Category: security

Thousands of Verizon employees at risk following insider breach — but customer data should be safe

Verizon has notified the Office of the Maine Attorney General of an incident with sensitive data belonging to its employees, but it doesn’t seem to be a full-blown data breach, or leak. As reported by BleepingComputer, the company shared a breach notification with the US Government agency in which it…

Read More

Job seekers beware — hackers are exploiting SQL flaws to steal data on millions of victims

Millions of people looking for a new job have had their personal data stolen and put for sale on dark web chat groups after several sites were breached. Cybersecurity experts from Group-IB have released a new report outlining their research into a relatively new threat actor called ResumeLooters and how…

Read More

Another serious Ivanti vulnerability has been found under attack, so update now

Ivanti can’t seem to catch a break, as soon after discovering and patching two major flaws that were being exploited in the wild, a third one emerged. Just like the previous two, this new threat also affects Ivanti’s Connect Secure and Policy Secure VPN products,  It’s tracked as CVE-2024-21893, and…

Read More

Your humble webcam could allow hackers to spy on you night and day — and no, a piece of tape simply won’t be enough

A new study by researchers from the Massachusetts Institute of Technology (MIT) has uncovered a potential privacy threat that could be affecting millions of screen users globally. Similar to spying through webcams, the new find reveals how hackers could use ambient light sensors in devices to obtain information about users.…

Read More

This devious new trojan is exposing a flaw in Windows SmartScreen to drain victims bank accounts

Palo Alto Networks’ cybersecurity research arm Unit 42 recently discovered a new malware variant targeting users via a vulnerability in Windows SmartScreen Mispadu is an infostealer built on Delphi, looking to extract sensitive information from victim endpoints, including banking details.  Last year Mispadu’s operators harvested roughly 90,000 bank account credentials,…

Read More

Mastodon hit by security flaw — top Twitter alternative acts fast to patch critical security issue that could have let hackers hijack user accounts

Top Twitter alternative Mastodon was found to be carrying a high-severity vulnerability which could have been used by hackers to impersonate people and take over their accounts.  The flaw is tracked as CVE-2024-23832, and has a severity rating of 9.4. It affects all Mastodon versions before 3.5.17, 4.0.13, and 4.2.5. …

Read More