USPS fixes online flaw that exposed the data of 60 million customers
The United States Postal Service has patched an online security flaw that allowed anyone with an account at usps.com to view the account details of any of the 60 million people signed up to the service. In some cases, the flaw even allowed for changes to be made to information held by the accounts.
Russian hackers are targeting U.S. emails with phishing malware
Hackers are targeting both U.S. and European email accounts with new phishing malware, according to a new study. Named "Cannon," the malware has been around since October, collecting screenshots and other information from the PCs of unsuspecting victims and sending it back to Russian operatives.Â
Latest SMS breach could allow hackers access to your online accounts
More than 26 million SMS messages may have been exposed as a result of a security breach. The breach stems from a telecommunication firm not securing its online database, giving potential hackers easy access to text messages, some of which contained two-factor authentication codes and password reset links.
Nearly 700,000 websites are hacked in bid to steal cryptocurrency
Popular web analytics platform Statcounter experienced a breach on November 3, according to research from malware researcher Matthieu Faou. Up to 700,000 websites were targetted in the breach which primarily aimed to steal cryptocurrency through a malicious Javascript script on websites running Statcounter code.Â
Hackers sold 120 million private Facebook messages, report says
Up to 120 million private Facebook messages were being sold online by hackers this fall. The breach was first discovered in September, and the messages were obtained through unnamed rogue browser extensions which monitored users and mined their information while browsing through the social media website.Â
Hackers target major airline in data breach affecting nearly 10M customers
A major international airline has been targeted by hackers, with personal data belonging to nearly 10 million of its customers stolen. Cathay Pacific, which operates out of Hong Kong, says that it so far has no evidence that the data has been misused, and is now in the process of contacting those affected.
Is your router vulnerable to attacks? New report says odds aren’t in your favor
A new study from American Consumer Institute shows that 83 percent of routers in the United States are vulnerable to cyberattacks. A majority of those routers have critical security vulnerabilities, primarily due to the lack of firmware updates.
AT&T and Ericsson team up to improve ‘Internet of Things’ security
AT&T and Ericsson have teamed up to combat cybersecurity threats in the IoT world. With a growing number of business implementing connected devices into their day-to-day operations, steps must be taken to safeguard data and prevent malicious attacks from gaining entry into networks.
Newegg was cracked, customer data has leaked, and security is clearly scrambled
Online electronics retailer Newegg has found itself at the heart of an online security breach as the company's payment system was recently breached, giving hackers of the notorious group Magecart potential access to confidential customer data, including credit card information.
In mobile cyberwar, attackers prefer to phish rather than send malware
Though hackers continue to target emails as a means of cyberattack, researchers found that only 10 percent of emails contain malware. In fact, 90 percent of email attacks now use social engineering, like phishing, to target victims.
Researchers warn smart home appliances could be used to attack power grids
The smart home appliances in your house might not just be convenient for you -- they could be tools for cyber-attackers as well. Researchers at Princeton warn that hackers could hijack unsecured connected devices and turn them into a botnet that could take down power grids.
U.S. set to charge North Korean spy with Sony hack and WannaCry cyberattack
The United States Justice Department is set to announce charges against a North Korean spy for some of the biggest cyberattacks in recent memory. Pak Jin-hyok will be charged for his role in the hack that shut down Sony's operations and the WannaCry malware that crippled the British health system.
Hacked Chrome extension disguised as legitimate version steals logins
If you use Chrome extensions, you should beware of some of the security risks. Cloud service Mega.nz was recently hacked, resulting in the upload of a malicious copy of its Chrome extension Google's web store. The hacked extension was designed to steal web logins from users.
What does that high score cost you? Why one in five gamers falls victim to fraud
Hackers and cheaters might prove problematic for developers and gamers, but financial fraudsters are also giving everyone trouble. A new study suggests that many gamers forgo spending money on their favorite games because of the risk of fraud, and many others still are caught out by the scammers.
Microsoft thwarts new Russian cyberattack on U.S. senators and think tanks
Ahead of the 2018 midterm elections in the United States, Microsoft had stopped another Russian cyberattacking attempt. The latest hack was linked to Fancy Bear, a group believed to have ties to Russia's military, and Microsoft was able to take down six fake websites intended for the spearphishing attack.
At Def Con, children show how easy it can be to hack an election
How hard is it to hack a voting machine or government website? Well, it turns out that it is literally child's play. Def Con, an annual hacker's convention meeting in Las Vegas, tasked a group of children with hacking replica government websites -- and many proved successful.
