Security News

Singapore's largest online grocery store Lazada Redmart has suffered a data breach after 1.1 million user accounts were put up for sale on a hacker forum. Hackers selling the illicit data dumps told BleepingComputer they had obtained Lazada's MongoDB-based data set with data from over 1.1 million RedMart accounts.

Microsoft says that Office 365 customers can use unlimited disposable recipient email addresses after the Plus Addressing feature rolled out to all Exchange Online users. Plus addressing allows users to create an indefinite number of custom and unique email addresses by adding suffix text strings to their standard address using a '+' delimiter.

Source Defense announced its new offering of Website in Page Protection, as well as product enhancements and performance improvements to the VICE sandboxing technology within the Source Defense Platform. The Source Defense Platform protects online businesses and their customers from automated attacks and client-side threats, and improves operational efficiency.

Hackers are breaking into online loyalty card accounts using stolen credentials or easily obtainable information, and then not only ransacking the profiles' balances but also harvesting victims' personal data for subsequent identity theft, Akamai has warned. In its Loyalty for Sale - Retail and Hospitality Fraud report published today, Akamai reckoned that ne'er-do-wells began actively targeting retail, travel, and hospitality sectors with a wave of credential-stuffing attacks that accelerated as the COVID-19 pandemic forced most retail activity onto the web.

An online platform designed to help IoT vendors receive, assess, manage and mitigate vulnerability reports has been launched by the IoT Security Foundation. VulnerableThings.com aims to simplify the reporting and management of vulnerabilities whilst helping IoT vendors comply with new consumer IoT security standards and regulations.

IDrive Online Backup has released EPYC, a secure video conferencing and AR powered video sharing application, empowering remote workforces to meet face-to-face and collaborate on projects as if they were meeting in person. By releasing EPYC, IDrive has helped solve this need by providing a video conferencing solution which allows organizations to conduct online meetings over the internet that are easy to host and join from anywhere.

Two critical flaws in Magento - Adobe's e-commerce platform that is commonly targeted by attackers like the Magecart threat group - could enable arbitrary code execution on affected systems. Retail is set to boom in the coming months - between this week's Amazon Prime Day and November's Black Friday - which puts pressure on Adobe to rapidly patch up any holes in the popular Magento open-source platform, which powers many online shops.

The online proctoring service ProctorTrack has disabled access to their service after its parent company was hacked. ProctorTrack is one such solution by Verificient that is used by numerous universities, including Rutgers, University of Western Ontario, Ohio University, Illinois State University, Purdue University, and MIT. Verificient and ProctorTrack was hacked.

Governments around the world are using the pandemic as a justification to expand surveillance and crack down on dissent online, resulting in a 10th consecutive annual decline in internet freedom, a human rights watchdog report said Wednesday. "The pandemic is accelerating society's reliance on digital technologies at a time when the internet is becoming less and less free," said Michael Abramowitz, president of the nonprofit group.

Online infrastructure security solutions provider Cyberpion on Tuesday emerged from stealth mode after raising $8.25 million in seed funding. Aiming to help organizations gain visibility into and secure their online ecosystem, the Tel Aviv, Israel-based cybersecurity startup provides security teams with a platform that they can leverage to identify and neutralize the risks posed by vulnerabilities in their online assets.