Exploit This

Security News, Exploits, and Vulnerabilities.

Feds Indict Three in 2011 Epsilon Hack

U.S. federal prosecutors in Atlanta today unsealed indictments against two Vietnamese men and a Canadian citizen in connection with what’s being called “one of the largest reported data breaches in U.S. history.” The government isn’t naming the victims in this case, but all signs point to the 2011 hack of Texas-based email marketing giant Epsilon.

Animals in the APT Farm

Over the years we have tracked multiple campaigns by an advanced threat actor we call Animal Farm. The group has targeted a wide range of global organizations.

Intuit Failed at ‘Know Your Customer’ Basics

Intuit, the makers of TurboTax, recently introduced several changes to beef up the security of customer accounts following a spike in tax refund fraud at the state and federal level. Unfortunately, those changes don’t go far enough. Here’s a look at some of the missteps that precipitated this mess, and what the company can do differently going forward.

Credit Card Breach at Mandarin Oriental

In response to questions from KrebsOnSecurity, upscale hotel chain Mandarin Oriental Hotel Group today confirmed that its hotels have been affected by a credit card breach.

Who’s Really Spreading through the Bright Star?

Security researchers recently announced that that the official website for the Korean Central News Agency of the Democratic People’s Republic of Korea has been serving malware disguised as a Flash Player update. The immediately conspicuous code is still active on… Read Full Article

Skyfall Meets Skype

The portmanteau-named SKYPEFALL.EXE is the latest, very active, malware-spamming campaign spreading through Skype.

Dating Lisa for 1 Euro

Last night I got a unexpected SMS in German language on one of my phones. A message from “Lisa”, pretending to know me, including an url luring the reader to a picture of her. The short-url points to the domain… Read Full Article

Threats to Children Online: The Danger is Real

Children today are often far more active Internet users than their parents. Is it safe enough for children to use without fear of facing inappropriate content? To find out we decided to investigate potential online threats to children.

Hospital Sues Bank of America Over Million-Dollar Cyberheist

A public hospital in Washington state is suing Bank of America to recoup some of the losses from a $1.03 million cyberheist that the healthcare organization suffered in 2013.

In April 2013, organized cyber thieves broke into the payroll accounts of Chelan County Hospital No. 1 , one of several hospitals managed by the Cascade Medical Center in Leavenworth, Wash. The crooks added to the hospital’s payroll account almost 100 “money mules,” unwitting accomplices who’d been hired to receive and forward money to the perpetrators.

Natural Grocers Investigating Card Breach

Sources in the financial industry tell KrebsOnSecurity they have traced a pattern of fraud on customer credit and debit cards suggesting that hackers have tapped into cash registers at Natural Grocers locations across the country. The grocery chain says it is investigating “a potential data security incident involving an unauthorized intrusion targeting limited customer payment card data.”

%d bloggers like this: