Security

This is how much money you should keep in your pocket in case of a cyberattack

What if the payment system is down and payment terminals aren’t working? How much cash should you have in your pocket when this scenario occurs? De Nederlandsche Bank (DNB), commercial banks, consumer organizations, retail associations, the Dutch Ministry of Finance, and other institutions united in the National Forum on the Payment System (NFPS) have the answer.
Read more about This is how much money you should keep in your pocket in case of a cyberattack

Hundreds of passport applications exposed at diplomatic institution

Half a thousand passport applications exposed at the Libyan Consulate in Stockholm left an unprotected instance accessible to the public.
Read more about Hundreds of passport applications exposed at diplomatic institution

American student housing developer breached, hackers claim

Landmark Properties, a real estate developer with over $15 billion in assets under management, allegedly had its systems breached, with cybercriminals claiming to have stolen over a terabyte of data.
Read more about American student housing developer breached, hackers claim

Coinbase reveals almost 70K customers affected in data breach

Coinbase says 69,461 customers were affected by a data breach caused by insider wrongdoing. The data thieves have been abusing access to the company’s systems since December 26th last year.
Read more about Coinbase reveals almost 70K customers affected in data breach

Companies are increasingly limiting access to AI tools: millions of DNS queries blocked

Companies are increasingly disrupting traffic to generative artificial intelligence (AI) tools so that their employees cannot reach Notion, ChatGPT, Claude, or other assistants. DNSFilter, a protected Domain Name System (DNS) service, said it has already blocked 60 million visits.
Read more about Companies are increasingly limiting access to AI tools: millions of DNS queries blocked

Over 100 malicious Chrome extensions detected: disguised as AI tools, VPNs, and crypto utilities

In over a year, a single cybercriminal spawned over 100 fake malicious Chrome extensions with dual functionalities, capable of tracking users and stealing their access tokens. The hacker bypasses Google’s defenses by injecting malicious scripts remotely, after the extension is installed.
Read more about Over 100 malicious Chrome extensions detected: disguised as AI tools, VPNs, and crypto utilities

Retailer Tesco, Aldi’s supplier, hit with ransomware

Peter Green Chilled, a UK-based logistics firm working with major retailers Tesco, Aldi, and Sainsbury’s, had some of its systems encrypted, not a month after the devastating cyberattack on Marks & Spencer.
Read more about Retailer Tesco, Aldi’s supplier, hit with ransomware

DDoSecrets publishes 410 GB of messages from hacked Signal clone used by Mike Waltz

Journalists and researchers can access a massive 410 GB database of leaked messages and other data from TeleMessage, a hacked Signal-clone messenger used by former US National Security Advisor Mike Waltz. The leak may also expose other officials because the app used Signal servers and saved message copies in plain text.
Read more about DDoSecrets publishes 410 GB of messages from hacked Signal clone used by Mike Waltz

Over 50% of the top oil and gas companies suffered data breaches in the past 30 days

A new report reveals that only 10% of top oil and gas firms passed a basic cybersecurity assessment — the rest failed.
Read more about Over 50% of the top oil and gas companies suffered data breaches in the past 30 days

Your AI isn’t safe: How LLM hijacking and prompt leaks are fueling a new wave of data breaches

A junior developer at a fast-growing fintech startup, racing to meet a launch deadline, copied an API key into a public GitHub repo. Within hours, the key was scraped, bundled with others, and traded on Discord to a shadowy network of digital joyriders.
Read more about Your AI isn’t safe: How LLM hijacking and prompt leaks are fueling a new wave of data breaches

O2 was leaking user geolocation to anyone who was initiating a call

O2, a major telecommunications company operating in the United Kingdom, has been leaking user location data for at least a few months. Any attacker could obtain the user's location and other data just by initiating a call.
Read more about O2 was leaking user geolocation to anyone who was initiating a call

Proton threatens to leave Switzerland amid proposed law changes

Proposed surveillance regulations in Switzerland are “roughly equivalent” to Russian laws and could force Proton to relocate its headquarters outside the country, Andy Yen, founder and CEO of Proton, said.
Read more about Proton threatens to leave Switzerland amid proposed law changes

Massive data leak: 200 billion files exposed in cloud buckets

From documents and credentials to source code and internal backups – billions of files are leaking due to misconfigured cloud storage buckets.
Read more about Massive data leak: 200 billion files exposed in cloud buckets

DDoS attacks target Eurovision Song Contest as hackers seek attention

Swiss authorities warn that cybercriminals launched several distributed denial of service (DDoS) attacks against various websites in the country in connection with the Eurovision Song Contest. The attacks were expected and did not disrupt Eurovision’s operations.
Read more about DDoS attacks target Eurovision Song Contest as hackers seek attention

Adidas and Dior confirm breaches involving customer data

German sportswear brand Adidas and French luxury fashion brand Dior confirmed hacker attacks affecting customer data.
Read more about Adidas and Dior confirm breaches involving customer data

What hackers do with their stolen money? Turns out they like brick-and-mortar businesses

Everyday businesses, from dating sites, cafes, restaurants, to taxi services, represent the potential investments for cybercriminals. They often direct stolen money as investments to brick-and-mortar and online companies.
Read more about What hackers do with their stolen money? Turns out they like brick-and-mortar businesses

Data of 70,000 customers of Belgian virtual telecom operators leaked

Due to a data breach at Effortel, personal information of 70,000 customers of three Belgian mobile virtual network operators (MVNOs) has been exfiltrated.
Read more about Data of 70,000 customers of Belgian virtual telecom operators leaked

US lawmakers want location tracking installed in AI chips to prevent nation-state theft

US lawmakers on Thursday introduced the Chip Security Act – a new bill that would require manufacturers to outfit high-end AI computer chips with location tracking to prevent the advanced technology from getting in the hands of rogue governments like China and Russia.
Read more about US lawmakers want location tracking installed in AI chips to prevent nation-state theft