Items tagged with cyberattack

Cyber thieves may have stolen personal data of 90,000 people from two of the largest banks in Canada, including Bank of Montreal and Imperial Bank of Commerce. The banks are in the process of verifying the theft after the supposed culprits notified the financial institutions over the weekend that they were in possession of personal and financial records for a portion of their customers. Bank of Montreal is the fourth largest bank in Canada. The institution said it was contacted on Sunday by the cyber thieves, who claim to have stolen customer data relating to some of its 8 million customers across Canada. At present, Bank of Montreal believes that less than 50,000 of its customers are affected... Read more...
There continues to be mass fallout from the enormous “cybersecurity incident” that struck  Equifax back in mid-May (but wasn't discovered until late July). Equifax waited until yesterday to inform the world that the sensitive personal information of 143 million Americans had been exposed due to a website breach. While there have been larger hacks that have taken place in recent years, none contained such critical information like names, birthdates and social security numbers; which could be a virtual goldmine for those looking to sell this information on the black market. In some instances, even drivers license numbers and credit card numbers were obtained. Equifax has some provisions in... Read more...
As tension continues to build between Russia and the US over alleged cyber attacks, the US has begun contemplating issuing its own set of cyber attacks against the Kremlin. As we covered last weekend, the US government has formally accused Russia of being responsible for breaking into official servers and walking away with a trove of emails relating to the DNC. While as of last weekend, we were unaware of what counter-action the US might take, the picture this week has just become a little clearer. According to officials close to the matter, the US government is in the planning stages of deciding what kind of retaliation is suitable against Russia, while weighing the risk of potential backlash.... Read more...
In late December, a major power outage killed utility services for a large swathe of people in the Western Ukraine. Shortly after the incident, a number of cyber security experts pointed the finger at hackers and claimed some nefarious digital activities took down the power grid, but nothing had been officially confirmed at the time.But now the U.S Department of Homeland Security (DHS) Industrial Control Systems Cyber Emergency Response Team, or ICS-CERT, is reporting that the outage was caused by a measured cyber-attack against Ukrainian critical infrastructure.An alert published on the ICS-CERT website says, “On December 23, 2015, Ukrainian power companies experienced unscheduled power outages... Read more...
Another day, another high-profile security breach. This time the breach occurred across the pond at British telecom giant TalkTalk. TalkTalk is the United Kingdom’s second largest “quadruple play” service provider (offering phone, TV, broadband Internet and mobile phone service) behind Virgin Media. Given its massive size and its millions of customers, TalkTalk was a prime target for cyberattackers, and unfortunately, the company made it all too easy for the breach to occur. TalkTalk reported today that it is working in conjunction with the Metropolitan Police Cyber Crime Unit after it experienced a “significant and sustained cyber attack” on Wednesday. TalkTalk has roughly four million customers... Read more...
As the years pass, our lives continue to become intertwined even more with the Internet. Today, the Internet acts as a backbone to critical infrastructure, and much like the risk of someone exploiting a flaw to break into our home PC, a real risk exists that enemies of the government could break into and cause harm to utilities. It's for that reason that all governments are overdue on penning up agreements with friendly countries to lessen the chance of a cyberattack. Nonetheless, it's being reported that President Obama is going to be taking some important steps in this when he meets with Chinese resident Xi Jinping during a state visit. These are going to be early discussions,... Read more...
It looks as though the U.S. Government just can’t catch a break when it comes to cybersecurity issues. If it isn’t China that’s breaching the Office of Personal Management (OPM), accessing the personnel files of 21.5 million people, then the U.S. has to keep an eye for hackers originating from Russia. The latter is pegged as the source for the recent cyberattack on the Pentagon’s Joint Staff email system. If there’s any silver lining to today’s news, it’s that the email system contained “unclassified” information. The cyberattack, which occurred on July 25, affected around 4,000 military personnel that work for the Chairman of the Joint Chiefs. The email system has been offline since the breach... Read more...
