Security News
A security engineer and ex-contributor to an open systems non-profit organization recently reported a data leak to the organization. On discovering this GitHub repository which, the engineer says, was public since at least 2019, the engineer privately reported it to Apperta, and got thanked by them.
Grades and social security numbers for students at the University of Colorado and University of Miami patient data have been posted online by the Clop ransomware group. The ransomware gang then contacted the organizations and demanded $10 million in bitcoin or they would publish the stolen data.
The Justice Department has charged a Swiss hacker with computer intrusion and identity theft, just over a week after the hacker took credit for helping to break into the online systems of a U.S. security-camera startup. Swiss authorities said they had raided Kottmann's home in Lucerne late last week at the request of U.S. authorities.
A security blip in the current version of Zoom could inadvertently leak users' data to other meeting participants on a call. The flaw stems from a glitch in the screen sharing function of video conferencing platform Zoom.
The now-defunct WeLeakInfo data breach site has suffered its own data breach after a threat actor leaked the service's payment information and customer info. Last Thursday, a threat actor released an archive of payment processing data used by WeLeakInfo when processing payments through Stripe.
The now-defunct WeLeakInfo data breach site has suffered its own data breach after a threat actor leaked the service's payment information and customer info. Last Thursday, a threat actor released an archive of payment processing data used by WeLeakInfo when processing payments through Stripe.
The now-defunct WeLeakInfo data breach site has suffered its own data breach after a threat actor leaked the service's payment information and customer info. Last Thursday, a threat actor released an archive of payment processing data used by WeLeakInfo when processing payments through Stripe.
Microsoft Exchange servers around the world are still getting compromised via the ProxyLogon and three other vulnerabilities patched by Microsoft in early March. A. Human operated ransomware attacks are utilizing the Microsoft Exchange vulnerabilities to exploit customers.
Software giant Microsoft Corp. has launched an investigation to determine whether one of its flagship information-sharing programs sprung a leak that led to the widespread exploitation of Exchange server deployments around the world. According to a bombshell report in the Wall Street Journal, Redmond is looking closely at its Microsoft Active Protections Program to figure out if an anti-malware partner in China leaked proof-of-concept code ahead of the availability of security updates.
Doctoral student Riccardo Paccagnella, master's student Licheng Luo, and assistant professor Christopher Fletcher, all from the University of Illinois at Urbana-Champaign, delved into the way CPU ring interconnects work, and found they can be abused for side-channel attacks. "It is the first attack to exploit contention on the cross-core interconnect of Intel CPUs," Paccagnella told The Register.