What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2017-12-12 15:31:05 | Podcast: will Uber\'s Florida Man Problem chill Bug Bounties? (lien direct) | In our latest podcast: the ride sharing firm Uber finds itself on the wrong side of a Florida Man story after paying $100,000 in hush money to a man from The Sunshine State who stole information on 57 million Uber customers. We speak with Katie Moussouris about how the company’s actions could affect the future of the young vulnerability...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/509894038/0/thesecurityledger -->»
|
Uber | ||
|
2017-12-10 17:04:28 | MY TAKE: What the Uber hack tells us about fresh attack vectors created by the rise of DevOps (lien direct) | Dissecting the root cause of Uber's catastrophic data breach is a worthwhile exercise. Diving one level deeper into the scenario that led up to the popular ride-hailing service losing personal data for 50 million passengers and seven million drivers shows us why this particular type of hack is likely to recur many more times in […] | Uber | ||
 |
2017-12-08 14:00:00 | Things I Hearted this Week – 8th December 2017 (lien direct) | I’ve been spending a couple of days this week at the SANS EU Security awareness summit which has featured some exceptionally good speakers. Dr. Jessica Barker was the opening keynote and made some great points about optimism and how positive reinforcement is a far better motivator in security than the usual negativity. As I’m one that likes to take on board good ideas and implement them as quickly as possible – today’s wrap up will feature an optimistic and bright tone. So, put on your rose tinted glasses, sit back, and enjoy this week’s wrap up. Uber invests in Florida youth A hacker only identified as a 20-year old Florida man, was apparently behind the Uber breach a year ago. Uber was so grateful it awarded him $100,000 via HackerOne bug bounty platform, but wanted to keep its act of philanthropy quiet. No word on whether the youth will spend the money on an orphanage or an animal shelter, but we are hopeful. Uber hacked by a 20-year-old man in the US | Computer Weekly Uber paid 20-year-old man to hide hack, destroy data | ZDNet Three Uber security managers resign after CEO criticizes practices | Reuters $60m in bitcoin shared The days of Robin Hood aren’t over. Over $60m in cryptocurrency has been involuntarily redistributed after hackers bloke into Slovenian-based bitcoin mining marketplace NiceHash. More than $60 million worth of bitcoin potentially stolen after hack on cryptocurrency site | CNBC Bitcoin: $64m in cryptocurrency stolen in 'sophisticated' hack, exchange says | The Guardian $60m Bitcoin heist potentially hits cryptocurrency mining site | CBRonline Three ways to improve cybersecurity maturity I really like the name, “The Rochford Files” which is the contributed blog by Oliver Rochford on CSO. Keeping in tune with my optimistic theme, the subtitle is “here’s what’s holding us back” – but I’d rather rephrase it as “Here are our greatest opportunities”. 3 common cybersecurity maturity failings Predictions It’s that time of year for everyone to collectively gaze into crystal balls and predict what the new year will bring. I jumped onto the bandwagon myself and boldly made some predictions. The good thing about the future though is that it never comes, so you can never be proven wrong! Six Cybersecurity Predictions for The Year Ahead | AlienVault | Guideline | Uber | |
 |
2017-12-07 17:14:24 | Uber paid 20-year-old Florida hacker $100000 to keep data breach secret (lien direct) | >Uber paid hackers to keep data breach secret, says sources Uber, the ride-hailing smartphone app, suffered a data breach last year in which over 57 million customers and 600,000 drivers had their personal information stolen by a 20-year-old hacker from Florida. Now, in a statement released on the 2016 attack, Uber said that it paid […] | Uber | ||
 |
2017-12-07 10:15:22 | Uber paid 20-year-old man to hide hack, destroy data (lien direct) | A hacker from Florida was allegedly paid $100,000 to keep his mouth shut and delete stolen user data. | Uber | ||
 |
2017-12-07 07:00:56 | Uber hacked by a 20-year-old man in the US (lien direct) | Uber was reportedly hacked by a 20-year-old man living with his mother in a small home trying to help pay the bills, according to various unnamed sources | Uber | ||
 |
2017-12-06 23:49:31 | Uber Paid 20-Year-Old Florida Hacker $100,000 to Keep Data Breach Secret (lien direct) | Last year, Uber received an email from an anonymous person demanding money in exchange for the stolen user database.
It turns out that a 20-year-old Florida man, with the help of another, breached Uber's system last year and was paid a huge amount by the company to destroy the data and keep the incident secret.
