Security Alerts & News
by Tymoteusz A. Góral

History
#705 Identity thieves used leaked PII to steal ADP payroll Info
Cybercriminals accessed a W-2 portal maintained by payroll company ADP recently to glean sensitive information about employees at a handful of companies.

The company is stressing that the company itself wasn’t hacked, but that it appears identity thieves may have been able to create ADP accounts in the names of victims using previously leaked personally identifiable information.

The problem ADP claims was a self-service registration portal that allowed attackers to set up fraudulent accounts in the names of employees at those undisclosed companies.

An investigation carried out by the company determined that attackers likely pieced together information on victims using other information published about them online. Any individuals who had their W-2 information compromised, likely had their information compromised previously, ADP claims.
Read more
#713 Qualcomm software flaw exposes Android user data
#712 Diary of a ransomware victim
#711 Petya: the two-in-one trojan
#710 Kaspersky: IT threat evolution in Q1 2016 report (PDF)
#709 Malware may abuse Android’s accessibility service to bypass security enhancements
#708 IBM just made a powerful research tool available to everyone for free
#707 Big data breaches found at major email services - expert
#706 Public exploits available for ImageMagick vulnerabilities
#705 Identity thieves used leaked PII to steal ADP payroll Info
#704 Apple updates Xcode’s Git implementation
#703 Cisco patches critical TelePresence vulnerability
#702 Microsoft unveils new effort to make its developer, IT documentation great again
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12