Time of another news recap. A bit slow week this time around but still got some good stuff for you. Enjoy!
- First story of the week is another one to do with a massive password dump going up for sale. This time it’s 65 million Tumbler passwords. These passwords look to be from a breach that happened in 2013. It really hasn’t been a good few months for password security.
- Read More @ https://nakedsecurity.sophos.com/2016/05/31/65-million-tumblr-passwords-stolen-and-up-for-sale/
- Last week a number of users were claiming that their TeamViewer credentials were being misused, potentially pointing to a breach of the remote support software servers but the company is denying these claiming password reuse, and careless user actions are to blame instead. I am guessing if there was an actual compromise, we will know soon enough.
- Read More @ https://threatpost.com/teamviewer-denies-hack-blames-password-reuse-for-compromises/118427/
- Next, it’s news of another breach, this time it’s the CiCi’s Pizza chain. Criminals look to have gained access by posing as technical support specialists for the company’s Point of Sale systems. The details are still unknown at this time, but I am sure we will have more concrete news in the coming weeks.
- Read More @ http://krebsonsecurity.com/2016/06/banks-credit-card-breach-at-cicis-pizza/
- Last story of the week is in regards to a windows 0-day vulnerability going up for sale starting at $95,000. The vulnerability is a Local Privilege Escalation vulnerability affecting all current versions of Windows (From XP to Windows 10). The sale was posted on a Russian speaking underground forum.
- Read more @ https://www.trustwave.com/Resources/SpiderLabs-Blog/Zero-Day-Auction-for-the-Masses/