Just last week, Uber announced that a massive data breach in October 2016 exposed
|
Uber | ||
 |
2017-12-06 21:00:11 | STEALTHbits re PayPal\'s Discovery Of TIO Data Breach (Contrasting With Uber) (lien direct) | The ISBuzz Post: This Post STEALTHbits re PayPal’s Discovery Of TIO Data Breach (Contrasting With Uber) | Uber | ||
 |
2017-12-05 15:37:15 | LA Sues Uber (lien direct) | >The City of LA has sued Uber, for failing to inform the public about a breach that occured 2 years ago. Read Full Story ORIGINAL SOURCE: OC Register | Uber | ||
 |
2017-12-01 18:42:44 | Senators Propose New Breach Notification Law (lien direct) | Senators Propose New Data Protection Bill Following Equifax and Uber Breaches | Equifax Uber | ||
|
2017-12-01 14:00:00 | Things I Hearted this Week – 1st December 2017 (lien direct) |
Welcome back after a week’s hiatus to give people time to be thankful for all the good in their life. The best things in life: SIEM and log management, crowd-based threat intelligence, vulnerability assessment, asset discovery, and intrusion detection.
I am Root
Apple found itself in the headlines as it was revealed that anyone could log in with root credentials without a password. I’m sure employees Geniuses at Apple stores were delighted with customers trying out the hack on display units.
While many experts bemoaned the irresponsible disclosure of the vulnerability, it was apparently known on the Apple developer forums and thought of more as a bug.
Perhaps one of the most impressive aspects of this debacle was how quickly Apple turned it around and issued a patch within a day. I don’t know what they put in their coffee at Apple HQ, but I’ll have two!
Anyone can hack MacOS High Sierra just by typing “root”. | Wired
New security update fixes macOS root bug | ars Technica
Apple releases update to fix critical macOS High Sierra security issue | The Verge
Portable Faraday Cage
This story caught my attention because of its simplicity. A man in Australia was sacked from his job after it was discovered the 60-year old electrician blocked his whereabouts by storing his personal digital assistant, that has a GPS inside, in an empty foil packet of Twisties, a puffy cheese-based snack that is popular in Australia.
I can only imagine how the prosecution kept a straight face claiming the man was using an elaborate Faraday cage while holding up an empty packet of crisps (chips).
Employee used crisp packet as ‘Faraday cage’ to hide his whereabouts during work | Telegraph
Net Neutrality
Net neutrality is a hot topic at the moment, there are some strong proponents and a lot of dialogue ongoing. To coin a phrase, everything is fair in love, war, and online comments.
Jeff Kao used natural language processing techniques to analyse net neutrality comments submitted to the FCC from April-October 2017 – and at the risk of sounding like a Buzzfeed article – the results were pretty disturbing.
More than a Million Pro-Repeal Net Neutrality Comments were Likely Faked | Hackernoon
Holiday Cybersecurity guide
The lovable reprobate Rob Graham posted a great guide for anyone visiting relatives during the holidays, and what you can do to help them become more secure.
It’s a very decent list that’s worth checking out.
Your holiday cybersecurity guide | Errata Security
Uber breach
Ride share company Uber |
Uber | ||
|
2017-11-30 19:00:40 | Uber Reveals 2.7 Million British Users Hit By Data Breach (lien direct) | The ISBuzz Post: This Post Uber Reveals 2.7 Million British Users Hit By Data Breach | Uber | ||
|
2017-11-30 11:42:14 | Uber says 2.7 MEEELLION(ish) UK users affected by hack (lien direct) | >Uber has finally come up with a figure for the number of UK-based riders and drivers affected by its massive data breach: 2.7 million. The taxi hire firm has been slammed by regulators around the world for keeping the hack, which happened in October 2016, quiet for the best part of a year. To make matters ... | Uber | ★★★★★ | |
|
2017-11-30 03:37:38 | Court Investigating Whether Uber Connived to Cover its Tracks (lien direct) | 
Uber, the ride-sharing giant hit with a number of scandals in recent months, is now suspected of operating a program to hide nefarious tactics.
