Intel CPU Kernel bug

Image result for intel bug

Kernel memory leak in Intel processor due to a fundamental design flaw has forced major operating system (OS) vendors such as Windows, Linux and macOS to redesign their kernel software. This redesign will result a performance  hit on Intel products and is estimated to slowdown from 5% to 30%, depending on the task and the processor model. More recent Intel chips have features – such as PCID – to reduce the performance hit, The Register reports.

Working:

To perform any write, execute or network related tasks, any program needs to temporarily handover the processor control to the kernel to complete the task. Such requests between user to kernel and vice versa requires the kernel to be present in the virtual memory address space of all processes. When the kernel is needed, the program makes a system call, the processor switches to kernel mode and enters the kernel. Post completion of the requested task, the CPU is told to switch back to user mode, and reenter the process. While in user mode, the kernel’s code and data remains out of sight but present in the process’s page tables.

Impact:
  • Easily exploitable by malware and hackers to exploit other security bugs
  • Programs and logged-in users can gain access to kernel’s memory to read all secrets including, passwords, cached disk files, login key and so on
  • A shared public cloud server, may even sniff sensitive kernel-protected data
  • Possible the bug could be abused to defeat KASLR: kernel address space layout randomization
  • A malicious program can block executing an instruction and reads the kernel memory before switching back to the user mode. In turn allow ring-3-level user code to read ring-0-level kernel data
  • Impact on cloud:
    1. The bug will impact big-name cloud computing environments including Amazon EC2, Microsoft Azure, and Google Compute Engine, said a software developer blogging as Python Sweetness
Another version of the same story:

There were rumors of a severe hypervisor bug – possibly in Xen – doing the rounds at the end of 2017. It may be that this hardware flaw is that rumored bug: that hypervisors can be attacked via this kernel memory access cockup, and thus need to be patched, forcing a mass restart of guest virtual machines.

Affected Intel product:

The bug affects all Intel x86 CPUs produced over the past 10 years, regardless of the OS or whether the OS runs on a desktop or a laptop. The processor allows normal user programs, from database applications to JavaScript in web browsers, to to some extent separate the layout or contents of protected kernel memory areas.

The Fix:

The fix is to separate the kernel’s memory completely from user processes using what’s called Kernel Page Table Isolation, or KPTI. These KPTI patches move the kernel into a completely separate address space, so it’s not just invisible to a running process, it’s not even there at all. Really, this shouldn’t be needed, but clearly there is a flaw in Intel’s silicon that allows kernel access protections to be bypassed in some way.

  • PostgreSQL has shared fix for intel hardware bug which will lead to performance regressions
  • Microsoft’s Azure cloud to undergo maintenance on January 10
  • Amazon has warned customers via email to expect a major security update to land on Friday this week, without going into details
  • Post updates from respective Vendors, your Intel-powered machine will run slower as a result
References:

Sony Playstation 4 4.05 FW – Local Kernel Loader

28th December 2017, developer SpecterDev released a fully-functional much-awaited kernel exploit for PlayStation 4 (firmware 4.05), almost two months after Team Fail0verflow revealed the technical details of it.

References:

Intel ME Firmware Security Issue

Intel Management Engine (ME), a microcontroller that handles much of the communication between the processor and external devices, hit the headlines in May 2017 due to security concerns regarding the Active Management Technology (AMT) that runs on top of the engine. More probing revealed AMT had a simple authentication error: an attacker could login with an empty password field.

Positive Technologies researchers say the exploit “allows an attacker of the machine to run unsigned code in the Platform Controller Hub on any motherboard via Skylake+”.

The company’s researchers Mark Ermolov and Maxim Goryachy discovered is that when Intel switched Management Engine to a modified Minix operating system, it introduced a vulnerability in an unspecified subsystem.

Because ME runs independently of the operating system, a victim’s got no way to know they were compromised, and infection is “resistant” to an OS re-install and BIOS update, Ermolov and Goryachy say.

