Recent Security News
-
FTC Bans InMarket for Selling Precise User Location Without Consent
January 22, 2024 at 03:03AM The U.S. FTC has banned InMarket Media from selling precise location data without consumer consent and ordered it to destroy collected data subject to user approval. InMarket and Outlogic faced bans for allegations of improper location data use. InMarket allegedly harvested location data from various apps, while a study revealed…
-
Apache ActiveMQ Flaw Exploited in New Godzilla Web Shell Attacks
January 21, 2024 at 11:03PM Cybersecurity researchers have observed an increase in threat actor activity exploiting a vulnerability in Apache ActiveMQ by delivering the Godzilla web shell. The web shells are concealed within an unknown binary format to evade security measures. This vulnerability has been actively exploited to deploy ransomware, rootkits, cryptocurrency miners, and DDoS…
-
BreachForums admin ‘Pompourin’ sentenced to 20 years of supervised release
January 21, 2024 at 09:37PM “Pompourin,” former admin of BreachForums, sentenced to 20 years supervised release after pleading guilty to running a site facilitating sales of stolen data, hacking tools, and illegal materials. New UEFI vulnerabilities, PixieFail, impact network booting, involving several vendors. Also critical Chrome and Ivanti Endpoint Manager Mobile vulnerabilities. Researchers discover iOS…
-
Tietoevry ransomware attack causes outages for Swedish firms, cities
January 21, 2024 at 03:15PM Finnish IT services provider Tietoevry faced a ransomware attack affecting a Swedish data center, impacting its cloud hosting customers. The attack was isolated, but caused widespread outages for multiple Swedish businesses, including the largest cinema chain and government agencies. The ransomware gang Akira is allegedly responsible, with cases of their…