Security
AI startup spills employee data and corporate secrets
An Indian startup focusing on artificial intelligence (AI) solutions leaked sensitive corporate data, including extensive information about its projects and employees.
Read more about AI startup spills employee data and corporate secrets
MailChimp, Mailgun, and Sendgrid API leak endangered over 54m users
Leaked API keys of three popular email service providers allowed threat actors to perform various unauthorized actions such as sending emails, accessing mailing lists and personal data, deleting API keys, and modifying two-factor authentication, hence putting 54 million users at risk.
Read more about MailChimp, Mailgun, and Sendgrid API leak endangered over 54m users
Shoemaker Ecco leaks over 60GB of sensitive data for 500+ days
Ecco, a global shoe manufacturer and retailer, exposed millions of documents, potentially opening itself up to large cyberattack.
Read more about Shoemaker Ecco leaks over 60GB of sensitive data for 500+ days
3.5m IP cameras exposed, with US in the lead
The number of internet-facing cameras in the world is growing exponentially. Some of the most popular brands don't enforce a strong password policy, meaning anyone can peer into their owners' lives.
Read more about 3.5m IP cameras exposed, with US in the lead
How to avoid hacking hangover at the airport this holiday season
Cyber con artists are hitting consumers with an endless barrage of online eavesdropping, phishing scams, and fake websites – many of them travel-related – designed to catch you off guard and allow hackers access to your personal and financial data.
Read more about How to avoid hacking hangover at the airport this holiday season
Amazon shoppers warned of holiday scams
It's beginning to look a lot like… scam season. With holidays up around the corner, it's busy days for cyber Grinches ready to empty your bank account.
Read more about Amazon shoppers warned of holiday scams
India’s foreign ministry leaks expat passport details
The Global Pravasi Rishta Portal, India’s government platform for connecting with its overseas population, leaked sensitive data, including names and passport details.
Read more about India’s foreign ministry leaks expat passport details
US Health Department warns healthcare industry of new Royal ransomware
The US Department of Health and Human Services (HHS) warned the healthcare community about human-operated Royal ransomware that has been used to attack the sector since 2022.
Read more about US Health Department warns healthcare industry of new Royal ransomware
Retail giant Vevor leaked user location and payment data for almost five months
An online retailer specializing in tools and equipment for DIYers and professionals left a database with sensitive user information, including payment details, open to the public.
Read more about Retail giant Vevor leaked user location and payment data for almost five months
Android app with over 5m downloads leaked user browsing history
The Android app Web Explorer – Fast Internet left an open instance, exposing a trove of sensitive data that malicious actors could use to check specific users’ browsing history.
Read more about Android app with over 5m downloads leaked user browsing history
Russian hackers use western networks to attack Ukraine
A Fortune 500 company, dam monitoring system, and organizations in the UK and France had their networks to launch cyberattacks on Ukraine.
Read more about Russian hackers use western networks to attack Ukraine
Sony and Lexar-trusted encryption provider leaked sensitive data for over a year
ENC Security, a Netherlands software company, had been leaking critical business data since May 2021.
Read more about Sony and Lexar-trusted encryption provider leaked sensitive data for over a year
Attack of drones: airborne cybersecurity nightmare
Once a niche technology, drones are about to explode in terms of market growth and enterprise adoption. Naturally, threat actors follow the trend and exploit the technology for surveillance, payload delivery, kinetic operations, and even diversion.
Read more about Attack of drones: airborne cybersecurity nightmare
Rise of deepfakes: who can you trust in the metaverse?
In this new virtual world of the metaverse, people may not always be who they seem.
Read more about Rise of deepfakes: who can you trust in the metaverse?
Conversation hijacking: when trusted person becomes your worst enemy
Given the tremendous growth in phishing attacks in recent years, many of us have become wary of suspicious-looking emails that contain links designed to encourage us to share passwords and allow criminals to deliver malware or steal money.
Read more about Conversation hijacking: when trusted person becomes your worst enemy
Weakest passwords of 2022
Despite all the warnings, shockingly high numbers of people are still using easily guessable passwords such as swear words, celebrity names, cities, animals, or keyboard sequences, with half of those observed consisting of just one word.
Read more about Weakest passwords of 2022
How to fight back if your government shuts internet down
In a digital world where the lines between online and offline are disappearing, life without internet access is unimaginable. But the rise of internet shutdowns and online censorship during political instability is a trend that nobody can afford to ignore.
Read more about How to fight back if your government shuts internet down
Ransom gangs function just like McDonald's, researchers find
As more organizations fall victim to ransomware, we dive into the anatomy of modern ransomware gangs, dissecting their operations.
Read more about Ransom gangs function just like McDonald's, researchers find
Magecart attacks: how your credit card data gets stolen from e-commerce sites
Threat actors continue to conduct Magecart attacks to steal financial data and personal information from e-commerce platforms. Let’s look at the attack chain and taxonomy for this illegal practice and countermeasures to mitigate them.
Read more about Magecart attacks: how your credit card data gets stolen from e-commerce sites
Thomson Reuters collected and leaked at least 3TB of sensitive data
Thomson Reuters left an open database with sensitive customer and corporate data, including third-party server passwords in plaintext format.
Read more about Thomson Reuters collected and leaked at least 3TB of sensitive data
