Tag: security
GoDaddy told to up security practices by FTC
FTC formally complains about GoDaddy’s security claims “Major compromises” between 2019 and 2022 are the cause for concern GoDaddy has reached a settlement with the FTC for better security A new Federal Trade Commission complaint has accused GoDaddy of misleading customers and failing to protect its web hosting services sufficiently.…
Read More
AI deepfakes estimated to cause $40 billion in losses by 2027
Deepfakes and critical infrastructure attacks are the top concerns in Blackberry’s Global Threat Intelligence Report 600,000 attacks were launched against critical infrastructure between July-September 2024 45% of these were against financial institutions Critical infrastructure attacks continue to dominate the cybersecurity conversation, with Blackberry’s Global Threat Intelligence Report revealing nearly 600,000…
Read More
Thousands of WordPress websites hit in new malware attack, here’s what we know
Security researchers find more than 5,000 websites carrying a piece of malicious code The malware installs a plugin that steals login credentials and sensitive data The researchers recommended a number of mitigation measures Thousands of WordPress websites were observed running malware able to create a rogue admin account and exfiltrated…
Read More
A flaw in Google OAuth system is exposing millions of users via abandoned accounts
Buying domains from businesses that shut down could grant access to their SaaS accounts, research finds Google argues it’s not a vulnerability, and that businesses should make sure they’re not leaving sensitive information behind Researchers propose additional safeguards Experts have found a vulnerability in Google’s OAuth “Sign in with Google”…
Read More
Blood donation firm reveals donor personal data stolen in cyberattack
OneBlood suffered a cyberattack in July 2024, and has now concluded its investigation The analysis has shown OneBlood lost sensitive information on some customers Names and Social Security numbers among the details taken OneBlood, a nonprofit medical organization crucial for the operations of healthcare firms across the Southeastern US, has…
Read More
CISA tells agencies to patch BeyondTrust bug now
CISA added two bugs found in BeyondTrust products Both were seen in the wild in December 2024 Federal agencies have until February 3, 2025 to patch up The US Cybersecurity and Infrastructure Security Agency (CISA) has added two recently-discovered BeyondTrust bugs to its Known Exploited Vulnerabilities (KEV) catalog. The move…
Read More