PINDROP BLOG

Category: Hacking

June 22, 2017
Lawsuit Filed After Personal Data of Nearly 200 Million Voters Exposed
By Jonah Berg-Ganzarain A few days after the personal data of nearly 200 million registered American voters was accidently exposed online due to an “improperly configured security setting”, some of the people affected by the breach have filed a class-action lawsuit against the analytics company responsible for the leak. A total of 1.1 terabytes of data…
Read More →
June 21, 2017
Microsoft Makes Edge Bug Bounty Permanent
Microsoft is making the bug bounty for its Edge browser a permanent program, a significant change to the way the company incentivizes researchers to find vulnerabilities in the application. It’s been a little less than a year since Microsoft launched the bounty as a temporary offering with the Windows 10 Insider Preview. The idea was…
Read More →
June 21, 2017
Malvertising Campaign Tied to Ransomware Attack on UK Universities
The mobile ransomware infections that hit a number of universities in the U.K. recently have been traced back to a malvertising network and the Astrum exploit kit. The attacks against several universities, including University College London, emerged last week and initially there were fears that they were connected to the WannaCry ransomware outbreak. But researchers at…
Read More →
June 20, 2017
South Korean ISP Nayana Pays $1M Ransom to Decrypt Servers
An ISP in South Korea that was hit with a deep ransomware infection in recent days has agreed to pay more than $1 million to recover access to its encrypted data. The company, Nayana, said that it had been hit with the Erebus ransomware about 10 days ago, and spent several days trying to recover…
Read More →
June 19, 2017
Europol Hits Group Allegedly Selling Security Evasion Tools
Europol has arrested six people as part of a wide-scale operation to crack down on cybercriminals who sell tools such as crypters and anti-AV that help attackers evade security defenses. The operation involved authorities in several countries and over the course of several days earlier this month, Europol officials made arrests and conducted interviews in…
Read More →
June 16, 2017
Email Compromise Campaign Hits Hundreds of Companies
A large-scale, long-term business email compromise campaign has been targeting large industrial companies, including those in the energy, metals, and power sectors. The campaign has been running for several years and has included a variety of tactics, namely compromises of corporate email systems, network exploitation, social engineering, and highly targeted phishing messages. Researchers at Kaspersky…
Read More →
June 15, 2017
Study Finds Concerning Flaws in VoLTE Platforms
In recent years as VoLTE (Voice over LTE) services have grown more popular and the nation’s four largest cellular networks have adopted it, security concerns have begun to arise. In a new study presented at the Symposium on Information and Communications Technology Security (SSTIC) three researchers from P1 Security found new vulnerabilities and confirmed old ones regarding…
Read More →
June 14, 2017
DHS Points Finger at North Korea for Long Cyberattack Campaign
The United States government has issued a warning about an ongoing series of DDoS attacks and other cyber operations that it says began in 2009, and is pointing the finger squarely at North Korea. On Tuesday, the US-CERT, which is part of the Department of Homeland Security, published a technical alert in conjunction with the…
Read More →
June 13, 2017
Microsoft Releases Patches for Older Versions of Windows, Warns of Nation-State Attacks
Microsoft has taken the unusual step of issuing patches for a number of security vulnerabilities in older versions of Windows that the company says are “at heightened risk of exploitation” from nation-state attackers. As part of its normal Patch Tuesday update release, Microsoft released fixes for 16 vulnerabilities that affect several versions of Windows, including some that…
Read More →
June 13, 2017
Europol Dismantles International Fraud Ring
Police have dismantled a payment-card fraud network that stretched across Europe and had the capability to clone payment cards, install skimmers on ATMs, and is responsible for hundreds of thousands of dollars in losses. The fraud ring was operating not just in Europe, but also in the United States, the Dominican Republic, Peru, Malaysia, Costa Rica,…
Read More →
In a race of information vs. misinformation, what will deep fakes and data breaches look like? Register for our webinar to learn how to defend against these types of threats