Observations on articles I read to keep current about technology. My interests are: Privacy, security, business, the computer industry, and geeky stuff that catches my eye.
I don't think I have an agenda beyond my own amusement.
Note that I lump all my comments into a single post. This is not a typical BLOG technique, It's just an indication that I'm lazy.
Funcom, makers
of The Secret World, The Longest Journey, Age of Conan and Anarchy Online,
announced earlier this morning that their forums have been compromised and user
data exposed.
In an announcement
on their website, Funcom announced that the data breach for the four games
above included encrypted passwords, user names and e-mail addresses. “Even though passwords were encrypted, these
can be cracked and should be considered compromised,” the company said.
According to the LeakedSource data breach monitoring hub,
many of the forum passwords have already been cracked. On the English forums for The Secret World
alone, more than 81,000 passwords from nearly 228,000 users had been cracked.
Hackers Steal 25 Million Accounts From Mail.Ru Domains
…LeakedSource, a service that allows users and
businesses to check if their online accounts have been compromised, reported on
Wednesday that cybercriminals obtained roughly 25 million username and password
combinations from three different domains: cifre.mail.ru, parapa.mail.ru and
tanks.mail.ru. The affected domains host
forums for games acquired by the Mail.Ru Group over the past years.
The passwords were stored as MD5 hashes with and without
salts, which has allowed LeakedSource to easily crack millions of them. The most
common passwords appear to be 123456789, 12345678, 123456 and
1234567890.
…the many password reuse attacks detected recently by companies such
as Facebook, GitHub, Reddit and Netflix show that even older credentials can be
useful for malicious actors.
For my Computer Security students.Be prepared to discuss ways to reduce this
risk!
A press release about the financial sector that may be of
interest to some readers:
CAMPBELL, CA–(Marketwired – Aug 25, 2016) – Bitglass, the total data protection
company, today announced the availability of its Financial Services breach
report, an analysis of all breaches in the sector since 2006, with data
aggregated from public databases and government mandated disclosures. The report reveals that leaks nearly doubled
between 2014 and 2015, a growth trend on track to continue in 2016. The nation’s largest banks have all suffered
leaks at some point in the recent past. In the first half of 2016 alone, five of the
nation’s top 20 banks disclosed breaches.
The report also explores the most common causes of data
leaks in the sector. Led by lost and
stolen devices at 25.3 percent of breach events, financial services
organizations appear to struggle with data protection on managed and unmanaged
devices. While hacking accounted for a
disproportionate number of individuals affected by financial services breaches,
only one in five leaks were caused by hacking. Other breaches were the result of unintended
disclosures, malicious insiders, and lost paper records.
Key findings:
One in four breaches in the financial services sector
over the last several years were due to lost or stolen devices, one in
five were the result of hacking. Fourteen percent of leaks can be attributed
to unintended disclosures and 13 percent to malicious insiders.
Five of the nation’s 20 largest banks have already
suffered data breaches in the first half of 2016.
In 2015, 87 breaches were reported in the financial
services sector, up from 45 in 2014. In the first half of 2016, 37 banks
have already disclosed breaches.
Over 60 organizations suffered recurring breaches in
the last decade, including most major banks.
JP Morgan Chase, the nation’s largest bank, has
suffered recurring breaches since 2007. The largest breach event, the
result of a cyberattack, was widely publicized in 2014 and affected an
estimated 76 million U.S. households. Other breaches at JPMorgan were due
to lost devices, unintended disclosures, and payment card fraud.
Of the three major credit bureaus, the 2015 Experian
leak was the largest, affecting 15 million individuals. Equifax has also
disclosed several recent breaches, including unauthorized accesses earlier
this year that affected hundreds of thousands of individuals.
Relaxing Privacy Vow, WhatsApp to Share Some Data With
Facebook
When Facebookbought
the start-up WhatsApp in 2014, Jan Koum, WhatsApp’s co-founder, declared
that the deal would not affect the digital privacy of his mobile messaging
service’s millions of users.
…WhatsApp said on
Thursday that it would start disclosing the phone numbers and analytics data of
its users with Facebook. It will be the
first time the messaging service has connected people’s accounts to the social
network to share information, as Facebook tries to coordinate information
across its collection of businesses.
This is the world my Computer Security students will live
in.Still, I don’t think I’d call it a “Hackerpocalypse.”
Cybercrime damages expected to cost the world $6 trillion by
2021
Cybercrime will continue its stratospheric growth over the
next five years, according to a recent report published by Cybersecurity Ventures. (Disclaimer:
Steve Morgan is the Founder and CEO at Cybersecurity Ventures.)
While there are numerous contributors to the rise in
cybercrime -- which is expected to cost the world more than $6 trillion by
2021, up from $3 trillion in 2015 -- the most obvious predictor is a massive
expansion of the global attack surface which hackers target.
I live in Centennial Colorado. (I'm not actually 100 years old., but I hope to be some day.) I'm an independant computer consultant, specializing in solving problems that traditional IT personnel tend to have difficulty with... That includes everything from inventorying hardware & software, to converting systems & data, to training end-users. I particularly enjoy taking on projects that IT has attempted several times before with no success. I also teach at two local Universities: everything from Introduction to Microcomputers through Business Continuity and Security Management. My background includes IT Audit, Computer Security, and a variety of unique IT projects.
No comments:
Post a Comment