Breached and Hacked

The last week has again been filled with notable events for those interested in cybersecurity, as noted by Security Boulevard's weekly wrap-up. Four items in particular drew attention:

  • The continuing growth of websites hosting cryptocurrency mining software, with Cyren noting a 725% increase since September 2017, as driven by the continued price increases.
  • A data breach caused by an unencrypted email issued by the Defense Travel System exposed confidential information relating to travel itineraries and expenses on 21,000 individuals, including Marines, sailors, and civilians.
  • A distributed denial of service attack -- the most powerful one recorded to date -- was launched against GitHub, leveraging reflection and amplification techniques, rather than a botnet.
  • The SEC issued instructions to publicly traded companies, specifying more timely release of information on cybersecurity incidents, and declaring corporate officers and others with inside information should not trade shares when they have knowledge of undisclosed cybersecurity incidents.