Incident Response, TDR, Vulnerability Management

News briefs: The latest happenings in the security industry

» Hackers ransacked the servers of Drupal.org, an open source content management platform, to plunder the sensitive information of nearly one million accounts. According to the Drupal Association, which supports the open source CMS project Drupal, a flaw in third-party software installed on company servers enabled the intrusion. Usernames, email addresses, country information and hashed passwords were exposed in the incident, causing the company to reset the passwords for its entire user base. 

» The state Senate in California unanimously passed a law that expands the types of compromised consumer data that is sheltered under its breach notification law. Existing state law only requires notification when unauthorized individuals obtain unencrypted Social Security numbers, driver's license numbers, medical information, health insurance information and specific financial account information, such as credit card numbers with security codes. But, the new legislation, passed in late May, would also include usernames or email addresses, “in combination with a password or security question and answer that would permit access to an online account. The bill, SB-46, now makes its way to the state Assembly for a vote.

» International authorities shut down Liberty Reserve, a go-to money transfer service used often by cyber criminals. The website for the Costa Rica-based online business, which allowed users to anonymously move money and convert digital currency, was seized by U.S. law enforcement, while its founder Arthur Budovsky was arrested by Spanish police. According to prosecutors, Liberty Reserve laundered more than $6 billion in criminal proceeds throughout its existence and facilitated a range of illegal activity, including computer hacking, credit card fraud, drug trafficking, investment fraud, child pornography and identity theft. Along with Budovsky, six others were charged in connection with the outfits's operations. With the shuttering, the research community believes digital crooks will soon migrate to other e-currency services, or more readily use Bitcoin, an open-source digital currency that has grown in popularity.

» Attackers used a portion of the U.S. Department of Labor (DoL) website to host malicious code that could infect visitors with the Poison Ivy remote access trojan. The compromised page for the Site Exposure Matrices (SEM) was quickly pulled offline, but researchers soon discovered that it was serving an exploit that took advantage of a previously unknown vulnerability in Internet Explorer 8. Microsoft fixed the dangerous bug in its scheduled Patch Tuesday security update in May, about a week after the infected page was discovered.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.