In response to issues identified, Intel has published its advisory here. https://www.intel.com/content/www/us/en/support/articles/000025619/software.html

 

Cyber Security Incidents January 2017

Cockrell Hill police lose years’ worth of evidence in ransom hacking

Hacker Group Claims Responsibility for Lloyds Bank Outages, Ransom Demand

St. Louis’ public library computers hacked for ransom

Computer hacker hits Illinois processor

No payoff for hackers, Arkansas school district says

Trojan malware blamed for cyberattack at Barts Health NHS hospitals

Marijuana dispensaries hit by hack of sales system

Cosmetic surgery center discloses ransomware attack

Princeton University becomes victim of MongoDB ransom attacks

Los Angeles Valley College Hit By Cyber Attack, Pays Ransom

Break-in prompts hospital to assess possible patient privacy breach

Odessa one of eight school districts targeted in e-mail phishing scam

Grey Eagle Casino employee information leaked in major privacy breach

Dirty secrets of 180,000 users of a porn site that posts ‘upskirt’ photos are leaked

Data breach affects thousands of school system employees

Telus releases Hamilton woman’s cellphone information to her stalker

218,000 AlphaBay marketplace users’ private messages acquired by bug hunter

Another child protection privacy breach names more than 30 kids in care

District 833, police investigate after student accesses private employee data

NYPD tech worker accused of selling officers’ personal info

TriHealth notifies 1,126 patients after software glitch sends statements to old addresses

Ohio State Veterinary Medical Center at Dublin hit with possible data breach

Catholic Charities of Baltimore Notifies Clients of Potential Security Incident

Complete Wellness notifies 600 patients after employee misconduct results in lost PHI

Clash of Clans Forums Accounts Have Been Hacked

CoPilot Provider Support Services notifies 220,000 of data security breach in 2015

California translation firm’s security lapse exposes sensitive files

Passwords of top Trump appointees leaked online after earlier data breaches: Report

California snafu releases personal info of nearly 4,000 gun safety instructors

Dutch Cops Warn 20,000 of Email Account Hack

5,000+ Sentara Healthcare patient records involved in security breach

Children’s Hospital Los Angeles and the Children’s Hospital Los Angeles Medical Group notify parents of laptop theft

Email account with patient information at UM doctors group hacked

Summit Reinsurance Services breach affected 19,000

Hacker Steals 900 GB of Cellebrite Data

Hospital scammed for employee information

Twoplustwo poker forum hacked again; personal data stolen

ESEA hacked, 1.5 million records leaked after alleged failed extortion attempt

Letter notifies NISD employees, students of email breach

Hilliard Bradley High School hacked, students’ information exposed

Lloyds Bank targeted in DoS attack

Possible data breach occurred at 21 Bowlmor AMF bowling centers, including one in Henrico

POPEYES discloses payment card breach that began in May, 2016; 10 locations affected

Zimbabwe computer hacker takes $70k from OK Zim

Rsync errors lead to data breach at Canadian ISP, KWIC Internet

Hackers infiltrate govt-owned bank systems to create fake trade docs

Taipei employees’ financial data leaked

Delhi hackers, digital shoplifters who tampered data of e-commerce portals

Google Removes Ransomware-Laden App From Play Store
Paramedic supervisor charged with stealing drugs and identity theft

‘Celebgate’ hacker sentenced to nine months in prison

Mortgage loan processor stole dozens of identities

Cyber Security Incidents February 2017

Gov, OMES Confirm Agency Hacked, No Ransom Paid

Hackers demand $25k-$30k after ransomware attack takes down Bingham county servers

Yahoo tells users they were hit with cookie attack

University suffers cyber attack from its own vending machines and lamp posts

Isis-linked hackers attack NHS websites to show gruesome Syrian civil war images

Pro-Trump group hacked, website taken down in Cabinet fight

Hackers demand £1 million from David Beckham’s advisers

Norway’s Labour Party was hacked by Russia: report

Ransom demanded in Licking County technology hack

Tiverton town hall has two years’ worth of documents deleted by virus that demanded £3,000 ransom

Phishing emails imitate HMRC (again)

WordPress hack sees 1.5m attacks in “feeding frenzy”

South Washington School District probes hacking by student

NYC Dept. of Education email gaffe exposes 439 paraprofessionals’ SSN

Millions of IGN and PCMag user records sit exposed, online

Email Lists Revealing Students’ Private Information Remained Public for Years

Hackers who took control of PC microphones siphon >600 GB from 70 targets

Cleveland Food Bank Loses Personal Data for Dozens of Clients

Lexington Medical Center latest victim of data breach

Family Service Rochester experiences data breach

Thousands of medical records stolen

UNC: PATIENTS’ DENTAL RECORDS MAY HAVE BEEN STOLEN

Privacy commissioner apologises for accidentally releasing email addresses

PharmaNet breach compromises personal information of 7,500 B.C. residents, says province

