Cygilant Blog

Scope of 2012 LinkedIn Data Breach Much Larger

Posted by Trevan Marden on May 31, 2016


Last week, news sources reported that the data breach that occurred at LinkedIn in 2012 was actually much, much larger than original thought. The breach was originally thought to have affected almost 6.5 million accounts, but security researchers have now discovered a much larger data dump, containing 117 million login credentials, offered for sale on the dark web. LinkedIn has acknowledged the news and has taken steps to invalidate credentials for all accounts that have not yet reset their passwords since the data breach occurred, reminding all users that changing passwords frequently is a recommended security practice, as well as recommending that users consider two-factor authentication.

BitDefender Customer Data Breached

Posted by Vijay Basani on Aug 12, 2015

BitDefender, a cybersecurity and anti-virus firm, was hacked in late July by a hacker who went by the name DetoxRansome. The hacker revealed on Twitter that he was behind the cyber attack, and then demanded $15,000. DetoxRansome threatened to leak the stolen data online if BitDefender did not comply with his demands. The hacker published the email addresses and passwords for two BitDefender customer accounts to prove that the company’s customer data had been compromised. The hacker also leaked the login credentials to a BitDefender company account. The Romanian cybersecurity firm is working with authorities to find the hacker.

What Sony’s Hacking Can Teach You About Cybersecurity

Posted by Security Steve on Aug 7, 2015


When Sony Pictures Entertainment was hacked last November, it became the most dramatic theft and destruction of corporate data in the history of hacking.


The hackers responsible broke into company servers and stole personnel information, emails, Social Security numbers, salary and other business information, and even yet-to-be-released movies from Sony’s servers. That information was not just stolen though, it was also erased from the computers storing it.


Initially represented by politicians and journalists as a North Korea-perpetrated event and a response to Sony’s comedy The Interview, many responsible security experts claimed it was more likely an inside job. And when it comes to the lessons this event has to teach those of us who do not produce satirical motion pictures, we might as well start there.

Keyboard Vulnerabilities Found in Samsung Devices

Posted by Vijay Basani on Jul 15, 2015

A bug found in the way Samsung mobile devices update their default SwiftKey keyboards has left over 600 million devices vulnerable to a security breach. The bug leaves devices vulnerable to man in the middle attacks because the SwiftKey keyboard looks for language pack updates over unencrypted lines. The bug lets hackers execute code as privileged users, and send malicious security updates to devices through spoof proxy servers. Hackers can siphon text messages, contact data, and financial log-ins from banking apps. The bug also lets hackers turn on the device’s camera, microphone, and GPS, and allows them to eavesdrop on phone calls.

LastPass Become Victims of Data Breach

Posted by Vijay Basani on Jul 1, 2015

Online password organizer LastPass announced in a blog post that their services were breached a few weeks ago. Attackers were able to compromise email addresses, password hints, server per user salts, and authentication hashes, but they were not able to compromise master passwords, or individual passwords.

LastPass Breach: Is ‘One Ring to Rule Them All’ Good Security?

Posted by Trevan Marden on Jun 23, 2015


GitHub Suffers DDoS Attack from China

Posted by Vijay Basani on Apr 8, 2015

GitHub, the world’s largest host for collaborative coding projects, disclosed that they are facing the largest DDoS attack in the company’s history. The attack began on Thursday and continued into Monday. The DDoS attack took traffic from China’s largest search engine, Baidu, and directed it to GitHub. The onslaught of large amounts of traffic stopped GitHub’s website from functioning properly. The DDoS attack is caused by “some nefarious JavaScript that is being injected by a certain device at the border of China’s inner network and the Internet when people use Baidu,” according to Ars Technica.

Video Streaming Site Twitch Potentially Breached

Posted by Vijay Basani on Apr 1, 2015

Gameplay streaming video platform Twitch revealed that its website may have been hacked last week. Twitch released an official statement that did not directly confirm the attack, but said that user information could have been compromised due to a malicious code. Included in the potentially compromised information is: usernames, passwords, phone numbers, email addresses, birthdates, home addresses, and IP addresses. The multichannel online network does fully store credit card information, so credit card numbers were not compromised. However, some credit card information was compromised, like credit card types, truncated card numbers, and expiration dates. The company sent out advisory emails to all of the affected users.

Sony Pictures: Latest Victim of Hacking

Posted by Vijay Basani on Dec 10, 2014

Last week, Sony Pictures Entertainment employees turned on their computers, only to find a picture of a skeleton that warned that the movie studio had been hacked by a group called the GOP, or Guardians of Peace. The picture also warned that the hackers would leak confidential internal data. Employees were then instructed to stop using their computers as the studio dealt with this major breach in their cyber security. Hackers had already acted before the studio could prevent a data leak. DVD-quality copies of Mr. Turner, Annie, Still Alice, To Write Love on Her Arms, and Fury had been distributed on various file-sharing websites.

Most Recent Posts

Subscribe to Email Updates