Penetration Testing Archive
On October 10, Sotheby’s Home discovered it had become a victim of the ‘Magecart’ hacking technique. ‘Magecart’ refers to a toolkit of malicious software deployed by multiple criminal hacker groups that intercept payment card information when a user attempts to …
Do you take your coffee black or regular? Do you remember when it was “time to make the donuts”? These are sweet memories. Unfortunately, recent events leave a more bitter taste. On October 31, Dunkin’ Donuts, the coffee and donut …
Last August, a 16-year-old teen, hailing from Melbourne, Australia, took a bite out of Apple. The savvy kid hacked Apple’s servers and stole 90GB of secure files. Upon arrest, the cyber criminal told the police he did it because he loves the …
According to the Trump administration, Healthcare.gov, the portal for the Affordable Care Act, has been hacked, compromising 75,000 consumer files. This represents only a small number of the nearly 12 million people enrolled in Obamacare but try telling that to …
According to the Johns Hopkins University School of Medicine CISO, Darren Lacey, use of third-party patient services in health care centers will pose cyber risks for years. Speaking at the recent HIMSS (Healthcare Information and Management Systems Society) Healthcare Security …
GM (General Motors) is bringing in professional hackers to look for vulnerabilities in its vehicles’ computer systems. The ‘white hat’ hackers are being lured with the promise of cash payments, or ‘bounties’, for each bug they uncover. “We’ll show them …
In two weeks, the September 3 deadline will be upon us. This is when the 18-month transitional period of the NYDFS (New York State Department of Financial Services) Cybersecurity Regulation will end, requiring organizations to be compliant with Section 500.08 Application Security. There is still time to make final adjustments and prepare your organization …
Matanuska-Susitna, an Alaskan borough just north of Anchorage, declared disaster last month after its systems were infected with various strains of malware. The attack was reportedly multi-vectored, comprising the Emotet Trojan horse, BitPaymer ransomware, and a cyber criminal hacking into …
On August 1, 2018 the US Department of Justice announced that three high-ranking members of the Eastern European “FIN7” cyber crime group were in custody for their role in attacking more than 100 US companies. Since 2015, FIN7 has been …
Russian threat intelligence organization Group-IB has warned that the Cobalt gang, which was responsible for stealing up to $1.2 billion from banks across the globe, has re-emerged. The gang is known for its carefully orchestrated attacks that combine phishing scams and ‘jackpotting’, in which malware dispenses …
