Purchase automation software delivered shortened URLs without protections. Baby clothes retailer Carter’s inadvertently exposed the personal data of hundreds of thousands of its customers, dating back...
Month: June 2021
threatpost – Volkswagen Vendor Exposed Data of 3.3m Drivers
Nearly all of the leaked data was for owners or wannabe owners of the automaker’s luxury brand of Audis, now at greater risk for phishing, ransomware...
The Hacker News – Instagram Bug Allowed Anyone to View Private Accounts Without Following Them (resolved now).
Author: Ravie Lakshmanan Instagram has patched a new flaw that allowed anyone to view archived posts and stories posted by private accounts without having to follow...
The Hacker News – Chinese Hackers Believed to be Behind Second Cyberattack on Air India
Even as a massive data breach affecting Air India came to light the previous month, India’s flag carrier airline appears to have suffered a separate cyber...
The Register – PrivacyMic looks to keep your home smart without Google, Alexa, Siri and pals listening in
Raspberry Pi-powered prototype proves 95% accurate, 100% private, claim boffins Researchers at the University of Michigan have proposed a way to have your privacy cake and...
The Register – Risk and reward: Nefilim ransomware gang mainly targets fewer, richer companies and that strategy is paying off, warns Trend Micro
Criminal operators emerged from woodwork just as COVID hit the West The Nefilim ransomware gang might not be the best known or most prolific online extortion...
The Register – China arrests over 1000 for using cryptocurrency to help launder proceeds of phone scams
As local search engines stop providing results on crypto-keywords China’s crackdown on cryptocurrencies has reached a new crescendo, with the nation’s Ministry of Public Security on...
The Register – EA Games looted by intruders: Publisher says ‘no player data accessed’ after reported theft of FIFA 21, Frostbite source
‘Surprise stealing mechanics’ made short work of network perimeter security Gareth CorfieldFri 11 Jun 2021 // 12:25 UTC EA Games, publisher of Battlefield, The Sims and FIFA, has admitted to a “recent incident of intrusion into...
The Hacker News – 7-Year-Old Polkit Flaw Lets Unprivileged Linux Users Gain Root Access
7-Year-Old Polkit Flaw Lets Unprivileged Linux Users Gain Root Access A seven-year-old privilege escalation vulnerability discovered in the polkit system service could be exploited by a...
The Hacker News – Hackers Can Exploit Samsung Pre-Installed Apps to Spy On Users
Hackers Can Exploit Samsung Pre-Installed Apps to Spy On Users Multiple critical security flaws have been disclosed in Samsung’s pre-installed Android apps, which, if successfully exploited,...
threatpost – ‘Fancy Lazarus’ Cyberattackers Ramp up Ransom DDoS Efforts
‘Fancy Lazarus’ Cyberattackers Ramp up Ransom DDoS Efforts The group, known for masquerading as various APT groups, is back with a spate of attacks on U.S....
threatpost – DarkSide Pwned Colonial With Old VPN Password
Attackers accessed a VPN account that was no longer in use to freeze the company’s network in a ransomware attack whose repercussions are still vibrating. It...
The Hacker News – New TLS Attack Lets Attackers Launch Cross-Protocol Attacks Against Secure Sites
Researchers have disclosed a new type of attack that exploits misconfigurations in transport layer security (TLS) servers to redirect HTTPS traffic from a victim’s web browser...
The Hacker News – Chinese Cyber Espionage Hackers Continue to Target Pulse Secure VPN Devices
Chinese Cyber Espionage Hackers Continue to Target Pulse Secure VPN Devices Ravie Lakshmanan Cybersecurity researchers from FireEye unmasked additional tactics, techniques, and procedures (TTPs) adopted by...
The Hacker News – Your Amazon Devices to Automatically Share Your Wi-Fi With Neighbors
Your Amazon Devices to Automatically Share Your Wi-Fi With Neighbors May 31, 2021Ravie Lakshmanan Starting June 8, Amazon will automatically enable a feature on its family...
The Hacker News – The Incident Response Plan – Preparing for a Rainy Day
The Incident Response Plan – Preparing for a Rainy Day The unfortunate truth is that while companies are investing more in cyber defenses and taking cybersecurity...
The Hacker News – Experts Uncover Yet Another Chinese Spying Campaign Aimed at Southeast Asia
Experts Uncover Yet Another Chinese Spying Campaign Aimed at Southeast Asia An ongoing cyber-espionage operation with suspected ties to China has been found targeting a Southeast...
The Hacker News – Researchers Warn of Critical Bugs Affecting Realtek Wi-Fi Module
Researchers Warn of Critical Bugs Affecting Realtek Wi-Fi Module A new set of critical vulnerabilities has been disclosed in the Realtek RTL8170C Wi-Fi module that an...
DARKReading – Data Breaches Drive Higher Loan Interest Rates
Data Breaches Drive Higher Loan Interest Rates Businesses that suffer a security breach may not see their stock price tumble, but they may pay higher rates...
DARKReading – The Perfect Storm for PAM to Grow In
The Perfect Storm for PAM to Grow In With more staff working remotely, privileged access management (or PAM) has never been more important. Market forecasts, drivers,...
The Hacker News – Researchers Uncover Hacking Operations Targeting Government Entities in South Korea
June 02, 2021 Ravie Lakshmanan A North Korean threat actor active since 2012 has been behind a new espionage campaign targeting high-profile government officials associated with...
The Hacker News – TikTok Quietly Updated Its Privacy Policy to Collect Users’ Biometric Data
June 05, 2021Ravie Lakshmanan Popular short-form video-sharing service TikTok quietly revised its privacy policy in the U.S., allowing it to automatically collect biometric information such as...
threatpost – REvil Ransomware Gang Spill Details on US Attacks
REvil Ransomware Gang Spill Details on US Attacks Author:Tom SpringJune 4, 2021 9:19 am2 minute read Write a comment The REvil ransomware gang is interviewed on the Telegram channel...
threatpost – Cyberattack Suspected in Cox TV and Radio Outages
Cyberattack Suspected in Cox TV and Radio Outages Author:Becky BrackenJune 4, 2021 4:21 pm2 minute read Write a comment Cox Media Group tv, radio station streams affected by a...
welivesecurity – 5 common scams targeting teens – and how to stay safe
From knock-off designer products to too-good-to-be-true job offers, here are five common schemes fraudsters use to trick teenagers out of their money and sensitive data Amer...
welivesecurity – Zero‑day in popular WordPress plugin exploited to take over websites
Websites using Fancy Product Designer are susceptible to remote code execution attacks even if the plugin is deactivated Amer Owaida3 Jun 2021 – 05:53PMShare Cybercriminals have...