Cybersecurity News and Product Reviews | SC Media


The DOJ to investigate Uber breach

Report: Uber employee used data-scraping tool to gather Australian competitor’s driver info


An Uber employee used a data-scraping tool to round up online data concerning an Australian competitor in order to poach drivers from its business, according to a report this week from ABC News in Australia. Reportedly created in 2015, the tool, called Surfcam, was previously reported to have been used against a rival ride-service company…

Facebook stored hundreds of millions of user passwords in plain text


Facebook is once again making headlines after the company discovered it had been storing hundreds of millions of users passwords in plain text for years. The company says its currently investigating the situation, but said in January it discovered some users passwords had been stored in a readable format  within its internal data storage systems,…

Tesla suing self-driving startup Zoox and former employees for data theft


Tesla is accusing self-driving car startup Zoox and former employees of stealing trade secrets. The automaker is suing the start-up and the bunch claiming the employees gave Zoox Tesla’s logistics info to Zoox, while another gave Tesla’s autopilot code to Xiaopeng Motors. Two lawsuits were filed this week with one claiming employees stole “proprietary information…

Researcher finds malware in USG Sony Chip HD 6 Camera surveillance kit.

Peeping Toms secretly livestream hundred of South Korean hotel guests


Two men were arrested in South Korea in a scandal involving hidden cameras that secretly filmed 1,6000 people in their hotel rooms. The men allegedly recorded women and live streamed them to paying customers to watch in the scandal which involved 42 rooms in 30 accommodations in 10 cities around the country. Cameras were hidden…

The death of the VPN – It’s time to say goodbye

Virtual private networks, VPNs, have often been referred to as the “backbone of the enterprise network.”  This is a bold statement to make about a technology that essentially hasn’t changed in almost over two decades.  And yet, a VPN’s ability to offer employees, third parties and even customers “secure” remote access into enterprise applications and…

Facebook patches denial-of-service flaw in its open-source Fizz TLS implementation


Facebook last month patched a critical denial-of-service vulnerability in Fizz, its open-source implementation for Transport Layer Security protocol TLS 1.3, researchers have reported. Unauthenticated remote attackers could exploit the flaw to create an “infinite loop,” causing the web service to be unavailable for other users and thus disrupting service, according to a March 19 blog…


11 security patches released in CUJO Smart Firewall platform


Cisco Talos researchers discovered 11 vulnerabilities in the CUJO Smart Firewall platform which could allow an attacker to ultimately take control of a device by either executing arbitrary code or by uploading and executing unsigned kernels on affected systems. Researchers found the Firewall was vulnerable to remote code execution, local code execution, smartphone app code…


Amex, Netflix customers targeted in phishing campaign


Windows Defender Security Intelligence’s Office 365 Threat Research team has uncovered a phishing campaign targeting Netflix and American Express that attempt to steal payment card information. The campaign was detected on the weekend of March 16 and is still active, according to the Windows Defender Security Intelligence Twitter feed. In each case the phishing emails…

Next post in Cybercrime