Security News

Advertisers have responded by pioneering a new method for tracking users across the Web, known as user ID smuggling, which does not require third-party cookies. Researchers at UC San Diego have for the first time sought to quantify the frequency of UID smuggling in the wild, by developing a measurement tool called CrumbCruncher.

Uber has suffered a new data breach after a threat actor leaked employee email addresses, corporate reports, and IT asset information stolen from a third-party vendor in a cybersecurity incident. Early Saturday morning, a threat actor named 'UberLeaks' began leaking data allegedly stolen from Uber and Uber Eats on a hacking forum known for publishing data breaches.

As the holiday season approaches, online shopping and gift-giving are at the top of many people's to-do lists. But before you hit the "buy" button, it's important to remember that this time of...

Scammers have scammed their fellow cybercriminals out of more than $2.5 million on three dark web forums alone over the last 12 months, according to Sophos researchers. In a Black Hat Europe session, Sophos threat hunters detailed their investigation, which examined scams on two well-established Russian-language marketplaces, Exploit and XSS. They also looked at BreachForums, which launched in April 2022 after a Europol-led operation shut down the earlier version of the stolen-data souk, RaidForums.

Over 5.4 million Twitter user records containing non-public information stolen using an API vulnerability fixed in January have been shared for free on a hacker forum. Last July, a threat actor began selling the private information of over 5.4 million Twitter users on a hacking forum for $30,000.

The state-sponsored cyber programs of China, Russia, Iran, and North Korea continue to pose the greatest strategic cyber threat to Canada. From a government cybersecurity perspective, Canada has a robust framework and clear governance mechanisms to support the defense of government networks against cyber attacks.

E-commerce fraud is expected to cost merchants in excess of US$48 billion globally in 2023, up from over $41 billion in 2022 according to Juniper Research. It predicted that this growth will be accelerated by increasing use of alternative payment methods, such as digital wallets and BNPL, which are creating new fraud risks.

Recently, California passed the California Age-Appropriate Design Code Act, a bill designed to protect children online. Although the bill has presented notable concerns regarding privacy and other practical challenges, we've reached an inflection point where children roaming freely on the web should no longer be tolerated.

Wells Fargo customers who use Zelle to send and request payments suffer more than twice the rate of fraud and other online scams as people using other big banks, according to US Senator Elizabeth Warren. Warren chastised both financial firms in letters to their CEOs this week: she said Wells Fargo had sent her an "Evasive and misleading reply," and Zelle parent company Early Warning Services had made "Inaccurate" claims, in response to an investigation she led into banking fraud that stems from Zelle's payment system.

A technical SNAFU shut down the UK's Royal Mail Click and Drop website on Tuesday after a security "Issue" allowed some customers to see others' order information. The data leak started around 13:00 GMT, and according to an alert posted on Click and Drop's status page, Royal Mail shut down the website about an hour later.