Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

The biggest security snafus of 2013 (so far)

Ellen Messmer | July 2, 2013
Late last December ended with a hacker leaking data on 300,000 Verizon FIOS customers which was apparently stolen via a marketing partner of Verizon.

- A faulty anti-virus update issued by Kaspersky Lab in early February disrupted many home and business customers, leaving them unable to access any websites via their computers. Kaspersky a week later also had to apologize for a subsequent patch that had been issued to correct the initial flawed update which also caused various computer problems.

- Hacker group Anonymous posted the personal information on about 4,000 people in the banking industry, from cashiers to C-level officers to bank presidents. The posted information contained logins and hashed passwords. Anonymous claimed it took the data from computers belonging to the Federal Reserve. A week earlier, Anonymous attacked the website of the U.S. Sentencing Commission in what it called its OpLastResort campaign, in retaliation for the suicide of computer programmer and Internet free-information advocate Aaron Swartz. Swartz, who faced a trial related to his arrest by MIT police on state breaking-and-entering charges for systematic downloading of academic articles, had hung himself in his apartment.

- Security firm Malwarebytes discovered malware in the wild that looked like a PDF invoice with a valid, signed digital certificate. The malware, a banking/password stealer that uses e-mail to spread, had a valid certificate issued to a real Brazilian software company by SSL certificate authority DigiCert, according to Jerome Segura, senior security researcher at Malwarebytes.

- The U.S. Department of Energy disclosed that personal information on several hundred employees and contractors was stolen in a hacking incident the month before. The DoE said it was leading "an aggressive effort" to prevent it from happening again.

- Authorities said they were investigating how a hacker got into the email accounts of former George H.W. Bush and a half dozen of his relatives and close friends, posting them in the public domain, where they revealed gossiping about another former president, Bill Clinton. A spokesman for the president said the hacker obtained photos, addresses, phone numbers and various e-mail addresses.

- Security firm Bit9 had to admit that its failure to install its own protective software to block malicious applications on its own servers led them to be compromised, as hackers were adept in finding weaknesses that let the attackers make use of stolen Bit9 certificates for their own malicious software. That way, the attacker's software looked as though it had been issued by Bit9.

- Through its technology, Google warned a number of journalists using Gmail that their accounts might be the target of state-sponsored hacking by the country of Myanmar, a charge hotly refuted by the Myanmar president's spokesman.

- Burger King's Twitter account was hacked, with the attacker changing the Twitter photo to a McDonald's logo and saying Burger King had been sold to McDonald's.

 

Previous Page  1  2  3  4  5  6  7  8  9  10  11  12  Next Page 

Sign up for CIO Asia eNewsletters.