Security News

The San Francisco International Airport disclosed this week two of its websites had been hacked and lead to the disclosure of some users' login credentials at both sites. "The attackers inserted malicious computer code on these websites to steal some users' login credentials," according to a message posted to both site's homepages by the SFO's Airport Information Technology and Telecommunications director.

Sophos experts discuss the biggest cybersecurity stories of the last week.

Dan Patterson speaks to cybersecurity expert Robert Lee about the capabilities of Russian hackers as well as the risks IoT and industrial IoT pose to smart cities. CNET and CBS News Senior Producer Dan Patterson spoke with cybersecurity company Dragos, Inc., Founder and CEO Robert Lee about the risks emerging technologies like IoT pose to smart cities and their infrastructures as well as Russia's involvement with hacking US elections.

Dragos, Inc., Founder & CEO Robert Lee talks to Dan Patterson about the risks of IoT as well as the capabilities of Russian hackers.

A rival hacking forum has yet again hacked OGUsers - the second time in a year - and yet again doxxed its database for one and all to grab, fast on the heels of the attack. OGUsers is a forum devoted to trading stolen Instagram, Twitter and other accounts, with a special place in its dark heart for hackers who like to trade SIM swappers' stolen phone numbers and Bitcoin accounts.

Turns out merely visiting a website - not just malicious but also legitimate sites unknowingly loading malicious ads as well - using Safari browser could have let remote attackers secretly access your device's camera, microphone, or location, and in some cases, saved passwords as well. "If the malicious website wanted camera access, all it had to do was masquerade as a trusted video-conferencing website such as Skype or Zoom," Pickren said.

We may have to get the government involved to require certain standards to be met via some sort of security framework. The first thing you have to realise is a "Top down" approach to security does not work for a whole heap of reasons.

Daniel's Hosting, which hosts about 7,600 dark web portals for free, has been hacked and is down. It's unclear when, or if, it will be back up....

Group video chat app Houseparty has offered a $1m bounty to identify what it claims is an organised campaign to falsely depict it as a hackers' backdoor. Announced at 4am UTC on the firm's Twitter account, the million-dollar bounty is being offered to "The first individual to provide proof of such a campaign," with Epic Games, the firm behind Houseparty, alleging this effort is "a paid commercial smear to harm Houseparty."

Marriott Hotels has suffered its second data spillage in as many years after an "Unexpected amount" of guests' data was accessed through two compromised employee logins, the under-fire chain has confirmed. The size of the latest data exposure has not been disclosed, though Marriott admitted it seemed to have started in January 2020 and was detected "At the end of February."