Security News

Cryptocurrency rewards platform Celsius Network has disclosed a security breach exposing customer information that led to a phishing attack. Today, Celsius CEO Alex Mashinsky stated that Celsius' third-party marketing server was compromised, and threat actors gained access to a partial Celsius customer list.

Capcom has released a final update about the ransomware attack it suffered last year, detailing how the hackers gained access to the network, compromised devices, and stole personal information belonging to thousands of individuals. In early November 2020, Ragnar Locker ransomware hit the Japanese game developer and publisher, forcing Capcom to shut down portions of their network.

The stolen data includes customer email addresses, dates of birth, phone numbers, license plate numbers, hashed passwords and mailing addresses. Gemini shared a new sales thread on a Russian-language crime forum that included my ParkMobile account information in the accompanying screenshot of the stolen data.

Online trading and discount brokerage platform Upstox has become the latest Indian company to suffer a security breach of its systems, resulting in the exposure of sensitive information of approximately 2.5 million users on the dark web. Reacting to the development, the company however said it had recently upgraded its security systems following reports of "Unauthorized access into our database" while stressing that users' funds and securities remained protected.

How scammers copied a government website almost to perfection. What to do about those fake "Bug" hunters who ask for payment for finding "Vulnerabilities" that aren't.

Specialty networking solutions provider Belden on Wednesday shared an update on the data breach disclosed in November 2020, and said health-related information was also exposed. Belden revealed in November that it had detected a data breach that resulted in the theft of some information pertaining to business partners, as well as current and former employee data.

The developers of the PHP scripting language have shared an update on the recently disclosed breach in which attackers planted malicious code. Php.net server and it was apparently designed to allow an attacker to remotely execute arbitrary PHP code.

The Dutch Data Protection Authority - the country's data protection regulator - has fined online travel and hotel booking company Booking.com almost half a million Euros over a data breach. The Dutch Data Protection Authority has imposed a €475,000 fine on Booking.com because the company took too long to report a data breach to the DPA. When the breach occurred, criminals obtained the personal data of over 4,000 customers.

For four days this past week, Internet-of-Things giant Ubiquiti failed to respond to requests for comment on a whistleblower's allegations the company had massively downplayed a "Catastrophic" two-month breach ending in January to save its stock price, and that Ubiquiti's insinuation that a third-party was to blame was a fabrication. All of a sudden, local-only networks were being connected to Ubiquiti's cloud, giving rise to countless discussion threads on Ubiquiti's user forums from customers upset over the potential for introducing new security risks.

Cybersecurity firm Qualys said today that the attackers who breached its Accellion FTA server didn't infiltrate the company's production and corporate environments. "Qualys also noted that the investigation found that the company's"existing security rules would not have allowed any such access between the Accellion FTA server and Qualys' corporate and production environment.