Lightspeed suffered from Data Breach
Lightspeed a seller of POS system has notified its clients about data breach. Company’s engineers detected the breach. Unknown attacker has gained access to the retail system as the retail system stores the data of buyers who have purchased via POS system with POS terminals. Attacker gathered information of Lightspeed customers but they did not get credit card information. The company has recommended users to change their password.
Last.fm Website hacked data is now publicly available
Last.fm website is hacked and the details around 43 million records have been compromised by attackers. The music streaming service also announced about the breach and requested users to change passwords. LeakedSource has gathered hacked data and the data included username, hashed passwords, email addresses, and ad-related data. Last.fm website stored its passwords using MD5 algorithm that is weaker hashing algorithm and attacker took just two hours to crack 96% of all the passwords.
Washington Think tank organizations witnessed severe hacking
Defense one report says that Russian linked cyber espionage named APT29 has hacked Washington based think tank organizations. Think tank defined as organizations that are involved in research of politics strategy, social policy, economics, culture and technology. CrowdStrike – a security vendor have analyzed the attack pattern and found that it might have connection with FSB- Russia’s main intelligence service.
Dropbox urged to reset users Password
It is believed that hackers have obtained the access of Dropbox as the authority has mentioned its users to change passwords. An unnamed employee has verified the strength of the passwords as Dropbox used BCrypt hashing for around 32 million passwords while the rest passwords are using SHA-1 hashing algorithm. The reason to change password suddenly is to save users as the earlier breached data may be seen on Dark Web marketplace.
Hackers accessed US Election System
Unknown hackers have gained access of voter registration database for election systems in two US states namely Arizona and Illinois. The FBI is currently investigating about the details of breach and sent flash alert to election offices and officials about any potential intrusion on the system. It is believed that the motto of hacking was to alter voter database or modify the voter registration page.
OneLogin is compromised due to Data breach
OneLogin that provides a SSO (single sign on service) has reported about data breach that allowed intruder to look at customer secure notes due to loophole in company’s logging process. The attack gained access of employee’s server credentials that server was used to store logs and analytics data. The attacker gained access between July 2, 2016, and August 25 and the bug in logging system exposed data in plain text. All passwords are reset and the company has boosted security by implementing SAML – based authentication and allowed limited set of IP addresses to access internal system.