Read the original article: Attackers Try to Deploy Remcos Malware with COVID-19-related Messages A new phishing campaign targeting U.S. users is trying to deploy Remcos, a powerful trojan that allows an attacker to gain full control of a victim’s computer,…
Tag: Industry News – HOTforSecurity
HMRC Removes 292 COVID-19 Phishing Websites in Less Than 2 Months
Read the original article: HMRC Removes 292 COVID-19 Phishing Websites in Less Than 2 Months Governments across the globe have been struggling to block the ongoing fraud attempts and attacks that have proliferated amid the coronavirus lockdown. According to official…
Ransomware Operators Hit Major Healthcare Supplier in Europe as COVID-19 Continues to Take Lives
Read the original article: Ransomware Operators Hit Major Healthcare Supplier in Europe as COVID-19 Continues to Take Lives Ransomware attackers have breached Europe’s largest private hospital operator, affecting not just its European branches, but every part of the company’s operations…
Phishing Campaign Targets FINRA in Search for Microsoft Office or SharePoint Credentials
Read the original article: Phishing Campaign Targets FINRA in Search for Microsoft Office or SharePoint Credentials A new phishing campaign is targeting members of Financial Industry Regulatory Authority (FINRA), with emails purporting to be from FINRA officers. The goal is…
US and UK Cyber Security Agencies Warn of APT Attacks against Healthcare Organizations
Read the original article: US and UK Cyber Security Agencies Warn of APT Attacks against Healthcare Organizations An advisory from the US Department of Homeland Security (DHS) Cybersecurity, the Infrastructure Security Agency (CISA) and the UK’s National Cyber Security Centre…
Wii, N64, and GameCube Source Codes Leak Online
Read the original article: Wii, N64, and GameCube Source Codes Leak Online A massive data leak is hitting Nintendo as source code, demos, videos and other content for Wii, N64 and GameCube become available online, following the publishing of a…
CAM4 Data Leak Exposes Personal Data of Millions of Users
Read the original article: CAM4 Data Leak Exposes Personal Data of Millions of Users The digital world is once again tainted by a highly sensitive data leak that puts millions of users at risk of blackmail attempts, identity theft and…
New Trickbot Campaign Uses Fake Emails from U.S. Department of Labor
Read the original article: New Trickbot Campaign Uses Fake Emails from U.S. Department of Labor A new campaign is targeting people with messages that seem to come from the U.S. Department of Labor (DoL), trying to trick them into opening…
Tesla Data Leak: Pre-Owned Vehicle Infotainment Components Store Owners’ Personal Details and Passwords
Read the original article: Tesla Data Leak: Pre-Owned Vehicle Infotainment Components Store Owners’ Personal Details and Passwords According to white hat hacker GreenTheOnly, Tesla forgot to wipe personal information of customers from previously used infotainment and Autopilot hardware.The discovery came…
Microsoft Teams Phishing Attack Wants Your Office 365 Credentials
Read the original article: Microsoft Teams Phishing Attack Wants Your Office 365 Credentials A phishing attack using a notification from Microsoft Teams in an effort to trick people into revealing their credentials is spreading through emails that use convincing content.…
Privacy issues in Australia’s SkillSelect platform may have exposed personal information of 700,000 aspiring migrants
Read the original article: Privacy issues in Australia’s SkillSelect platform may have exposed personal information of 700,000 aspiring migrants Personal details of more than 700,000 migrants and hopeful immigrants to Australia may have been exposed in a data breach concerning…
Cybercriminals are using Google reCAPTCHA to hide their phishing attacks
Read the original article: Cybercriminals are using Google reCAPTCHA to hide their phishing attacks I doubt any of us would claim to be fans of CAPTCHA – the puzzles that a website asks you to complete to prove if you’re…
Twitter Users, Say Goodbye to Old-Fashioned SMS Tweets
Read the original article: Twitter Users, Say Goodbye to Old-Fashioned SMS Tweets In a bid to keep user accounts safe, Twitter has decommissioned SMS-based tweeting in most countries around the globe. The social media platform did not specify which countries…
Pirated Movies Are Used to Distribute Malware
Read the original article: Pirated Movies Are Used to Distribute Malware People in lockdown are watching more movies and TV shows, and some users are getting their content from pirate streaming services and torrents. It turns out that attackers are…
Cybercriminal are using Google reCAPTCHA to hide their phishing attacks
Read the original article: Cybercriminal are using Google reCAPTCHA to hide their phishing attacks I doubt any of us would claim to be fans of CAPTCHA – the puzzles that a website asks you to complete to prove if you’re…
