Search Results For: Data Breach
Back in August of this year, an unknown actor operating under the username devil posted information relating to 5.4 million Twitter users for sale on BreachForums. This data included the email addresses and phone numbers tied to users accounts. Now, someone with the username Ryushi claims to be selling a...
Read more...
Back in August of this year, the password manager LastPass suffered a security breach that resulted in the theft of proprietary technical information and portions of the companys source code. Hackers then used the stolen information to breach LastPass again at the end of November. Shortly after this...
Read more...
iRobots automated Roomba vacuum cleaners have been navigating households for many years using infrared sensors. However, the company has equipped some of its more recent Roomba models with visible light cameras. As it turns out, these cameras can capture images of people in compromising positions, and these images can...
Read more...
An investigation conducted by the Secret Services Cyber Fraud Task Force (CFTF) and Internal Revenue Service - Criminal Investigation (IRS-CI) has resulted in the arrest and conviction of a former T-Mobile employee by the name of Argishti Khudaverdyan. Now 44 years old, Khudaverdyan used stolen T-Mobile credentials to...
Read more...
John Carmack, consulting CTO for Meta's virtual reality efforts, states he is leaving the company as he is "wearied of the fight." Carmack joined Oculus in 2013 as CTO, prior to its acquisition by Facebook.
The news about Carmack leaving Meta came yesterday as people familiar with the situation shared an internal...
Read more...
Gemini, the cryptocurrency exchange founded by the Winklevoss twins, published a blog post this week warning about phishing campaigns targeting its customers. These phishing campaigns are likely related to a previously undisclosed data breach that exposed the email addresses of the exchanges 5.7 million...
Read more...
A researcher at the cloud security company Lightspin recently discovered a flaw in the Amazon Web Services (AWS) Elastic Container Registry (ECR) Public Gallery that threat actors could have exploited to delete or modify container images with billions of downloads. The leveraging of an exploit in this manner would...
Read more...
The University of Pennsylvania Perelman School of Medicine has partnered with Intel Labs to conduct a research study on improving brain tumor detection by using a kind of machine learning called Federated ML, or FL (Federated Learning) for short. After two years, the project has demonstrated as much as a 33%...
Read more...
The CEO of the password manager LastPass, Karim Toubba, has published a blog post on the companys website disclosing a recent security breach. According to the blog post, this incident affected both LastPass and its affiliate company GoTo, with a similar blog post appearing on the GoTo website. With the help of...
Read more...
TikToks meteoric rise is due, in part, to viral challenges that spread on the social media platform. Some of these challenges are not only dumb, but down right dangerous. One of the more recent challenges revolves around a TikTok filter that masks peoples bodies with a blur of color intended to match the background...
Read more...
Three days ago, users of the sports betting service DraftKings began reporting that their accounts had been hacked. In cases in which the hacked accounts contained funds, users reported the hackers attempting to withdraw their funds to newly added bank cards. Yesterday, DraftKings acknowledged these reports publicly...
Read more...
There's been a ton of speculation over the last couple of years about a potential successor to the Nintendo Switch. To be clear, what developers have achieved on that machine is nothing short of astonishing considering that it was fairly mediocre hardware even when it released back in 2017. That's understandable given...
Read more...
Threat researchers at the cybersecurity firm Proofpoint have discovered an extensive malware campaign targeting readers of online news outlets. A threat actor tracked as TA569, also known as SocGholish, has managed to compromise the infrastructure of a media company that serves content to a large number of news...
Read more...
Yesterday, the cloud storage provider Dropbox disclosed a recent phishing attack targeting the companys employees that resulted in unauthorized access to 130 of its GitHub repositories. Fortunately, the incident didnt escalate to a breach affecting any users Dropbox content, passwords, or payment information...
Read more...
Yesterday, a thirty-four year old resident of London. England, Daniel Kaye, was called before a grand jury to answer for nine federal charges. Kaye is accused of operating an online marketplace where cybercriminals bought and sold stolen information and illicit items. According to court documents, this online...
Read more...
See Tickets, an online event ticket vendor that services both Europe and North America, has disclosed a major data breach affecting its payment processing portals. While the data breach notice is light on details, See Tickets customers should know that their payment information, including...
Read more...
Over the weekend, a group of Iranian hackers stole a trove of files from a nuclear technology agency. However, rather than comprising astate-backed hacking group, the hackers in question identify as anti-regime hacktivists who operate under the name Black Reward. The group claims to have stolen at least 50 GB of files...
Read more...
Advocate Aurora Health (AAH), a healthcare provider with locations in Illinois and Wisconsin, has published a data breach notice to its website. However, rather than being the victim of a ransomware attack or some other form of unauthorized access, AAH has instead attributed the incident to a bit of...
Read more...
On September 24, the cyber threat intelligence company SOCRadar notified Microsoft that one of its Azure Blob Storage servers was misconfigured and leaking customer information. Now, almost a month later, both Microsoft and SOCRadar have released blog posts warning businesses that some of their transaction data...
Read more...
On October 10, less than a month after Australia was hit by its largest ever data breach, the Australian online retail store MyDeal was struck by a data breach. According to Woolworths Group, which recently acquired the online retailer, an unknown actor used a set of compromised employee...
Read more...
Researchers at the cybersecurity company Zscaler have discovered a new version of the Ducktail Infostealer in a malware campaign seeking to steal Facebook Business account credentials. Cybersecurity researchers first identified the Ducktail Infostealer in 2021, attributing the bit of malware to a Vietnamese threat...
Read more...
Toyota, the worlds largest car company, recently discovered that an access key for one of its data servers has been publicly available on GitHub for almost five years, exposing the data on this server to potential unauthorized third party access. The data server in question stores information...
Read more...
