Motherboard: Skepticism Mounts Around Alleged Trump Twitter Hack

Motherboard: Skepticism Mounts Around Alleged Trump Twitter Hack. “On Thursday, Dutch media outlets reported that security researcher Victor Gevers had accessed President Trump’s Twitter account with the password ‘maga2020!’ But multiple security experts including those who track how Twitter accounts are compromised, as well as a review of the material that Gevers provided to Dutch and other media to corroborate his claim, throw doubt onto the hacking claim.”

Bleeping Computer: Dave data breach affects 7.5 million users, leaked on hacker forum

Bleeping Computer: Dave data breach affects 7.5 million users, leaked on hacker forum. “Overdraft protection and cash advance service Dave has suffered a data breach after a database containing 7.5 million user records was sold in an auction and then released later for free on hacker forums. Dave is a fintech company that allows users to link their bank accounts and receive cash advances for upcoming bills to avoid overdraft fees. Subscribers who need extra money to pay a bill can get a payday loan up to $100, but cannot receive another loan until it is repaid. A threat actor released a database containing 7,516,691 users records for free on a hacker forum on Friday.”

The Verge: Instacart users’ personal data, including order history, is reportedly being sold online

The Verge: Instacart users’ personal data, including order history, is reportedly being sold online. “The personal data of hundreds of thousands of Instacart users is being sold on the dark web for around $2 per person, according to a report from BuzzFeed. The publication says information including ‘names, the last four digits of credit card numbers, and order histories’ appearing to belong to 278,531 Instacart accounts is available to buy. (Though it’s impossible to verify that this number doesn’t include duplicates or incorrect data.) BuzzFeed did confirm with two Instacart users that the order date, transaction amount, and credit card numbers included in the cache matched their recent purchases. The data also includes users’ emails addresses.”

CBR: Casinos in Las Vegas Hit by Suspected Ransomware Attack

CBR: Casinos in Las Vegas Hit by Suspected Ransomware Attack. “Slot machines in two Las Vegas casinos were out of action for almost a week in an incident that bears all the hallmarks of a ransomware attack. Investigations are currently underway by the Nevada State Game Control Board, which told us it is ‘actively monitoring the situation’.”

ABC News (Australia): Fears private details of Defence Force members compromised in database hack

ABC News (Australia): Fears private details of Defence Force members compromised in database hack . “A highly sensitive military database containing the personal details of tens of thousands of Australian Defence Force (ADF) members was shut down for 10 days due to fears it had been hacked.”

Ars Technica: A Georgia election server was vulnerable to Shellshock and may have been hacked

Ars Technica: A Georgia election server was vulnerable to Shellshock and may have been hacked. “Forensic evidence shows signs that a Georgia election server may have been hacked ahead of the 2016 and 2018 elections by someone who exploited Shellshock, a critical flaw that gives attackers full control over vulnerable systems, a computer security expert said in a court filing on Thursday.”

Engadget: FBI investigates fake texts sent to House Republicans

Engadget: FBI investigates fake texts sent to House Republicans. “Law enforcement is looking into one of the stranger digital attacks against US politicians in recent memory. The Wall Street Journal has learned that the FBI is investigating fake text messages sent to ‘several’ Republicans in the House of Representatives, including Illinois’ Adam Kinzinger. The currently mysterious perpetrator posed as VP Mike Pence’s press secretary, Alyssa Farah, and asked representatives for both their availability for meetings and the whereabouts of other politicians.”