Bitdefender Identifies Tens of Thousands of Phishing Emails Targeting South African Customers
Read the original article: Bitdefender Identifies Tens of Thousands of Phishing Emails Targeting South African Customers Bitdefender identified a new phishing campaign directed at the Standard Bank of South Africa, with tens of thousands of malicious emails sent in April.…
Treasure Trove of Covid-19 Protective Gear and Medical Supplies Selling on Dark Web Markets
Read the original article: Treasure Trove of Covid-19 Protective Gear and Medical Supplies Selling on Dark Web Markets Over the past month, criminals have continued to leverage the high demand medical supplies, plaguing the digital world with fake coronavirus-related items…
A Single Phishing Email Can Cost a Small Business $100K – Here’s How to Protect Your Office Against Fraud
Read the original article: A Single Phishing Email Can Cost a Small Business $100K – Here’s How to Protect Your Office Against Fraud Phishing and business-email-compromise (BEC) schemes are on the rise, causing losses in the $50,000 to $100,000 range…
Epic Games Stores to Require 2FA when Claiming Free Games
Read the original article: Epic Games Stores to Require 2FA when Claiming Free Games Epic Games announced that two-factor authentication (2FA) will now be required periodically for people who claim free games from April 28 to May 21. The reasons…
Two European Usenet Providers Announce Data Breach and Blame Anonymous Third-Party Company
Read the original article: Two European Usenet Providers Announce Data Breach and Blame Anonymous Third-Party Company The network systems of UseNeXT and Usenet.nl, two popular Usenet providers, have recently experienced a major data breach that may have led to the…
New Research Shows 20% Spike in Fraud as Digital Behavior Shifts Amid COVID-19 Pandemic
Read the original article: New Research Shows 20% Spike in Fraud as Digital Behavior Shifts Amid COVID-19 Pandemic New data showing the impact of the COVID-19 crisis on online fraud in the first quarter of 2020 shows that 26.5% of…
Shade Ransomware Groups Shuts Down Operation and Releases Decryption Keys
Read the original article: Shade Ransomware Groups Shuts Down Operation and Releases Decryption Keys The group behind the Shade ransomware has closed up shop and distributed around 750,000 decryption keys, along with decryption software, apologizing to everyone that was affected…
Lack of Basic Security Measures on Sheffield’s ANPR System Exposes 8.6 Million Records of Vehicle Movements and License Plate Numbers
Read the original article: Lack of Basic Security Measures on Sheffield’s ANPR System Exposes 8.6 Million Records of Vehicle Movements and License Plate Numbers Earlier this week, security researcher Chris Kubecka and freelance writer Gerard Jannsen stumbled upon a major…
Smart Parking Meter Company Hit by Sodinokibi
Read the original article: Smart Parking Meter Company Hit by Sodinokibi A company named CivicSmart from Milwaukee that’s selling smart parking meters was hit by Sodinokibi ransomware, and the attackers manage to steal a large amount of data which they…
Cybercriminals Leak ExecuPharm Internal Documents After Ransomware Attack
Read the original article: Cybercriminals Leak ExecuPharm Internal Documents After Ransomware Attack A successful ransomware attack was deployed on March 13 against ExecuPharm, a subsidiary of the U.S. Biopharmaceutical giant Parexel, according to a recent announcement made by the company.…
WHO Admits to Leaked Credentials, Says Number of Cyber Attacks Increased Fivefold
Read the original article: WHO Admits to Leaked Credentials, Says Number of Cyber Attacks Increased Fivefold The World Health Organization (WHO) admitted that around 450 active credentials were leaked online last week and noted that the number of cyberattacks directed…
Medical Information of 233,000 Individuals Exposed after Genetic Testing Lab Hack
Read the original article: Medical Information of 233,000 Individuals Exposed after Genetic Testing Lab Hack As the tab for security incidents in 2020 remains open, cybercriminals are diligently looking for new ways to attack and capitalize on valuable healthcare information.…
Nintendo Confirms that 160,000 Accounts Were Compromised
Read the original article: Nintendo Confirms that 160,000 Accounts Were Compromised Nintendo admitted that around 160,000 accounts have been compromised through the Nintendo Network ID (NNID) system. The company announced that the NNID system was disabled, at least for now.…
Zoom Phishing Campaign Tricks People into Revealing Login Credentials
Read the original article: Zoom Phishing Campaign Tricks People into Revealing Login Credentials A new Zoom phishing campaign preys on people’s fears related to job security, tricking them into revealing credentials that criminals can abuse in a variety of ways.…
How to Block the “Sindhi Text Bomb” on iOS
