Data Breach in Adult Site Luscious Compromises Privacy of All Users

Luscious is a niche pornographic image site focused primarily on animated, user-uploaded content. Based on the research carried out by our team, the site has over 1 million registered users. Each user has a profile, the details of which could be accessed through our research. Private profiles allow users to upload, share, comment on, and Read more about Data Breach in Adult Site Luscious Compromises Privacy of All Users[…]

Google’s AI can be manipulated into “accidentally” deactivating targetted user accounts

Jordan B. Peterson had his gmail account deactivated and I had the opportunity to inspect the bug report as a full-time employee. What I found was that Google had a technical vulnerability that, when exploited, would take any gmail account down. Certain unknown 3rd party actors are aware of this secret vulnerability and exploit it. Read more about Google’s AI can be manipulated into “accidentally” deactivating targetted user accounts[…]

Capital One gets Capital Done: Hacker swipes personal info on 106 million US, Canadian credit card applicants

A hacker raided Capital One’s cloud storage buckets and stole personal information on 106 million credit card applicants in America and Canada. The swiped data includes 140,000 US social security numbers and 80,000 bank account numbers, we’re told, as well as one million Canadian social insurance numbers, plus names, addresses, phone numbers, dates of birth, Read more about Capital One gets Capital Done: Hacker swipes personal info on 106 million US, Canadian credit card applicants[…]

Google to Pay only $13 Million for sniffing passwords and emails over your wifi using Street View cars between 2007 – 2010

After nearly a decade in court, Google has agreed to pay $13 million in a class-action lawsuit alleging its Street View program collected people’s private data over wifi from 2007 to 2010. In addition to the moolah, the settlement—filed Friday in San Francisco—also calls for Google to destroy all the collected data and teach people Read more about Google to Pay only $13 Million for sniffing passwords and emails over your wifi using Street View cars between 2007 – 2010[…]

Evite Invites Over 100 Million People to Their Data Breach – with cleartext passwords

“In April 2019, the social planning website for managing online invitations Evite identified a data breach of their systems. Upon investigation, they found unauthorised access to a database archive dating back to 2013. The exposed data included a total of 101 million unique email addresses, most belonging to recipients of invitations. Members of the service also Read more about Evite Invites Over 100 Million People to Their Data Breach – with cleartext passwords[…]

Bitpoint cryptocurrency exchange hacked for $32 million

Japan-based cryptocurrency exchange Bitpoint announced it lost 3.5 billion yen (roughly $32 million) worth of cryptocurrency assets after a hack that happened late yesterday, July 11. The exchange suspended all deposits and withdrawals this morning to investigate the hack, it said in a press release. Thoroughly compromised In a more detailed document released by RemixPoint, Read more about Bitpoint cryptocurrency exchange hacked for $32 million[…]

UK data regulator threatens British Airways with 747-sized fine for massive personal data blurt

The UK Information Commissioner’s Office has warned BA it faces a whopping £183.39m following the theft of million customer records from its website and mobile app servers. The record-breaking fine – more or less the lower end of the price of one of the 747-400s in BA’s fleet – under European General Data Protection Regulation Read more about UK data regulator threatens British Airways with 747-sized fine for massive personal data blurt[…]

Zipato Zipamicro smart home hub totally pwned

In new research published Tuesday and shared with TechCrunch, Dardaman and Wheeler found three security flaws which, when chained together, could be abused to open a front door with a smart lock. Smart home technology has come under increasing scrutiny in the past year. Although convenient to some, security experts have long warned that adding Read more about Zipato Zipamicro smart home hub totally pwned[…]

Telcos around the world were so severely pwned, they didn’t notice the hackers setting up VPN points

Hackers infiltrated the networks of at least ten cellular telcos around the world, and remained hidden for years, as part of a long-running tightly targeted surveillance operation, The Register has learned. This espionage campaign is still ongoing, it is claimed. Cyber-spy hunters at US security firm Cybereason told El Reg on Monday the miscreants responsible Read more about Telcos around the world were so severely pwned, they didn’t notice the hackers setting up VPN points[…]

U.S. and Iran’s Hackers Are Trading Blows

Chris Krebs, the director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, issued a statement on June 22 following similar warnings from private American cybersecurity firms. Krebs, whose recently renamed agency is tasked with protecting American critical infrastructure, said CISA is “aware of a recent rise in malicious cyber activity” against American Read more about U.S. and Iran’s Hackers Are Trading Blows[…]

Lab Testing Giant Quest Diagnostics Says Data Breach May Have Hit Nearly 12 Million Patients

Clinical lab testing titan Quest Diagnostics acknowledged in a press release on Monday that an “unauthorized user” had gained access to personal information on around 11.9 million customers, including some financial and medical data. Per NBC News, news of the breach comes via way of a Securities and Exchange Commission filing in which Quest wrote Read more about Lab Testing Giant Quest Diagnostics Says Data Breach May Have Hit Nearly 12 Million Patients[…]

Supra smart TVs allow anyone on wifi network to switch video to whatever they want

Owners of Supra Smart Cloud TVs are in danger of getting some unwanted programming: it’s possible for miscreants or malware on your Wi-Fi network to switch whatever you’re watching for video of their or its choosing. Bug-hunter Dhiraj Mishra laid claim to CVE-2019-12477, a remote file inclusion zero-day vulnerability that allows anyone with local network Read more about Supra smart TVs allow anyone on wifi network to switch video to whatever they want[…]

Strewth: Hackers slurp 19 years of Oz student data in uni’s second breach within a year

The Australian National University (ANU) today copped to a fresh breach in which intruders gained access to “significant amounts” of data stretching back 19 years. The top-ranked Oz uni said it noticed about a fortnight ago that hackers had got their claws on staff, visitor and student data, including names, addresses, dates of birth, phone Read more about Strewth: Hackers slurp 19 years of Oz student data in uni’s second breach within a year[…]

Radio signals used for ILS plane landings can easily be spoofed using tools amounting to just $600

With about $600 and a few tools, hackers could fake the radio signals used by commercial airplanes to navigate and land safely, according to new research. In a paper and demonstration from researchers at Northeastern University in Boston, a software defined radio — a non-traditional radio that uses software instead of hardware for many components Read more about Radio signals used for ILS plane landings can easily be spoofed using tools amounting to just $600[…]

Hackers abuse ASUS cloud service to install backdoor on users’ PCs – again

ASUS’ update mechanism has once again been abused to install malware that backdoors PCs, researchers from Eset reported earlier this week. The researchers, who continue to investigate the incident, said they believe the attacks are the result of router-level man-in-the-middle attacks that exploit insecure HTTP connections between end users and ASUS servers, along with incomplete Read more about Hackers abuse ASUS cloud service to install backdoor on users’ PCs – again[…]

One of the World’s Largest Crypto Exchanges, Binance, Hacked to the Tune of $40 Million

Cryptocurrency trading hub Binance, one of the world’s largest, has confirmed it lost about 7,000 Bitcoins (around $40 million) to hackers after its so-called “hot wallet,” i.e. one connected to the internet and used to process transactions, was breached, Bloomberg reported on Tuesday. The hot wallet in question contained about two percent of Binance’s holdings Read more about One of the World’s Largest Crypto Exchanges, Binance, Hacked to the Tune of $40 Million[…]

Wannacry-slayer Marcus Hutchins pleads guilty to two counts of banking malware creation after being held for 2 years by US. Forced confession, maybe?

Marcus Hutchins, the British security researcher who shot to fame after successfully halting the Wannacry ransomware epidemic, has pleaded guilty to crafting online bank-account-raiding malware. For nearly two years now, Hutchins, 24, has been under house arrest in the US after being collared at Las Vegas airport by FBI agents acting on a tip-off. The Read more about Wannacry-slayer Marcus Hutchins pleads guilty to two counts of banking malware creation after being held for 2 years by US. Forced confession, maybe?[…]

Hackers take control of top level domains to perform massive man in the middle attack

The discovery of a new, sophisticated team of hackers spying on dozens of government targets is never good news. But one team of cyberspies has pulled off that scale of espionage with a rare and troubling trick, exploiting a weak link in the internet’s cybersecurity that experts have warned about for years: DNS hijacking, a Read more about Hackers take control of top level domains to perform massive man in the middle attack[…]

Script kiddie Hackers publish personal data on thousands of US police officers and federal agents and have more in the pipeline

A hacker group has breached several FBI-affiliated websites and uploaded their contents to the web, including dozens of files containing the personal information of thousands of federal agents and law enforcement officers, TechCrunch has learned. The hackers breached three sites associated with the FBI National Academy Association, a coalition of different chapters across the U.S. Read more about Script kiddie Hackers publish personal data on thousands of US police officers and federal agents and have more in the pipeline[…]

Facebook Is Just Casually Asking Some New Users for Their Email Passwords [note – never give out your email password!!!!]

Facebook has been prompting some users registering for the first time to hand over the passwords to their email accounts, the Daily Beast reported on Tuesday—a practice that blares right past questionable and into “beyond sketchy” territory, security consultant Jake Williams told the Beast. A Twitter account using the handle @originalesushi first posted an image Read more about Facebook Is Just Casually Asking Some New Users for Their Email Passwords [note – never give out your email password!!!!][…]

Bezos’ Investigator Gavin de Becker Finds the Saudis Obtained the Amazon Chief’s Private Data (for the dick pic extortion thing a few weeks ago)

In January, the National Enquirer published a special edition that revealed an intimate relationship Bezos was having. He asked me to learn who provided his private texts to the Enquirer, and why. My office quickly identified the person whom the Enquirer had paid as a source: a man named Michael Sanchez, the now-estranged brother of Read more about Bezos’ Investigator Gavin de Becker Finds the Saudis Obtained the Amazon Chief’s Private Data (for the dick pic extortion thing a few weeks ago)[…]

A New Age of Warfare: How Internet Mercenaries Do Battle for Authoritarian Governments

NSO and a competitor, the Emirati firm DarkMatter, exemplify the proliferation of privatized spying. A monthslong examination by The New York Times, based on interviews with current and former hackers for governments and private companies and others as well as a review of documents, uncovered secret skirmishes in this burgeoning world of digital combat. A Read more about A New Age of Warfare: How Internet Mercenaries Do Battle for Authoritarian Governments[…]

Toyota Security Breach Exposes Personal Info of 3.1 Million Clients, could be part of Vietnam attack

The personal information of roughly 3.1 million Toyota customers may have been leaked following a security breach of multiple Toyota and Lexus sales subsidiaries, as detailed in a breach notification issued by the car maker today. As detailed in a press release published on Toyota’a global newsroom, unauthorized access was detected on the computing systems of Tokyo Sales Read more about Toyota Security Breach Exposes Personal Info of 3.1 Million Clients, could be part of Vietnam attack[…]