Security
EU will hold tech companies liable for faulty software
European Union member states have two years to adopt a new law expanding product liability rules to include digital products such as software, firmware, or online platforms. This will expand users' rights to compensation and make it easier for them to claim damages in court.
Read more about EU will hold tech companies liable for faulty software
DNA-testing firm vanishes with highly sensitive customer genetic data
In yet another blow to the DNA-testing industry, Atlas Biomed, a London-based genetic firm with links to Russia, has disappeared without any warning. The BBC reports that customers’ sensitive data extracted from biological samples is now in limbo.
Read more about DNA-testing firm vanishes with highly sensitive customer genetic data
Delta Air Lines joins Amazon in confirming third-party data leak
The airline emphasized that its systems were unaffected, with the exposed employee details coming from a third-party vendor.
Read more about Delta Air Lines joins Amazon in confirming third-party data leak
Devastating email compromise scheme robs home buyers of life’s savings
Cybercriminals are employing a devastating fraud scheme that leaves victims in financial ruin and despair. They breach real estate agencies, intercept emails, and lurk, waiting until the final moment when home buyers are ready to make a down payment.
Read more about Devastating email compromise scheme robs home buyers of life’s savings
From Amazon to McDonald’s: what do we know about the latest major data leak?
While Amazon has confirmed that attackers revealed some of its employee’s data, the actors behind the leak say they want data owners to take user privacy seriously.
Read more about From Amazon to McDonald’s: what do we know about the latest major data leak?
MOVEit fallout: hackers leak employee data from Amazon, MetLife, HSBC, and other major companies
A threat actor on an illicit forum posted massive datasets with millions of records containing employee information from major companies, likely stolen during last year's MOVEit vulnerability hacking spree.
Read more about MOVEit fallout: hackers leak employee data from Amazon, MetLife, HSBC, and other major companies
For the first time, Telegram hands criminal user data to Dutch authorities
Telegram’s wall of silence cracks – Dutch Public Prosecution Service said it obtained data on criminal suspects for the first time, the national broadcaster NOS reports.
Read more about For the first time, Telegram hands criminal user data to Dutch authorities
Massive data breach: American debt relief service exposes 1.5 million
Set Forth, Inc., a company that provides online account administration services to consumers enrolled in debt relief programs, disclosed a major data incident affecting 1.5 million people. Several law firms have launched investigations and are preparing potential class action lawsuits.
Read more about Massive data breach: American debt relief service exposes 1.5 million
2014-2021 Mazdas vulnerable: attackers can take over infotainment system using USB
Multiple vulnerabilities plague Mazda’s in-vehicle infotainment systems, according to Trend Micro’s Zero Day Initiative (ZDI). Malicious actors can exploit these flaws to run any arbitrary code with root access.
Read more about 2014-2021 Mazdas vulnerable: attackers can take over infotainment system using USB
Scammers steal over $1 trillion in a year, report reveals
Scam victims lost over $1.03 trillion in the past year, a sum that exceeds the total GDP of most countries, including Switzerland, Poland, and Taiwan. An average American victim faced a loss of $3,520.
Read more about Scammers steal over $1 trillion in a year, report reveals
Hacker claims to have banned thousands of CoD players through anti-cheat exploit
Malicious actors are weaponizing anti-cheat systems against their opponents. TechCrunch reports that a hacker known as Vizor claims to have exploited a flaw in Call of Duty's (CoD) Ricochet anti-cheat system to ban thousands of legitimate players.
Read more about Hacker claims to have banned thousands of CoD players through anti-cheat exploit
Texas Oilfield system supplier Newpark Resources hit by ransomware
Newpark Resources, a supplier of fluid systems and industrial solutions to the oil and gas industry, disclosed a ransomware incident that caused disruptions.
Read more about Texas Oilfield system supplier Newpark Resources hit by ransomware
AI threats dictate a return to Human intelligence
Human input on the cybersecurity battlefield is still at the core amid increasing AI-driven cyber threats.
Read more about AI threats dictate a return to Human intelligence
MacOS under attack by crypto thieves: malicious app disguises itself as PDF
North Korean hackers are attacking the crypto industry with novel multi-stage malware, SentinelLabs warns. Attackers are using a signed and notarized code to bypass macOS defenses.
Read more about MacOS under attack by crypto thieves: malicious app disguises itself as PDF
Critical vulnerability affects Cisco’s industrial heavy-duty WiFi access points
The global networking giant Cisco released software updates addressing a critical 10 out of 10 vulnerability affecting Ultra-Reliable Wireless Backhaul (URWB) access points, which are commonly deployed in industrial environments, such as manufacturing plants. The bug allows unauthenticated, remote attackers to inject commands with root privileges.
Read more about Critical vulnerability affects Cisco’s industrial heavy-duty WiFi access points
Schneider Electric hit by another breach, ransomware gang demands $125,000 “in baguettes”
Schneider Electric, the French multinational energy management corporation, confirmed a breach after ransomware gang HellCat posted demands of $125,000 in “Baguettes.”
Read more about Schneider Electric hit by another breach, ransomware gang demands $125,000 “in baguettes”
Avoiding Social Engineering Attacks: Essential Strategies for Protection
Social engineering is one of the most prevalent forms of cyberattacks today. With most of our lives now taking place...
Read more about Avoiding Social Engineering Attacks: Essential Strategies for Protection
Transferred bitcoins? Your identity might have been stolen
A bitcoin transfer service left over 250,000 files, including users' KYC documents, accessible to anyone on the internet. If we were able to find the leaked data, it’s likely that threat actors have found it, too.
Read more about Transferred bitcoins? Your identity might have been stolen
Whitehat finds flaw that gave unauthorized access to over 700 million EA accounts
Sean Kahler, a game developer and reverse engineer, managed to gain unauthorized access to over 700 million Electronic Arts (EA) user accounts, including game statistics. The whitehat helped to patch the critical flaw.
Read more about Whitehat finds flaw that gave unauthorized access to over 700 million EA accounts
Using passphrases for better security
Online security plays an important role in our everyday lives. Much of our personal information is available online, so to...
Read more about Using passphrases for better security
