Online merchant fragrancedirect.co.uk has confirmed a miscreant broke into its systems and made off with a raft of customers’ personal data, including payment card details. The e-retailer, based in Macclesfield, England, wrote to punters this week to inform them of the digital burglary and the subsequent data leakage. “We recently discovered that some of our Read more about Card stealing MageCart infection swipes customers details and payment cards from fragrancedirect.co.uk[…]

Doordash is the latest of the “services you probably use, or at least have an account with” companies to suffer a large data breach. And while your passwords likely haven’t been compromised, it’s possible that your physical address is floating around in the Internet somewhere, among other identifying information. As Doordash wrote yesterday, an unknown Read more about Doordash  Food delivery services Latest Data Breach – 4.9m people have their physical addresses floating around the internet now[…]

Eurojust, the European Union agency that facilitates cooperation between EU prosectuors, had extended the invitation for a working meeting, the focus of which was on the probes into findings from Football Leaks, the largest data leak in history. But the meeting produced more controversy than expected. Ten countries have expressed interest in the gigantic trove Read more about Football Leaks: Possible Interest Conflict Dogs Probe[…]

The potential impact of the latest attack on iPhones is massive, not to mention hugely concerning for every user of Apple’s famous smartphone. That simply visiting a website can lead to your iPhone being hacked silently by some unknown party is worrying enough. But given that, according to Google researchers, it’s possible for the hackers Read more about up to 2% of all Apple iPhones Hacked, says Google, and Breaks ALL messaging Encryption as well as sending location data[…]

Luscious is a niche pornographic image site focused primarily on animated, user-uploaded content. Based on the research carried out by our team, the site has over 1 million registered users. Each user has a profile, the details of which could be accessed through our research. Private profiles allow users to upload, share, comment on, and Read more about Data Breach in Adult Site Luscious Compromises Privacy of All Users[…]

Jordan B. Peterson had his gmail account deactivated and I had the opportunity to inspect the bug report as a full-time employee. What I found was that Google had a technical vulnerability that, when exploited, would take any gmail account down. Certain unknown 3rd party actors are aware of this secret vulnerability and exploit it. Read more about Google’s AI can be manipulated into “accidentally” deactivating targetted user accounts[…]

The O.MG cable (or Offensive MG kit) from [MG] hides a backdoor inside the shell of a USB connector. Plug this cable into your computer and you’ll be the victim of remote attacks over WiFi. You might be asking what’s inside this tiny USB cable to make it susceptible to such attacks. That’s the trick: Read more about OMG Cable | Hackaday[…]

A hacker raided Capital One’s cloud storage buckets and stole personal information on 106 million credit card applicants in America and Canada. The swiped data includes 140,000 US social security numbers and 80,000 bank account numbers, we’re told, as well as one million Canadian social insurance numbers, plus names, addresses, phone numbers, dates of birth, Read more about Capital One gets Capital Done: Hacker swipes personal info on 106 million US, Canadian credit card applicants[…]

After nearly a decade in court, Google has agreed to pay $13 million in a class-action lawsuit alleging its Street View program collected people’s private data over wifi from 2007 to 2010. In addition to the moolah, the settlement—filed Friday in San Francisco—also calls for Google to destroy all the collected data and teach people Read more about Google to Pay only $13 Million for sniffing passwords and emails over your wifi using Street View cars between 2007 – 2010[…]

“In April 2019, the social planning website for managing online invitations Evite identified a data breach of their systems. Upon investigation, they found unauthorised access to a database archive dating back to 2013. The exposed data included a total of 101 million unique email addresses, most belonging to recipients of invitations. Members of the service also Read more about Evite Invites Over 100 Million People to Their Data Breach – with cleartext passwords[…]

Japan-based cryptocurrency exchange Bitpoint announced it lost 3.5 billion yen (roughly $32 million) worth of cryptocurrency assets after a hack that happened late yesterday, July 11. The exchange suspended all deposits and withdrawals this morning to investigate the hack, it said in a press release. Thoroughly compromised In a more detailed document released by RemixPoint, Read more about Bitpoint cryptocurrency exchange hacked for $32 million[…]

In new research published Tuesday and shared with TechCrunch, Dardaman and Wheeler found three security flaws which, when chained together, could be abused to open a front door with a smart lock. Smart home technology has come under increasing scrutiny in the past year. Although convenient to some, security experts have long warned that adding Read more about Zipato Zipamicro smart home hub totally pwned[…]

