Larry Jaffee, Author at SC Media

Larry Jaffee

Most recent articles by Larry Jaffee

2 minutes on: Keeping the chill off journalism

26M LiveJournal bloggers’ credentials a hit on dark web six years later

Six years after blogging platform LiveJournal was hacked, the credentials of some 26 million users are being sold and traded on multiple hacker forums and the dark market. Complicating the breach’s fallout, the database’s old and/or unique passwords have allowed bad actors to launch targeted sextortion email campaigns. Another blogging platform, Dreamwidth, says it’s withstood…

Data Breach Disclosure

Arbonne breach of 3,500+ Calif. residents’ PII could test privacy law

The exposure of the PII of more than 3,500 California residents in the database of international multi-level marketing firm Arbonne following a breach on April 23 offers a glimpse into whether the state will enforce its new privacy statute that went into effect in January. Almost half of a four-page information sheet from Arbonne describing…

Phishing campaigns leverage Google Firebase storage

New phishing campaigns tracked by Trustwave deploy schemes that harvest credentials by taking advantage of “the reputation and services” of the Google Cloud’s Firebase mobile and web application development platform. The bogus emails cut across industries and tap Firebase’s data storage API in a Google Cloud Storage bucket, while hiding malicious URLs in phishing emails…

Israel comes under cyber attack

Israeli websites defaced, as more offensive cyber activity flares up in Middle East

Following a month of cyberattacks involving Iran and Israel, experts are reluctant to predict all-out digital warfare between the nation states, despite the obvious recent tit for tat that underscores age-old, religion-based tensions. The latest possible salvo came May 21, when approximately 1,000 corporate and manufacturing targets within Israel were afflicted with defacements and denial…

Nigerian ‘Scattered Canary’ gang exploits CARES Act with fraudulent unemployment claims

Adding COVID-19 exploitation to its nefarious arsenal targeting governments, the Nigerian Scattered Canary criminal gang most recently attempted to exploit the CARES Act on May 17, filing two fraudulent unemployment claims through Hawaii’s Department of Labor and Industrial Relations website. The bogus claims were part of a larger criminal effort in the past month that…

British airline easyJet breached, data of 9 million customers compromised

An attack against British airline easyJet by “a highly sophisticated source” accessed the email addresses and travel details of approximately nine million customers, including credit card details of 2,208 customers. The company did not reveal when it learned of the attack or what a forensic investigation revealed, nor did it specify the breach date.  Although the…

facebook

Facebook’s European dating service held up over data protection, privacy concerns

After Facebook was stopped from launching a dating service in Europe on Feb. 13, infosec experts are left wondering if the social media network had learned anything from the Cambridge Analytica debacle in 2018 or the platform’s other data privacy transgressions. The EU found Facebook committed data protection violations within the forthcoming service, such as…

Huawei responds to allegations of NSA hacking

Justice Dept. expands Huawei indictment, charging 5G espionage

The U.S. government expanded its year-old lawsuit against Chinese tech firm Huawei, alleging the company conducted cyber espionage on six American competitors in an attempt to steal trade secrets to gain an unfair advantage. Filed in the federal court’s Southern District in Brooklyn, the indictment charges that Huawei’s activities violated racketeering laws by illegally gaining…

Next post in Security News