Weekly Update 396

Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite

Weekly Update 396

“More Data Breaches Than You Can Shake a Stick At”. That seems like a reasonable summary and I suggest there are two main reasons for this observation. Firstly, there are simply loads of breaches happening and you know this already because, well, you read my stuff! Secondly, There are a couple of Twitter accounts in particular that are taking incidents that appear across a combination of a popular clear web hacking forum and various dark web ransomware websites and “raising them to the surface”, so to speak. That is incidents that may have previously remained on the fringe are being regularly positioned in the spotlight where they have much greater visibility. The end result is greater awareness and a longer backlog of breaches to process than I’ve ever had before!

Weekly Update 396
Weekly Update 396
Weekly Update 396
Weekly Update 396

References

  1. Sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite
  2. Le Slip Français was breached by “shopifyGUY” (I wonder where all these Shopify API keys are coming from?!)
  3. Roku got hit with a pretty sizeable credential stuffing attack (looks like they’re now mandating multi-step auth for everyone, which is certainly one way of tackling this)
  4. There’s an extraordinary rate of new breaches appearing at the moment (that’s a link to the HackManac Twitter account that’s been very good at reporting on these)