Security
China's spy agency criticizes foreign attempts to 'steal' rare Earth resources
China's Ministry of State Security on Friday said foreign spy agencies had tried to "steal" rare earths and pledged to crack down on infiltration and espionage targeted at its critical mineral sector.
Read more about China's spy agency criticizes foreign attempts to 'steal' rare Earth resources
Most cyber incidents stem from the same 10% of employees, study finds
Have you ever clicked on a phishing link at work? If so, you’re likely to make further cybersecurity mistakes, and your employer should make “right interventions.” New data reveals that just a small fraction of employees are responsible for the majority of risky cybersecurity behavior.
Read more about Most cyber incidents stem from the same 10% of employees, study finds
Popular fitness app Fitify exposes 138K user progress photos
Fitify’s publicly accessible Google cloud storage bucket has exposed hundreds of thousands of files. Some of the files were user-uploaded progress pictures.
Read more about Popular fitness app Fitify exposes 138K user progress photos
Dean Burton, WP Buffs: “keeping WordPress sites fast and secure is a full-time job”
With WordPress playing a huge role in online business these days, keeping websites up and running is more important –...
Read more about Dean Burton, WP Buffs: “keeping WordPress sites fast and secure is a full-time job”
US National Guard severely hacked by Salt Typhoon in 2024
A US state's Army National Guard network was thoroughly hacked by a Chinese cyberespionage group nicknamed "Salt Typhoon," according to a Department of Homeland Security memo.
Read more about US National Guard severely hacked by Salt Typhoon in 2024
Windows Hello flaw allows hackers to “swap faces” and access sensitive data
Hackers inside a network can swap an admin’s biometric data with their own faces to unlock sensitive Windows systems. Researchers warn that the face recognition templates are protected by weaker security than the things they unlock.
Read more about Windows Hello flaw allows hackers to “swap faces” and access sensitive data
European Commission launches age-check app to protect kinds online
The European Commission has introduced a prototype of an age verification app and guidelines to create a safe online environment for young people and allow them to enjoy all that the online world has to offer.
Read more about European Commission launches age-check app to protect kinds online
Venkatesh Sundar, Indusface: “zero-day exploits don’t wait for your dev team to catch up”
Keeping sensitive data safe is tougher than ever, especially with businesses jumping into the digital world so quickly. Lots of...
Read more about Venkatesh Sundar, Indusface: “zero-day exploits don’t wait for your dev team to catch up”
This is what you should include in your password to make it uncrackable
Think your password is safe because it’s eight characters long and mixes in a number or two? According to new analysis from Specops, nearly 99% of breached passwords are so weak they could be cracked in minutes.
Read more about This is what you should include in your password to make it uncrackable
Marks & Spencer hackers hit US retailer Belk
Belk, the popular US department store chain, has allegedly been targeted by the DragonForce hacker group. This is the same group that struck UK retailer Marks & Spencer with a cyberattack, costing the company hundreds of millions of dollars.
Read more about Marks & Spencer hackers hit US retailer Belk
Serious Google Gemini flaw: it obeys hidden prompts in malicious emails
If hackers hide malicious commands in an email, Google Gemini for Workspace will “faithfully obey” them when interacting with the content. Researchers tricked Gemini into alerting users about account compromise and directing them to call scammers.
Read more about Serious Google Gemini flaw: it obeys hidden prompts in malicious emails
UnitedHealth subsidiary Episource hit with data breach, millions affected
Over five million patients were affected after a massive data breach at Episource that exposed sensitive medical and personal information.
Read more about UnitedHealth subsidiary Episource hit with data breach, millions affected
S&P 500’s AI adoption may invite data breaches, new research shows
Researchers have identified hundreds of potential issues ranging from insecure AI output to critical infrastructure attack vectors across sectors such as infrastructure, finance, and healthcare.
Read more about S&P 500’s AI adoption may invite data breaches, new research shows
Shopify plugin exposes hundreds of websites to attacks
A trusted Shopify plugin designed to enforce privacy compliance ended up quietly exposing hundreds of online stores to serious security threats.
Read more about Shopify plugin exposes hundreds of websites to attacks
Massive investment fraud campaign leverages 17,000 fraudulent news sites
Scam sites are impersonating legitimate news websites, using native languages, major brands, and regional public figures to promote fake investment opportunities.
Read more about Massive investment fraud campaign leverages 17,000 fraudulent news sites
Your eSIM might not be as safe as you think: researchers hack and clone numbers
Researchers have successfully hacked a widely used chip that stores eSIM (embedded SIM) profiles, leaving billions of users vulnerable to SIM cloning, spoofing, spying on them, and related security implications.
Read more about Your eSIM might not be as safe as you think: researchers hack and clone numbers
Saudi industrial services group breached, hackers claim
Rezayat Group, a multibillion-dollar industrial services provider based in Saudi Arabia, has been posted on a dark web leak site. Hackers claim they’ve obtained several gigabytes of data from the company.
Read more about Saudi industrial services group breached, hackers claim
Estimating age with augmented cameras in tobacco shops is a no-go, CNIL says
The use of augmented cameras that can estimate the age of tobacco shop customers to prohibit the sale of cigarettes and other tobacco products to minors is neither necessary nor proportionate and, therefore, not allowed according to data protection and privacy laws.
Read more about Estimating age with augmented cameras in tobacco shops is a no-go, CNIL says
