Hackers have slurped biz comms customers’ data from a database run by one of O2’s largest UK partners. In an email sent to its customers, the partner, Aerial Direct, said that an unauthorised third party had been able to access customer data on 26 February through an external backup database, which included personal information on Read more about Your data was ‘taken without permission’, customers told, after personal info accessed in O2 UK partner Aerial Direct database[…]

Earlier this month, the multibillion-dollar cruise conglomerate Carnival Corp. announced that two of its most popular lines—Holland America and Princess Cruises—were respectively slammed with hacks compromising the sensitive personal intel of cruise-goers and cruise-workers alike. Even though neither announcement makes mention of when each respective breach was disclosed, pulling up the source code for the Read more about Carnival Corp. (Holland America / Princess Cruises) Discloses nasty customer Data Breach Amid Covid-19 Panic[…]

Whisper, the secret-sharing app that called itself the “safest place on the Internet,” left years of users’ most intimate confessions exposed on the Web tied to their age, location and other details, raising alarm among cybersecurity researchers that users could have been unmasked or blackmailed. The data exposure, discovered by independent researchers and shown to Read more about 900 Million Secrets From 8 Years of ‘Whisper’ App Were Left Exposed Online[…]

Federal regulators waived a rule Wednesday that was causing airlines to fly nearly empty planes just to avoid losing takeoff and landing rights at major airports. The Federal Aviation Administration said it would suspend the rule through May 31 to help airlines that are canceling flights because of the new virus outbreak. The FAA assigns Read more about US Rule Waiver Will Reduce Empty Planes During Virus Outbreak (after in EU) and then closes US airspace to EU flights after blaming EU for Corona[…]

Named Load Value Injection, or LVI for short, this is a new class of theoretical attacks against Intel CPUs. While the attack has been deemed only a theoretical threat, Intel has released firmware patches to mitigate attacks against current CPUs, and fixes will be deployed at the hardware (silicon design) level in future generations. A Read more about Intel CPUs vulnerable to new LVI attacks, allows information injection[…]

Web researcher David Eade found and reported CVE-2020-8987 to Avast: this is a trio of blunders that, when combined, can be exploited by a snooper to silently intercept and tamper with an AntiTrack user’s connections to even the most heavily secured websites. This is because when using AntiTrack, your web connections are routed through the Read more about Avast’s and AVG AntiTrack promised to protect your privacy. Instead, it opened you to miscreant-in-the-middle snooping[…]

In fact, the marketing database also contained some subscribers’ requests to block or unblock access to X-rated and gambling websites, unique ID numbers of stolen cellphones, and records of whichever site they were visiting before arriving at the Virgin Media website. This is according to British infosec shop Turgensec, which discovered the poorly secured Virgin Read more about FYI: When Virgin Media said it leaked ‘limited contact info’, it meant p0rno filter requests, IP addresses, IMEIs as well as names, addresses and more[…]

Over the past few years, owners of cars with keyless start systems have learned to worry about so-called relay attacks, in which hackers exploit radio-enabled keys to steal vehicles without leaving a trace. Now it turns out that many millions of other cars that use chip-enabled mechanical keys are also vulnerable to high-tech theft. A Read more about Hackers Can Clone Millions of Toyota, Hyundai, and Kia Keys[…]

Based on Google data, two in five of Android users worldwide may no longer be receiving updates, and while these devices won’t immediately have problems, without security support there is an increased risk to the user. Our latest tests have shown how such phones and tablets, including handsets still available to buy from online marketplaces Read more about More than one billion Android devices at risk of malware threats, no longer being updated[…]

Virgin Media, one of the UK’s biggest ISPs, on Thursday admitted it accidentally spilled 900,000 of its subscribers’ personal information onto the internet via a poorly secured database. The cableco said it “incorrectly configured” a storage system so that at least one miscreant was able to access it and potentially siphon off customer records. The Read more about Virgin broadband ISP spills 900,000 punters’ records into wrong hands from insecure database[…]