Security News
French police reckon financial system targeted during Summer Games Nearly four weeks after the cyberattack on dozens of French national museums during the Olympic Games, the Brain Cipher...
The private member information of the BreachForums v1 hacking forum from 2022 has been leaked online, allowing threat actors and researchers to gain insight into its users. [...]
Following a data leak that brought "Tangible fear of threat to life", the UK's data protection watchdog says it intends to fine the Police Service of Northern Ireland £750,000. The August exposure of cops' data affected 9,483 officers and was described by Commissioner Pete O'Doherty of the City of London Police as "The most significant data breach that has ever occurred in the history of UK policing" in an official review.
The UnitedHealth Group has confirmed that it paid a ransom to cybercriminals to protect sensitive data stolen during the Optum ransomware attack in late February. The BlackCat/ALPHV ransomware gang claimed the attack, alleging to have stolen 6TB of sensitive patient data.
The U.S. Federal Trade Commission has reached a settlement with telehealth firm Cerebral in which the company will pay $7,000,000 over allegations of mishandling people's sensitive health data. In March 2023, the company sent out notices of data breach to 3.2 million people who had interacted with its websites, applications, and services, that their information had been exposed due to using tracking pixels on its platform.
Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.
How Google plans to make stolen session cookies worthless for attackersGoogle is working on a new security feature for Chrome called Device Bound Session Credentials, meant to prevent attackers from using stolen session cookies to gain access user accounts. A "Cascade" of errors let Chinese hackers into US government inboxesMicrosoft still doesn't known how Storm-0558 attackers managed to steal the Microsoft Services Account cryptographic key they used to forge authentication tokens needed to access email accounts belonging to US government officials.
Data belonging to more than 1.3 million customers of the PandaBuy online shopping platform has been leaked, allegedly after two threat actors exploited multiple vulnerabilities to breach systems. According to data breach aggregation service Have I Been Pwned, 1,348,407 PandaBuy accounts have been exposed in the breach.
A group of researchers has discovered a new data leakage attack impacting modern CPU architectures supporting speculative execution. Dubbed GhostRace (CVE-2024-2193), it is a variation of the...