February 20, 2024 at 10:23AM Smart home security camera provider, Wyze, disclosed a cybersecurity incident to its customers, revealing that around 13,000 users were able to view other users’ camera feeds due to a security issue following a service outage. The company stated that only 1,504 users accessed the feeds, representing 0.25% of all users. … Read more
February 13, 2024 at 03:30AM Meta has acknowledged the potential for account takeovers due to the reuse of phone numbers, particularly after being abandoned for at least 45 days. This issue implicates telecom companies’ phone number recycling practices, leading to security and privacy risks. Despite reports and attempts to address the issue, Meta has declined … Read more
February 6, 2024 at 04:58PM Mozilla expanded its privacy-monitoring service with Monitor Plus, aiming to remove subscribers’ data from data brokers’ sites for $8.99/month. This move reflects revenue diversification efforts and responds to growing privacy concerns. The service, offering wider data removal coverage than competitors, anticipates the influence of upcoming data protection laws and regulations. … Read more
February 6, 2024 at 01:06PM The UAE’s head of cybersecurity expresses concern over VPN misuse in the country. With 61.7% VPN adoption rate, high usage is attributed to strict internet regulations and to access restricted content. However, the government forbids illegal VPN use and warns of penalties. Widespread usage poses challenges for cybersecurity and law … Read more
January 23, 2024 at 11:50AM Jason’s Deli warns of a data breach affecting customers’ personal data in a credential stuffing attack. Hackers obtained member account credentials from other sources and used them to target the restaurant’s website. The breach exposes various customer information. The company cannot specify the number of affected accounts but is notifying … Read more
January 23, 2024 at 11:10AM Baltimore man accused of running online service selling personal data for fraud faces up to 20 years in prison. Chouby Charleron allegedly operated a TLO service, providing victims’ personally identifiable information for a fee. The U.S. Postal Service filed charges based on evidence linking Charleron to the operation from his … Read more
January 23, 2024 at 06:54AM Online services at several Swedish government agencies and shops were disrupted in a ransomware attack by a Russian hacker group, impacting online purchases at cinema chains, department stores, and the national government’s human resources system. The attack affected 120 government agencies and over 60,000 employees. IT company Tietoevry estimated the … Read more
January 18, 2024 at 08:18AM Australian researcher Troy Hunt discovered a credential stuffing list named Naz.API, consisting of over 70 million unique email addresses and passwords, sourced from malware and a defunct OSINT tool. One-third of the addresses were not previously known, and the data has been added to Have I Been Pwned and Pwned … Read more
January 11, 2024 at 01:44PM Job scammers are targeting Facebook users with fake work-from-home offers to steal personal data and banking details. The attackers impersonate legitimate recruiters and entice victims to install chat apps. Once engaged, they request personal information and credentials. To avoid falling victim, job seekers are advised to verify offers directly with … Read more