|
Uber | ||
|
2017-11-29 15:13:11 | Podcast: Uber Breach Puts Focus on Securing DevOps Secrets (lien direct) | The hack of Uber and the loss of information on 57 million customers is just the latest security incident stemming from what our guest Elizabeth Lawler calls “DevOps secrets” – valuable credentials, APIs and other sensitive information that often end up exposed to the public as a result of lax continuous development operations....Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/502274886/0/thesecurityledger -->»
|
Uber | ||
 |
2017-11-29 13:32:46 | Uber says 2.7m Brits hit by breach that was covered up (lien direct) | The breach, which happened in 2016 and which was covered up by the firm, was only revealed this month. | Uber | ||
 |
2017-11-29 12:00:00 | Tech Talk: Uber hack, Google tracks, AWS packs (in China) ... and Firefox is back (lien direct) | Our tech panel looks at how Uber (secretly) handled last year's hack and the controversy around Google's decision to track Android users' locations. Then it's time to discuss why AWS is selling off hardware in China and what Mozilla is up to with its new Firefox Quantum. | Uber | ||
|
2017-11-29 11:40:27 | Uber breach affected 2.7 million Britons (lien direct) | Last year's data breach, which saw the details of 57 million accounts compromised, affected about 2.7 million accounts in the UK | Uber | ||
|
2017-11-28 15:34:46 | Majority of Android Apps Contain Embedded User-Tracking: Report (lien direct) | Seventy-five percent of 300 Android apps tested by Exodus Privacy and analyzed by the Yale Privacy Lab contain embedded trackers, including Uber, Tinder, Skype, Twitter, Spotify and Snapchat. The trackers are primarily used for targeted advertising, behavioral analytics and location tracking. They come as part of the app, and their presence and operation is likely unknown to the user at the time of installation. | Uber | ||
|
2017-11-27 21:50:47 | MY TAKE: Why Uber\'s flaunting of disclosure laws should ignite security regulations (lien direct) | Think it was a mere coincidence that Uber disclosed its catastrophic data breach on the Tuesday before Thanksgiving? Fat chance. Uber's new CEO Dara Khosrowshahi almost certainly calculated the diminished notoriety to be gained by announcing the hack on the eve of the year's most distraction-packed, four-day weekend. Related article: The implications of Deloitte breach […] | Deloitte Uber | ||
 |
2017-11-27 19:25:39 | Week in security (November 20 – November 26) (lien direct) |
Learn what happened in the world of security during the week of November 20 to November 26.
Categories:
Security world
Week in security
Tags: bitcoinsfacebookimgurImgur breachKRACKmac malwareOSX.ProtonsecurityTerdot TrojantrojanUber breachweek in security
(Read more...)
|
Uber | ||
 |
2017-11-27 16:40:00 | Uber\'s Security Slip-ups: What Went Wrong (lien direct) | The ride-sharing company's decisions leading to a 2016 data breach and its handling of the incident should serve as a cautionary tale for enterprises facing a breach. | Guideline | Uber | |
 |
2017-11-27 08:37:32 | Imgur avoue lui aussi s\'être fait piraté en 2014 (lien direct) |  Décidément, c'est la saisons des aveux pour les sociétés du Web. A peine quelques jours après l'annonce fracassante du piratage de Uber, voici que Imgur avoue une brèche et un vol de donnée datant de 2014. |
Uber | ||
 |
2017-11-25 10:51:10 | Imgur was hacked in 2014, 1.7 million user accounts were compromised (lien direct) | >Imgur, the popular image sharing service, confirms email addresses and passwords were stolen in a security breach occurred in 2014. Are you an Imgur user? News of the day it that the popular image sharing service Imgur was hacked in 2014, the incident was confirmed by the company a few days after Uber admitted to have concealed […] | Uber | ||
|
2017-11-25 00:29:30 | Imgur-Popular Image Sharing Site Was Hacked In 2014; Passwords Compromised (lien direct) | Only after a few days of Uber admitting last year's data breach of 57 million customers, the popular image sharing site disclosed that it had suffered a major data breach in 2014 that compromised email addresses and passwords of 1.7 million user accounts.
In a blog post published on Friday, Imgur claimed that the company had been notified of a three-year-old data breach on November 23 when a
|
Uber | ||
 |
2017-11-24 13:57:42 | Uber Takes Cloud Security For A Ride (lien direct) | >Cloud security has had a rough ride of it recently, and this past week its driver was the $68bn global transportation company, Uber. Earlier this week, it was revealed that the personal details of Uber's 57 million drivers and had been stolen back in 2016. The company then made matters worse by not reporting the […] | Uber | ||
|
2017-11-23 11:33:06 | Uber Paid Hackers To Hide 57 Million User Data Breach (lien direct) |  Uber is not known for it's high level of ethics, but it turns out Uber paid hackers to not go public with the fact they'd breached 57 Million accounts – which is a very shady thing to do. Getting hacked is one thing (usually someone f*cked up), but choosing as a company to systematically cover up a breach to the tune of $100,000 – that's just wrong.