Read the original article: How to Block the “Sindhi Text Bomb” on iOS Apple has made quite a few headlines these past couple of days, including one of a particularly annoying – and potentially dangerous – crashing bug. The Sindhi…
US Law Enforcement Takes Down COVID-19-related Online Malicious Campaigns
Read the original article: US Law Enforcement Takes Down COVID-19-related Online Malicious Campaigns The Department of Justice cooperated with several private companies and internet domain providers and registrars to disrupt hundreds of websites and malicious campaigns that tried to exploit…
Heineken freebies: Scammers resurrect an old phishing scam to steal your personal data
Read the original article: Heineken freebies: Scammers resurrect an old phishing scam to steal your personal data Amid stay-at-home orders, many companies have come to aid consumers with goodies and free deliveries, and sometimes they’ve even surprised customers with freebies…
Apple: iOS Mail Bug Doesn’t Pose an ‘Immediate’ Risk to Our Users
Read the original article: Apple: iOS Mail Bug Doesn’t Pose an ‘Immediate’ Risk to Our Users In a statement released today, Apple refutes claims made by a security firm that iOS suffers from a serious flaw that can allow bad…
Text ‘bomb’ crashes iPhones, iPads, Macs and Apple Watches – what you need to know
Read the original article: Text ‘bomb’ crashes iPhones, iPads, Macs and Apple Watches – what you need to know An innocent-looking message, containing characters in the Sindhi language, can cause your iPhone, Ipad, Mac, or even Apple Watch to crash…
Email Credentials of WHO, The Gates Foundation, Other Leaked Online
Read the original article: Email Credentials of WHO, The Gates Foundation, Other Leaked Online Around 25,000 email addresses and corresponding passwords belonging to the World Health Organization (WHO), the Gates Foundation, and a number of others organizations were leaked online.…
Cyber Aware Campaign in the UK Asks for People’s Help and 83 Phishing Scams Get Shut Down
Read the original article: Cyber Aware Campaign in the UK Asks for People’s Help and 83 Phishing Scams Get Shut Down The National Cyber Security Centre (NCSC) in the UK launched a suspicious email reporting service (SERS) to the public,…
Stop Using Your iOS Mail App Now! Here’s What You Need to Know About the Scary Flaw Just Discovered (and How to Stay Safe)
Read the original article: Stop Using Your iOS Mail App Now! Here’s What You Need to Know About the Scary Flaw Just Discovered (and How to Stay Safe) Reports are coming in that the stock Mail application preloaded on iOS…
FBI warns extortion scams are on the rise amid stay-at-home orders
Read the original article: FBI warns extortion scams are on the rise amid stay-at-home orders Amid the coronavirus lockdown and social distancing measures, cybercriminals have found new ways to continue their attacks against consumers worldwide. Making a quick buck has…
Data Breach: Bad actor leaks 23 million account credentials from Webkinz children’s platform
Read the original article: Data Breach: Bad actor leaks 23 million account credentials from Webkinz children’s platform Over the weekend, ZDNet learned that nearly 23 million usernames and hashed passwords of the Webkinz World online children’s game platform were leaked…
FBI Warns About People Sharing Security Information on Social Media
Read the original article: FBI Warns About People Sharing Security Information on Social Media The FBI issued a warning regarding a worrying social media trend, with seemingly innocuous activities that would give possible attackers information they could use to gain…
U.S. Treasury anticipates surge in fraudulent attempts regarding Economic Stimulus Payments
Read the original article: U.S. Treasury anticipates surge in fraudulent attempts regarding Economic Stimulus Payments Last week, the United States government rolled out its highly anticipated Economic Impact Payments (EIP) for qualifying taxpayers. Since the beginning of March, the $2…
Hackers Hit Los Angeles Suburb, Demand 100 Bitcoin Ransom
Read the original article: Hackers Hit Los Angeles Suburb, Demand 100 Bitcoin Ransom Ransomware operatives have hacked the City of Torrance in the Los Angeles metropolitan area and are holding city systems ransom. The hacking group is threatening to leak…
Some Users Lost Access to Their Nintendo Accounts
Read the original article: Some Users Lost Access to Their Nintendo Accounts The Nintendo accounts of an unspecified number of users were compromised in the past few days in an attack from an unknown vector, at least for now. In…
Zoom-Bombing Attack Targets U.S. Government Meeting
Read the original article: Zoom-Bombing Attack Targets U.S. Government Meeting A Zoom bombing attack hit a U.S. government meeting that was held despite clear recommendations from the FBI not to use the software. Zoom has been struggling with this security…
Have you accidentally received money through Venmo? It’s probably another scam.