Fulton County clinic dumps sensitive medical records in plain sight

20,000+ tribal members warned of data breach

City notifying staff whose private information was compromised

Laptop and files with confidential information about Aberdeen children stolen

Top End Health Service breach exposes private details of cancer patients

Hacker steals 83,000 accounts from UPI news agency

Mag publisher Future stored your FileSilo passwords in plaintext. Then hackers hit

15,000 data files of Taiwanese nationals possibly hacked: Govt

Multnomah County notified 1,700 patients after discovering employee was forwarding emails to personal account

Sports Direct hacked last year, and still hasn’t told its staff of data breach

Five months after learning of problem, Michigan cancer treatment provider notifies 22,000 patients

Princeton Pain Management notifies patients after hacker gains access to PHI

Laptop-light GoCardless says customers’ personal data may have been lifted

Used government computers bought at auction filled with personal information

Denuvo Website Leaks Secret Information, Crackers Swarm

Data from 2014 hack of children’s online game Bin Weevils leaked online; hacker claims 20m records

Vulnerability put 1.87 million Michigan employees at risk

Hundreds of confidential email addresses were shared with landlords operating in Cardiff

Particle accelerator hacked: Boffins’ hashed passwords beamed up

2.5 million PlayStation and Xbox players’ details stolen by hackers

Citizens Memorial Hospital investigates breach of employee data

Data breach hits San Antonio Symphony employees

Hundreds of Arby’s restaurants breached

PC Plus points stolen from customer accounts in security breach

Malware hit Hitachi Payments Services, 3.2 million cards affected

InterContinental reports payment card breach at 12 U.S. hotels

A Hacker Just Pwned Over 150,000 Printers Left Exposed Online

An Anonymous group just took down a fifth of the dark web

German parents urged to destroy data-collecting toy doll

Cyber Security Incidents April 2017

Newark City Hall computers hacked with ransomware

Atlantic Digestive Specialists notify patients of ransomware incident

Phishing scam diverts more than $40,000 from Denver Public Schools

IAAF says medical records compromised by Fancy Bear hacking group

Lessons to learn as McAfee’s LinkedIn page is hijacked

Hackers set off Dallas emergency sirens more than a dozen times in a few hours

ECMC officials remain mute on cause of computer shutdown

RingGo parking app exposes users’ personal information

McDonald’s Canada breached, 95,000 job seekers’ information compromised

Concordia’s online course systems, eConcordia and KnowledgeOne, have been hacked

Unencrypted patient info from 2008 left in a van, and…… yeah

Iowa Veterans Home warns nearly 3,000 of data breach after phishing incident

Privacy Incident at Lifespan

Patient privacy breach: over 1600 medical letters found dumped in Sydney bin

PAUSD student data exposed in breach

Millions of game accounts exposed in data breach, responsibility thrown to the wind

30,000 London gun owners hit by Met Police ‘data breach’

Voters’ personal data at risk in Cobb theft

Privacy commissioner calls for investigation after photo card privacy breach

Amedisys announces patient info breach

Privacy breach at Yakima’s Virginia Mason Memorial hospital affects 419 patients

Upmarket Sydney hotel targeted by cybercriminals

Third Personal Data Breach Hits UHIP Customers

Student privacy breached in Victoria Education Department blunder

Tullamore Hospital patient’s information sent to wrong person after data blunder

Wonga data breach: Personal details of 245,000 UK customers and 25,000 Polish customers may have been stolen in cyber attack

Leak of diabetic patients’ data highlights risks of giving info to telemarketers

Privacy, what? Bengaluru police leaks 46,000 phone numbers on Twitter

Scottrade Bank data breach exposes 20,000 customer records

Data leak exposes details of 450,000 lottery subscribers

Foodie social network Allrecipes warns that someone stole users’ email addresses and passwords

Data breaches at InterContinental Hotels, RingGo and Allrecipes

Chipotle warns of data security breach, recommends monitoring card statements

Blowout Cards Notifies Customers After Card Fraud Reports Roll In

Cleveland Metropolitan School District discloses phishing-related incident

Debit card breach reported by car washes

U of L: Tax information of some employees hacked

Gamestop.com Investigating Possible Breach

Breach of Financial-Aid Tool May Have Compromised Data on 100,000 Taxpayers

1,200 InterContinental hotels hit by malware attack

Ashley Madison blackmailers threaten to create Cheater’s Gallery exposing members who don’t pay up

