Security News

One more reason for Apple to dump Intel processors: Another SGX, kernel data-leak flaw unearthed by experts
2020-11-10 18:00

Boffins based in Austria, Germany, and the UK have identified yet another data-leaking side-channel flaw affecting Intel processors, and potentially other chips, that exposes cryptographic secrets in memory. The paper describes a way to extract confidential data from devices by measuring power consumption fluctuations in Intel chips from Sandy Bridge onward using just software and without the need to physically wire instruments to machines.

Millions of Hotel Guests Worldwide Caught Up in Mass Data Leak
2020-11-09 15:43

A widely used hotel reservation platform has exposed 10 million files related to guests at various hotels around the world, thanks to a misconfigured Amazon Web Services S3 bucket. Many of the records contain data for multiple hotel guests that were grouped together on a single reservation; thus, the number of people exposed is likely well over the 10 million, researchers said.

June Retrial Date Set for Ex-CIA Engineer in Leak Case
2020-11-04 18:42

The retrial of a former CIA software engineer charged with leaking secrets to WikiLeaks in an espionage case will begin June 7, a judge said Wednesday. U.S. District Judge Paul A. Crotty set the date for Joshua Schulte over the objections of a defense lawyer who said it would be impossible to properly prepare for a trial that started before August.

Folksam data breach leaks info of 1M Swedes to Google, Facebook, more
2020-11-03 14:45

Folksam, one of the largest insurance companies in Sweden, today disclosed a data breach affecting around 1 million Swedes after sharing customers' personal info with multiple technology giants. The insurer discovered the data breach after an internal audit according to Jens Wikström, Head of Marketing and Sales at Folksam, and reported the incident to the Swedish Data Protection Authority.

Microsoft Tips app leaks Windows 10's upcoming rounded corners
2020-11-02 17:20

The Microsoft Tips app has leaked more evidence that Microsoft is working on rounded corners for Windows 10 windows. For some time, Microsoft has been adding rounded corners to dialog boxes in Windows 10 apps such as Photos, Maps, Calculator, and the new Microsoft Edge.

Swedish Authorities, Banks Hit by Security Data Leak: Report
2020-10-27 11:47

Details of bank vault floor plans, alarm systems and the security arrangements for Swedish authorities have been leaked online after a security company was hacked, local media reported Tuesday. A total of 19 gigabytes of information and around 38,000 files were stolen from security group Gunnebo by one or more hackers in August, according to newspaper Dagens Nyheter.

Amazon sacks insiders over data leak, alerts customers
2020-10-27 04:33

Amazon has recently terminated employees responsible for leaking customer data, including their email addresses, to an unaffiliated third-party in violation of company policies. "Did anyone else get a weird email from Amazon about this data breach or was I just targeted solo?" tweeted entrepreneur Zain Jaffer.

Egregor Claims Responsibility for Barnes & Noble Attack, Leaks Data
2020-10-21 15:30

The Egregor ransomware gang has reportedly taken responsibility for the Barnes & Noble cyberattack, first disclosed on Oct. 15. The bookseller warned last week that it had been hacked in emailed notices to customers, noting that a cyberattack happened on Oct. 10, "Which resulted in unauthorized and unlawful access to certain Barnes & Noble corporate systems."

Pharma Giant Pfizer Leaks Customer Prescription Info, Call Transcripts
2020-10-20 16:20

UPDATE. Pharma giant Pfizer has leaked the private medical data of prescription-drug users in the U.S. for months or even years, thanks to an unprotected Google Cloud storage bucket. Some of the transcripts were related to conversations about Advil, which is manufactured by Pfizer in a joint venture with GlaxoSmithKline.

ThunderX Ransomware rebrands as Ranzy Locker, adds data leak site
2020-10-16 16:07

ThunderX has changed its name to Ranzy Locker and launched a data leak site where they shame victims who do not pay the ransom. The ransomware operators quickly fixed their bugs and released a new version of the ransomware under Ranzy Locker name.