Criminals have managed to hijack 1.1 million accounts at 17 companies by means of reused passwords, says New York Attorney General Letitia James. According to James, the accounts could be taken over through credential stuffing attacks. Credential stuffing uses previously leaked email addresses and passwords to gain automated access to accounts. Attackers check whether they […]
The personal and salary data of 637,000 Albanians, about a quarter of the population, has been stolen and leaked on the internet. It concerns names, identity card and passport numbers, telephone numbers, salary, position and employer that are contained in two Excel documents that are shared via WhatsApp, according to the Albanian Exit News. The […]
An estimated 45 million Americans use encrypted password managers. Another 128 million non-users are open to trying them, with concerns about security and value as the main obstacles. Nearly one-third of Americans had their identity or online credentials stolen in the past year, with another 13 percent unsure whether they’d been hacked. Among those who […]
1.6 million WordPress sites have been targeted by an active large-scale attack campaign originating from 16,000 IP addresses by exploiting weaknesses in four plugins and 15 Epsilon Framework themes.
Twitter has updated its privacy policy so that it can remove images of people that have been posted without their consent. It would require a first-person report or a report from an authorized representative to establish whether or not the individual had consented to it being shared.
A recently discovered FBI training document shows that US law enforcement can gain limited access to the content of encrypted messages from secure messaging services like iMessage, Line, and WhatsApp, but not to messages sent via Signal, Telegram, Threema, Viber, WeChat, or Wickr.
Researchers analyzed the security of four popular smartwatches for children and found pre-installed downloaders, weak passwords, and unencrypted data transmissions. The analysis demonstrates that most of these devices arbitrarily collect and periodically transmit sensitive data to remote servers without the user knowing about it.This finding is worrisome as these devices quickly grow in popularity, with […]
UK privacy regulator ICO plans to fine facial recognition company Clearview AI €20 million for violating UK privacy law. Clearview collected photos from Facebook, LinkedIn and other websites for training a facial recognition system. This system contains a database of ten billion collected images, according to the ICO. This allows police services to identify unknown […]
20% of America’s largest 100 defense contractors are highly susceptible to a ransomware attack, according to a research from Black Kite. Several critical vulnerabilities were detected that contractors should address immediately. Nearly 43% of federal defense contractors have out-of-date systems. 42% of contractors have had at least one compromised credential within the past 90 days.
Biometric authentication techniques have gained momentum over the past few years due to the inherent vulnerability of PINs, passwords, and other similar verification methods. With that said, researchers have shared how a simple fingerprint hacking technique can render biometric authentication useless as a verification method for around 5$. Steps:1. Grab a photograph of someone’s fingerprint […]