Former Uber Security Chief Found Guilty of Data Breach Coverup
A U.S. federal court jury has found former Uber Chief Security Officer Joseph Sullivan guilty of not disclosing a 2016 breach of customer and driver records to regulators and attempting…
RIG Exploit Kit Now Infects Victims’ PCs With Dridex Instead of Raccoon Stealer
The operators behind the Rig Exploit Kit have swapped the Raccoon Stealer malware for the Dridex financial trojan as part of an ongoing campaign that commenced in January 2022. The…
Former Amazon Employee Found Guilty in 2019 Capital One Data Breach
A 36-year-old former Amazon employee was convicted of wire fraud and computer intrusions in the U.S. for her role in the theft of personal data of no fewer than 100 million people in the 2019…
How Secrets Lurking in Source Code Lead to Major Breaches
If one word could sum up the 2021 infosecurity year (well, actually three), it would be these: “supply chain attack”. A software supply chain attack happens when hackers manipulate the code in third-party software components…
GitHub Notifies Victims Whose Private Data Was Accessed Using OAuth Tokens
GitHub on Monday noted that it had notified all victims of an attack campaign, which involved an unauthorized party downloading private repository contents by taking advantage of third-party OAuth user tokens maintained by Heroku and…