PlexCoin Scam Founder Sentenced to Jail and Fined $10K
The Canadian scam made international headlines. Continue reading PlexCoin Scam Founder Sentenced to Jail and Fined $10K
Collaborate Disseminate
The Canadian scam made international headlines. Continue reading PlexCoin Scam Founder Sentenced to Jail and Fined $10K
ICO funds were used to pay for home decor. Continue reading SEC Blasts Canadian Cryptocurrency Startup As ‘Full-Fledged Cyber Scam’
A Eastern European hacking group hijacked U.S. state government servers to dispense malware through phishing emails that were designed to appear like they had come from the Securities and Exchange Commission, according to research by Cisco’s Talos team and an analysis by other cybersecurity experts familiar with the activity. The technical findings connect a known advanced persistent threat (APT) group, codenamed FIN7 by U.S. cybersecurity firm FireEye, to a sophisticated intrusion technique that was detected in a recent wave of spoofed emails that mimicked the SEC’s domain. The messages carried malware-laden Microsoft Word documents mentioning financial disclosure information from the EDGAR system. FIN7 is believed to represent a eastern European criminal enterprise that speaks Russian and operates internationally. Emails tied to this campaign were “highly targeted” and only sent to a small, select group of U.S. businesses in several different industry sectors, including finance, insurance and information technology, said Craig Williams, a senior […]
The post Cybercriminals hijacked a government server to send sophisticated malware to U.S. companies appeared first on Cyberscoop.
Every single one of Yahoo’s 3 billion users was impacted by a data breach in 2013, despite the company previously saying only 1 billion accounts were impacted, illustrating that the company is still wrestling with the full scope and details of the enormous breach. The company, now part of Verizon’s Oath, disclosed the information in a quiet update to its account security update page. “Based on an analysis of the information with the assistance of outside forensic experts, Yahoo has determined that all accounts that existed at the time of the August 2013 theft were likely affected,” Yahoo’s page reads. The new conclusion comes based on “recently obtained new intelligence,” according to a statement from the company. “While this is not a new security issue, Yahoo is sending email notifications to the additional affected user accounts. The investigation indicates that the user account information that was stolen did not include passwords in […]
The post All 3 billion of Yahoo’s users were impacted by 2013 hack appeared first on Cyberscoop.
Continue reading All 3 billion of Yahoo’s users were impacted by 2013 hack
The Securities and Exchange Commission announced Monday that the personal information of two people had been compromised in a database breach announced last month. The announcement reverses Chairman Jay Clayton’s previous statements about whether the breach exposed anyone’s personal information. “The ongoing staff investigation of the 2016 intrusion has now determined that an EDGAR test filing accessed by third parties as a result of that intrusion contained the names, dates of birth and social security numbers of two individuals,” an SEC press release published Monday notes. The SEC said that its ongoing investigation uncovered this new information after Clayton initially disclosed the breach in a Sept. 20 statement. The agency is offering the two unidentified individuals “identity theft protection and monitoring services,” according to the aforementioned press release. The commission has two separate, ongoing investigations into how the breach occurred and whether it resulted in illicit trading. The SEC said it is also […]
The post SEC admits 2016 breach exposed personally identifiable information appeared first on Cyberscoop.
Continue reading SEC admits 2016 breach exposed personally identifiable information
Securities and Exchange Commission chairman Jay Clayton told a panel of Senators on Tuesday that an investigation into his agency’s recently revealed data breach is ongoing and that he is looking to hire additional staff to help protect the agency’s network and data. Sitting before the Senate Banking, Housing and Urban Affairs Committee, Clayton fielded questions about the SEC breach as well as the Equifax breach, which occurred last month. In a lengthy written statement released last week, Clayton said that the SEC detected a breach into its EDGAR system in 2016. The database houses corporate disclosures that are not always immediately available to the public, meaning it could be used for insider trading. Clayton told the committee that the breach was made possible by a defect in a custom piece of software used by the independent regulator. While an exact timeline of the breach is unclear, a fix was pushed […]
The post Amid data breach crisis, SEC head tells Congress he doesn’t know much appeared first on Cyberscoop.
Continue reading Amid data breach crisis, SEC head tells Congress he doesn’t know much
The U.S. Securities and Exchange Commission said this week that hackers managed to infiltrate one of its systems last year, something that likely facilitated insider trading. Continue reading 2016 SEC Hack May Have Benefited Insider Trading
Your daily round-up of some of the other stories in the news Continue reading News in brief: Experian PIN fail; SEC hacked; AI vs terror
The U.S. Securities and Exchange Commission (SEC) has revealed that attackers might have used data they stole in a security breach for illicit insider trading.
David Bisson reports.
Continue reading SEC reveals hackers might have used stolen data for insider trading
A hacker broke into an Israeli-based security researcher’s personal email account one year ago, but waited until the day before his employer, U.S. cybersecurity firm FireEye, announced earnings to publish the stolen material in an effort designed to damage the company’s stock value, people familiar with the matter told CyberScoop. While the investigation is ongoing, it’s believed that the attacker’s underlying motive was to cause financial and reputational damage to FireEye. The incident highlights how a hacker can stoke fears of a corporate breach to negatively affect the stock price of a specific, targeted company. The attacker behind this widely publicized incident, dubbed operation “LeakTheAnalyst,” first started posting evidence on July 31 of breached email and social media accounts belonging to a single analyst who worked for Mandiant, a FireEye subsidiary. FireEye posted earnings for their second fiscal quarter the next day. The hacker’s first message included a cache of documents, […]
The post Hacker posted stolen material from Mandiant researcher in attempt to damage FireEye stock appeared first on Cyberscoop.