Teen Hackers Stole $300,000 From a Travel Site and Used It to Buy a Ducati

Hackers Are Emptying ATMs With a Single Drilled Hole and $15 Worth of Gear

Got one of these 20+ models of Linksys Smart Wi-Fi routers? Bad news. 10 security holes discovered

Wellington Student Arrested for Selling Drugs on the Darknet

Longest sentence ever handed out for hacking: Roman Seleznev Sentenced to 27 Years

Long-sought fugitive admits role in $200M credit card fraud

Cyber Security Incidents May 2017

How ECMC got hacked by cyber extortionists – and how it’s recovering

Walnut Place notifies patients of ransomware attack

Confluence charter school servers are hacked

WannaCry ransomware hits systems worldwide

Ransomware hits Australian hospitals after botched patch

‘Anomaly’ caused OHIP privacy breach

Papers with CMS students’ sensitive information found blowing in wind

Fast Health in Tehachapi suffers security breach

Website hack exposed PMH patients’ personal, medical info

Health, personal records of 2,500 Arizona families with newborns lost

Beacon Health System notifies 1,200 patients of employee wrong-doing

Melbourne hospital in hot water as patients’ confidential medical records found on train

MolinaHealthcare.com Exposed Patient Records

Information on 2,036 patients compromised after data breach

Personal information exposed for 3,000 people in Stillwater after unauthorized access obtained to city computer

Niskayuna school laptop stolen, 945 students’ personal information on device

1.5 million students’ data leaked online, put up for sale for up to Rs60,000

Medical device containing patient information stolen from DePaul Hospital

Hackers may have names of thousands of Florida gun owners

School district reports breach due to caching problem with HomeLink

Font sharing site DaFont has been hacked, exposing thousands of accounts

Zomato Hacked; 17 Million Accounts Sold on Dark WebTwitter says Vine users’ emails and phone numbers were exposed for a day, but weren’t misused

Hacker Steals Millions of User Account Details from Education Platform Edmodo

Bell apologizes to customers after data breach hits 1.9 million e-mail addresses

Data leak reveals details of 70,000 offshore firms in Malta, German state minister claims

Funding Circle Error Exposes 6,000 SSNs Of American Clients

Guardian Soulmates website suffers data breach

Diamond Institute for Infertility and Menopause notifies patients after hack

TheDarkOverlord dumps 180,000 patients’ records from 3 hacks

Debenhams Flowers data breach affects 26,000 customers

USA Today owner Gannett hit by phishing attack

Travel tech company Sabre confirms breach affected reservations system

Why WannaCry ransomware infection is a data breach

Phishing scam cost Google and Facebook £77m

Hotpoint service sites hacked

Blackburn High School families’ details illegally downloaded in targeted attack

Brooks Brothers payment card system compromised for almost one year; customers being alerted

Rogues reset ‘passwords’, steal W-2 info from Equifax subsidiary customer employees

Chipotle says malware hack stole customer payment info

Full House Lottery website breached, credit card information at risk

Rite Aid’s ecommerce platform breached, personal info stolen

Vic school IT breach after password theft

Security Breach at Punch Bowl Social; Employee Personal information compromised

Data breach hitting local car wash follows string of incidents around the country

NYU Accidentally Exposed Military Code-breaking Computer Project to Entire Internet

After hackers fail to extort money, new Pirates of the Caribbean movie torrents appear

“Google Docs” Worm Ransacks Gmail Users’ Contact Lists – What You Need to Know

Cyber Security Incidents June 2017

‘Petya’ Ransomware Outbreak Goes Global

Ransomware: South Korean web hosting company pays $1m

Fired Employee Hacks and Shuts Down Smart Water Readers in Five US Cities

Cyber-attack on parliament leaves MPs unable to access emails

Airway Oxygen notifies 500,000 patients after ransomware attack

Cleveland Medical Associates tells patients of ransomware incident

Midwestern Hospital Infected With Ransomware

University College London hit by ransomware attack

Hacker stole satellite data from US Department of Defence

CD Projekt Red Reveals Cyberpunk 2077 Data Theft

Pro-ISIS hackers deface Ohio government websites

PanicGuard panic alarm app leaks your personal information, including location

Texas Association of School Boards suffers security breach

School district server breach

Personal info of 522 Aetna clients in Texas affected by data security incident, firm says

Hundreds of SIH Patients Potentially Impacted by Insurance Breach

Hackers Altered 2016 Voter Rolls and Stole Private Data on U.S. Citizens

Nearly 3,000 Patients Notified Of St. Thomas Rutherford Health Information Breach

