I keep getting asked about what’s happening in the news. Because I’m so efficient—and that’s hacker-speak for lazy—I go to a couple key sources for news. One of my absolute favorites is Patrick Gray’s Risk.biz
Since I'm often sharing links of note and important news, I thought I'd share this information with a broader audience in case it helps you out, too. So for this week, here's a small selection of some recent news:
Breaches you should know about:
- Hack Brief: Hackers Steal 15M T-Mobile Customers' Data From Experian | WIRED
- This one is important because T-Mobile found themselves in hot water after THEIR data was stolen from a business partner. I always rant about custodianship, this is good story to highlight why more organizations need to be better custodians of data.
- Scottrade Breach Hits 4.6 Million Customers — Krebs on Security
- Trump Hotel Collection Confirms Card Breach — Krebs on Security
- Patreon was warned of serious website flaw 5 days before it was hacked | Ars Technica
- Gigabytes of user data from hack of Patreon donations site dumped online | Ars Technica
- The TL;DR of the Patreon event is underscoring your ability to track what is changing. What's on the edge, exposed to the internet. If that changes, stay on top of it- if it's wrong, fix it FAST... if someone points it out, they probably weren't the first to see it (fix it faster!)
- Employee faces 25 years after giving his password to Anonymous (language warning)
- It's one thing to have your password stolen. It is yet another to give it away. Lots going on with this story—check it out.
Interesting vulnerabilities you should have heard about:
- Backdoor infecting Cisco VPNs steals customers’ network passwords | Ars Technica
- Netgear Router Vulnerabilities Public Exploits | Threatpost | The first stop for security news
Management related content