After Facebook was stopped from launching a dating service in Europe on Feb. 13, infosec experts are left wondering if the social media network had learned anything from the Cambridge Analytica debacle in 2018 or the platform’s other data privacy transgressions. The EU found Facebook committed data protection violations within the forthcoming service, such as…
The U.S. government expanded its year-old lawsuit against Chinese tech firm Huawei, alleging the company conducted cyber espionage on six American competitors in an attempt to steal trade secrets to gain an unfair advantage. Filed in the federal court’s Southern District in Brooklyn, the indictment charges that Huawei’s activities violated racketeering laws by illegally gaining…
The before and after photos of thousands of plastic surgery patients in Europe were recently left vulnerable but since rectified, researchers at vpnMentor wrote in a blog post. The researchers, led by Noam Rotem and Ran Locar, discovered on Jan. 24 that NextMotion did not secure or encrypt the body images and PII of people…
The controversy over usage of facial recognition technology took center stage last week in Washington, D.C., as the House of Representatives’ Homeland Security Committee held a two-hour hearing, as opponents in the debate decry its racial bias and federal government’s quick rollout at U.S. airports without fully testing or acknowledging proven shortcomings. In his opening…
Five years after a high-profile data breach of an infidelity website where users could meet to start an extramarital affair, users of Ashley Madison are now increasingly finding themselves victimized by extortion plots to pay about $1,000 in bitcoins to save them further embarrassment. The current scheme, uncovered by Vade Secure threat analyst Damien Alexandre,…
An apparent data breach of Indian airline SpiceJet calls into question white-hat tactics to expose network vulnerabilities and protocol. The airline’s hack, compromising the data of more than 1.2 million passengers, including Indian government officials, was first reported by TechCrunch, which learned of the incident through an unnamed security researcher, who referred to his actions…
A three-year-old investigation and prosecution of cybercriminals aligned with the multinational GozNym network resulted last week in the sentencing of a Bulgaria resident in a Pittsburgh federal court. In a related action, a Tbilisi, Georgia court handed down prison sentences of seven and nine years to two Georgian members of the group, following a lengthy trial. In…
Nearly three years after attempting to extort either $100,000 in cryptocurrency or a thousand $100 iTunes gift cards from Apple, a British hacker was sentenced at Southwark Crown Court in London to a two-year suspended jail term, 300 hours of unpaid work and a six-month electronic curfew. Kerem Albayrak, 22, of North London, told Apple in…
Among the banes of existence for any human living in the 21st century is the need to periodically choose, change and remember numerous passwords, which partly explains why nearly 3 percent of computer users chose 123456 in 2019. This according to , reports Teams ID. So, if you fall into this category it may just…
Drupal Core announced multiple critical vulnerabilities that impact some of its configurations for versions: 8.8.x-dev, 8.7.x-dev, and 7.x-dev. The Drupal project uses the third-party library Archive_Tar, which released a security update – SA-CORE-2019-012, according to a Dec. 18 advisory. Multiple vulnerabilities are possible if Drupal is configured to allow .tar, .tar.gz, .bz2 or .tlz file uploads and processes them. The latest versions…
