Posts

Hackers being resilient

Why steal cookies when you can take the whole cookie jar? One of our Service Provider partners has just informed us that one of their clients (who is now going to undertaking an ICTAA accreditation) was hacked this morning, the service provider has confirm that their client was using weak passwords which were brute-forced or simply guessed, one of their Office 365 admin accounts was compromised, what was alarming was the hacker didn't send any fake emails or even try...

Data Breach Notice: Social Engineered – 89,392 breached accounts

In June 2019, the "Art of Human Hacking" site Social Engineered suffered a data breach. The breach of the XenForo forum was published on a rival hacking forum and included 89k unique email addresses spread across 55k forum users and other tables in the database. The exposed data also included usernames, IP addresses, private messages and passwords stored as salted MD5 hashes. Stay safe out there!

Data Breach Notice: OGUsers – 161,143 breached accounts

In May 2019, the account hijacking and SIM swapping forum OGusers suffered a data breach. The breach exposed a database backup from December 2018 which was published on a rival hacking forum. There were 161k unique email addresses spread across 113k forum users and other tables in the database. The exposed data also included usernames, IP addresses, private messages and passwords stored as salted MD5 hashes. Stay safe out there!

Latest Threat Intelligence Summary (June 2019)

Web Attacks - Web attacks increased by 2 percent in May, marking the third consecutive month to see an increase. - The most common user names used in attacks included "admin", "root", and "default", while "123456", [BLANK], and "admin" were the top three passwords. - Like jacking topped the list of social media scam types, followed by like count scams.   Email - The email malware rate decreased in May to 1 in 602 emails. - At 1 in 257 emails, Mining topped the list of...

Data Breach Notice: Illawarra drivers licenses details

Illawarra drivers may have had their private details leaked to the media as part of a "political smear campaign", according to Wollongong MP Paul Scully. At the last election, a file containing names, addresses, ages and driving history - including those of then Labor leader Michael Daley - was leaked to the media by the office of Customer Service Minister Victor Dominello. The leak occurred after Revenue NSW advised Mr Dominello's office the file was a privacy breach and it must...

Data Breach Notice: Ordine Avvocati di Roma – 41,960 breached accounts

In May 2019, the Lawyers Order of Rome suffered a data breach by a group claiming to be Anonymous Italy. Data on tens of thousands of Roman lawyers was taken from the breached system and redistributed online. The data included contact information, email addresses and email messages themselves encompassing tens of thousands of unique email addresses. A total of 42k unique addresses appeared in the breach. Stay safe out there!

Data Breach Notice: Appartoo – 49,681 breached accounts

In March 2017, the French Flatsharing site known as Appartoo suffered a data breach. The incident exposed an extensive amount of personal information on almost 50k members including email addresses, genders, ages, private messages sent between users of the service and passwords stored as SHA-256 hashes. Appartoo advised that all subscribers were notified of the incident in early 2017. Stay safe out there!