Hold Security identifies a group of hackers behind reported breach of Oracle’s MICROS POS along with nearly a dozen of other smaller POS vendors. Hackers targeted these POS vendors with the goal to gain access to their platform and to their customer installation. The mass abuse of POS devices goes to a new level of exploitation of vendors of POS and their support infrastructures. Forbes Magazine highlights the story.
Hold Security’s research into hackers selling stolen Yahoo! data is featured on the front page of the New York Times. The timeline of the hackers allegedly obtaining the stolen data. Their claims and goals discussed.
Recent releases of data from old breaches of the major social media companies like LinkedIn and MySpace should not be as harmful if not for a rampant re-use of the passwords. Alex Holden comments to The Wall Street Journal on recent revelations based on supposed Twitter data.
Reuters story highlights more details about our discovery. The business of recovering stolen credentials is not as simple as it would seem. We have set records before, initially with the Adobe user database including 153 million records, then with 360 million recovered in February 2014, and finally with 1.2 billion credentials in the most substantial breach known to-date. Today, large amounts of stolen credentials may not grab headlines, but they never lose their potency, especially when they are recovered by the good guys and returned to the rightful owners.
On a daily basis hackers use known security weaknesses to do bulk exploitation of thousands of websites. Usually, we see anywhere between one and three thousand sites breached every day. Once exploited, they install a backdoor (web shell) allowing them to take control of the site.
Hold Security identifies a Russian-speaking gang breaching dating websites.
Alex Holden’s article in IB Times: Ashley Madison hack: 'Most dating websites have been breached and user info sold on the dark web'.
Alex Holden’s article in IB Times: Hackers sell exploits on the Dark Web to steal everything from your smartphone.
