Cyberattacks against gamers have increased during the coronavirus pandemic, according a report from cloud services company Akamai, which detailed that hackers attempted almost 10 billion credential-stuffing attacks to take over accounts. Akamai security researcher Steve Ragan, who wrote the report, noted that, “as games move online and leverage cloud infrastructure and cross-platform and cross-generation play, that’s an attack surface.” “The bigger the attack surface, the more room [hackers] have to play,” he added. Continue reading Akamai Reports a Rise in Game Hacking During the Pandemic

On August 1, security research firm Comparitech, led by Bob Diachenko, discovered a massive data leak of nearly 235 million Instagram, TikTok and YouTube user profiles. The leak was due to an unsecured database, which is quickly becoming a widespread cause of similar breaches. An audit of the dark web found about 15 billion stolen logins from 100,000 such unsecured database breaches. The data leak discovered by Diachenko and his team was spread across several datasets, including two of 100 million each of Instagram users. Continue reading Unsecured Databases Leak 235 Million Social Media Profiles

Many cybersecurity experts believe the current anti-hacking law, the 1986 Computer Fraud and Abuse Act (CFAA), is woefully out of date and applied too broadly by prosecutors and law enforcement. The Supreme Court is now taking another look at the law with a case in which a former Georgia police officer, Nathan Van Buren, was convicted in 2017 after allegedly selling information from a police database to an acquaintance for $6,000. Stanford University law professor Jeffrey L. Fisher is the lead attorney in the case. Continue reading Supreme Court Will Review Computer Fraud and Abuse Act

The Cyberspace Solarium Commission released a report based on a months-long study that showed the U.S. government’s lack of ability to block cyber threats. The Commission lists 75 recommendations for major structural changes, including the creation of Congressional committees dedicated to cybersecurity and a White House-based national cybersecurity director to be confirmed by the Senate. The report is blunt in its assessment that the U.S. government’s current approach to cyberattacks is “fundamentally flawed.” Continue reading Commission Finds U.S. Is Unprepared for Major Cyberattacks

Hackers likely associated with the Chinese government broke into at least 10 global telecom carriers, stealing call logs, users’ locations and text-messaging records, according to a report from Boston-based Cybereason. The cybersecurity firm spent 2018 scrutinizing a multi-year, ongoing campaign, suspected to be directed by China and aimed at 20 military officials, spies, law enforcement and dissidents in Africa, Asia, Europe and the Middle East. Cybereason believes the recent hacks point to Chinese group APT10. Continue reading Report: Suspected Chinese Hackers Target Global Telecoms

News site 9to5Mac reported that Apple’s FaceTime app, which places audio/video calls over the Internet, had a significant bug: an iPhone user could call another iPhone user and eavesdrop on that person’s conversation through the phone’s microphone — even if the call recipient doesn’t answer the call. The bug was actually discovered a full week before Apple disabled Group FaceTime and stated that it was working to fix it. In that gap, a developer discovered the bug, which was reported in 9to5Mac. Security researchers have dubbed the glitch FacePalm. Continue reading Experts Question Apple’s Security in Light of FaceTime Bug

Cyber criminals recently hacked the municipal computers of Rockport, Maine, demanding $1,200 in Bitcoin to unlock them. That’s just one example of a surge of ransomware aimed at municipal computer systems, both large and small, including the city of Atlanta and a St. Louis library system. According to Ponemon Institute, an information systems research firm, these kinds of public sector hacks are increasing faster than those on private ones. City officials are often unprepared to deal with the consequences. Continue reading Municipalities Increasingly Targeted for Ransomware Attacks

While businesses are continuing efforts to protect their data and combat outside hackers, many are facing data theft by their own employees. A survey of 208 organizations by Accenture Plc and HfS Research found that 69 percent “experienced an attempted or realized data theft or corruption by corporate insiders” over the past year. That compares to 57 percent from external sources. Media and tech firms and Asia-Pacific enterprises reported the highest rates, notes Bloomberg. According to Accenture chief strategy officer Omar Abbosh, businesses are spending about $84 billion annually to combat data theft that costs them $2 trillion, “damage that could rise to $90 trillion a year by 2030 if current trends continue.” Continue reading Accenture Study: Companies Experiencing Insider Data Theft