Silensec Newsletter

Twitter temporarily disables 'Tweeting via SMS' after CEO gets hacked

Twitter temporarily disables 'Tweeting via SMS' after CEO gets hacked

Twitter decided to temporarily disable a feature, called 'Tweeting via SMS,' after it was abused by a hacking group to compromise Twitter CEO Jack Dorsey and sent a series of racist and offensive tweets to Dorsey's followers.

Dorsey's Twitter account was compromised last week when a hacker group calling itself "Chuckling Squad" replicated a mobile phone number associated with the CEO account and abused this particular feature to post racist, offensive messages and bomb threats from it via SMS.

Read more...

Oklahoma pension fund reports $4.2 million cyber theft

Oklahoma pension fund reports $4.2 million cyber theft

The FBI is investigating after computer hackers managed to steal about $4.2 million in funds from a pension system for retired Oklahoma Highway Patrol troopers and other state law enforcement officers, state officials said Friday.

A notice posted on the Oklahoma Law Enforcement Retirement System website said the agency notified the FBI and couldn't comment further on details of the breach.

Read more...

Capital One gets capital done: Hacker swipes personal info on 106 million US, Canadian credit card applicants

Capital One gets capital done: Hacker swipes personal info on 106 million US, Canadian credit card applicants

Capital One has disclosed that it has suffered a data breach impacting 100 million people in the United States, and 6 million in Canada.

The company said in a statement that data between 2005 and 2019 was accessed and related to information on consumers at the time when they applied for a credit card.

Read more...

Honda Motor Company leaks database with 134M rows of employee computer data

Honda Motor Company leaks database with 134M rows of employee computer data

Honda Motor Company, one of the largest automobile manufacturers in the world, misconfigured an ElasticSearch database containing approximately 134 million documents, and amounted to roughly 40GB of internal data.

The information available in the database appeared to be something like a inventory of all Honda internal machines.

Read more...

Yet Another Ransomware Attack: Louisiana governor declares state emergency after local ransomware outbreak

Louisiana governor declares state emergency after local ransomware outbreak

Louisiana governor has activated a state-wide state of emergency in response to a wave of ransomware infections that have hit multple school districts.

The ransomware infections took place this week and have impacted the school districts of three North Louisiana parishes - Sabine, Morehouse, and Ouachita.

IT networks are down at all three school districts, and files have been encrypted and are inaccessible, local media outlets are reporting.

Read more...

Imperva blocked the largest Layer 7 DDoS attack it has ever seen

Imperva blocked the largest Layer 7 DDoS attack it has ever seen

An undisclosed streaming service was hit by a 13-day DDoS massive attack powered by a Mirai botnet composed of 402,000 IoT devices.

Imperva confirmed that its systems were able to repel the attack and the service remained up and running during the DDoS attack. According to Imperva, it was the largest Layer 7 DDoS attack it has ever seen.

Read more...