Security News
After a shared Google Drive was posted online containing the private videos and images from hundreds of OnlyFans accounts, a researcher has created a tool allowing content creators to check if they are part of the leak. While OnlyFans is promoted as a way for celebrities and social influencers to share their content, it is also heavily used to share adult-themed content with fans who pay to access it.
The publicly released Facebook user data is believed to be part of a 2019 "Add Friend" Facebook security bug exploited by hackers at the time. The types of data include Facebook user mobile phone numbers, their Facebook ID, name and gender information.
Retailers around the world are increasing their fraud teams and budgets because of a significant rise in all types of online fraud during the pandemic, a research by Ravelin finds. 72% of retail brands around the world expect to grow fraud teams in the next year, while 76% predict their budget to tackle fraud will increase in the next 12 months - with 20% expecting a "Significant" increase.
A bipartisan group of US senators on Friday sent letters to major digital ad exchanges, including Google and Twitter, asking whether user data was sold to foreign entities who could use it for blackmail or other malicious ends. In the real-time bidding process to decide which personalized ads a user sees when a web page loads, hundreds of businesses receive a user's personal information, including search history, IP address, age and gender.
Source Defense provides in-depth analysis of the client-side threat landscape and specific attacks like formjacking, Magecart and web browser threats. The research offers a rare window on web security sentiments for a population relying almost exclusively on websites for all manner of shopping, healthcare, financial services and other essential needs during the pandemic.
Royal Dutch Shell is the latest corporation to be attacked by the Clop ransomware gang. It attempted to downplay the impact noting that "There is no evidence of any impact to Shell's core IT systems," and the server accessed was "Isolated from the rest of Shell's digital infrastructure." But it did acknowledge that the crooks had probably grabbed "Some personal data and... data from Shell companies and some of their stakeholders."
Royal Dutch Shell is the latest corporation to be attacked by the Clop ransomware gang. It attempted to downplay the impact noting that "There is no evidence of any impact to Shell's core IT systems," and the server accessed was "Isolated from the rest of Shell's digital infrastructure." But it did acknowledge that the crooks had probably grabbed "Some personal data and... data from Shell companies and some of their stakeholders."
Royal Dutch Shell is the latest corporation to be attacked by the Clop ransomware gang. It attempted to downplay the impact noting that "There is no evidence of any impact to Shell's core IT systems," and the server accessed was "Isolated from the rest of Shell's digital infrastructure." But it did acknowledge that the crooks had probably grabbed "Some personal data and... data from Shell companies and some of their stakeholders."
Indonesian officials have asked its nation's citizens to stop leaking their own personal data on social media by sharing pictures of certificates attesting to their receipt of COVID-19 vaccinations. In a Tuesday press conference, Indonesia's COVID-19 task force spokesman Wiku Adisasmito explained that the certificates include a QR code that, when scanned, can yield personal medical data.
Bulk SMS messages sent by local councils across the UK contained weblinks leading to pages that freely exposed to the public thousands of taxpayers' names, addresses, and outstanding debts, The Register can reveal. Text messages sent by Telsolutions Ltd on behalf of a dozen local authorities contained shortlinks to webpages urging council tax defaulters to pay up - and in a dozen cases seen by The Register there was little or no authentication protecting personal data from prying eyes.