Confidential child protection files on sale at Alice Springs tip shop

Patient records stolen in computer breach at Torrance Memorial Medical Center

Data on 198M voters exposed by GOP contractor

Personal info of hundreds of thousands of students targeted in schools hack attack

Briefcase containing Little River Healthcare records stolen

Personal information of 16 Utahns stolen from DCFS employee’s vehicle, officials say

Passaic Housing Authority battles employee over data breach, rules on rent hikes

Hundreds Of Files With Personal Information Found In Greenwood

University department leaks the names of students and their extenuating circumstances

Former Durango Family Medicine patients warned of security breach

OU shuts down file sharing service after failing to protect thousands of students’ records

Over 5,000 Wind Tre customers hit by data breach

HSBC reveals customer information leak

Township of Springfield notifies individuals after discovering hack

More than a thousand Elon accounts compromised in security breach

University of Alaska: thousands affected by data breach, including names, social security numbers

Laptop stolen from Tulsa firm contained customers’ personal data

Customer data stolen as S.F. cybersecurity firm hacked, Stanford medical school reportedly a client

Privacy Breach at Beverly Hills Clinic Puts Thousands of Patients, Some Celebrities, at Risk

Cosmetic surgery online mistake allows public viewing of women’s photos, private details

Number of data breaches rises by 39%

UCL hit by ransomware attack

The Buckle, Inc. Notification of Security Incident at Some Retail Stores

How a Single Email Stole $1.9 Million from Southern Oregon University

Computer stolen at the Hall of Justice puts some at risk for identity theft

Data breach affects Irish users of global hotel website

Kmart breached by POS malware again

Leak of Windows 10 Source Code Raises Security Concerns

Thousands of customers ‘at risk’ following Virgin Media hack

Bungling Tata devs leaked banks’ code on public GitHub repo, says IT bloke

Mississippi Division of Medicaid notifies more than 5,000 after discovering data were not securely transmitted for more than three years

Two men arrested as part of international investigation into unauthorized access to the Microsoft network

Computer hacker jailed for attacking websites of airport and hospital

20 Apple employees arrested in China for ‘selling’ personal data of customers

West African computer hacker sentenced to prison

Cyber Security Incidents August 2017

Malware attack disrupts hospitals

HBO hackers obtained all of HBO’s social media logins and GIPHY credentials

Another rough week for HBO as hackers and mistakes result in more leaks

Turkish hackers attack Armenian webpages again

Cyberattack on UCLA server potentially accesses student information

Pacific Alliance Medical Center notifies 266,123 patients of ransomware incident

South Korea LG service centers attacked by ransomware

FC Barcelona has its Twitter and Facebook accounts hijacked by the OurMine gang

Sony social media accounts hijacked as hackers claims to have stolen PSN database

Attack on Ireland’s state-owned power provider blamed on state-sponsored hackers

HIDS4U customers warned of free gift email attack after customer database leaks

Hackers claim to have leaked Game of Thrones season finale details

Oops! Aetna exposed 12,000 customers’ HIV statuses through envelope window

Indian Bank faulted for losing customer’s net banking credentials

Labor Department blames data breach for injury reporting site’s shutdown

OAIC investigating Flight Centre customer data leak

Anonymous hacker claims to have stolen the NHS medical records of 1.2million Brits

US Voting Machine Supplier Leaks 1.8 Million Chicago Voter Records

OSHA Suspends ITA Due to Security Breach

Error exposes private info on thousands of South Wash. Co. students

Islington Council faces huge fine after massive data breach hit 90,000 people

Medical records of Norfolk patients found in a petrol station, a King’s Lynn restaurant and on the pavement

Lake Health investigating missing obstetrics records

Surgical Dermatology Group notifies patients after TekLinks hacked

Vancouver pot dispensary patient data breach highlights regulatory haze

State juror pool data breach exposed Social Security numbers

Personal data belonging to up to 21,000 TalkTalk customers could have been used for scams and fraud

