Russian hacker found guilty for Dropbox, LinkedIn, and Formspring breaches
Sentencing scheduled for September 2020.
Researchers create magstripe versions from EMV and contactless cards
Banking industry loophole reported more than a decade ago still remains open and ripe for exploitation today.
Amazon tells employees to remove TikTok from their phones due to security risk
Accessing the TikTok website from work laptops is still allowed, according to an internal email Amazon sent to employees today.
Backdoor accounts discovered in 29 FTTH devices from Chinese vendor C-Data
The backdoor accounts grant access to a secret Telnet admin account running on the devices' external WAN interface.
Smartwatch tracker for the vulnerable can be hacked to send medication alerts
API issues could be exploited to make calls, spy on users, send fake messages, and more.
KingComposer patches XSS flaw impacting 100,000 WordPress websites
The vulnerability could be exploited to execute malicious payloads in visitor browsers.
Google bans stalkerware ads
New Google Ads policy that bans stalkerware enters into effect on August 11.
Zoom working on patching zero-day disclosed in Windows client
Security firm has disclosed today a zero-day vulnerability in Zoom's Windows client.
Researchers connect Evilnum hacking group to cyberattacks against Fintech firms
The APT is also a loyal customer of Golden Chickens, a Malware-as-a-Service outfit.
Google abandons Isolated Region cloud services project in China
Google says the Isolated Region project was scrapped due to other services offering “better outcomes.”
More pre-installed malware has been found in budget US smartphones
Cheap phones often have tradeoffs but researchers say this should never compromise user safety.
Nvidia fixes code execution vulnerability in GeForce Experience
Security updates have also been released for the JetPack software development kit.
Conti ransomware uses 32 simultaneous CPU threads for blazing-fast encryption
The Conti ransomware also abuses the Windows Restart Manager component to unlock apps and free up their data (for encryption).
Microsoft’s new KDP tech blocks malware by making parts of the Windows kernel read-only
New KDP security feature is currently being tested with Windows 10 Insider builds.
Google open-sources Tsunami vulnerability scanner
Google says Tsunami is an extensible network scanner for detecting high-severity vulnerabilities with as little false-positives as possible.
Civil rights auditors slam Facebook stance on Trump, voter suppression
Facebook has admitted there is still a “long way to go” to quell recent criticism of civil rights issue handling.
Fxmsp hacker indicted by feds for selling backdoor access to hundreds of companies
Backdoors into government networks and corporations were allegedly sold to other criminal enterprises.
Mozilla suspends Firefox Send service while it addresses malware abuse
Mozilla has temporarily suspended the Firefox Send file-sharing service while it adds a Report Abuse mechanism.
Free decryptor available for ThiefQuest ransomware victims
ThiefQuest (EvilQuest) ransomware victims can now recover their encrypted files for free, without needing to pay the ransom demand.
German authorities seize server that hosted data on US cops
BlueLeaks portal is now down. The website hosted 296 GB of files stolen from more than 200 US police departments and fusion training centers.
Windows 10 Security Game-Changer As Microsoft Reveals New Hacker Protection
Microsoft is set to bring a powerful new security feature to Windows 10 that just might be a game-changer.
15 Billion Stolen Logins Are Circulating on the Dark Web
Plus: Facebook's Roger Stone takedown, the BlueLeaks server seizure, and more of the week's top security news.
Exclusive: Any Chingari App (Indian TikTok Clone) Account Can Be Hacked Easily
Following vulnerability disclosure in the Mitron app, another viral TikTok clone in India has now been found vulnerable to a critical but easy-to-exploit authentication bypass vulnerability, allowing anyone to hijack any user account and tamper with their information, content,...
Is TikTok Seriously Dangerous—Do You Need To Delete It?
Here's the reality behind all the headlines...
iPhone User Sues LinkedIn For Reading Clipboard Data After iOS 14 Alert Revelations
The fallout from Apple's new iOS 14 privacy notification feature continues as one iPhone user files a class-action lawsuit against LinkedIn for silently reading clipboard data.