Read the original article: Have you accidentally received money through Venmo? It’s probably another scam. Old scams never die. They are simply repackaged or adapted. A skilled con artist always finds a way to dupe his victims. Digital wallet apps…
A hackers’ dream payday: Ledf.Me and Uniswap lose $25 million worth of cryptocurrency
Read the original article: A hackers’ dream payday: Ledf.Me and Uniswap lose $25 million worth of cryptocurrency The cryptocurrency industry has suffered a major loss over the weekend, after bad actors managed to steal more than $25 million worth of…
Hackers Continue to Exploit Patched Pulse Secure VPN Flaws, CISA Warns
Read the original article: Hackers Continue to Exploit Patched Pulse Secure VPN Flaws, CISA Warns The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning that bad actors are still exploiting a known vulnerability in a popular VPN…
IT services giant Cognizant hit by Maze ransomware attack
Read the original article: IT services giant Cognizant hit by Maze ransomware attack One of the world’s leading professional service companies, Cognizant, has confirmed that its systems have been hit by a ransomware attack. In a statement released on its…
Canadian Authorities Email Private Details of 247 MS Zaandam Cruise Passengers
Read the original article: Canadian Authorities Email Private Details of 247 MS Zaandam Cruise Passengers Some 247 of the passengers aboard the cruise MS Zaandam that faced coronavirus infection are now having to deal with an entirely different problem that…
Zoom Zero-Day Windows Vulnerability Selling for $500,000
Read the original article: Zoom Zero-Day Windows Vulnerability Selling for $500,000 A couple of zero-day Zoom vulnerabilities are reportedly for sale online, including one for Windows and one for macOS, with the asking price for the Windows one topping $500,000,…
Wappalyzer reveals data breach after hacker disclosed incident to customers
Read the original article: Wappalyzer reveals data breach after hacker disclosed incident to customers Wappalyzer, a company that specializes in software that uncovers technologies used on websites by detecting ecommerce platforms, web frameworks, server software and analytics tools, reported a…
49 crypto-wallet pickpocketing browser extensions booted from the Chrome web store
Read the original article: 49 crypto-wallet pickpocketing browser extensions booted from the Chrome web store Hackers have been using Google Ads to target unsuspecting cryptocurrency investors into installing malicious browser extensions, with the aim of stealing passphrases and private keys…
Nemty Ransomware Gang Shuts Down Public Gig, Announces ‘Exclusive’ Business Model
Read the original article: Nemty Ransomware Gang Shuts Down Public Gig, Announces ‘Exclusive’ Business Model The ransomware-as-a-service business model has proven lucrative over the years, but not every hacking group is happy with it. At least not with the current…
U.S. Government offers $5 million bounty for information on North Korean cyber criminals
Read the original article: U.S. Government offers $5 million bounty for information on North Korean cyber criminals Yesterday, the U.S. Departments of State, Treasury, Homeland Security, and FBI released a joint report offering guidance on the emerging North Korean (previously…
April 2020 Patch Tuesday: Microsoft fixes 4 actively exploited zero-day bugs
Read the complete article: b’April 2020 Patch Tuesday: Microsoft fixes 4 actively exploited zero-day bugs’ This post doesn’t have text content, please click on the link below to view the original article. Advertise on IT Security News. Read the…
Portuguese Energy Company Hit with Ragnar Locker Ransomware; Attackers Demand $10 Million to Decrypt the Data
Read the complete article: b’Portuguese Energy Company Hit with Ragnar Locker Ransomware; Attackers Demand $10 Million to Decrypt the Data’ This post doesn’t have text content, please click on the link below to view the original article. Advertise on…
FBI Warns of Surge in Coronavirus-Related BEC Schemes and Advance Fee Frauds
