Stolen users information is regularly sold and bought online by cyber crooks and attackers, and many services have sprung up to meet the demand for information that can be used to compromise online accounts and facilitate identity theft.
Earlier this week, the primarily state owned Belgacom - the largest telecom in Belgium, with customers such as the European Commission, Council and Parliament - has made public the fact that their internal computer system have been breached by an "unknown third party".
The existence, the modus operandi and details of successful campaigns of another Chinese hacking group have been revealed by Symantec researchers, who have managed to tie to several high-profile compromises in the last few years, most notably that of Bit9.
Belgacom, primarily state owned and the largest telecom in Belgium, has announced that its internal IT systems have been breached and compromised with malware by an "unknown third party".
After all the recent revelations about the NSA and their surveillance and encryption-foiling activities, would it surprise you to know that the agency or its British counterpart GCHQ also impersonated Google, Yahoo and Microsoft in Man-in-the-Middle attacks aimed at intercepting user communications? Ryan Gallagher over at The Slate was the first to report on the revelation for the English speaking public by digging into the reporting of Brazilian TV show Fantastico, whose reporters had a chance to go through a set of documents leaked by NSA whistleblower Edward Snowden to Guardian journalist Glenn Greenwald: However, in some cases GCHQ and the NSA appear to have taken a more aggressive and controversial route—on at least one occasion bypassing the need to approach Google directly by performing a man-in-the-middle attack to impersonate Google security certificates.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.