57 Million is a fairly significant number as well with Uber having around 40 Million monthly users, of course, it's not the scale of Equifax with 143 Million (or more).
Read the rest of Uber Paid Hackers To Hide 57 Million User Data Breach now! Only available at Darknet.
|
Equifax Uber | ||
 |
2017-11-23 01:31:13 | Don Jr.: I\'ll bite (lien direct) | So Don Jr. tweets the following, which is an excellent troll. So I thought I'd bite. The reason is I just got through debunk Democrat claims about NetNeutrality, so it seems like a good time to balance things out and debunk Trump nonsense.The issue here is not which side is right. The issue here is whether you stand for truth, or whether you'll seize any factoid that appears to support your side, regardless of the truthfulness of it. The ACLU obviously chose falsehoods, as I documented. In the following tweet, Don Jr. does the same.It's a preview of the hyperpartisan debates are you are likely to have across the dinner table tomorrow, which each side trying to outdo the other in the false-hoods they'll claim.Need something to discuss over #Thanksgiving dinner? Try thisStock markets at all time highsLowest jobless claims since 736 TRILLION added to economy since Election1.5M fewer people on food stampsConsumer confidence through roof Lowest Unemployment rate in 17 years #maga- Donald Trump Jr. (@DonaldJTrumpJr) November 23, 2017What we see in this number is a steady trend of these statistics since the Great Recession, with no evidence in the graphs showing how Trump has influenced these numbers, one way or the other.Stock markets at all time highsThis is true, but it's obviously not due to Trump. The stock markers have been steadily rising since the Great Recession. Trump has done nothing substantive to change the market trajectory. Also, he hasn't inspired the market to change it's direction. To be fair to Don Jr., we've all been crediting (or blaming) presidents for changes in the stock market despite the fact they have almost no influence over it. Presidents don't run the economy, it's an inappropriate conceit. The most influence they've had is in harming it.Lowest jobless claims since 73Again, let's graph this: As we can see, jobless claims have been on a smooth downward trajectory since the Great Recession. It's difficult to see here how President Trump has influenced these numbers.6 Trillion added to the economyWhat he's referring to is that assets have risen in value, like the stock market, homes, gold, and even Bitcoin.But this is a well known fallacy known as Mercantilism, believing the "economy" is measure |
Uber | ||
|
2017-11-22 23:03:43 | Uber Hack (lien direct) | The ISBuzz Post: This Post Uber Hack | Uber | ||
|
2017-11-22 18:52:34 | Uber in Legal Crosshairs Over Hack Cover-up (lien direct) | Two US states on Wednesday confirmed they are investigating Uber's cover-up of a hack at the ride-sharing giant that compromised the personal information of 57 million users and drivers. | Uber | ||
 |
2017-11-22 16:30:57 | NBlog November 22 - A to Z of social engineering controls (lien direct) |  I didn't quite finish the A-to-Z on social engineering methods yesterday as planned but that's OK, it's coming along nicely and we're still on track. I found myself dipping back into the A-to-Z on scams, con-tricks and frauds for inspiration or to make little changes, and moving forward to sketch rough notes on the third and final part of our hot new security awareness trilogy: an A-to-Z on the controls and countermeasures against social engineering. Writing that is my main task for today, and all three pieces are now progressing in parallel as a coherent suite.It's no blockbuster but I have a good feeling about this, and encouraging feedback from readers who took me up on my offer of a free copy of the first part.Along the way, a distinctive new style and format has evolved for the A-to-Zs, using big red drop caps to emphasize the first item under each letter of the alphabet. I've created and saved a Word template to make it easier and quicker to write A-to-Zs in future - a handy tip, that, for those of you who are singing along at home, writing your own awareness and training content.I'd like to include some graphics and examples to illustrate them and lighten them up a bit, but with the deadline fast approaching that may have to wait until they are next updated. Getting the entire awareness module across the line by December 1st comes first, which limits the amount of tweaking time I can afford - arguably a good thing as I find this topic fascinating, and I could easily prepare much more than is strictly necessary for awareness purposes. Aside from that, the release of an updated OWASP top 10 list of application security controls prompted me to update our information security glossary with a couple of new definitions, and a radio NZ program about a book fair in Edinburgh (!) prompted me to explain improv sessions as a creative suggestion for the train-the-trainer guide for the social engineering module. |
