The Data Breach Blog
An attacker gained unauthorized access to a North Carolina State University account containing personally identifiable information.
The Vermont Fish & Wildlife Department reported that customer data may have been compromised on two separate occasions.
An unauthorized individual gained access to certain Acer Service Corporation ecommerce customer's payment information.
Multi-Color, a label solutions firm, reported that a break-in at a third party affiliate resulted in the compromise of employee personally identifiable information.
Connecticut-based Stamford Podiatry Group is notifying its patients that medical and personal information was compromised in a recent security incident.
The Threat Hunter Blog
Well, it's been quite an eventful time since last I posted. I have so much in the works that it is hard to tell where to begin. It seems that we are seeing new flavors of ransomware every week and botnets seem to come and go with a frequency we've not seen in a while. This week, though, I promised Dridex, so Dridex it is.
The computer media has been screaming it for the past few days: Locky is back! Dridex is back! Of course they are... these are two of the most prolific - and prosperous - malwares around at the moment.
There have been quite a few reports by researchers over the past week or so that the Necurs botnet and the Angler exploit kit are dead and buried. But don't hold your breath and don't get rid of your Angler signatures just yet.
This is going to be a bit different from my usual blog postings but I think the time is good for this discussion for several reasons. First, the notion of constructive and responsible disclosure of bugs is a clear issue for threat hunters.
These two malwares have been much in the news over the past week or so.
About Dr. Stephenson
SC Magazine Articles
- WhatsApp in the spotlight after Turkey publishes messages of coup officers
- Trump's Russian interests and Guccifer 2.0
- WordPress Summer of Pwnage: 64 holes in 21 days
- Russian hackers take the stage at DNC convention
- Proliferation of hacker culture helped keep Anonymous from being branded terrorist org
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- CEO sacked after aircraft company grounded by whaling attack
- Some U.S. Bancorp workers' W-2 info exposed in ADP data breach
- Microsoft warns of new, self-propagating ransomware in the wild