Legoland Germany has leaked the data of thousands of customers via an IDOR vulnerability. Just adjusting a number in a URL was enough to download reservation data dating back to 2015. This includes period of stay, names and addresses of customers who made the reservation for Legoland, as well as the people who were with […]
The developers behind the speed camera app Speedcam Everywhere have come under fire from British users, who say the app leads to a surveillance state. The app turns smartphone users into a kind of walking speed camera. When users see or hear a car coming, they start the app and film the vehicle. The app […]
Palo Alto Networks warned customers yesterday that some of its firewall, VPN, and XDR products are vulnerable to a high severity OpenSSL infinite loop bug disclosed three weeks ago.Threat actors can exploit this security vulnerability (tracked as CVE-2022-0778) to trigger a denial of service state and remotely crash devices running unpatched software.Even though the OpenSSL […]
Attackers send phishing emails with a (non-)password-protected PDF purporting to be a faxed document or convincingly spoofed Microsoft OneDrive page. The automated email security scanner must extract the destination URL from a PDF document and solve the CAPTCHA. These conditions prevent email security scanners from detecting phishing URLs in attachments, or provides attachment previews allowing […]
Palo Alto Networks warned customers yesterday that some of its firewall, VPN, and XDR products are vulnerable to a high severity OpenSSL infinite loop bug disclosed three weeks ago.Threat actors can exploit this security vulnerability (tracked as CVE-2022-0778) to trigger a denial of service state and remotely crash devices running unpatched software.Even though the OpenSSL […]
Apple has not yet fixed zero-day exploits on macOS, leaving many Mac computers especially macOS Big Sur and macOS Catalina vulnerable, according to a new report. Two of the active zero-days Apple tackled include CVE-2022-22674 and CVE-2022-22675. The first exploit (CVE-2022-22674) is a ‘write bug’ that can allow malicious apps to execute arbitrary code. While […]
Password managers are vital tools that can help you stay safe online and be more digitally secure by simplifying the steps to using strong passwords. And they’re easier to use than you may think. Yet four out of five American adults don’t use a password manager, according to a study from Security.org.
Bank of Ireland failed to:– report dataleaks without delay;– provide sufficient detail to the DPC;– issue communications to data subjects without undue delay;– failed to implement appropriate technical and organisational measures. Result: €463,000 fine
Network manufacturer Zyxel warns of a critical vulnerability that could allow an attacker to become administrator of Zyxel firewalls. The devices contain a vulnerability that could allow an attacker to bypass authentication and gain administrative access to the device. The impact of the leak, designated CVE-2022-0342, has been rated 9.8 on a scale of 1 […]
VPNs may claim in their ads and on their websites that they can protect your PC from hackers, or keep your passwords safe, or make sure that websites can’t track you. But is it worth paying between $50 and $150 a year for these VPN services? In 2021, Grauer and Troutman from the University of […]