Basefarm SIRT Newsletter 18

This week, WhiteHack Security released their State of Web Security report, and there’s been a couple of attacks on US systems which has then pointed their fingers towards China. As Bitcoin grows more popular, people find more ways to gain them. One way is to harness power from idle computers, but doing it in the way ESEA did it (see below) is certainly not the way to go.

Top 5 Business Intelligence links
The State of Web Security
China: Cyberattacks Are Like Nuclear Bombs
Where has the £650 million gone?
Wash. Hospital Hit By $1.03 Million Cyberheist
Hacker Breached U.S. Army Database Containing Sensitive Information on Dams

Top 5 Miscellaneous Security links
Use a Software Bug to Win Video Poker? That’s a Federal Hacking Case
Network gaming company uses its “cheat-prevention” client to build a Bitcoin botnet
Millions of WordPress sites exploitable for DDoS Attacks using Pingback mechanism
US Department of Labor Website becomes a watering hole after attack
Dutchman Arrested in Spamhaus DDoS

Basefarm SIRT Posts
50 million customers hit in LivingSocial hack

50 million customers hit in LivingSocial hack

LivingSocial, the a deal-of-the-day website that features discounted gift certificates usable at local or national companies, has been hit by a cyber attack on their systems.
The information they were able to steal included names, email addresses, date of birth for some users, and encrypted passwords — technically ‘hashed’ and ‘salted’ passwords. Credit card information was apparently not lost.
While the passwords were encrypted, it’s still recommended to change password immediately on LivingSocial, as well as any other sites where you’re using the same password.

Using the same password for different websites is a very bad idea, and you should avoid it as much as you can. Security tips regarding passwords can be found in our newsletter here:

You can find more information on their website: