Browsing category
The maintainers of the PHP programming language have issued an update regarding the security incident that came to light late last month, stating that the actors may have gotten hold of a user database containing their passwords to make unauthorized changes to the repository. “We no longer believe the git.php.net server has been compromised. However, […]
Recently, on a hacker forum, more than 533 million users’ personal data of the social network giant Facebook were leaked and published. The personal data of Facebook users that were leaked was in the public domain, and the leaked data of the users were from 106 countries of the world. According to the reports, the […]
In what’s likely to be a goldmine for bad actors, personal information associated with approximately 533 million Facebook users worldwide has been leaked on a popular cybercrime forum for free—which was harvested by hackers in 2019 using a Facebook vulnerability. The leaked data includes full names, Facebook IDs, mobile numbers, locations, email addresses, gender, occupation, […]
A newly discovered glitch in Zoom’s screen sharing feature can accidentally leak sensitive information to other attendees in a call, according to the latest findings. Tracked as CVE-2021-28133, the unpatched security vulnerability makes it possible to reveal contents of applications that are not shared, but only briefly, thereby making it harder to exploit it in […]
The Kroger Company is the United States’ largest supermarket by revenue and the second-largest general retailer. Kroger operates almost 2,750 supermarkets in 35 states. Kroger employs approximately 500,000 people and had over $122 billion in sales for 2019. The company has confirmed that it was impacted by the data security incident affecting Accellion, Inc. Accellion’s […]
Yandex N.V. is a Russian Dutch-domiciled multinational corporation providing Internet-related products and services including transportation, search and information services, eCommerce, navigation, mobile applications, and online advertising. They provide over 70 services. Yandex is the popular leading search engine and E-mail provider in Russia. They announced that a data breach had been discovered during routine screening […]
EMSISOFT, Antivirus Firm revealed a data breach on one of their test systems. The company used the system to evaluate and benchmark possible solutions relating to the storage and management of the log data generated by their products and services. Quickly after becoming aware of the breach, the company took the affected system offline and […]
The Office of the Washington State Auditor (SAO) on Monday said it’s investigating a security incident that resulted in the compromise of personal information of more than 1.6 million people who filed for unemployment claims in the state in 2020. The SAO blamed the breach on a software vulnerability in Accellion’s File Transfer Appliance (FTA) […]
Tel Aviv-based threat intelligence firm Kela has warned gaming companies to improve their cybersecurity posture after discovering 500,000 breached employee credentials and a million compromised internal accounts on the dark web. With the rise of gamers and purchases, the online gaming industry is estimated to reach $196 billion in revenue by 2022. On the other hand, the […]
21 people have been arrested across the UK as part of a nationwide cyber crackdown targeting customers of WeLeakInfo[.]com, a now-defunct online service that had been previously selling access to data hacked from other websites. The suspects used stolen personal credentials to commit further cyber and fraud offences, the UK National Crime Agency (NCA) said. […]
The massive state-sponsored espionage campaign that compromised software maker SolarWinds also targeted Microsoft, as the unfolding investigation into the hacking spree reveals the incident may have been far more wider in scope, sophistication, and impact than previously thought. News of Microsoft’s compromise was first reported by Reuters, which also said the company’s own products were […]
State-sponsored actors allegedly working for Russia have targeted the US Treasury, the Commerce Department’s National Telecommunications and Information Administration (NTIA), and other government agencies to monitor internal email traffic as part of a widespread cyberespionage campaign. The Washington Post, citing unnamed sources, said the latest attacks were the work of APT29 or Cozy Bear, the […]
FireEye, one of the largest cybersecurity firms in the world, said on Tuesday it became a victim of a state-sponsored attack by a “highly sophisticated threat actor” that stole its arsenal of Red Team penetration testing tools it uses to test the defenses of its customers. The company said it’s actively investigating the breach in […]
Spotify is a Swedish-based audio streaming and media services provider, with over 299 million active monthly users in 2020. Noam Rotem and Ran Locar, vpnMentor’s research team have discovered a potential credential stuffing operation whose origins are unknown, but that affected some online users who even have Spotify accounts. Credential stuffing is a hacking technique that takes advantage of […]
BigBasket(Innovative Retail Concepts Private Limited) is India’s largest online food and grocery store. It is funded by Alibaba Group, Mirae Asset-Naver Asia Growth Fund, and therefore the UK government-owned CDC group. “Recently BigBasket became victim to a data breach,” reported Cyble. Cyble has indexed the breached information at AmiBreached.com. The Cybel Research team found the database of Big Basket […]
“JM Bullion” company is one of the largest and most premier online retailers of precious metals like gold, silver, copper, platinum, and palladium products in the world. JM Bullion, Inc. (“JM Bullion”) and the “Provident Metals”(a subsidiary of JM Bullion company) has disclosed a data breach after their website was hacked to include malicious scripts that […]
A threat actor is selling account databases containing a total of 34 million user records that they claim were stolen from seventeen companies during data breaches. This was first advertised on October 28th by a data breach broker, who created a new topic on a hacker forum to sell the stolen user databases for seventeen […]
A database of over 350 million customer records exposed from unsecured Elasticsearch cluster belonging to voice over-internet-protocol company Broadvoice. The database was uncovered by security researcher Bob Diachenko, on October 1. He observed that the unprotected Elasticsearch cluster contained several information found unprotected. What are the Data Exposed An amount of 350 million customer records […]
Hackers compromised the Asian food delivery service Chowbus and stole customer information such as customer names, email addresses, phone numbers, and mailing addresses. Chowbus founded in 2015, it is a mobile-based food delivery App that let customers order from local restaurants in cities around the USA, Australia, and Canada. Chowbus Users Affected Chowbus customers started […]
A hacking group known for its attacks in the Middle East, at least since 2017, has recently been found impersonating legitimate messaging apps such as Telegram and Threema to infect Android devices with a new, previously undocumented malware. “Compared to the versions documented in 2017, Android/SpyC23.A has extended spying functionality, including reading notifications from messaging […]
A Russian hacker who was found guilty of hacking LinkedIn, Dropbox, and Formspring over eight years ago has finally been sentenced to 88 months in United States prison, that’s more than seven years by a federal court in San Francisco this week. Yevgeniy Aleksandrovich Nikulin, 32, of Moscow hacked into servers belonging to three American […]