Read the complete article: b’FBI Warns of Surge in Coronavirus-Related BEC Schemes and Advance Fee Frauds’ This post doesn’t have text content, please click on the link below to view the original article. Advertise on IT Security News. Read…
Cyber security researchers uncover hidden backdoors and secret commands in 12,000 Android apps
Read the complete article: Cyber security researchers uncover hidden backdoors and secret commands in 12,000 Android apps The use of mobile apps is a part of our daily routine, and anyone using a smartphone has downloaded and installed a variety…
Covid-19 related crimes swindled $12 million from U.S. citizens in just 3 months
The coronavirus outbreak has opened new doors for bad actors and fraudsters attempting to profit off the health crisis. Scammers have shown no sign of fatigue over the past months, hitting consumers with a varied menu of tricks, ranging from…
Dutch Police arrest suspect responsible for DDos attacks on government websites
On April 10, Dutch police announced that they arrested a 19-year old suspect responsible for shutting down MijnOverheid.nl and Overheid.nl through planned DDos attacks on March 19. A frequently visited government information hub, Overheid.nl, offered Covid-19 emergency regulations and other…
Travelex Reportedly Paid $2.3 Million to Hackers after Sodinokibi Attack and Data Theft
An unnamed source within Travelex disclosed to The Wall Street Journal (WSJ) that the company paid $2.3 million in Bitcoin in an effort to restore functionality to its systems following a ransomware attack. Travelex was hit with a ransomware attack…
San Francisco International Airport reveals data breach on two websites
The list of companies and industries targeted by cybercriminals has grown steadily since March, and the newest addition is none other than the San Francisco International Airport (SFO). In a data breach notice sent to all airport commissions on April…
Gambling Firm Anticipates Spending up to $100 Million in Recovery from Cyber Incident
SBTech, a provider of interactive sports betting solutions and services, has set aside up to $100 million to fix a mess left when a cybersecurity incident hit right in the midst of a merger. In a filing with the U.S.…
Beware of New Wiper Malware Distributed through Free Software / Crack Sites
A new piece of wiper malware is being distributed through warez sites, locking users out of their Windows computers after they unknowingly run the program. As reported by BleepingComputer’s Lawrence Abrams, the malware is apparently distributed through “download” sites that…
Zoom Disables File Sharing After Finding Potential Security Vulnerability
Zoom disabled the file-sharing feature in its popular application after it found an undisclosed vulnerability that was endangering the security and privacy of the users. As the COVID-19 pandemic started to spread throughout the world, people and companies turned to…
Maropost customer database exposes 95 million email records
A leaky online database belonging to marketing and email delivery provider Maropost was found lacking minimum security measures, exposing 95 million email records belonging to their customers. Researchers from Cybernews stumbled on the unprotected database on a Google Cloud server…
Researcher Devises PowerPoint Attack that Executes Binary Just with Mouse Hover
A security researcher found a possible exploit in Microsoft’s PowerPoint that would let an attacker run an application when the user simply hovers with the mouse over a link. By default, PowerPoint won’t open an application when the user hovers…
Beware of Shady Websites Pushing Pharmaceuticals for COVID-19
Researchers have uncovered several shadowy sellers eager to capitalize on the quest for a treatment for COVID-19. Scared shoppers should be aware that these websites are only trying to get their attention to defraud them. Researchers from NormShield looked for…
Microsoft buys ‘corp.com’ to protect customer infrastructure
Microsoft Corp finally agreed earlier this week to acquire corp.com, a domain that poses security risks to Microsoft users due to a namespace collision issue. In February, security researcher Brian Krebs noted that the owner of corp.com was ready to…
UK Cyber Body Offers Practical Guidelines on Dealing with Coronavirus-Themed Cyber Threats