Google will warn businesses if state-sponsored hackers target G Suite users
If you've received a phishing email in your company's G Suite inbox that could be the work of a state-sponsored hack, Google will notify your employers. The new warning and alert system will help give organizations that use G Suite more insight into state-sponsored attacks on their users.
New DHS cybersecurity command aims to protect U.S. from cyberattacks
The Department of Homeland Security announced the National Risk Management Center designed to help protect the nation's critical infrastructure from cyberattacks and hacks. Envisioned as a central emergency response team, the center could prevent another NotPetya or WannaCry attack.
Pay-n-pray cybersecurity isn’t working. What if we just paid when it works?
Companies and individuals sink loads of money into cybersecurity each year, and yet with each passing month, the situation seems to worsen. We spoke with a former NSA expert about a new approach to cybersecurity that could keep individuals much more aware of how they were being protected.
What kind of data leak are you? Hacker says Facebook quizzes still leak data
Cambridge Analytica all started with a personality quiz app -- and after 200 other apps have been suspended, a hacker has found a quiz platform with 120 million users that could have exposed user data. Facebook quizzes are still tracking user data -- and probably not worth the risk.
Ticketfly goes offline after refusing to pay hacker’s Bitcoin ransom
Ticketfly was hacked for not paying a ransom of one Bitcoin, but it's unclear if credit card details are part of the breach. Site owners have taken Ticketfly offline temporarily to investigate the cyberattack, though the hacker claims he may release more stolen information.
Are smart cities as safe as we think they are? Security experts say not yet
New research by non-for-profit global security association ISACA has revealed that security experts believe that malware, ransomware, and denial of service attacks continue to pose a threat to smart city infrastructure, including the energy sector, communications, and financial services.
Alexa, Siri, and Google Assistant can hear silent commands that you can’t
Researchers have proven that voice assistants like Alexa, Google Assistant and Siri can hear silent commands that the human ear can't pick up. In some cases, researchers have been able to embed commands directly into white noise or musical recordings and users were unable to perceive them.
TaskRabbit app goes down as it investigates ‘cybersecurity incident’
TaskRabbit, the service that matches freelance labor with local demand, was taken offline recently while the company investigates "a cybersecurity incident." Few details are currently available, though it advised people to change their password. Now, we have a bit more information from the CEO.
New blow for ZTE and Huawei: Devices pulled from military base stores
ZTE and Huawei continue to face perception problems in the U.S., following a Senate Intelligence Committee hearing on potential cybersecurity threats from the two companies. Here's what you need to know about the developing story, including the latest news on sales restrictions on military bases.
Udacity’s new online degree targets ‘most pressing issue of our time’
E-learning school Udacity is gearing up to launch its first-ever nanodegree program in cybersecurity. Aware of the growing threat of cyberattacks and the need for more specialists to tackle the issue, Udacity is putting the call out to relevant companies and organizations to help it design the course.
TaskRabbit back online after cyberattack, warns users to monitor their accounts
TaskRabbit is back online after a cyberattack forced the company to suspend its operation on Monday. The CEO says it's still investigating the extent of the damage, and warns users to monitor their accounts for any suspicious activity. It added that it will notify every affected individual as soon as it can.
Tech companies pledge to not help governments pull off cyberattacks
Some 34 technology companies have signed the Cybersecurity Tech Accord, pledging to help keep the internet safe from cyberattacks and committing to not helping any government from carrying out attacks This may be the first step in creating a digital Geneva Convention, even if a few big names are missing from the list.
Off-the-shelf smart home devices are a lot less safe than you think, report says
Researchers have found that a wide range of common smart home products can be compromised in as little as 30 minutes using default, factory-set passwords.
Nowhere is safe now that AMD has suffered its own Meltdown
The public disclosure of flaws in AMD processors caught the company, and security researchers, off guard. They expose hardware some had come to regard as the PC’s last safe harbor.
How Google’s ‘Project Zero’ task force races hackers to snuff out bugs
They discovered the Spectre and Meltdown security flaws before anyone else, and made sure Intel was staying honest in how it reacted. Unfortunately, the Project Zero crew aren’t the only ones searching for bugs.
Intel warned Chinese tech firms of security flaws before telling U.S. government
Intel reportedly warned several tech firms, including some based in China, of the Spectre and Meltdown security flaws before the U.S. government.
ADT beefs up its security offerings with new hardware and an app
This year, ADT is promising to not only protect their customers in their homes, but while they're on the go and on the cloud as well with a new app.
Alphabet’s new cybersecurity unit focuses on faster threat responses
Alphabet introduced a new cybersecurity company called Chronicle that focuses on simplicity, scalability, and fast responses for the enterprise. What does that mean for you? Services that are more secure due to machine learning and batter insights into vulnerabilities.