Security
EU alternative to US-led CVE vulnerability database is now live
The European Union’s new Global CVE Allocation System (GCVE) is officially up and running, providing an alternative for European cybersecurity professionals worried that a lack of funding for the US-run CVE program might eventually lead to its shutdown.
Read more about EU alternative to US-led CVE vulnerability database is now live
Google Calendar invite fools Gemini into leaking user data
A routine Google Calendar invite fooled Gemini into leaking data, showing how AI assistants can be manipulated solely through language.
Read more about Google Calendar invite fools Gemini into leaking user data
750K investors’ income exposed after phishing attack hit CIRO
The Canadian Investment Regulatory Organization (CIRO) revealed that a phishing attack compromised the organization and led to hundreds of thousands of investors losing their personal details, including income and account statements.
Read more about 750K investors’ income exposed after phishing attack hit CIRO
Dutch police trick thousands into buying fake football and Lady Gaga tickets
Thousands of eager football and music fans have been scammed. However, fortunately for them, it was by the Dutch Police. This educational tactic, borrowed from the fraudsters’ playbook, worked a little too well, reaching 300,000 people.
Read more about Dutch police trick thousands into buying fake football and Lady Gaga tickets
Hackers claim McDonald’s breach as leaked files deadline nears
A ransomware gang claims it has stolen nearly a terabyte of McDonald’s data in India and is counting down to a public leak.
Read more about Hackers claim McDonald’s breach as leaked files deadline nears
Skyrocketing RAM and storage costs push entry-level PC prices into four-digit territory
Entry-level PC prices have climbed into four-digit territory, leaving the segment in no-man’s land. Gamers can get a better deal by buying a console. For productivity, Apple’s Mac mini is still available at $599. For now. The ongoing RAM squeeze shows no sign of easing and is putting pressure on the upcoming Steam Machine.
Read more about Skyrocketing RAM and storage costs push entry-level PC prices into four-digit territory
Tencent DMCA takedowns on GitHub raise questions over who owns user data
Tencent has filed a sweeping set of DMCA complaints with GitHub, leading to the removal of dozens of open-source projects that enable users to export or analyze their own WeChat chat histories.
Read more about Tencent DMCA takedowns on GitHub raise questions over who owns user data
Germany to boost federal service hacking, cut US intel reliance
Germany is drafting a law to massively expand its federal service hacking and internet surveillance, including full-content interception and six-month data retention. Berlin says the overhaul will cut reliance on US intel and bring the agency in line with European peers.
Read more about Germany to boost federal service hacking, cut US intel reliance
US hotel giant Hyatt allegedly attacked as stolen data appears online
A ransomware gang claims it broke into Hyatt’s global hotel empire, saying it stole internal logins and financial data that could be downloaded for free.
Read more about US hotel giant Hyatt allegedly attacked as stolen data appears online
Apple, Nvidia, and Tesla confidential files allegedly exposed in supplier breach
Luxshare, one of Apple’s key partners in assembling iPhones, AirPods, Apple Watches and Vision Pro allegedly suffered a data breach, orchestrated by a ransomware cartel. Attackers threaten the company to leak Apple, Nvidia and LG data.
Read more about Apple, Nvidia, and Tesla confidential files allegedly exposed in supplier breach
Off-grid messaging on the rise as alternative to internet shutdowns and surveillance
Mass surveillance gave rise to encrypted, increasingly decentralized messaging apps. Now, extreme internet shutdowns in Iran are driving demand for even more robust tools: messengers that function entirely offline. People are experimenting with Briar, Bitchat, and other mesh-based apps that rely on Bluetooth and WiFi to stay connected.
Read more about Off-grid messaging on the rise as alternative to internet shutdowns and surveillance
Google shows how easy it is to crack old Microsoft Windows logins
Google just dropped a dataset proving that a decades-old Windows login system can be cracked in hours, putting corporate networks at risk.
Read more about Google shows how easy it is to crack old Microsoft Windows logins
North Korea-linked hackers weaponize Google ads in malware campaign
A North Korea-linked hacking group has been found abusing online advertising infrastructure operated by Google and South Korea’s Naver to distribute malware while evading security controls, according to a new report by cybersecurity firm Genians Security Center.
Read more about North Korea-linked hackers weaponize Google ads in malware campaign
145K exposed after hacker hit of Maine’s largest health systems
Attackers roamed Central Maine Healthcare for over two months, rummaging through sensitive patient data, which in some cases included treatment information and health insurance data.
Read more about 145K exposed after hacker hit of Maine’s largest health systems
Tech hero releases tool that disables AI, ads, and other junk in Chrome, Edge, and Firefox
Can’t a browser be just a browser? A new tool will adjust Chrome, Firefox, and Edge configurations, removing AI features, telemetry data reporting, sponsored content, product integrations, and other annoyances.
Read more about Tech hero releases tool that disables AI, ads, and other junk in Chrome, Edge, and Firefox
Your company most probably can't recover from a cyberattack and doesn't know it
Many organizations are probably overestimating their ability to recover from cyberattacks. Researchers from Dell have highlighted the “resilience debt,” the gap between how ready to recover from a cyberattack companies think they are, and their actual readiness. It’s bigger than most companies think and creates an extra layer of risk.
Read more about Your company most probably can't recover from a cyberattack and doesn't know it
AWS dodges massive cyber disaster: every account was in danger
Cybersecurity researchers at Wiz Research managed to gain admin access to key AWS GitHub repositories. The disclosed critical bug could've had massive repercussions, potentially threatening “The AWS Console itself” and every AWS account.
Read more about AWS dodges massive cyber disaster: every account was in danger
Attackers claim theft of 183M records from major oil company
TotalEnergies, a French energy and petroleum behemoth, has supposedly suffered a data breach, exposing tens of millions of records. While the perpetrators' claims are hardly trustworthy, they have started posting customer data on the social platform X.
Read more about Attackers claim theft of 183M records from major oil company
Poland avoids blackout as PM blames Russia-linked attackers for massive cyberattack
Poland is recovering from a cyberattack that nearly knocked out the country’s power grid. PM Donald Tusk has blamed groups linked to Russian intelligence services and is preparing additional defenses.
Read more about Poland avoids blackout as PM blames Russia-linked attackers for massive cyberattack
Google Bluetooth flaw puts millions of audio devices at risk
Researchers are warning of a new vulnerability in Google’s Fast Pair Service that allows hackers to eavesdrop on hundreds of millions of Bluetooth audio devices. Is yours one of them?
Read more about Google Bluetooth flaw puts millions of audio devices at risk