Hackers infiltrated the networks of at least ten cellular telcos around the world, and remained hidden for years, as part of a long-running tightly targeted surveillance operation, The Register has learned. This espionage campaign is still ongoing, it is claimed. Cyber-spy hunters at US security firm Cybereason told El Reg on Monday the miscreants responsible Read more about Telcos around the world were so severely pwned, they didn’t notice the hackers setting up VPN points[…]

Chris Krebs, the director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, issued a statement on June 22 following similar warnings from private American cybersecurity firms. Krebs, whose recently renamed agency is tasked with protecting American critical infrastructure, said CISA is “aware of a recent rise in malicious cyber activity” against American Read more about U.S. and Iran’s Hackers Are Trading Blows[…]

A member of the Facebook Wink Users Group discovered that after selling his Nest cam, he was still able to access images from his old camera—except it wasn’t a feed of his property. Instead, he was tapping into the feed of the new owner, via his Wink account. As the original owner, he had connected Read more about Buyer Beware: Used Nest Cams Can Let People Spy on You[…]

Clinical lab testing titan Quest Diagnostics acknowledged in a press release on Monday that an “unauthorized user” had gained access to personal information on around 11.9 million customers, including some financial and medical data. Per NBC News, news of the breach comes via way of a Securities and Exchange Commission filing in which Quest wrote Read more about Lab Testing Giant Quest Diagnostics Says Data Breach May Have Hit Nearly 12 Million Patients[…]

Owners of Supra Smart Cloud TVs are in danger of getting some unwanted programming: it’s possible for miscreants or malware on your Wi-Fi network to switch whatever you’re watching for video of their or its choosing. Bug-hunter Dhiraj Mishra laid claim to CVE-2019-12477, a remote file inclusion zero-day vulnerability that allows anyone with local network Read more about Supra smart TVs allow anyone on wifi network to switch video to whatever they want[…]

The Australian National University (ANU) today copped to a fresh breach in which intruders gained access to “significant amounts” of data stretching back 19 years. The top-ranked Oz uni said it noticed about a fortnight ago that hackers had got their claws on staff, visitor and student data, including names, addresses, dates of birth, phone Read more about Strewth: Hackers slurp 19 years of Oz student data in uni’s second breach within a year[…]

With about $600 and a few tools, hackers could fake the radio signals used by commercial airplanes to navigate and land safely, according to new research. In a paper and demonstration from researchers at Northeastern University in Boston, a software defined radio — a non-traditional radio that uses software instead of hardware for many components Read more about Radio signals used for ILS plane landings can easily be spoofed using tools amounting to just $600[…]

ASUS’ update mechanism has once again been abused to install malware that backdoors PCs, researchers from Eset reported earlier this week. The researchers, who continue to investigate the incident, said they believe the attacks are the result of router-level man-in-the-middle attacks that exploit insecure HTTP connections between end users and ASUS servers, along with incomplete Read more about Hackers abuse ASUS cloud service to install backdoor on users’ PCs – again[…]

Cryptocurrency trading hub Binance, one of the world’s largest, has confirmed it lost about 7,000 Bitcoins (around $40 million) to hackers after its so-called “hot wallet,” i.e. one connected to the internet and used to process transactions, was breached, Bloomberg reported on Tuesday. The hot wallet in question contained about two percent of Binance’s holdings Read more about One of the World’s Largest Crypto Exchanges, Binance, Hacked to the Tune of $40 Million[…]

Marcus Hutchins, the British security researcher who shot to fame after successfully halting the Wannacry ransomware epidemic, has pleaded guilty to crafting online bank-account-raiding malware. For nearly two years now, Hutchins, 24, has been under house arrest in the US after being collared at Las Vegas airport by FBI agents acting on a tip-off. The Read more about Wannacry-slayer Marcus Hutchins pleads guilty to two counts of banking malware creation after being held for 2 years by US. Forced confession, maybe?[…]

The discovery of a new, sophisticated team of hackers spying on dozens of government targets is never good news. But one team of cyberspies has pulled off that scale of espionage with a rare and troubling trick, exploiting a weak link in the internet’s cybersecurity that experts have warned about for years: DNS hijacking, a Read more about Hackers take control of top level domains to perform massive man in the middle attack[…]

A hacker group has breached several FBI-affiliated websites and uploaded their contents to the web, including dozens of files containing the personal information of thousands of federal agents and law enforcement officers, TechCrunch has learned. The hackers breached three sites associated with the FBI National Academy Association, a coalition of different chapters across the U.S. Read more about Script kiddie Hackers publish personal data on thousands of US police officers and federal agents and have more in the pipeline[…]