“Fool me once, shame on you. Fool me twice, shame on me,” as the saying goes. Unfortunately, Google has now been fooled by the same trick twice. For the second time in recent years, Google has allowed a malicious variant of the popular extension “AdBlock Plus” onto its Chrome Web Store. It was noticed by a security researcher going by the alias “SwiftOnSecurity.” Before Google removed it, it had been installed more than 37,000 times by unsuspecting users. This incident underscores a … Read more
New Hack Attempts To Access Office 365 Passwords
Companies are getting better at detecting and fending off brute force attacks. Depending on how big, and how hard-hitting the attack is, it can still get through, of course, but the main problem with such an attack is that it’s impossible to miss. The moment it starts, security professionals know what’s going on, and can immediately spring into action. Of course, the hackers know this, and have been looking for ways around the problem. How can they launch an attack that will go … Read more
2012 Disqus Hack Exposed More Than 17 Million Users
The hits just keep coming, with Disqus being the latest company to issue a breach disclosure. If you’ve never heard of it, Disqus is an incredibly popular, plugin-based comment service for blogs. Although the breach was only just discovered, it occurred five years ago in July 2012 and impacted more than 17.5 million users. Evidence of the breach was initially discovered by an independent security researcher named Troy Hunt. It was then reported to the company and disclosed 24 hours later … Read more
The IRS Awards Security Contract To Equifax Even After Hack
You’ve probably heard about Equifax’s recent troubles. More than 145 million consumer data files were exposed, including names, addresses, social security numbers and more. The problem was viewed as so serious that Equifax’s CEO stepped down and congressional hearings were launched, but then, a funny thing happened. Equifax got awarded a no-bid government contract worth millions ($7.25 million, to be exact) to help the IRS verify taxpayer identities in order to prevent fraud. One might … Read more
Sonic Drive-In Latest Company With Credit Card Breach
Another week, another data breach, and this time, popular fast food chain Sonic found itself in the crosshairs. The breach came to light when a Brian Krebs, a journalist for Infosec, spotted a large batch of credit card data for sale on an underground website. IBM’s “X-Force” division confirmed Krebs’ findings, and later that same day, Sonic confirmed the report, offering all of its customers two years of free fraud and identity theft protection. At this point, the company has released … Read more
WiFi Security Flaw Affects Millions Of Users And Devices
Security researchers have found a new critical security flaw dubbed “Krack” (Key Reinstallation Attacks) that affects literally every WiFi router and smart phone in use today. The reason? The security flaw resides in the WiFi standard itself, rather than in a third-party product. In addition to being vast in scope and scale, Krack is a particularly nasty, versatile flaw, allowing hackers to intercept credit card numbers, passwords, photos and a whole host of sensitive personal … Read more