Italian bank UniCredit admits data breaches affecting 400,000 customers

Medical clinic breaches 1000 people’s privacy

Data of 100,000 Dutch lease drivers leaked

Big data breach unmasks Bloomberg chat room users

GPAs mistakenly sent to parents, students

Patients’ records stolen from Walsall health worker’s car

UC Health hospital notifies patients of medical records being compromised

Personal Info of 650,000 Voters Discovered on Poll Machine Sold on Ebay

Kaleida Health notifies 2,789 patients about phishing incident

NHS staff personal data leaked in latest data breach

Nude photos of Anne Hathaway leaked online by hackers

Oceanside investigating possible data theft on bill-paying website

Hacker Nets over $500,000 after Hacking Enigma before ICO Date

San Antonio Institute for Women’s Health warns patients personal data compromised in network hack

More than one in four organisations will suffer a data breach in the next two years

Data breaches are more damaging than many natural disasters

Leak of >1,700 valid passwords could make the IoT mess much worse

BankBot trojan tries to sneak apps onto your Android smartphone without permission

Two zero-day vulnerabilities disclosed after Foxit refuses to patch PDF Reader

Vendor-neutral smart car bug has ‘dangerous’ and ‘even fatal’ consequences

Google awards student $10k for discovery of App Engine data leak flaw

Turkey Arrests Five Suspects in Qatar News Agency Hacking

UK government sets out tougher guidelines to protect smart cars from hackers

Former Air Force member sentenced for stealing fellow members’ information

Cyber Security Incidents September 2017

Arkansas Oral & Facial Surgery Center notifies 128,000 patients of ransomware incident

UISD investigating computer hacking

Sheriffs warn of hackers after upstate attack

Meridian Secondary School’s art competition site hacked

MongoDB ransacking starts again: Hackers ransom 26,000 unsecured instances

Mystery surrounds malware attack that forced German state parliament offline

Princess ransomware makes a visit to the wrong website a royal mistake

CCleaner, distributed by anti-virus firm Avast, contained malicious backdoor

Pharma industry failing to report data breaches

Credit reporting firm Equifax says data breach could potentially affect 143 million US consumers

Notts Council fined £70,000 for exposing vulnerable people’s personal data

Huge potential privacy breach exposes Nunavut’s lax file management

The Irish National Teacher’s Organisation suffers breach affecting up to 30,000 teachers

Personal data and lab results of more than 6,000 people were exposed online for months

Deloitte hit by cyber-attack revealing clients’ secret emails

Woman Stole Elderly Identities To Fund ‘Brazilian Butt Lift’; Cops Say

Telstra glitch sends personal SMS messages to random recipients after fire at exchange

SMART Physical Therapy hacked by TheDarkOverlord

Passwords to Over a Half Million Car Tracking Devices Leaked Online

Medical Mutual Provides Notice of Data Incident

Data breach made public, Ridgeview says it exposed some email addresses

PeaceHealth employee accessed patient info unnecessarily

AU Medical Center patients data possibly compromised by attack on faculty email accounts

Morehead Memorial Hospital: Data breach may have leaked patient and employee information

Vevo Hackers Leak — Then Delete — Huge Trove of Internal Videos, Documents

Somerville House donors warned of data breach

Hacker steals thousands of student records from WA TAFE

Man stole records from doctors’ storage unit

Notice of Canoe.ca data breach affecting 1 million site users

AIB loses 550 bank customers’ confidential information

Translate.com Exposes Highly Sensitive Information in Massive Privacy Breach

Port Phillip Council privacy breach exposes 700 email addresses

AXA data breach affects 5,400 Singapore customers

Community Memorial Health System in Ventura suffers data security breach

Taringa hacked: 28 million users’ credentials compromised

Customer data stolen after attack on jobs platform cpjobs.com

Thousands of sensitive mercenary resumes exposed after security lapse

BroadSoft Inc. left millions of partners’ customer data records exposed

Breach at Sonic Drive-In May Have Impacted Millions of Credit, Debit Cards

Leak puts Toowoomba residents at risk of identity fraud

Dutch Bitcoin Broker Litebit Suffers Second Data Breach in Six Weeks

Financial records, kids names, charity money stolen

MacEwan University defrauded of nearly $12M in phishing scam

7% of All Amazon S3 Servers Are Exposed, Explaining Recent Surge of Data Leaks

Adobe’s security team reveals its private PGP key

Red Alert 2.0: New Android banking trojan can block and log incoming calls from bank

UP STF busts gang which hacked secure source code to crack Aadhaar, issued fake biometric cards

Roman Seleznev pleads guilty to federal charges in Georgia and Nevada

Former Columbia Sportswear Company employee pleads guilty to hacking network

Man involved with “Crackas With Attitude” sentenced to 5 years

Police Seize Domain of Online Store That Stole User’s Card Data