The FBI arrested a former software engineer from Seattle on charges of compute fraud and abuse after she accessed Capital One Financial Corporation data through a misconfigured web application firewall and stole Social Security numbers, names, birthdates, bank account numbers and other personal information on more than 100 million people.
cy last week and claimed to have stolen personal information of 2,500 members of the LAPD and 17,500 applicants to the police force. Out of an abundance of caution we’re applying extra layers of security around our personnel system and enhancing defenses,” L.A. General Manager Ted Ross told NBCLA. The agency received a message from the self-proclaimed hacker who offered to provide evidence that the names, partial Social Security numbers, birthdates, email addresses and passwords.
VxWorks, a real-time operating system (RTOS) that runs on more than 2 billion devices — many in industrial, health-care and enterprise environments — has been found to contain 11 vulnerabilities, six of which are critical flaws that enable remote code execution. Around 200 million devices are running the vulnerable versions of the RTOS, according to researchers.
Researchers have come across a new Android ransomware family, nicknamed Android/Filecoder.C. that uses victims’ contact lists in an attempt to spread through SMS texts containing malicious links. According to ESET, Android/Filecoder.C. is poorly constructed and uses an encryption method that can be defeated without using the decryptor keys. However, the malicious actors did not get everything wrong: ESET researcher Lukáš Štefanko gave it kudos for its ability to spread.
Threatpost talks to Jacob Serpa with Bitglass about how more enterprises are struggling with a cloud security conundrum when it comes to public cloud vs on prem. With the increasing popularity of bring-your-own-device (BYOD) policies and public cloud offerings, enterprises are moving from on-premises applications to cloud apps – but they still lack faith in cloud security.
