January 9, 2024 at 04:48PM A Chinese research institute claims to have decrypted Apple’s AirDrop, allowing the government to identify users sharing content. China’s history of censorship prompted people to use AirDrop during protests, leading to Apple limiting its use. Beijing Wangshendongjian Institute reportedly cracked AirDrop, identifying users sending content and leading to the arrest … Read more
January 9, 2024 at 03:37PM The U.S. FTC banned data broker Outlogic, formerly X-Mode Social, from selling Americans’ sensitive location data. The move responds to data brokers exposing individuals’ location data revealing sensitive information. Outlogic lacked protocols to remove sensitive locations and sometimes failed to respect individuals’ opt-out preferences. The ban follows an August 2022 … Read more
January 6, 2024 at 08:30AM A ban on ransomware payments is suggested but is unlikely to work due to various reasons. Excluding critical infrastructure from the ban is essential, as not paying a ransom in these cases could risk lives. Additionally, enforcement and international cooperation present significant challenges. Instead, organizations should focus on enhancing their … Read more
January 3, 2024 at 08:23AM Xerox has confirmed a cybersecurity breach at its US subsidiary, XBS, following claims by INC Ransom of data exfiltration. The attack potentially compromised personal information, and Xerox is working with cybersecurity experts to investigate. The group behind the attack, INC Ransom, is known for indiscriminate targeting and previously threatened Xerox … Read more
January 2, 2024 at 05:36AM Google settled a lawsuit filed in June 2020, alleging that the company misled users by tracking their online activity in “incognito” or “private” mode on web browsers. The class-action lawsuit sought at least $5 billion in damages, accusing Google of violating federal wiretap laws by collecting data without explicit user … Read more
January 1, 2024 at 09:23AM Japanese game developer Ateam mistakenly set a Google Drive to allow public access, leading to exposure of sensitive data for nearly one million people over six years. This included names, contact info, and customer ID numbers. While there’s no evidence of misuse, the company advises vigilance and emphasizes the need … Read more
December 28, 2023 at 02:40PM Parking app developer EasyPark reported a data breach on its website, impacting an unknown number of its millions of users. The breach involves compromised customer data such as names, phone numbers, addresses, and partial credit card information. Cybercriminals could use this for phishing attacks, but no unauthorized transactions have occurred. … Read more
December 27, 2023 at 04:18AM A new Android backdoor, Xamalicious, has been uncovered by McAfee Mobile Research Team. It leverages accessibility permissions to execute malicious actions, including retrieving a second-stage payload and taking control of devices for fraudulent activities. The threat has been associated with 25 apps and is particularly prevalent in several countries, including … Read more
December 26, 2023 at 03:05PM Integris Health patients in Oklahoma are being targeted with blackmail emails following a cyberattack on the healthcare network. The attackers threaten to sell stolen patient data unless extortion demands are met. Integris Health confirmed unauthorized access to patient data and warns recipients not to respond to the emails or click … Read more
December 21, 2023 at 09:40AM Namibia’s SIM registration campaign faces challenges as half the population risks losing phone service in 10 days. Citizens handed biometric data to maintain service with the dominant telecommunications provider, MTC. Amid low registration rates, the government initiated a 3-month suspension period starting Jan. 1. Concerns arise over MTC’s collection and … Read more