Security News

The City of Tulsa, Oklahoma, has suffered a ransomware attack that forced the City to shut down its systems to prevent the further spread of the malware. Tulsa is the second-largest city in Oklahoma, with a population of approximately 400,000 people.

In the latest move to improve the privacy of the Chrome browser, Google is adding support for a new HTML tag that prevents user tracking by isolating embedded content from the page embedding it. To prevent this, Google is adding a new form of embedded iframe called a "Fenced frame" to isolate the embedded content and not allow it to see the user data of the embedding page.

Bank holding company First Horizon Corporation disclosed the some of its customers had their online banking accounts breached by unknown attackers earlier this month. First Horizon Bank, the company's banking subsidiary, operates a network of hundreds of bank locations in 12 states across the Southeast.

The Wyoming Department of Health said on Wednesday it accidentally posted COVID test results of state residents onto their public-facing storage buckets. As far as the breath alcohol tests go, the employee accidentally posted the results of 18,312 people - mostly from Wyoming but also from other states - who breathed into a tube for law enforcement in Wyoming as far back as April 19, 2012 and on up until Jan. 27, 2021.

Manga scanlation site MangaDex disclosed a data breach last week after learning that the site's user database was privately circulating among threat actors. In March, MangaDex was hacked, and a threat actor claimed to have stolen the site's source code and its database, which they said had not been published anywhere.

A Microsoft 365 outage is preventing Exchange Online users from sending and receiving emails, with messages being stuck in transit and not reaching the recipients' inboxes. "We're investigating a potential issue with Exchange Online mailflow in North America," Microsoft shared on the company's Microsoft 365 Status Twitter account.

"Before my arrival at ManoMano, security was managed individually by each team at the company. There was no security team per se, no unique strategy and no clear security framework. Everyone's approach was very operational, which worked but kept the security stature at a level that was acceptable and functional," he told Help Net Security. "First of all, there had to be a focus on communication and open collaboration - I needed to listen and watch, understand the business challenges and security risks that were present at that time. Secondly, I focused on presenting a clear vision of the strategy across the business, laying out a concrete action plan with desired results. Finally, I immediately started thinking about the recruitment of new talent so we could build a smashing security team."

Personal data from more than 500 million LinkedIn users has been posted for sale online in yet another incident of threat actors scraping data from public profiles and slinging it online for potential cybercriminal misuse. Hackers posted an archive containing data they said includes LinkedIn IDs, full names, professional titles, email addresses, phone numbers and other personally identifiable information on a popular hacker forum, according to a report in CyberNews on Tuesday.

A massive trove of LinkedIn account data has been found for sale online, containing 500 million user records including email addresses, phone numbers, links to other social media profiles and professional details. CyberNews researchers were able to confirm that the data contained in the sample was legitimate, but added that " it's unclear whether the threat actor is selling up-to-date LinkedIn profiles, or if the data has been taken or aggregated from a previous breach suffered by LinkedIn or other companies.

In what's likely to be a goldmine for bad actors, personal information associated with approximately 533 million Facebook users worldwide has been leaked on a popular cybercrime forum for free-which was harvested by hackers in 2019 using a Facebook vulnerability. The leaked data includes full names, Facebook IDs, mobile numbers, locations, email addresses, gender, occupation, city, country, marital status broken, account creation date, and other profile details broken down by country, with over 32 million records belonging to users in the U.S., 11 million users the U.K., and six million users in India, among others.