Security News

Box enhances security features to prevent accidental data leaks, protect content in the cloud
2021-04-29 00:45

Box delivered more advanced security features to prevent accidental data leaks and protect content in the cloud. "With today's announcements, we are extending the power of Box Shield, along with our core security product, by implementing new and enhanced features to the Box Content Cloud and providing businesses with one secure platform for managing and securing all of their information in the cloud."

Hackers Threaten to Leak D.C. Police Informants' Info If Ransom Is Not Paid
2021-04-27 04:59

The Metropolitan Police Department of the District of Columbia has become the latest high-profile government agency to fall victim to a ransomware attack. The Babuk Locker gang claimed in a post on the dark web that they had compromised the DC Police's networks and stolen 250 GB of unencrypted files.

DC Police confirms cyberattack after ransomware gang leaks data
2021-04-27 02:35

The Metropolitan Police Department has confirmed that they suffered a cyberattack after the Babuk ransomware gang leaked screenshots of stolen data. The Metropolitan Police Department, also known as the DC Police or MPD, is the primary law enforcement agency for Washington, DC, the US capital.

Ransomware gang now warns they will leak new Apple logos, iPad plans
2021-04-26 19:48

The REvil ransomware gang has mysteriously removed Apple's schematics from their data leak site after privately warning Quanta that they would leak drawings for the new iPad and new Apple logos. Earlier this month, the ransomware gang conducted an attack on Quanta, a Taiwan-based original design manufacturer that helps manufacture the Apple Watch, Apple Macbook Air, and the Apple Macbook Pro.

Apple AirDrop Bug Could Leak Your Personal Info to Anyone Nearby
2021-04-26 04:03

"As an attacker, it is possible to learn the phone numbers and email addresses of AirDrop users - even as a complete stranger," said a team of academics from the Technical University of Darmstadt, Germany. AirDrop is a proprietary ad hoc service present in Apple's iOS and macOS operating systems, allowing users to transfer files between devices by making use of close-range wireless communication.

Hacker leaks 20 million alleged BigBasket user records for free
2021-04-25 20:28

A threat actor has leaked approximately 20 million BigBasket user records containing personal information and hashed passwords on a popular hacking forum. This morning, a well-known seller of data breaches known as ShinyHunters posted a database for free on a hacker forum that he claims was stolen from BigBasket.

Hackers threaten to leak stolen Apple blueprints if $50 million ransom isn't paid
2021-04-24 00:39

Prominent Apple supplier Quanta on Wednesday said it suffered a ransomware attack from the REvil ransomware group, which is now demanding the iPhone maker pay a ransom of $50 million to prevent leaking sensitive files on the dark web. In a post shared on its deep web "Happy Blog" portal, the threat actor said it came into possession of schematics of the U.S. company's products such as MacBooks and Apple Watch by infiltrating the network of the Taiwanese manufacturer, claiming it's making a ransom demand to Apple after Quanta expressed no interest in paying to recover the stolen blueprints.

Apple AirDrop has “significant privacy leak”, say German researchers
2021-04-23 18:59

The paper itself has a neutrally worded title that simply states the algorithm that it introduces, namely: PrivateDrop: Practical Privacy-Preserving Authentication for Apple AirDrop. For those who don't have iPhones or Macs, AirDrop is a surprisingly handy but proprietary Apple protocol that lets you share files directly but wirelessly with other Apple users nearby.

Apple, you've AirDrop'd the ball: Academics detail ways to leak contact info of nearby iThings for spear-phishing
2021-04-22 08:16

A bug-hunting team at Technische Universität Darmstadt in Germany reverse engineered AirDrop - iOS and macOS's ad-hoc over-the-air file-sharing service - and found that senders and receivers may leak their contact details in the process. Despite the team alerting Apple to the oversight in May 2019, and suggesting ways to address it last October, the iGiant hasn't issued a fix.

Facebook leaks strategy to numb reaction to data scraping incidents
2021-04-21 14:02

Facebook's long-term strategy is to desensitize users about leaked data dumps that were collected through scraping the public portion of the social network. The data also contained private phone numbers collected because of a vulnerability that Facebook fixed in August 2019, the company told BleepingComputer.