Enough breach-related news to warrant a long list:

  • Timehop: a social media app that surfaces old tweets/posts from the same day but from several years ago. 21 million user accounts compromised.
  • DomainFactory: a large German webhosting company. All user data was compromised.
  • Macy's: the departement store noticed unauthorised logins into several customer accounts. It's not clear to me wether they were breached, or if the hacker is using known credentials from other breaches. Some Bloomingdale's accounts also affected.
  • Thomas Cook: not a confirmed breach per se, but leaky data nonetheless. All booking reservations used incremental numbers. You could change the URL easily and see someone else's booking information. Easy to automate and harvest.
  • VSDC: a company that provides free audio and video conversion software. Several download links were replaced by links leading to malicious downloads.
  • The previously reported Ticketmaster breach was actually part of much wider a campaign compromising over 800 e-commerce sites, executed by a hacker group called Magecart : link
Dieter Van der Stock

Update all the things \o/

  • Google: fixed 44 vulnerabilities in Android, 11 of which were critical. Five remote code execution (RCE) bugs fixed.
  • Microsoft had its Patch Tuesday, fixing 53 issues, 17 of which were rated critical.
  • Apple released security updates for several components, and included USB restricted mode into the iOS update.
  • Adobe fixed 112 security flaws across its product line. Two of them in Flash, and a whopping 104 in Acrobat and Reader.
Dieter Van der Stock