Security News > 2021

Yahil declined to say how many users have been affected for confidentiality reasons, but Singapore Airlines reported more than 580,000 impacted customers alone, meaning the compromise could ultimately impact millions of users. "Many airlines have issued public statements confirming what types of data have been affected in relation to their passengers."

Passenger data from multiple airlines around the world has been compromised after hackers breached servers belonging to SITA, a global information technology company. A SITA representative told BleepingComputer that the intrusion impacts data of passengers from the airlines listed below.

Nearly 80% of senior IT and IT security leaders believe their organizations lack sufficient protection against cyberattacks despite increased IT security investments made in 2020 to deal with distributed IT and work-from-home challenges, according to a new IDG survey commissioned by Insight Enterprises. The survey examined the impact of the distributed IT landscape and pandemic-related transition to a remote workforce on IT security, including shifts in modernization priorities, projects undertaken in 2020 and major obstacles faced in strengthening cybersecurity defenses.

A new AI-powered Google Chrome extension will automatically turn on YouTube extensions if it detects you are eating noisy chips. I doubt few people have not experienced hearing a movie, TV show, or video while someone next to you is loudly eating chips.

This month Google begins a public test of a technology it says will eventually replace browser cookies in an effort to boost Chrome browser user privacy. The as-yet unproven technology allows browsers to group people together by their interests and give them more anonymity yet still allow for appropriate targeted advertising, which remains at the core of the company's interest in outfitting their Chrome browser with FLoC. Google's stance is that it will balance the need to preserve people's privacy by preventing individual tracking with giving advertisers and publishers the relevant info they need to recognize their target audience.

Thousands of mobile applications expose user data through insecurely implemented cloud containers, according to a new report from security vendor Zimperium. Some of the analyzed apps would leak their entire cloud infrastructure scripts, SSH keys, web server config files, installation files, or passwords.

My understanding is that prior to the publication of "Primes is in P," many workers in the specialized field of complexity theory had formed the opinion that no deterministic polynomial-time algorithm could be found for primality testing. Colleagues might have looked skeptically at Agrawal for working on the problem of finding such an algorithm.

SITA didn't elaborate on the nature or extent of the attack, other than to describe it as "Highly sophisticated but limited." According to its own disclosure, the attackers obtained passenger records from servers hosted in an Atlanta, Georgia data centre operated by an American subsidiary. "The data in question relates exclusively to service card numbers, status level and in some cases names. Unfortunately, your customer data is also affected. You can rest assured that no passwords, email addresses or other personal customer data were stolen in the incident."

Researchers have discovered what they say is the first variant of the Gafgyt botnet family to cloak its activity using the Tor network. In order to evade detection, Gafgyt tor uses Tor to hide its command-and-control communications, and encrypts sensitive strings in the samples.

TechRepublic's cheat sheet about the National Institute of Standards and Technology's Cybersecurity Framework is a quick introduction to this new government recommended best practice, as well as a "Living" guide that will be updated periodically to reflect changes to the NIST's documentation. Executive summaryWhat is the NIST Cybersecurity Framework? The NIST CSF is a set of optional standards, best practices, and recommendations for improving cybersecurity and risk management at the organizational level.