Uber | ||
|
2017-11-22 15:52:08 | Should Uber Users be Worried About Data Hack? (lien direct) | 
|
Uber | ||
|
2017-11-22 15:00:00 | Time to Pull an Uber and Disclose your Data Breach Now (lien direct) | There is never a good time to reveal a cyber attack. But with EU's GDPR looming, the fallout is only going to get harder and more expensive if you wait. | Uber | ||
|
2017-11-22 13:20:00 | Uber Paid Hackers $100K to Conceal 2016 Data Breach (lien direct) | The ride-sharing company has confirmed an October 2016 data breach that compromised 57 million accounts. | Uber | ||
 |
2017-11-22 12:45:50 | Uber s\'est fait pirater les données de 57 millions d\'utilisateurs... mais l\'a caché pendant un an (lien direct) | L'entreprise aurait payé 100.000 dollars aux hackers pour qu'ils gardent le silence. Une idée qui provenait du responsable de la sécurité informatique, qui a depuis été licencié.  |
Uber | ||
|
2017-11-22 10:56:27 | (Déjà vu) Uber Concealed Massive Data Breach in 2016 (lien direct) | >It has been reported that Uber has concealed a massive data breach that affected 57 million customers. The breach occurred in 2016, and instead of disclosing the breach to the relevant authorities, the company paid the hackers $100,00 to delete the data. Read Full Story ORIGINAL SOURCE: BBC | Uber | ★★ | |
|
2017-11-22 10:55:47 | UK regulator has \'huge concerns\' over Uber breach (lien direct) | A data breach affecting 57 million customers and drivers should not have been concealed, the information commissioner says. | Uber | ||
 |
2017-11-22 10:03:03 | Uber Leak : Réaction de Malwarebytes (lien direct) | Suite au piratage survenu chez Uber et au vol de de données concernant 57 million d'utilisateurs, je vous adresse ci-après la réaction de Jérôme Segura, Lead Malware Intelligence Analyst chez Malwarebytes. " Ce que nous savons jusqu' à présent, c'est que les pirates ont réussi à accéder à des comptes GitHub privés contenant les identifiants et les mots de passe de certains développeurs d'Uber. (*) Grâce à ces informations, ils ont pu se connecter aux serveurs d'Amazon (utilisés par Uber), y télécharger des (...) - Marchés | Guideline | Uber | |
|
2017-11-22 08:56:20 | Unbelievable: Uber concealed data breach that exposed 57 Million records in 2016 (lien direct) | >Unbelievable: Uber concealed data breach that exposed 57 Million records in 2016 and paid hackers to delete stolen records. Uber CEO Dara Khosrowshahi announced on Tuesday that hackers broke into the company database and accessed the personal data of 57 million of its users, the bad news is that the company covered up the hack […] | Uber | ||
|
2017-11-22 08:23:03 | Uber révèle avoir été piraté en 2016, 57 millions d\'utilisateurs touchés ! (lien direct) |  Mauvaise nouvelle ! Le PDG d'Uber a avoué mardi qu'une cyberattaque d'envergure avait été dissimulée fin 2016. Le bilan est pourtant lourd : ce sont les données de 57 millions d'utilisateurs / chauffeurs à travers le monde qui ont été piratées. |
Uber | ||
 |
2017-11-22 05:40:13 | Uber Reveals 2016 Breach of 57 Million User Accounts (lien direct) | Uber CEO said a 2016 data breach that exposed 57 million Uber user accounts and a subsequent payment of $100,000 to a hacker to delete data and keep it a secret is inexcusable. | Uber | ★★★★ | |
|
2017-11-22 05:30:12 | Uber recognises need for consumer trust after breach cover up (lien direct) | New Uber leadership has recognised the importance of consumer trust and that they never should have attempted to cover up a 2016 data breach that affected millions of customers and drivers | Guideline | Uber | |
|
2017-11-22 01:38:22 | After Getting Hacked, Uber Paid Hackers $100,000 to Keep Data Breach Secret (lien direct) | Uber is in headlines once again-this time for concealing last year's data breach that exposed personal data of 57 million customers and drivers.