To quote Ron Burgundy in Anchorman, "Boy, that escalated quickly. I mean that really got out of hand fast." He was referring to a deadly and chaotic showdown between various news stations, but he could have just as easily been talking about a recent security breach at the U.S. Office of Personnel Management (OPM) that's much worse than originally thought. It was initially reported that over 4.2 million current and former federal employees had their personnel data stolen as a result of the massive cybersecurity breach, but the Obama administration has now revealed that an additional 21.5 million individuals had their personal info compromised in the breach as well. That includes... Read more...
The parade of banks, insurance companies and retailers that have suffered data breaches has caused many people to store their passwords with sites like LastPass. The security company creates a unique password for each of the user’s logins and provides access to those passwords via a single, master password.Now, LastPass is admitting that at least some of its data has been comprised. The company believes that its customers are not vulnerable, but it concedes that email addresses and authentication hashes are among the data affected. Password reminders and server per user salts were also comprised. “In our investigation, we have found no evidence that encrypted uer vault data was taken, nor that... Read more...
With the government agencies like the NSA, the CIA, and the FBI looking to ratchet up efforts to spy on both U.S. citizens within our own borders, and on foreign interests abroad, today’s bombshell revelation suggests that maybe the U.S. should start taking measures to beef up its cybersecurity at all of its federal agencies, ASAP. The U.S. Office of Personnel Management (OPM) has confirmed that over four million current and former federal employees have their personnel data stolen as a result of a massive cybersecurity breach. Information gleaned includes what the OPM classifies as personally identifiable information or PII. A security breach of this scale could only have been pulled off by... Read more...
While so many of us were getting our college basketball on this weekend, Rutgers University was dealing with an entirely different kind of challenge in the form of a distributed denial-of-service (DDoS) attack. Triggered by the efforts of a malicious entity consisting of two or more people or bots, the intent of a DDoS is to indefinitely interrupt or suspend the services of a host connected to the Internet. The attack on the Rutgers computer networks apparently took place on Friday afternoon and originated in both China and Ukraine, according to NBC New York. In an email sent out Sunday to tens of thousands of Rutgers students at 2:30PM EST, approximately an hour after the university's website... Read more...
As we discovered late last week, Lenovo has been serving up some tainted Superfish via its consumer PCs. Once Lenovo was called out for its heinous actions, the company offered an apology and vowed to remove Superfish from shipping systems (it provided removal instructions and later an automatic removal tool for machines already affected by Superfish). However, the apology apparently wasn’t enough as Lenovo is already facing a lawsuit stemming from Superfish. Now it looks a though hacker group Lizard Squad is retaliating in its own, childish way. At around 4 PM EST, Lenovo.com was showing a slideshow of what appears to be rebellious teenagers as the song... Read more...
U.S. officials have long blamed North Korea for the digital attack that embarrassed Sony and nearly derailed The Interview late last year. But the idea that a tiny dictatorship could effectively censor a major movie studio in the United States hasn’t been sitting well with many. As unlikely as a successful North Korean cyberattack sounds, U.S. officials are sticking to the story and a report by The New York Times explains why they’re so sure: the National Security Agency has infiltrated North Korea’s networks for years.  The NSA’s involvement might explain why President Obama was willing weigh in on the attack, which he was careful to characterize as “an act... Read more...
On Monday, North Korea’s Internet was taken offline. The country suffered a complete Internet outage that lasted around nine hours before it was restored on Tuesday. However, the cause for the outage has yet to be determined. According to Dyn, a company based in the U.S. that monitors Internet infrastructure, the reason for the Internet outage in North Korea could range from technological glitches to hacking attacks. The company said that the country’s internet links, which pass through China, were unstable on Monday and then went completely offline "I haven't seen such a steady beat of routing instability and outages in [North Korea] before," said Dyn director of internet analysis Doug... Read more...
1 2 Next