There’s some bad news for Meta, in the form of a $277 million fine related to a data breach which impacted no fewer than 500 million users. The fine, issued by the Irish Data Protection Commission, is a result of the fallout from scraped data posted to a hacking forum in 2019. As The Guardian notes, this brings the current…
Search giant Google on Friday released an out-of-band security update to fix a new actively exploited zero-day flaw in its Chrome web browser. The high-severity flaw, tracked as CVE-2022-4262, concerns a type confusion bug in the V8 JavaScript engine. Clement Lecigne of Google’s Threat Analysis Group (TAG) has been credited with reporting the issue on November 29, 2022. Type confusion…
A threat group tracked as ‘Worok’ hides malware within PNG images to infect victims’ machines with information-stealing malware without raising alarms. This has been confirmed by researchers at Avast, who built upon the findings of ESET, the first to spot and report on Worok’s activity in early September 2022. ESET warned that Worok targeted high-profile victims, including government entities in…
The Federal Bureau of Investigation (FBI) says Americans who share their phone number online are being targeted by Google Voice authentication scams. As the federal law enforcement agency explains, the fraudsters are targeting those who have posted their phone number as a form of contact when trying to sell various items on online marketplaces or social media apps. “Recently, we…
If you are an AT&T enterprise customer with some older technology on the edge of your network, your infrastructure may be under attack by a Russian botnet dubbed EwDoor. In late October this year, researchers at 360 Netlab discovered a threat actor attacking Edgewater Networks’ devices using the four-year-old CVE-2017-6079. This vulnerability, when exploited, could allow the attacker to…
Security researchers analyzed nine popular WiFi routers and found a total of 226 potential vulnerabilities in them, even when running the latest firmware. The tested routers are made by Asus, AVM, D-Link, Netgear, Edimax, TP-Link, Synology, and Linksys, and are used by millions of people. The front-runners in terms of the number of vulnerabilities are the TP-Link Archer AX6000,…
Security researchers discovered that attackers are also deploying a Linux backdoor on compromised e-commerce servers after injecting a credit card skimmer into online shops’ websites. The PHP-coded web skimmer (a script designed to steal and exfiltrate customers’ payment and personal info) is added and camouflaged as a .JPG image file in the /app/design/frontend/ folder. The attackers use this script…
We’ve come a long way from the Internet of the 90s and early 00s. Not just in terms of technology, capabilities, and culture, but in the attitude most of us take when accessing the ‘net. In those early days most users had a militant drive to keep any personal or identifying information to themselves beyond the occasional (and often…
On Nov. 8, investment platform Robinhood announced that a data hack revealed the personal information of more than 7 million of its customers.
Danger lurks around every corner online. Whether you’re using a phone, a tablet, or a computer, you always have to keep your guard up to avoid hacks and scams. This is especially true for Android users, as dangerous phishing campaigns appear to be popping up on a weekly basis. The latest is PhoneSpy, and it involves a collection of spyware…
There’s some bad news for Meta, in the form of a…
Search giant Google on Friday released an out-of-band security update to…
LastPass maintains that passwords remain safely encrypted. Password manager LastPass announced Wednesday…
