PINDROP BLOG

Category: Hacking

November 11, 2016
Yahoo Data Breach May Have Been Identified in 2014
Some Yahoo employees were aware that the company had been compromised as far back as 2014, even though Yahoo officials only disclosed the breach affecting 500 million users two months ago, the company said in a regulatory filing. The company also said that on Monday, law enforcement officials informed Yahoo that a hacker had come…
Read More →
November 10, 2016
Google to Label Some Sites as Malicious Repeat Offenders
Google is planning to make life a little more difficult for some site owners who host malware, by adding new warnings to its Safe Browsing system to let users know that the sites are known to repeatedly add and remove malicious content to try and trick Google’s system. The company’s Safe Browsing system is used…
Read More →
November 10, 2016
House Lawmakers to Look at Mirai Botnet DDoS Attacks
A pair of House subcommittees are planning to hold a joint hearing to look at the role that IoT devices have played in a number of recent DDoS attacks. Much of the high-profile DDoS activity that’s taken place lately has been attributed to the Mirai botnet, a series of networks made up of compromised embedded devices.…
Read More →
November 9, 2016
Tesco Bank Refunds £2.5 Million, Restores Online Service After Attack
Two days after suspending all online payments following an attack, Tesco Bank in the U.K. has resumed full service and bank officials say they have refunded about £2.5 million to customers affected by the incident. The exact nature of the attack on the bank’s customers still isn’t clear, but last weekend many Tesco customers reported that significant amounts of…
Read More →
November 7, 2016
On the Wire Podcast: Avi Rubin
The news has been full of headlines for weeks about election fraud, voting machine hacking, and all kinds of other scary sounding stuff. Much of the coverage has been hyperbolic to say the least, so we decided to get some clear-headed, rational thoughts on the topic from Avi Rubin. Avi is a professor at Johns…
Read More →
November 4, 2016
Mirai Botnet Attacks on Liberia Drop Off
The attacks from the Mirai botnet against targets in the country of Liberia that have been ongoing for several days have now stopped, at least for the time being. For more than a week, attackers have been throwing short, but highly potent DDoS floods of various types against a number of sites in the small…
Read More →
November 3, 2016
Attackers Using Mirai Botnet to Target Liberia’s Internet Connection
One of the pieces of the fragmented Mirai botnet is using its massive capacity to attack telecom providers in the small African country of Liberia and the attacks are strong enough to cause intermittent loss of connectivity inside the country, researchers say. The attacks against Liberia have been going on for at least week and…
Read More →
November 2, 2016
Microsoft, Google, and User Safety
There was a time in the not-so-distant past when nasty public fights between Microsoft and various researchers over when and how to disclose vulnerabilities were just about a weekly occurrence. That time thankfully has passed, but, as the current disagreement between Google and Microsoft over Google’s disclosure of a Windows zero day makes clear, everyone…
Read More →
November 2, 2016
Microsoft Says Russian Group Exploiting Windows Zero Day
Microsoft’s security team says the zero-day vulnerability in Windows discovered by Google researchers recently is being exploited by an attack group that has been linked to the hacks of the Democratic National Committee and other political targets in the United States. The group, which Microsoft calls Strontium, has been linked to Russia and Microsoft officials said…
Read More →
November 1, 2016
IoTSeeker Scanner Finds Smart Devices With Dumb Credentials
With the Mirai botnet still wreaking havoc, and other IoT botnets appearing, security researchers are looking for ways to discover the insecure devices that are being targeted by attackers before they can be compromised. One such effort is a new scanner that will check networks for devices that are using default credentials, which often are exploited…
Read More →