Hacker attack compromised data of over 800,000 postal workers
There are multiple reports that the United Stated Postal Service suffered a security breach into its computer networks, resulting in the possible theft of data affecting as many as 800,000 employees and retirees. Personal data such as Social Security numbers may have been stolen in the breach, and though officials aren't saying who they think is responsible, the general consensus is that China is behind the attacks.
Software security makers are suddenly hot acquisition targets
One of the names that always comes up when discussing free antivirus software is AVG Technologies. The company also offers a line of paid products for those who want more robust protection and features, and after 13 years in the business, has built up a market capitalization of around $930 million. AVG's also made itself attractive to suitors -- it's being reported that potential buyers have approached AVG amid a wave of deals for security software makers.
Security's become a sensitive subject ever since former NSA contractor Edward Snowden blew the whistle on the U.S. government's spying shenanigans, and if you don't fancy wearing a tinfoil hat, you might be interested in Patriot Memory's latest storage device. To begin with, Patriot's new Supersonic Bolt XT flash drive family boasts built-in FIPS 197 compliant hardware-based 256-bit AES data encryption.
We don't know if it's something in the Starbucks lattes in Silicon Valley or what, but all of a sudden companies are either announcing breakups or exploring whether or not to spin-off a division. Auction site eBay recently announced that it plans to give Paypal a set of wings and let it fly solo, and then Hewlett-Packard decided that it too was ready for a split (between its PC and printer businesses). Now there's talk that Symantec is considering a breakup as well.
Opt for full disclosure in bid to goad manufacturers into taking flaw seriously
At this year’s Black Hat Conference, Security Research Labs researchers Karsten Nohl and Jakob Lell, warned of a serious flaw in USB devices that they dubbed “BadUSB.” The flaw, which can be used to reprogram otherwise harmless USB devices to wreak havoc by impersonating other USB devices (say a keyboard or a network card), remains unfixed to this day, fully living up to both its name and reputation in the two months since it first came to light. Meanwhile, two other researchers, Adam Caudill and Brandon Wilson, who recently managed to reverse engineer the same firmware as the SR Labs folks, have published the attack code online.
A cyberattack on JPMorgan Chase & Co., the largest bank in the U.S., impacted around 76 million homes and 7 million small businesses, the company revealed in a filing with the Securities and Exchange Commission this week. Compromised data includes user contact information, including names, addresses ,phone numbers, email addresses, and internal JPMorgan information relating to 83 million users.
Security researchers have discovered a major security bug in the Unix shell known as Bash (Bourne-again shell), one of the most commonly used utilities in Linux and one that could potentially affect a great number of Unix and Linux web servers. By exploiting the newly discovered vulnerability, an attacker can take complete control of the system and/or execute shell commands that could make a server vulnerable to even more threats.
Twitch, the popular videogame streaming site recently acquired by Amazon, is being used to propagate malware that specifically targets Steam users, security firm F-Secure revealed in a blog post Friday. Gullible Steam users are being lured into clicking a malicious link contained in bot-sent raffle invites on Twitch that promise them the opportunity to win such prizes as Counter-Strike: Global Offensive items. On the other side of that link, there is usually a Java program asking for some basic personal info, a congratulatory message, a malicious Windows binary file, and an empty Steam wallet.
If you used a credit or debit card at Home Depot since April, you information may be compromised
Home Depot this week confirmed that its payment data systems have been breached in an attack that may potentially impact customers who used a payment card at its U.S. and Canadian stores dating back to April. The home improvement chain isn't saying how many people might be affected, though according to various reports around the web, this could be one of the largest breaches of retailer data so far.
Android continues to be a popular target in mobile
Security outfit F-Secure released its Threat Report for the first half of 2014, and in it the company highlights an increase in online attacks that lock up user data and hold it for ransom. This rising trend in "ransomware," as it's called, is even prevalent on mobile devices, most notably Android, which was the target of 294 of the 295 new threat families F-Secure discovered, with the only other taking aim at iOS.