Security researchers have uncovered a three-year cyber attack on a Russian oil company that appeared at first glance to be state-sponsored, but later was found to be the work of cyber criminals seeking financial gain. The discovery is a cautionary tale for security experts not to be too rash when when drawing conclusions about high-profile cyber attacks.
Hacks & Hackers
Podcast Episode 123: HaveIBeenPwned’s Troy Hunt on Marriott’s Big Mess and GreatHorn on the Asymmetric Threat of Email
Thanks to our friends at GreatHorn for sponsoring this week’s podcast. In this episode of the Podcast, # 123: Troy Hunt, the founder of HaveIBeenPwned.com joins us to talk about Marriott International’s big mess: a breach of Starwood Hotels’ reservation system that revealed information on half a billion (with a “B”) guests. And, in our second segment: you’ve heard of Business Email Compromise attacks but what about Business Service Impersonation scams? In our second segment we speak with Kevin O’Brien the CEO and co-founder of GreatHorn about using machine learning to defend against asymmetric messaging threats.
The Marriott breach underscores how companies fail to price in the risk of poor data security. In the age of GDPR, that could be an expensive failure.
A massive database holding more than 114 million records of U.S. citizens and companies was discovered sitting online unprotected due to misconfigured search, a data leak that is estimated to affect about 83 million people.
The federal government charged two Iranian men for orchestrating a nearly three-year-long international hacking and extortion scheme that deployed ransomware which to date has caused more than $30 million in losses to its victims, which include hospitals, municipalities and public institutions.