Someone is allegedly selling up-to-date mobile phone numbers of nearly 500 million WhatsApp users. A data sample investigated by Cybernews likely confirms this to be true.
Worldwide, a total of 890,000 computers were infected and more than fifty million passwords were stolen. This is the conclusion of security company Group-IB based on its own research. Investigators from the company identified 34 gangs behind the attacks using known malware such as RedLine and Raccoon Infostealer. This malware is capable of stealing login […]
Online gambling platform DraftKings has been hit by a credential stuffing attack in which attackers managed to break into users’ accounts and steal some $300,000. Credential stuffing uses previously leaked email addresses and passwords to gain automated account access. Attackers check whether they can also log in to website B with credentials stolen from website […]
Free service offers such as Office365 and Google Workspace are excluded from public procurement according to the French Ministry. Their position reflects ongoing European concerns about cloud data sovereignty, competition, and privacy rules. Paid versions of these cloud services might be an option if they hadn’t already been disallowed based on worries about data safety. […]
Analysts see an uptick in token theft from authenticated users, allowing threat actors to bypass MFA protections. Stealing session cookies has become one of the most common ways that attackers circumvent multifactor authentication. For unmanaged devices, they recommend conditional access policies and strong controls.
The CNIL pronounced against the company Discord INC. a fine of 800,000 euros for failing to comply with several GDPR obligations, in particular with regard to retention periods and the security of personal data. Discord is a voice over IP (technology that allows users to chat via their microphone and/or webcam over the Internet) and […]
Google has settled in the United States for misleadingly obtaining location data from millions of users for an amount of $ 391 million. Forty US states participated in the lawsuit against the tech company. According to state attorneys general, Google has violated consumer law by misleading users about location settings since at least 2014. This […]
New research suggests that even if you disable the sharing of Device Analytics and turn on other privacy settings, Apple apps track you; data is being collected by a number of Apple iPhone apps—the App Store, Apple Music, Apple TV, Books, and Stocks.
The OpenSSL Project has patched two high-severity security flaws in its open-source cryptographic library used to encrypt communication channels and HTTPS connections.The vulnerabilities (CVE-2022-3602 and CVE-2022-3786) affect OpenSSL version 3.0.0 and later and have been addressed in OpenSSL 3.0.7. Only roughly 7,000 Internet-exposed systems running vulnerable OpenSSL versions out of a total of more than 1,793,000 unique hosts spotted by Censys online […]
The technofeudalism model involves establishing a monopoly position and using sophisticated data extraction to secure it. Google, Facebook, Microsoft, and Amazon — have turned the slippery slope of digital surveillance into a hamster wheel, a new self-perpetuating system of exploitation. Not only does the tech oligopoly seamlessly record our preferences, habits, and choices, it also […]