Mozilla is warning users who have contributed to testing builds of the online bug-tracking tool Bugzilla that their email addresses and encrypted passwords were publicly available for a period of three months.
The Federal Bureau of Investigation acknowledged that it and the US Secret Service were "working to determine the scope of recently reported cyber attacks against several American financial institutions."
A federal jury in Nebraska convicted the former acting director of cybersecurity at the United States Department of Health and Human Services (HHS) for his involvement in a child pornography enterprise.
Malvertising underscores the need for an approach to security that addresses the full attack continuum. With ongoing visibility and control, and intelligent and continuous updates, security professionals can take action to stop the inevitable outbreak.
One can only hope our nation’s alarm clocks wake up and stir our national leaders’ imaginations before a cyber incident of the magnitude of 9/11 results in the need for a “Cyber Strikes Commission Report.”
In the same way we have watched APT techniques trickle down from nation-state actors to more opportunistic criminals, we should expect MitB to expand from financial services to all types of applications.