Security News

FBI seize BreachForums hacking forum used to leak stolen data
2024-05-15 14:44

The FBI has seized the notorious BreachForums hacking forum used to leak and sell stolen corporate data to other cybercriminals. The seizure occurred on Wednesday morning, soon after the site was used last week to leak data stolen from a Europol law enforcement portal.

New Spectre-Style 'Pathfinder' Attack Targets Intel CPU, Leak Encryption Keys and Data
2024-05-08 14:17

Researchers have discovered two novel attack methods targeting high-performance Intel CPUs that could be exploited to stage a key recovery attack against the Advanced Encryption Standard (AES)...

New attack leaks VPN traffic using rogue DHCP servers
2024-05-07 18:46

A new attack dubbed "TunnelVision" can route traffic outside a VPN's encryption tunnel, allowing attackers to snoop on unencrypted traffic while maintaining the appearance of a secure VPN connection. The attackers set up a rogue DHCP server that alters the routing tables so that all VPN traffic is sent straight to the local network or a malicious gateway, never entering the encrypted VPN tunnel.

BlackBasta claims Synlab attack, leaks some stolen documents
2024-05-06 11:03

The BlackBasta ransomware / cyber extortion gang is behind the recent cyber attack that resulted in the temporary shutdown of operations at Synlab Italia. The group claimed the attack on their leak site on Saturday and says they have exfiltrated approximately 1.5 TB of company and customer data, employees' personal documents, as well as the results of customers' medical tests.

Android bug leaks DNS queries even when VPN kill switch is enabled
2024-05-03 21:02

A Mullvad VPN user has discovered that Android devices leak DNS queries when switching VPN servers even though the "Always-on VPN" feature was enabled with the "Block connections without VPN" option. As Mullvad found out while investigating the issue spotted on April 22, an Android bug leaks some DNS information even when these features are enabled on the latest OS version.

Android bug can leak DNS traffic with VPN kill switch enabled
2024-05-03 21:02

A Mullvad VPN user has discovered that Android devices leak DNS queries when switching VPN servers even though the "Always-on VPN" feature was enabled with the "Block connections without VPN" option. Enabling the "Block Connections Without VPN" option ensures that ALL network traffic and connections pass through the always-connected VPN tunnel, blocking prying eyes from monitoring the users' web activity.

A million Australian pubgoers wake up to find personal info listed on leak site
2024-05-02 04:01

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

UnitedHealth confirms it paid ransomware gang to stop data leak
2024-04-23 14:28

The UnitedHealth Group has confirmed that it paid a ransom to cybercriminals to protect sensitive data stolen during the Optum ransomware attack in late February. The BlackCat/ALPHV ransomware gang claimed the attack, alleging to have stolen 6TB of sensitive patient data.

Cybercriminals threaten to leak all 5 million records from stolen database of high-risk individuals
2024-04-19 11:28

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Cerebral to pay $7 million settlement in Facebook pixel data leak case
2024-04-16 21:37

The U.S. Federal Trade Commission has reached a settlement with telehealth firm Cerebral in which the company will pay $7,000,000 over allegations of mishandling people's sensitive health data. In March 2023, the company sent out notices of data breach to 3.2 million people who had interacted with its websites, applications, and services, that their information had been exposed due to using tracking pixels on its platform.