Imgur has been hacked!

Image-sharing site Imgur revealed it had been hacked several years ago this week, with the details of approximately 1.7 million accounts lost in 2014 to hackers who have not been identified.

Per ZDNet, this hack may be less of a reason for concern for many of the users involved as Imgur only collects email addresses and passwords, rather than any other personally identifiable information like physical addresses, phone numbers or credit card data. In a blog post on Friday, the company said it was “still actively investigating the incident,” but it had determined that its database “may have been cracked with brute force due to an older hashing algorithm (SHA-256) that was used at the time.”

Imgur says it subsequently updated his database to use the the newer bcrypt algorithm, which is significantly harder to break, in 2016.

To learn more click here.

Ransomware attacks

The average ransomware payment rose to $1,077, up from $294 a year earlier, Symantec said.  Hackers spreading ransomware are getting greedier. In 2016, the average ransom demand to free computers hit with the infection rose to $1,077, up from $294 the year before, according to security firm Symantec.
“Attackers clearly think that there’s more to be squeezed from victims,” Symantec said in a Wednesday report.

To learn more click here.

Double Agent attack can turn antivirus into malware

A zero-day attack called Double Agent can take over antivirus software on Windows machines and turn it into malware that encrypts files for ransom, exfiltrates data or formats the hard drives.
Based on a 15-year-old feature in Windows from XP through Windows 10, the attack is effective against all 14 antivirus products tested by security vendor Cybellum – and would also be effective against pretty much every other process running on the machines.
Double Agent was discovered by Cybellum researchers and has not been seen in the wild.
“The attack was reported to all the major vendors which approved the vulnerability and are currently working on finding a solution and releasing a patch,” according to a Cybellum blog.

To learn more click here.