Bloomberg: Marriott Hit by Starwood Hack That Ranks Among Biggest Ever

Bloomberg: Marriott Hit by Starwood Hack That Ranks Among Biggest Ever. “The attack is troubling not just because of its sheer size, but also the level of detail potentially stolen by the attackers. The hack affects some 500 million guests, and for about 327 million of them, the data included passport numbers, emails and mailing addresses, Marriott said. Some credit card details may also have been taken.”

Ars Technica: I’ve got a bridge to sell you. Why AutoCAD malware keeps chugging on

Ars Technica: I’ve got a bridge to sell you. Why AutoCAD malware keeps chugging on. “Criminal hackers continue to exploit a feature in Autodesk’s widely used AutoCAD program in an attempt to steal valuable computer-assisted designs for bridges, factory buildings, and other projects, researchers said Tuesday.”

TechCrunch: Hackers are using leaked NSA hacking tools to quietly hijack thousands of computers

TechCrunch: Hackers are using leaked NSA hacking tools to quietly hijack thousands of computers . “More than a year after patches were released to thwart powerful NSA exploits that leaked online, hundreds of thousands of computers are unpatched and vulnerable. First they were used to spread ransomware. Then it was cryptocurrency mining attacks. Now, researchers say that hackers are using the leaked tools to create an even bigger malicious proxy network.”

Ars Technica: Widely used open source software contained bitcoin-stealing backdoor

Ars Technica: Widely used open source software contained bitcoin-stealing backdoor. “A hacker or hackers sneaked a backdoor into a widely used open source code library with the aim of surreptitiously stealing funds stored in bitcoin wallets, software developers said Monday. The malicious code was inserted in two stages into event-stream, a code library with 2 million downloads that’s used by Fortune 500 companies and small startups alike.”

The Next Web: 500,000 Android users downloaded malware made by one developer

The Next Web: 500,000 Android users downloaded malware made by one developer. “Android malware has been on the rise over the past couple of years, we’ve just seen one of the worst attacks of this kind. ESET security researcher Lukas Stefanko found 13 apps with malware on the Play store, and said that more than 560,000 people downloaded these apps before Google took them down. Oh, and all these apps came from a lone developer named Luiz Pinto.”

The Register: Spammer scum hack 100,000 home routers via UPnP vulns to craft email-flinging botnet

The Register: Spammer scum hack 100,000 home routers via UPnP vulns to craft email-flinging botnet . “Once again, a hundred thousand or more home routers have been press-ganged into a spam-spewing botnet, this time via Universal Plug and Play (UPnP). According to brainiacs from 360 Netlab, the malware exploits vulnerabilities in a Broadcom UPnP implementation to infect vulnerable gateways, and that means a load of router manufacturers are affected because their kit uses that technology.”