On Tuesday, Uber announced that the company suffered a massive data breach in October 2016 that exposed names, e-mail addresses and phone numbers of 57 million Uber riders and drivers along with driver license numbers of around 600,000 drivers.
|
Uber | ||
|
2017-11-22 00:46:15 | Uber Hacked: Information of 57 Million Users Accessed in Covered-Up Breach (lien direct) |
Uber Covered Up Massive Hack in 2016 for More Than a Year
|
Uber | ||
 |
2017-11-21 23:34:10 | (Déjà vu) Uber paid hackers $100,000 to keep data breach quiet (lien direct) |  |
Uber | ||
 |
2017-11-21 22:53:04 | Uber Reportedly Paid Hackers $100K to Conceal Data Breach Impacting 57M Users (lien direct) | >A massive breach impacting 57 million Uber customers and drivers went undisclosed for more than a year. According to Bloomberg, the ride-hailing app ousted its Chief Security Officer Joe Sullivan and one of his deputies for attempting to conceal the data breach. The cyberattack, which dates back to October 2016, led to the exposure of […]… Read More | Uber | ||
|
2017-11-21 22:19:00 | Uber concealed hack of 57 million accounts for more than a year (lien direct) | The company's former chief security officer kept the hack a secret. | Uber | ||
 |
2017-11-21 19:16:44 | Uber Supposedly Paid Hackers $100,000 to Keep Quiet About a 2016 Data Breach (lien direct) | Uber confirmed that hackers breached some part of its network in October 2016 and made off with personal data for 50 million users and 7 million drivers. [...] | Uber | ||
 |
2017-11-21 17:49:22 | 57 millions de fiches clients et chauffeurs UBER piratés (lien direct) | >57 millions de fiches clients et chauffeurs de la société UBER piratés. Deux personnes auraient téléchargés les informations contenant, entre autres : permis de conduire, trajet, adresses, mails … Opération transparence pour le PDG d’Uber, Dara Khosrowshahi. Le nouveau boss de l’en... Cet article 57 millions de fiches clients et chauffeurs UBER piratés est apparu en premier sur ZATAZ. | Uber | ||
|
2017-11-03 13:00:00 | Things I Hearted this Week – 3rd November 2017 (lien direct) | It’s been another busy, interesting, and confusing week in the world of security and technology – so let’s just get down to it. 50k Aussie government and banks staff records breached The personal details of more than 4,000 government employees have been exposed in a massive data breach of 50,000 staff records from various companies across Australia. It is believed to be the second-largest data breach in Australian history after the details of just over half a million blood donors were accidentally leaked by the Red Cross in 2016. Contractor breach exposes 50k Aussie govt, bank staff records | IT News AMP among companies affected by data breach of 50,000 staff records | The Guardian Wrestling student hacks grades A former chemistry student allegedly used keystroke-logging gadgets to steal tutors' passwords, change classmates' grades and download copies of exams ahead of time. Amateur wrestler Trevor Graves, 22, who studied at the University of Iowa was arrested and indicted this month on two hacking charges – each of which could land him up to ten years in the clink if found guilty. In paperwork (pdf) submitted to an Iowa district court, FBI agent Jeffrey Huber recounted that in December of last year one of the university's teachers noticed that Graves' grades had mysteriously improved. High-tech cheating scheme prompts charges at University of Iowa | Press Citizen FBI: Student wrestler grappled grades after choking passwords from PCs using a key logger | The Register Hackers Using Default SSH Creds to Take Over Ethereum Mining Equipment A threat actor is mass-scanning the Internet for Ethereum mining equipment running ethOS that is still using the operating system's default SSH credentials. The attacker is using these creds to gain access to the mining rig and replace the owner's Ethereum wallet address with his own. Replacing this wallet ID sends all subsequent mining revenue to the attacker instead of the equipment's real owner. Change your default credentials, kids. Or better still, manufacturers – force users to change default credentials on first use! Hackers Using Default SSH Creds to Take Over Ethereum Mining Equipment | Bleeping Computer How to become a pentester This one is from the archives, but equally relevant today as it was two years ago when published. Going through a lot of the methodology and answering most questions budding pen testers would have. How to become a pentester | Corelan Team Circle with Disney web filter riddled with vulnerabilities A ‘smart’ thing made by Disney has more holes in it than swiss cheese. Who could have ever predicted such a thing? Circle | Guideline | Uber |
To see everything:
Our RSS (filtrered)
