Offline
Last week in the Facebook stated massive brenn that an access two others tokens 4 / 50 million accounts, people thought these tokens could have been used to access other third-party services like their Instagram or Twitter. Luckily nothing has been found that proves those claims right but there are a couple problems...
Offline
Homeland Security on Wednesday warned that a hacking group widely known as cloudhopper, which Western cybersecurity firms have linked to the Chinese government, has launched attacks on technology service providers in a campaign to steal data from their clients. The link to the Full article is below.
Offline
This Bloomberg article claims that the Chinese government compromised the supply chain of high end servers by forcing motherboard manufacturing subcontractors to install a chip that opens a tunnel to a remote server and listens for instructions, positioned in a place to where it can inject code while it's going from temporary memory to the CPU. Customers of the server company include the DoD, CIA, Amazon, Apple, and has servers on Navy warships, both houses of Congress. Story broke yesterday. Apple and Amazon are denying this claim. It's a long read, but incredibly interesting. The article is well-sourced, and is already being cited very widely by many other credible publications.
-Skyler D
Offline
Tiny microchips found on motherboards made by Super Micro Computer Inc. (aka Supermicro) for Elemental Technologies were not part of the original design and gave attacker a stealthy door into network system. The chips were supposedly inserted at factories in China. This was discovered when Amazon began to consider acquiring Elemental Technologies in 2015 and began a detailed looks at their hardware security. Servers from Elemental can be found be found in Department of Defense data centers, In CIA drone operations, and on naval warships. Elemental is only one of many customers of Supermicro. Link to the article here:
Offline
Panera bread company accidentally exposed customer records in plain text on it's site, including the names, emails, home addresses, birthdays, and the last 4 digits of peoples' card numbers. They were informed by someone that their security was breached by people that try to find that stuff. Soon after, they told fox news that the problem was fixed. It wasn't. It remained exposed for 8 months until they finally fixed it. This leak ended up exposing up to 37 million people's data. Another unfortunate thing is that is was very easy for black hat hackers to use an automated program to farm that data.
Here is the link:
-Jonathan Higgins
Offline
Former company NCIX, who was a company that sold computer hardware (mostly in Canada), has supposedly given hardware to the landlord of a storage facility in order to pay back debts. The landlord must've discovered that the hard drives contained sensitive information from former employees and anyone who purchased from the store. He then sold the data to other companies.
Offline
I accidentally posted this in the CTS 120 section last week. Oops.
Posted by Phil Bentz
Last edited by HawkLegion (10/15/2018 9:48 am)
Offline
US Universities were attacked by Iranian hackers over an alleged spree of attacks on more than 300 universities in the US. The suspects were charge with infiltrating 144 universities in 21 countries and 47 private companies. The hackers stole 31 terabytes of data which has been estimated to 3 billion dollars.