The National Cyber Security Centre, the UK’s independent authority on cybersecurity, has released practical advice for individuals and organizations on how to deal with coronavirus-related malicious cyber activity. In a joint announcement with the United States Department of Homeland Security…
Bad actor steals $250,000 from Bisq users after faulty security patch
Bisq, a decentralized crypto exchange network, was forced to disable trading on Tuesday after the discovery of a critical security vulnerability. The open source peer-to-peer application allows Bitcoin aficionados to buy or sell digital currency anonymously in exchange for national…
Malicious Spam Is Adapting to the Pandemic, Bitdefender Telemetry Shows
Scam emails and phishing campaigns are surging as the COVID-19 pandemic is taking hold on a global level. Bitdefender telemetry reveals that attackers are changing and diversifying their messages to reach as many people as possible. Most phishing campaigns follow…
WhatsApp Limits Message Forwarding to Prevent Spread of Misinformation
Facebook announced an interesting new limitation to WhatsApp with the clear goal of curbing the spread of false information related to COVID-19. While it’s difficult to dispute the benefits of having a messaging application with such a widespread user base,…
Don’t become another money mule, FBI warns
The hidden dangers of the digital world are slowly becoming clear, revealing more than the traditional phishing email or malware attack. Bad actors are not just after our personal or financial information, — they’re also working hard to find new…
Surge in Online Shopping Drives Major Increase in Coronavirus-Themed Fraud Attempts
Attempts to defraud consumers are on the rise, as scammers exploit the surge in online activity during the COVID-19 lockdown. Merchants are starting to suffer dramatic increases in COVID-19-related phishing activities, with stolen credentials released into the eCommerce payments chain,…
HP Support Assistant App Riddled with Security Issues and Vulnerabilities, Researcher Finds
A security researcher found 10 vulnerabilities in the HP Support Assistant application shipped with every laptop the company makes, from the officially dead Windows 7 up to the latest version of Windows 10. Many companies pre-install software on their laptops…
Data on 600,000 Email.it users for sale on dark web after email provider refuses to pay bounty
Email.it, an Italian email provider, has recently confirmed that it was breached, confirming suspicions raised after an announcement posted by the NN Hacking Group on its Twitter account on April 5. Data stolen is said to contain private information on…
Is Costco sending you freebies and stimulus checks? No, it’s just another petty scam.
Last week, the FBI announced that fraudsters are sending out bogus text messages offering stimulus checks or packages to loyal Costco customers. Consumers all across the U.S. should be aware that Costco Wholesale is not giving out stimulus checks or…
Phishing and Malware Attacks Against NASA Employees Have Doubled
NASA’s Security Operations Center (SOC) experts have issued a warning regarding a growing trend toward phishing attempts, malware attacks, or just people accessing malicious sites. Many NASA employees have started to work from home, just like numerous other employees throughout…
Zoom Fixes Issues with Traffic Routed through Chinese Servers, Promises Better Encryption
An investigation by Citizen Lab underlined a few security issues of teleconferencing application Zoom, on all platforms, and the company was quick to promise sweeping changes that would make Zoom more secure and transparent. Two major issues were brought up…
Europol and Singapore Police arrest suspect behind €6 million Coronavirus money laundering scheme
As the cybercrime landscape continues to expand amid the Coronavirus pandemic, governments around the world have joined forces to fight the rising criminal activity. In a press release from April 6, Europol announced that a 39-year old man suspected of…
Scam alert: UK citizens receive fake text messages amid lockdown. If you plan to leave the house, you better pay up.
