hacking

Less than month after LastPass admitted a large scale breach of its much vaunted password manager, the old man of computer security, Norton, has said that its LifeLock password manager has also been breached. Is there an industry-wide problem?

With all the fuss about China's interest in foreign computer systems, it's salutory to note that a suspicious crypto-asset report made at www.GlobalKYC.com demonstrates that the Chinese government's servers are not immune from attack.

We all get the scams telling us that a criminal has our data. Many of us get scams saying that the criminals have details of access to pornographic websites and, even, footage taken from cameras on our desktop or laptop machines. Usually, we are told that we are being blackmailed and ordered to pay a sum, via bitcoin, to a specified wallet, 1Lughwk11SAsz54wZJ3bpGbNqGfVanMWzk. This wallet should, obviously, be disabled with immediate effect.

Last week, the USA's FBI "unsealed" an indictment against a North Korean who they say was involved in the hacking organisation "Lazarus" which has been responsible for, amongst other things, the WannaCry virus that brought government, corporate and personal computers running Microsoft Windows software, or Linux machines running Windows emulation software, to their knees.

When we found this address was the source for a brute-force attack by hackers on our own administration system, we checked and found that it's being used to mount attacks on Drupal CMS systems around the world.

RECOMMENDATION: BLOCK IT AND PREVENT IT REACHING YOUR CMS.

So far, recounts in the US Presidential election have either been abandoned or resulted in an increase in the majority for Donald Trump. The allegations that Russians somehow infiltrated the voting systems in the USA remain entirely unproven. Today, the allegations are irritating but, ultimately, no different in principle to the tirade of false information on social media. Set that against the express and clear comments of a senior Israeli diplomat saying he would "take down" UK ministers and others in what should have caused a storm but didn't.

A trawl through the access logs of ChiefOfficers.Net shows an interesting trend which appears to tie into the use of WordOress installations for phishing scams.

The value of client data is demonstrated by the case of a San Jose law firm. A clerk stole data and used it to forge credit applications. And it was not the only professional business targeted.