Security
5.6M people exposed in Ascension Health ransomware incident earlier this year
A cyberattack earlier this year is impacting 5,599,699 patients and employees of Ascension Health, one of the largest healthcare systems in the US. The exposed data is very sensitive and includes medical records, payments, insurance, identification, and other personal information.
Read more about 5.6M people exposed in Ascension Health ransomware incident earlier this year
FAA drone ban hits New Jersey, but will it put an end to UAP hysteria?
The FAA bans all drone flights in the Garden State, finally acknowledging a month-long spate of UAP sightings over New Jersey and surrounding states. But is it enough to convince the public there is no threat to national security?
Read more about FAA drone ban hits New Jersey, but will it put an end to UAP hysteria?
WiFi hacking for the everyday spy
Ever used an RC car outfitted with a Raspberry Pi to penetrate a wireless network and set up a wireless repeater? I did several years ago when I lived in a rural area that wasn’t serviced by any wireless internet provider.
Read more about WiFi hacking for the everyday spy
Google warns of holiday scam surge: how to protect yourself from fraud
Google’s Gmail, the world's largest email provider with more than 2.5 billion users, blocks 99.9% of spam, phishing, and malware. However, the remaining 0.1% can still be very damaging.
Read more about Google warns of holiday scam surge: how to protect yourself from fraud
Facing TP-Link allegations, China blames the US for attacking its critical tech companies
The Chinese cybersecurity authority is blaming the US for two cyberattacks against large Chinese tech companies aimed at stealing trade secrets. The allegations were dropped at the same time as the US launched an investigation into TP-Link routers.
Read more about Facing TP-Link allegations, China blames the US for attacking its critical tech companies
US may ban Chinese TP-Link routers next year due to security risks
TP-Link, the most popular router network brand in the US, is under investigation by several US departments.
Read more about US may ban Chinese TP-Link routers next year due to security risks
Thousands of users in Europe getting malicious emails with DocuSign-enabled PDFs
At least 20,000 users across various European companies have received phishing emails containing attached DocuSign-enabled PDF files or links to fake online forms. The hackers are after Microsoft accounts.
Read more about Thousands of users in Europe getting malicious emails with DocuSign-enabled PDFs
Instant loan app leaks nearly 30 million files with user data
A treasure trove of loan applicants' private information, including national IDs and account statements, was left unsecured, jeopardizing the accounts of users.
Read more about Instant loan app leaks nearly 30 million files with user data
Cellebrite shatters smartphone security illusion: everything can be unlocked, researchers warn
Recent revelations about Cellebrite software – a forensic tool used to extract data from smartphones – are an example of how easily devices can be exploited. The Singapore-headquartered cybersecurity firm Group-IB has warned that every smartphone user is at risk, whether they’re using Apple iOS or Google Android.
Read more about Cellebrite shatters smartphone security illusion: everything can be unlocked, researchers warn
Virtavo security camera users beware: app data spilled online
A security camera streaming app has been caught collecting extensive personal data. Not only that, but it stores logs on an open server accessible to anyone. Thousands of Virtavo security camera users might have been exposed.
Read more about Virtavo security camera users beware: app data spilled online
Unlock and load: officials caught using Israeli spyware to snoop on Android users
Governments may be using mobile forensic products from Cellebrite to hack high-profile targets and install spyware on their Android devices.
Read more about Unlock and load: officials caught using Israeli spyware to snoop on Android users
Hackers actively exploiting Windows flaw to gain system privileges, CISA warns
Threat actors have been observed exploiting a Windows kernel-mode driver elevation of privilege vulnerability, the severity of which is assessed as high (7.8 out of 10).
Read more about Hackers actively exploiting Windows flaw to gain system privileges, CISA warns
Fake CAPTCHAs reaching millions: who’s responsible for malvertising mayhem?
Legitimate publishers are displaying malicious ads. A legitimate ad network is serving them. A legitimate analytics platform is cloaking them. Legitimate cloud providers are hosting malicious websites and actual malware. Legitimate search engines help drive traffic. Everyone is pointing the finger and no one is accountable.
Read more about Fake CAPTCHAs reaching millions: who’s responsible for malvertising mayhem?
Hackers targeting thousands of YouTubers with fake collaboration offers and infostealers
There’s a new malicious campaign focusing on YouTube creators. An unidentified threat actor with a huge automated infrastructure is impersonating trusted brands, crafting enticing emails, and offering promotion and partnership deals. The victims are losing their data and accounts.
Read more about Hackers targeting thousands of YouTubers with fake collaboration offers and infostealers
Using biometric authentication safely
Biometric authentication is everywhere, and it’s not hard to see why – it’s fast, slick, and feels like we’re living...
Read more about Using biometric authentication safely
Long awaited answers: revelations of a professional pedo hunter
We’re living in an age where kids are not being protected, neither by online game developers nor by social media
Read more about Long awaited answers: revelations of a professional pedo hunter
Quarter of a million exposed in US credit union digital heist
Cybercrooks accessed the personal details of hundreds of thousands of customers of SRP Federal Credit Union, a US-based financial institution.
Read more about Quarter of a million exposed in US credit union digital heist
Vulnerabilities found in crypto platforms Dogecoin, Lightning Network, and Proton Wallet
This week, vulnerabilities were announced in the Dogecoin (DOGE) network, Bitcoin's (BTC) Lightning Network (LN), and Proton Wallet, reminding users of potential technical risks when dealing with crypto assets.
Read more about Vulnerabilities found in crypto platforms Dogecoin, Lightning Network, and Proton Wallet
IoT infected with pre-installed malware: Germany blocks 30K devices
German authorities have blocked 30,000 digital picture frames, media players, and other Android devices from communicating with BadBox botnet control centers. The malware on these devices came pre-installed.
Read more about IoT infected with pre-installed malware: Germany blocks 30K devices
Top Android apps vulnerable to reverse engineering tool Frida
A “significant” security gap that makes 97% of the most popular Android apps vulnerable to the reverse engineering tool Frida can be exploited by bad actors, cybersecurity experts have warned.
Read more about Top Android apps vulnerable to reverse engineering tool Frida
