’s hackers. The ease with which credentials can be compromised starts with risky behavior among users. Many end-users, for example, have a habit of recycling passwords across corporate and personal accounts, including personal social media, banking, and corporate email. This practice poses a risk to all data accessible to that user.”

EQUIFAX OFFICIALLY HAS NO EXCUSE

“Over a week of failures has taken its toll”

Incompetence, failures, and general shady behavior in responding to its massive data breach from Equifax has confirmed that attackers entered its system in mid-May through a web-application vulnerability that had a patch available in March. In other words, the credit-reporting giant had more than two months to take precautions that would have defended the personal data of 143 million people from being exposed. It didn’t.

Northern Exposure: Data on 600K Alaskan Voters is Leaked

“Personal details leaked”

Researchers at Kromtech Security Center have discovered the personal details of over half a million US voters exposed to the public internet, once again thanks to a misconfigured database. It was a CouchDB database of 593,328 Alaskan voter records including names, addresses, dates of birth, voting preferences, household income and much more. The data in question is part of Voterbase; a larger trove of info on 191 million voters and 58m unregistered US voters managed by a TargetSmart.

Enjoy your read? Check out our other content here.

Security Never Sleeps- Playstation Hack, IoT Security

PlayStation Hack Affects Twitter Account

“What happened with PlayStation security”

The official PlayStation Twitter account has been subject to a security breach today, with hacking group OurMine supposedly taking responsibility. The only real evidence thus far comes from the affected account itself, with messages from the social feed allegedly coming from the group posted on the PlayStation Twitter. One also claimed that the PlayStation Network had been compromised, so any users may want to change passwords and other sensitive information.

How to improve IoT security

“Security and privacy risks always increasing”

A recent study from researchers at the technical University of Denmark, Sweden and many more, titled ‘Internet of Hackable Things’, have outlined the new privacy issues that surround the devices. Industries of particular concern include smart devices in healthcare, smart homes, and building operation faculties.

50% of Ex-Employees Can Still Access Corporate Apps

“Businesses drive risk of breaches”

Often times when employees are terminated or move to new roles elsewhere, firms forget to end access to corporate applications. Researchers at OneLogin have polled 500 IT managers to learn how they terminate staff login information and credentials in-house. Initial results trend towards administrators are not doing enough to protect against the potential breach risk from ex-employees.

Enjoy your read? Check out our other content here.

Security Never Sleeps- HBO Social Hack, Security Spending

HBO social media hacked in latest cyber security breach

“Facebook and Twitter accounts breached”

HBO has had two of its social platforms hacked in the latest cyber attack against the entertainment firm. OurMine, a hacker group, seems to have taken control of the main account posting messages such as “OurMine are here. we are just testing your security”. This is just the latest in many attacks on HBO, with notable recent incidents resulting in the leak of popular show Game of Thrones scripts and other company data.

Gartner Predicts Information Security Spending To Reach $93 Billion In 2018

“Security concerns grow with malware rise”

It seems that anyone who has anything to do with tech has probably had an endless stream of malware scares hitting their news feed seemingly daily. Data breaches, ransomware, Trojan’s, and much more are on the rise, prompting a big increase in security spending. Gartner released a report this week that predicts over $86.4 billion in information security spending, a 7% increase over last year. Further, the following year it will likely grow to $93 billion by the next year given current trends.

70% of DevOps Pros Say They Didn’t Get Proper Security Training in College

“Mostly on the job security processes”

A new Veracode survey shows that most DevOps pros don’t get adequate security training in their academic institutions. The vast majority of the respondents, about 70% of the 400 total, feel that their college did not prepare them to be successful, and 65% learned most relevant skills while they were on the job.

The data breach blame game

“UK business cyber threat is growing steadily”

Ever since the National Cyber Security Centre opened in February the UK has been hit by 188 high level attacks, and there were many other low level attacks that are difficult to quantify. This was big enough to bring in the NCSC.

Public outcry searching for answers leads many to impromptu blame and quick answers, while the truth is often much too complicated for such solutions. Certainly security systems must improve for business, and regulation will accompany this.

‘Indefensible’ hack could leave modern cars vulnerable to critical cybersecurity attack

“Advances necessary for safe systems”

A connect car hack has recently revealed that the systems is currently “indefensible by modern car security technology.” These vulnerabilities can put large numbers of consumers at considerable risk. Traditionally these attacks focus on specific models or makes of cars, such as the Jeep hack in 2015, while this threat target the controller area network. Trend Micro’s Forward-looking Threat Research team discovered the hack, and first posted the information on Wednesday in their blog.

Enjoy your read? Check out our other content here.