0 Comments
A threat group has once again taken to the internet to publish data stolen from alleged victims who refuse to cooperate with its ransom demands.  In December 2019, the MAZE ransomware group published online a portion of the 120 GB of data they claimed to have stolen from Southwire, North America’s most prominent wire and cable manufacturer,
0 Comments
Patients of a hacked facial surgery company in Florida are being individually threatened by cyber-criminals, who are demanding money in return for not releasing stolen personal information to the public. The Center for Facial Restoration, Inc. (TCFFR), located in Miramar, became the victim of a cyber-attack in November last year.  In a statement published on the TCFFR
0 Comments
It’s now or never to prevent your enterprise servers running vulnerable versions of Citrix application delivery, load balancing, and Gateway solutions from getting hacked by remote attackers. Why the urgency? Earlier today, multiple groups publicly released weaponized proof-of-concept exploit code [1, 2] for a recently disclosed remote code execution vulnerability in Citrix’s NetScaler ADC and
0 Comments
Students in the Pittsburg Unified School District of Pennsylvania were left without internet access on Monday as the result of a ransomware attack. With schools’ internet servers and email compromised, youngsters returning to classes after the winter break were forced to enrich their brains the old-fashioned way, through books and direct teaching.  “We will be
0 Comments
by Paul Ducklin Right at the end of 2019, we wrote about the “decade-ending Y2K bug that wasn’t” in a serious article with a humorous side. In that article, we described a perennial “gotcha” facing Java programmers faced with the simple task of printing out the year. If you tell Java to treat the date
0 Comments
Four employees of Amazon’s home security company Ring have been fired after being caught snooping at users’ videos.  The online retail giant admitted terminating individuals over unauthorized access in a letter dated January 6 that was addressed to US senators Ron Wyden, Edward Markey, Gary Peters, Chris Van Hollen, and Christopher Coons.  In the letter, Amazon states:
0 Comments
by John E Dunn Just two days after releasing Firefox 72, Mozilla has issued an update to patch a critical zero-day flaw. According to an advisory on Mozilla’s website, the issue identified as CVE-2019-17026 is a type confusion bug affecting Firefox’s IonMonkey JavaScript Just-in-Time (JIT) compiler. Simply put, a JIT compiler takes JavaScript source code, as
0 Comments
Apple‘s senior director of global privacy has confirmed that the company scans photos uploaded to the iCloud for evidence of illegal activities such as child sexual abuse. Jane Horvath made the admission while speaking at the Consumer Electronics Show (CES) 2020 conference in Las Vegas yesterday, according to The Telegraph. While speaking at the tech conference,
0 Comments
TikTok, the 3rd most downloaded app in 2019, is under intense scrutiny over users’ privacy, censoring politically controversial content and on national-security grounds—but it’s not over yet, as the security of billions of TikTok users would be now under question. The famous Chinese viral video-sharing app contained potentially dangerous vulnerabilities that could have allowed remote attackers
0 Comments
The US Federal Trade Commission has reached a settlement with a Utah company and its former CEO over allegations that shoddy security practices led to the personal information of over a million customers’ being illegally accessed in multiple hacks. InfoTrax Systems, L.C. and its founder and former CEO Mark Rawlins allegedly failed to use reasonable, low-cost, and
0 Comments
A cyber-espionage group dubbed Bronze President has been targeting countries in South and East Asia.  Researchers at Secureworks’ Counter Threat Unit (CTU) have observed the group spying on the activities of political and law enforcement organizations and NGOs.  The threat group seems to have developed its own remote access tools, which it uses alongside publicly
0 Comments
A user who accessed their Xiaomi home security camera via their Google account was shown still images of strangers in unknown locations. The Netherlands-based user, known as “Dio-V,” was confronted with random snapshots from other people’s lives after trying to stream content from a Xiaomi Mijia to a Google Nest Hub. Dio-V reported the incident