Security
Millions of vehicle records left open – with no owner in sight
Over three million records, containing detailed information about vehicles and their owners, have been left open online. The weirdest part? There‘s no clear owner of the exposed dataset.
Read more about Millions of vehicle records left open – with no owner in sight
Temu refutes data breach allegations by unknown threat actor trying to profit
Temu, a popular e-commerce marketplace, says that not a single line of data disseminated by an unknown threat actor matches its real records.
Read more about Temu refutes data breach allegations by unknown threat actor trying to profit
RansomHub releases 487GB of data allegedly stolen from Kawasaki
RansomHub, a ransomware newcomer that rose to prominence this year, has claimed a breach of Japanese company Kawasaki and released 487GB of its data publicly.
Read more about RansomHub releases 487GB of data allegedly stolen from Kawasaki
Critical vulnerabilities found in Photoshop, Premiere Pro, and multiple other Adobe products
Threat actors can exploit some of the most popular creative Adobe applications to take over Windows and macOS machines.
Read more about Critical vulnerabilities found in Photoshop, Premiere Pro, and multiple other Adobe products
Sharp increase in blocked YouTube channels linked to Russian influence operations
In July alone, Google terminated almost 13,000 YouTube channels linked to Russian and Chinese coordinated influence operations. The number of terminated Russian channels spiked dramatically in recent months.
Read more about Sharp increase in blocked YouTube channels linked to Russian influence operations
Brazil’s largest forex bank vulnerable to attack
Braza Bank left its systems vulnerable to cyberattacks and accounts takeover, Cybernews research shows.
Read more about Brazil’s largest forex bank vulnerable to attack
North Korean hackers target jobseekers, slipping malware into fake coding tests
Pyongyang cyber warriors often pose as fake IT workers to infiltrate organizations. ReversingLabs researchers have recently discovered an ongoing campaign where they take the role of recruiters hunting for Python developers.
Read more about North Korean hackers target jobseekers, slipping malware into fake coding tests
Critical Windows vulnerabilities exploited: CISA urges users to update
Microsoft's September 2024 Patch fixes 79 flaws, with at least four exploited in the wild. One remote code execution vulnerability, with a severity score of 9.8 out of 10, enables a “total loss of confidentiality,” divulging resources to the attacker.
Read more about Critical Windows vulnerabilities exploited: CISA urges users to update
Cybernews Business Digital Index reveals major shortcomings in corporate customer data security
Despite the growing threat of cyberattacks, many companies continue to fall short in strengthening their security measures.
Read more about Cybernews Business Digital Index reveals major shortcomings in corporate customer data security
How many dangerous permissions are too many? Popular apps see no limits
Do you have a photo of your ID on your phone? If so, do you know who else can access it? A single overly broad permission can lead to data exposure, yet most apps don’t stop at just a few dangerous permissions. Here’s what we found about 50 popular Android apps.
Read more about How many dangerous permissions are too many? Popular apps see no limits
Data leak exposes 14,000 US medical professionals: what we know so far
A massive data leak at a Florida-based recruitment company has affected more than ten thousand hospitals and medical workers.
Read more about Data leak exposes 14,000 US medical professionals: what we know so far
Researchers turn RAM into radio antenna, beaming secrets from air-gapped system
Even an isolated computer in a sealed room can be accessed by an outsider with a cheap antenna, exploiting a new RAMBO attack.
Read more about Researchers turn RAM into radio antenna, beaming secrets from air-gapped system
Wifi routers and VPN appliances targeted by notorious botnet Quad7
The mysterious Quad7 botnet has evolved its tactics to compromise several brands of Wi-Fi routers and VPN appliances. It’s armed with new backdoors, multiple vulnerabilities, some of which were previously unknown, and new staging servers and clusters, according to a report by Sekoia, a cybersecurity firm.
Read more about Wifi routers and VPN appliances targeted by notorious botnet Quad7
New malware shakes macOS security paradigm – hackers eying iPhones next
If you press a malicious link on a Mac, it will most likely lead to the Atomic MacOS Stealer (AMOS). Since its emergence in April last year, this malware has become a go-to choice for hackers stealing crypto, passwords, and session tokens. Due to high demand, its cost has tripled.
Read more about New malware shakes macOS security paradigm – hackers eying iPhones next
UK staffing agency exposes gig workers: passports, visas, and more made public
A UK staffing agency has leaked the passports of tens of thousands of gig workers, exposing them to identity theft and various other frauds.
Read more about UK staffing agency exposes gig workers: passports, visas, and more made public
Russian cyber militants responsible for damage to critical assets: US offers $10 million bounty
A lesser-known cyber actor associated with the Russian military intelligence (GRU) is responsible for attempted coups, sabotage, influence operations, and even assassination attempts in Europe, the FBI warns.
Read more about Russian cyber militants responsible for damage to critical assets: US offers $10 million bounty
Hacker slip-up? 762,000 car owners have vehicles, home addresses exposed online
When legitimate personal data leaks from a completely unknown source, the issue is much more distressing.
Read more about Hacker slip-up? 762,000 car owners have vehicles, home addresses exposed online
VMware on macOS affected by high-severity flaw: attackers can run arbitrary code
VMware Fusion, a macOS hypervisor used for running virtual machines, contains a high-severity code execution vulnerability, as disclosed by Broadcom. The only mitigation currently available is to update the software to the latest version.
Read more about VMware on macOS affected by high-severity flaw: attackers can run arbitrary code
Zyxel routers, access points, firewalls in danger: users urged to patch
Zyxel, a networking solutions provider, has released patches to dozens of its products, including business routers, firewalls, access points, 5G, DSL/Ethernet equipment, and other devices. Some of the nine disclosed vulnerabilities allow potential attackers to execute OS commands without any authorization.
Read more about Zyxel routers, access points, firewalls in danger: users urged to patch
Researchers clone YubiKeys, many security microchips may be flawed
Security chips produced by Infineon Technologies, a major secure element manufacturer spanning multiple product lines, have been found vulnerable to side-channel attacks. Researchers disclosed that YubiKey, a hardware authentication device popular among crypto enthusiasts, can be cloned.
Read more about Researchers clone YubiKeys, many security microchips may be flawed