New scams taking advantage of the current lockdown are popping up daily. According to Richmond Council leaders, fraudsters have a new trick up their sleeve – “fines” for not respecting social distancing measures. Following the UK’s government’s announcement informing citizens…
Elasticsearch Database with 42 Million Records of Iranian Citizen Found Exposed Online
An Elasticsearch database holding 42 million records of Iranian Telegram users was found on the web, for anyone to access. The private data included phone numbers and user names, and it’s unclear how long it was exposed. Despite heavy restrictions…
US Warns People that Zoom-bombing Is a Crime
Zoom-bombing, the act of highjacking Zoom video conferences by sharing pornographic and hate images among other things, might seem like an annoying practice, but law enforcement is warning people that it’s actually a crime and perpetrators might end up in…
Mozilla Fixes Two Firefox Critical Vulnerabilities Exploited in the Wild
The Firefox Internet browser received a critical patch from the Mozilla Foundation to fix a couple of actively exploited zero-day vulnerabilities that were endangering both regular users and institutions. Zero-day vulnerabilities in Internet browsers are dangerous because criminals and hackers…
Data Leak: Private information of 14 million Key Ring users exposed
Five misconfigured Amazon Web Services (AWS) S3 buckets revealing private data of Key Ring users were discovered by vpnMentor researchers in January. Like many similar apps, Key Ring lets users store digital copies of their loyalty cards, create a shopping…
New York City Schools Ban Zoom over Security and Privacy Woes
The State of New York has decided to ban Zoom from city schools amid news of security and privacy concerns surrounding the popular videoconferencing software. “DOE staff and service providers should cease using Zoom as soon as possible,” Department of…
Zoom Was Mining Data and Matching Users with LinkedIn Info
Zoom has disabled a feature in its web conferencing software that allowed the company to secretly gather data and match the information with LinkedIn sources, giving some users the ability to identify participants in the conference without their knowledge. Following…
Twitter reveals Mozilla Firefox bug that stores your direct messages for up to 7 days
Twitter recently warned users of a Mozilla Firefox bug that grants access to accounts’ non-public information to anyone using the device. “We recently learned that the way Mozilla Firefox stores cached data may have resulted in non-public information being inadvertently…
US Government Advises Everyone to Upgrade Google Chrome as Soon as Possible
The US Cybersecurity and Infrastructure Security Agency (CISA) is advising companies, institutions and regular users to update their Google Chrome browsers to the latest version as soon as possible. Given the dominant position of Google Chrome in the Internet browser…
Data Breach: A summary of healthcare security incidents in March 2020. Are you a victim of Medical Identity Theft?
A quick overview of data breaches from the healthcare industry in March 2020 reveals 26 security incidents added to the Health Insurance Portability and Accountability Act (HIPAA) Breach Reporting Tool. The HIPPA Breach notification Rule“requires covered entities to notify patients…
Zoom for macOS Has a Couple of Dangerous Zero-Day Vulnerabilities
A couple of zero-day vulnerabilities found in the MacOS version of the Zoom video conferencing application could let attackers elevate their rights to root or to gain access to the microphone and camera. Just a couple of days ago, Zoom…
Department of Justice goes after scammers exploiting Coronavirus pandemic
Due to the troublesome spread of coronavirus-themed scams and malware attacks, the U.S. Department of Justice (DOJ) launched a nationwide campaign to detect, inhibit and punish any fraudulent or malicious online activity. “It is essential that the Department of Justice…
Zoom-bombing: FBI warns of rise in teleconference hijacking amid stay-at-home order
The Zoom video-teleconferencing app seems to be everywhere today, as people turn to an online environment for classes, events, meetings or even a good-old-fashioned family dinner. Recent events have pushed school staffers to reunite with students virtually, as online classes…
Marriott International discloses its second security incident affecting 5.2 million guests
A security breach has exposed the personal information of more than 5 million guests that found comfort at the Marriott Bonvoy Hotel, according to an incident notification issued by Marriott yesterday. What Happened? In a statement, the company said guest…
Houseparty app boycotted after users claim their online accounts were hacked
As the number of coronavirus infections continues to rise, we are becoming more dependent on video chat apps to connect with family, friends and coworkers. There’s never been a better time for face-to-face social networks to shine, and the Houseparty…
Data Leak: Personal identifiable information of 4.9 million Georgians found online
A database containing the private information of Georgian citizens is up for grabs on a dark web forum. Researchers from Under the Breach stumbled on the data leak over the weekend, and reported that it contained 4,934,863 entries. Full names,…
Zoom Removes Facebook SDK on iOS Because It Sent Back Unnecessary Information
After reports that the Zoom app on iOS was sending details about the users’ devices to Facebook, even if they had no Facebook account, the company announced that it removed the Facebook SDK from the application. The Facebook SDK sends…
Spike in Remote Work Leads to 40% Increase in RDP Exposure to Hackers
As Covid-19 continues to wreak havoc globally, companies are keeping their employees at home. To ensure compliance and stay atop security standards, teleworkers have to patch into their company’s infrastructure using remote desktop protocol (RDP) and virtual private networks (VPN).…
Bitcoin thieves use malicious QR code readers to steal $45,000 this month
Payments in cryptocurrency are not limited to extortionists who provide you their Bitcoin (BTC) wallets in their ‘contact info’. Adapting to the growing popularity, merchants around the world have added payment options that accept bitcoin or other types of cryptocurrency.…