network-security-mesh
Featured Technology

Security firm Rapid7 says Codecov hackers accessed some of its source code

Boston-based security firm Rapid7 disclosed today that a threat actor accessed some of its source code after a hack at software supplier Codecov earlier this year.

WeLeakInfo
Cybercrime Featured

Operator of WeLeakInfo database marketplace sentenced to two years in prison

One of the three operators of WeLeakInfo, a website that sold access to hacked databases, was sentenced today in the Netherlands to two years in prison, with one year suspended.

DBIR
Cybercrime Featured Nation-state

The rebellious origins of cybersecurity’s wittiest, must-read report

The idea that would become the world’s wittiest cybersecurity report was born in the mind of Wade Baker, then a Security Risk Management consultant at a forgotten firm called Cybertrust. It was the mid-aughts, Baker recalls, when he overheard one of the firm’s incident responders talking about patterns he kept uncovering during breach investigations. That’s when it occurred to Baker that the firm’s investigative arm might have access to the exact information he felt was lacking in the cybersecurity industry. Why not use Cybertrust’s incident responders to collect data on the x’s and o’s of cyber intrusions?

Night world
Featured Government Nation-state

Lawmakers start a push for new breach notification rules after SolarWinds attack

For more than a decade, policymakers on Capitol Hill have repeatedly tried and failed to pass meaningful federal data breach notification laws that would require companies to share details about cybersecurity incidents that they experience. As a result, organizations have to comply with a patchwork of more than 50 notification laws for each state and territory in the U.S. However, a group of lawmakers are pushing colleagues and business associations to revisit these efforts, arguing that recent incidents have highlighted how the lack of mandatory reporting rules makes it harder to detect and respond to major incidents…

source-code-git
Featured Technology

Codecov discloses 2.5-month-long supply chain attack

Codecov, a software company that provides code testing and code statistics solutions, disclosed on Thursday a major security breach after a threat actor managed to breach its platform and add a credentials harvester to one of its tools.

cryptocurrency blockchain bitcoin
Cybercrime Featured Technology

Hackers move $760 million from the 2016 Bitfinex hack

More than $760 million worth of Bitcoin stolen from cryptocurrency exchange Bitfinex in 2016 have been moved on Wednesday to new accounts.

LinkedIn
Cybercrime Featured Technology

LinkedIn denies 500 million user data breach

LinkedIn has formally denied a rumor that it suffered a devastating security breach that exposed the account details of more than 500 million of its registered users.

Ubiquiti
Featured Technology

Ubiquiti confirms it was the target of an extortion attempt, but nothing more

Networking equipment and IoT device vendor Ubiquiti Networks released a statement late last night confirming some of the details exposed

Booking.com
Featured Government Privacy

Booking.com fined €475,000 for reporting data breach too late

The Dutch Data Protection Authority has fined hotel booking website Booking.com €475,000 ($560,000) for reporting a security incident 22 days after it happened, in breach of EU GDPR regulations that dictate that all breaches must be disclosed within 72 hours.

car park
Cybercrime Featured

Data for 7.3 million Dutch car owners sold on hacking forum

RDC, a Dutch company that provides garage and maintenance services to Dutch car owners, has confirmed a data breach earlier today after the personal and vehicle details of millions of Dutch car owners were posted for sale on a well-known cybercrime forum.