NCA website falls foul of Lizard Squad DDoS attack

NCA website falls foul of Lizard Squad* DDoS attack

Four days after six teenagers were arrested as part of the National Crime Agency (NCA)’s Operation Vivarium for using Lizard Squad’s Lizard Stresser tool – a DDoS-for-hire service that lets customers pay a small fee to have a nominated website bombarded with traffic till it crashes – the NCA’s website was itself taken offline, apparently […]

Moving beyond PCI DSS compliance

Payment card security

Whenever I discuss the PCI DSS (which isn’t very often) I always mention that it’s just a baseline. Compliance with the PCI DSS doesn’t make an organisation secure, but it does a great job at helping to mitigate the majority of attacks, as well as teaching an organisation the importance of security. Organisations that comply […]

Second spate of Mumsnet cyber attacks: change your passwords again

R66E2T133W

Following a series of incidents earlier this month, popular parenting site Mumsnet has reported further attacks, including a second DDoS attack, which took the site offline on Monday 24 August. A post answering FAQs and providing live updates said: “This attack was double the size of the previous one and was distributed across many servers […]

What to do when storing your payment card data in the Cloud

Cloud computing concept

Outsourcing your clients’ payment card data to a third-party Cloud provider doesn’t negate your accountability regarding data protection and PCI DSS compliance. According to the PCI DSS, all parties involved in the payment card data flow process must accurately document and monitor their respective data storage and security responsibilities. Cloud security is a shared responsibility between […]

Thomson data breach: more than 450 holidaymakers’ details exposed

ddos-attack-protection-plan

The BBC reports that the personal details of 458 customers of holiday company Thomson were shared in an email sent on 15 August in a “data protection breach”. Holidaymakers’ details included names, addresses, email addresses, telephone numbers and flight details. Thomson said: We are aware of an email that was sent in error, which shared […]

Users of dating site Plenty of Fish targeted by cyber attack

Use the default Apple iOS Mail app on your iPhone, iPad or iWatch? Careful now…

In the wake of suicide reports following the Ashley Madison hack, another dating website has been subjected to a cyber attack. Visitors to Plenty of Fish (POF.com), which attracts three million daily visitors, were recently subjected to malvertising that installed malware. Security firm Malwarebytes revealed that the attack was launched through a third-party advertising network, […]