ClickSSL Weekly InfoSec Snipper September 05, 2016

This entry is part 39 of 73 in the series Weekly Infosec Snipper

Lightspeed suffered from Data Breach

Lightspeed a seller of POS system has notified its clients about data breach. Company’s engineers detected the breach. Unknown attacker has gained access to the retail system as the retail system stores the data of buyers who have purchased via POS system with POS terminals. Attacker gathered information of Lightspeed customers but they did not get credit card information. The company has recommended users to change their password.

Last.fm Website hacked data is now publicly available

Last.fm website is hacked and the details around 43 million records have been compromised by attackers. The music streaming service also announced about the breach and requested users to change passwords. LeakedSource has gathered hacked data and the data included username, hashed passwords, email addresses, and ad-related data. Last.fm website stored its passwords using MD5 algorithm that is weaker hashing algorithm and attacker took just two hours to crack 96% of all the passwords.

Washington Think tank organizations witnessed severe hacking

Defense one report says that Russian linked cyber espionage named APT29 has hacked Washington based think tank organizations. Think tank defined as organizations that are involved in research of politics strategy, social policy, economics, culture and technology. CrowdStrike – a security vendor have analyzed the attack pattern and found that it might have connection with FSB- Russia’s main intelligence service.

Dropbox urged to reset users Password

It is believed that hackers have obtained the access of Dropbox as the authority has mentioned its users to change passwords. An unnamed employee has verified the strength of the passwords as Dropbox used BCrypt hashing for around 32 million passwords while the rest passwords are using SHA-1 hashing algorithm. The reason to change password suddenly is to save users as the earlier breached data may be seen on Dark Web marketplace.

Hackers accessed US Election System

Unknown hackers have gained access of voter registration database for election systems in two US states namely Arizona and Illinois. The FBI is currently investigating about the details of breach and sent flash alert to election offices and officials about any potential intrusion on the system. It is believed that the motto of hacking was to alter voter database or modify the voter registration page.

OneLogin is compromised due to Data breach

OneLogin that provides a SSO (single sign on service) has reported about data breach that allowed intruder to look at customer secure notes due to loophole in company’s logging process. The attack gained access of employee’s server credentials that server was used to store logs and analytics data. The attacker gained access between July 2, 2016, and August 25 and the bug in logging system exposed data in plain text. All passwords are reset and the company has boosted security by implementing SAML – based authentication and allowed limited set of IP addresses to access internal system.

Series Navigation<< ClickSSL Weekly InfoSec Snipper August 29, 2016ClickSSL Weekly InfoSec Snipper September 12, 2016 >>
 

We Assure to Serve

Leading Brands

ClickSSL is platinum partner of leading CAs & offering broad range of SSL certificate products.

Valued Price

You are at right place to get cheapest SSLs; our prices are up to 79% low as compared to CAs.

100% Refund Policy

If you are not satisfied, our all SSL certificates are backed by 30-day 100% money back guarantee.

24×7 Support

Our experts are always active to help you, so you will get instant solutions for your queries.