Security News
Samsung said Tuesday that a "Technical error" caused its website to display other customers' personal information. People who logged on were able to see someone else's name, phone number, address, email address and previous orders.
A hacking forum this week published details of more than 10.6 million guests who stayed at MGM Resorts, the result of a breach due to unauthorized access to a cloud server that occurred at the famous Las Vegas hotel and casino last summer. MGM almost immediately confirmed the breach to ZDNet, linking it to a security incident that happened last summer, according to the report.
After coming across thousands of photos seeping out of an unsecured S3 storage bucket belonging to a photo app called PhotoSquared, security researchers at vpnMentor blurred a few. VpnMentor's Noam Rotem and Ran Locar note that PhotoSquared's failure to lock down its cloud storage has put customers at risk of identity theft, financial or credit card fraud, malware attacks, or phishing campaigns launched with the USPS or PhotoSquared postage data arming phishers with the PII they need to sound all that much more convincing.
Swiss encryption machine company Crypto AG was secretly owned by the CIA and a West Germany spy agency at the height of the Cold War, according to explosive revelations in Swiss and German media today. Although rumours had swirled for decades around Crypto AG and the backdooring of its products by the West - cough, cough, NSA - and not forgetting careless remarks by former US prez Ronald Reagan, today's publications by Swiss broadcaster SRF and German broadcaster ZDF confirm those old suspicions.
An election campaigning website operated by Likud―the ruling political party of Israeli Prime Minister Benjamin Netanyahu―inadvertently exposed personal information of all 6.5 million eligible Israeli voters on the Internet, just three weeks before the country is going to have a legislative election. In Israel, all political parties receive personal details of voters before the election, which they can't share with any third party and are responsible for protecting the privacy of their citizens and erasing it after the elections are over.
An election campaigning website operated by Likud―the ruling political party of Israeli Prime Minister Benjamin Netanyahu―inadvertently exposed personal information of all 6.5 million eligible Israeli voters on the Internet, just three weeks before the country is going to have a legislative election. In Israel, all political parties receive personal details of voters before the election, which they can't share with any third party and are responsible for protecting the privacy of their citizens and erasing it after the elections are over.
The United Nations headquarters in New York as well as the U.N.'s sprawling Palais des Nations compound in Geneva, its European headquarters, did not immediately respond to questions from the AP about the incident. The internal document from the U.N. Office of Information and Technology said 42 servers were "Compromised" and another 25 were deemed "Suspicious," nearly all at the sprawling United Nations offices in Geneva and Vienna.
Kindite, a Tel-Aviv based cybersecurity company that creates Zero-Trust Environments to protect data in the cloud, has launched a beta version allowing IT and security teams to have a new level of control over their cloud environment. Kindite allows encryption keys to be kept on-prem or in a trusted environment while allowing the processing of encrypted data in the cloud.
Video-conferencing outfit Zoom had a vulnerability in its URL scheme that miscreants could exploit to eavesdrop on private meetings. The firm reckoned that around 4 per cent of randomly generated meeting IDs led to genuine Zoom meetings.
Double-encrypted. That said, if you're worried about over-sharing, what are you doing on Chrome? A new feature in Google's Chrome browser will warn you if your username and password matches a...