Security
Leaked COVID tests expose sensitive patient data
The COVID-19 testing platform, Coronalab.eu, has exposed a database containing 11.8 million patient records, including COVID-19 certificates, test records, passport numbers, and other sensitive details.
Read more about Leaked COVID tests expose sensitive patient data
Facebook jobs scams and how to avoid them
Threat actors are posing as Qualys recruiters, advertising remote job opportunities via Facebook to obtain sensitive information and funds while compromising users and their direct connections.
Read more about Facebook jobs scams and how to avoid them
Team Liquid’s wiki leak exposes 118K users
Liquipedia, an online e-sports platform run by Team Liquid, exposed a database revealing its users’ email addresses and other details.
Read more about Team Liquid’s wiki leak exposes 118K users
India’s Cherrinet ISP leaks user data, exposes accounts to abuse attempts
Some Indian internet users should worry about their data being in the wrong hands. The Cybernews research team discovered an open 1.8TB data trove belonging to internet service provider Cherrinet.
Read more about India’s Cherrinet ISP leaks user data, exposes accounts to abuse attempts
Entire population of Brazil possibly exposed in massive data leak
The private data of hundreds of millions of Brazilians were publicly accessible to threat actors, putting individuals at risk.
Read more about Entire population of Brazil possibly exposed in massive data leak
Saudi Ministry exposed sensitive data for 15 months
Saudi Arabia’s Ministry of Industry and Mineral Resources (MIM) had an environment file exposed, opening up sensitive details for anybody willing to take them. The Cybernews research team believes that the sensitive data was accessible for 15 months.
Read more about Saudi Ministry exposed sensitive data for 15 months
Iranian crypto exchange leaks user passports and IDs
Bit24.cash has inadvertently exposed sensitive data belonging to nearly 230,000 users.
Read more about Iranian crypto exchange leaks user passports and IDs
Threat actors can “fairly easily” alter AI systems, NIST warns
The National Institute of Standards and Technology (NIST) has identified four major cyberattacks that can alter the behavior of AI systems.
Read more about Threat actors can “fairly easily” alter AI systems, NIST warns
Dark web sees “surge” of X gold accounts on sale
There’s a “gold rush” on the dark web as threat actors target verified accounts on X, formerly Twitter, for large-scale attacks, cybersecurity experts at CloudSEK warn.
Read more about Dark web sees “surge” of X gold accounts on sale
Don’t trust links with known domains: BMW affected by redirect vulnerability
Sometimes, you can’t even trust links with your own domain. As the Cybernews research team has discovered, some BMW subdomains were vulnerable to redirect vulnerability, enabling attackers to forge links leading to malicious sites through them.
Read more about Don’t trust links with known domains: BMW affected by redirect vulnerability
Accounts in danger: Google recommends enhanced safe browsing and extra care
After reports of a new malware strain stealing and maintaining Google sessions, the tech giant is encouraging users to enable enhanced safe browsing and recommends extra security against malware.
Read more about Accounts in danger: Google recommends enhanced safe browsing and extra care
Experiment: the ultimate filter for ads, malvertisers, spies and scammers
Those who worry about their phone spying, tracking, listening, and sending information to advertisers or an intelligence agency can finally relax a little. God bless private DNS.
Read more about Experiment: the ultimate filter for ads, malvertisers, spies and scammers
Clash of Clans gamers at risk while using third-party app
An exposed database and secrets on a third-party app puts Clash of Clans players at risk of attacks from threat actors.
Read more about Clash of Clans gamers at risk while using third-party app
Attackers leverage SMB shares for targeted intrusion
Server Message Block (SMB) shares are ubiquitous enough for persistent attackers to abuse at scale. So much so that ransomware operators love it.
Read more about Attackers leverage SMB shares for targeted intrusion
Dozens of high-profile Israeli firms hacked by Iran-sponsored gang
A recently emerged Iranian cyber gang, calling itself “Cyber Toufan,” has allegedly leaked data from 49 Israeli firms, as reported by the threat Intelligence platform FalconFeedsio. Researchers believe that a breach in a single hosting company caused many incidents.
Read more about Dozens of high-profile Israeli firms hacked by Iran-sponsored gang
Europol warns 443 shops of digital card skimming
Online vendors are frequently unaware that cybercriminals can abuse their systems to defraud shoppers.
Read more about Europol warns 443 shops of digital card skimming
ByteRAT: the dark sorcerer of cyberspace
“The Dark Sorcerer of Cyberspace” – that’s how ByteRAT is introduced by RAT developers: a sophisticated trojan that operates as a Remote Administration Tool (RAT) targeting both Windows and MacOS users.
Read more about ByteRAT: the dark sorcerer of cyberspace
Real estate agency exposes details of 690k customers
An exposed instance contained information for a customer relationship management (CRM) system that likely belongs to Goyzer, a real estate property management software maker, the Cybernews research team has discovered.
Read more about Real estate agency exposes details of 690k customers
New Terrapin attack weakens SSH, and everyone is vulnerable
Network defenders have one more thing to worry about. Secure Shell or SSH, a network protocol for secure communication and data transfers, is vulnerable to a new type of attack named Terrapin, which breaks the integrity of a secure channel.
Read more about New Terrapin attack weakens SSH, and everyone is vulnerable
Data leak exposes users of car-sharing service Blink Mobility
More than 22,000 users of Blink Mobility should take the necessary steps to protect themselves against the risk of identity theft. The Cybernews research team has discovered that their personal data was exposed in a leak.
Read more about Data leak exposes users of car-sharing service Blink Mobility
