Group items tagged

"The criminals were able to send banner ads and javascript to their targets' computers by pushing both into ad networks. These networks aggressively scan advertisers' javascript for suspicious code, so the criminals needed to sneak their bad code past these checks."

"Michael said recent threats to the security of government-held data such as the census failure should raise real concerns about the storage of biometric data en masse. "I am worried about theft, I don't buy the story that your data is safe. I think we've become almost complacent 'oh there's been another data breach. Oh they hacked in and stole the data'," she said. "Is the next phase of rollout going to be 'oh my e-health records were taken', 'oh my biometrics at border control were taken'?""

"In case you're wondering what could be wrong with entrusting secret keys to the government for use "in exceptional circumstances", just ponder this: a few months ago, hackers (suspected to be Chinese) stole the personnel records of 21.5 million US federal employees, including the records of every person given a government background check for the last 15 years."

"The hackers who stole 4.5 million patient records from an American hospital network might have exploited the infamous Heartbleed bug to carry out the hack - the first time the bug has been reported to be at the center of a high-profile breach."

"After a successful phishing attack that captured over 50 accounts, hackers stole 500,000 records from the San Diego Unified School District, for staff, current students, and past students going all the way back to 2008; including SSNs, home addresses and phone numbers, disciplinary files, health information, emergency contact details, health benefits and payroll info, pay information, financial data for direct deposits."

"Fidelis malware mangler Jason Reaves says the TrickBot malware has strong code similarities to the Dyre trojan, a menace that ripped through Western banks and businesses in the US, the UK, and Australia, inflicting tens of millions of dollars in damages through dozens of separate spam and phishing campaigns since June 2014. Dyre stole some US$5.5 million from budget carrier Ryanair and fleeced individual businesses of up to $1.5 million each in substantial wire transfers using stolen online banking credentials."

"The hacker who is taking responsibility for breaking into T-Mobile US Inc.'s systems said the wireless company's lax security eased his path into a cache of records with personal details on more than 50 million people and counting."

"Pornbots create fake accounts that are designed to mimic real people. They steal photos from public social media accounts, and follow the real profile's friends. They tack on suggestive captions and post links to external paid adult sites. The fake accounts choose @usernames that are deceptively similar to those they impersonate. And for good measure, the fake accounts block the person they're copying, making it difficult for the victim to see or interact with them."

BOB SAGET. While in class with you, I mentioned this article and for some reason (probably to annoy me) you stole it before I could get to it. I'm upset and disapointed in you BOB SAGET.

"Dubbed SilentFade (short for "Silently running Facebook Ads with Exploits"), the malware compromised Facebook accounts and used them to promote malicious ads, steal browser cookies and more. The social-media giant said that the Chinese malware campaign started in 2016, but it was first discovered in December 2018, due to a suspicious traffic spike across a number of Facebook endpoints. After an extensive investigation, Facebook shut down the campaign and pursued legal action against the cybercriminals behind the attack in December 2019. "

"DATA LEVERAGE CAN be deployed through at least four avenues: direct action (for instance, individuals banding together to withhold, "poison," or redirect data), regulatory action (for instance, pushing for data protection policy and legal recognition of "data coalitions"), legal action (for instance, communities adopting new data-licensing regimes or pursuing a lawsuit), and market action (for instance, demanding large language models be trained only with data from consenting creators). "