Security News

The website, GDPR.EU, is an advice site for organizations that are struggling to comply with the General Data Protection Regulation laws that were imposed by the EU in 2018. "However, the irony of a EU-funded web site about GDPR having security issues isn't lost on us."

"We anticipated that things would get bad. Companies and agencies may be hoping and praying they are safe, but the work-from-home environment has created a multitude of opportunities for leaks. Too many organizations have left themselves wide open for attack. Understanding the pathways for access within a company's data network is a valuable lens for businesses and agencies to avert leaking their own assets," said Dr. Barbara Rembiesa, CEO and President, IAITAM. Assets left unsecured. In some cases, companies with high-end virtual private networks pre-loaded on business computers are allowing people to work from home on personal devices either with no VPN or with a lower-end virtual private network that may be less hacker resistant.

The discovery of leaked source code for two popular games - Counter-Strike: Global Offensive and Team Fortress 2 - has led to security concerns and even calls for gamers to uninstall the software from their computers. The developer and publisher of the two games, Valve, is downplaying the source-code leak, saying it does not see "Any reason for players to be alarmed or avoid the current builds." In a statement posted on the CS:GO and Team Fortress 2 Twitter accounts, Valve said the source code in question is older, dating to 2017 - and that it was already part of an existing leak from 2018.

Security researchers at vpnMentor found Kinomap's dribbly database during the firm's ongoing web-mapping project. You might have to pay for the subscription service to immerse you in forest greenery, but if you knew where to look, you wouldn't need to pay anything at all to get at the 42 million Kinomap users' records that the researchers found.

New Jersey IT services provider Cognizant has confirmed it is the latest victim of the Maze ransomware. Maze is unusual among ransomware strains in that it not only encrypts the data on infected Windows machines, it siphons off copies of the originals as well.

12% of users have reportedly stopped using Zoom altogether, the social platform Blind found. Zoom has been slammed for a wide array of security issues over the past couple of weeks, including Zoom bombings, personal data leaks, absence of end-to-end encryption, and more.

Internal confidential documents belonging to some of the largest aerospace companies in the world have been stolen from an industrial contractor and leaked online. The sensitive documents include details of Lockheed-Martin-designed military equipment - such as the specifications for an antenna in an anti-mortar defense system - according to a Register source who alerted us to the blueprints.

On Wednesday, AMD confirmed intellectual property related to its graphics processors was stolen last year, though insisted the leaked files will not damage its business nor compromise product security. Two days ago, AMD issued two Digital Millennium Copyright Act takedown notices to GitHub, directing the Microsoft-owned code storage biz to remove five repositories - an original repo and four copies - that contained confidential internal hardware source code for its Navi family of GPUs.

A vulnerability addressed recently in the WPvivid Backup Plugin could be exploited to obtain all files of a WordPress website, web security company WebARX reveals. WPvivid Backup Plugin is a free and open-source plugin that allows users to easily backup, migrate, and restore their WordPress installations to new hosts, or send backups to remote storage.

A now-defunct mobile app for loaning money to small business owners has been pinned down as the source of an exposed archive containing roughly 500,000 personal and business financial records. The research team at vpnMentor said it traced an exposed database of financial records back to a former Android/iOS app called MCA Wizard, developed jointly by Advantage Capital Funding and Argus Capital Funding back in 2018.