Today, the Department of Justice issued a release disclosing the charges of Former Uber CISO Joseph Sullivan. The charges result from Sullivan’s attempt to cover up paying out a ransom, requested by malicious hackers after obtaining access to and downloading Uber’s database containing personally identifying information associated with approximately 57 million Uber users and drivers, in the form of a bug bounty program.
ISBuzz Team
The security research team at Comparitech today disclosed how an unsecured database left almost 235 million Instagram, TikTok and YouTube user profiles exposed online in what can only be described as a massive data leak. The data was spread across several datasets; the most significant being two coming in at just under 100 million each and containing profile records apparently scraped from Instagram. The third-largest was a dataset of some 42 million TikTok users, followed by just under 4 million YouTube user profiles. There is no confirmed source for this leaked data at the moment, but researchers suggest that the…
It has been reported that the South African branch of consumer credit reporting agency Experian disclosed a data breach on Wednesday with the credit agency admitted to handing over the personal details of its South African customers to a fraudster posing as a client. While Experian did not disclose the number of impacted users, a report from South African Banking Risk Centre (SABRIC), an anti-fraud and banking non-profit, claimed the breach impacted 24 million South Africans and 793,749 local businesses. Full story here: https://www.zdnet.com/article/experian-south-africa-discloses-data-breach-impacting-24-million-customers/
South Africa has just been hit by one of the largest-ever data breaches after Experian, one of the country’s biggest credit bureaus, was hit by a fraudster. https://twitter.com/campuscodi/status/1296314770002513921
Rapid technological innovations are changing our present and our perspectives for the future. The innovative technologies such as IoT, machine learning, artificial intelligence, and big data have revolutionized the way organizations conduct business in the digital landscape. From financial institutes to the automotive sector, industries are increasingly relying on these evolving digital technologies to create value. These technologies help develop entirely new businesses and revenue streams or deliver a more efficient experience for consumers. However, these new opportunities bring a radically different set of challenges, which businesses need to mitigate and manage to stay ahead in the data-driven market. One…
Following news that The Marriot is facing a lawsuit in London’s High Court for its alleged failure to protect the personal data in 2018, please see comment below from cybersecurity experts.
The security researcher Jeremiah Fowler discovered two folders of medical records in possession of artificial intelligence company Cense AI available for anyone to access on the Internet. The data was labeled as “staging data” and is believed to temporarily hosted online before loading it into the company’s management system or an AI bot. The medical records are quite detailed and include names, insurance records, medical diagnosis notes, and payment records. It looks as though the data was sourced from insurance companies and relates to car accident claims and referrals for neck and spine injuries.
Bloomberg reported late Friday that US wine and spirits giant Brown-Forman has become the latest big-name brand to suffer a serious ransomware-related data breach, according to the cyber-criminals.
If you’re following the reports of a RansomEXX “live attacker” cyber-attack that caused a recent outage at Konica Minolta, the global provider of business printing solutions, healthcare technology, and managed IT services, here’s the perspective from an expert with Stealthbits Technologies.
As part of its Patch Tuesday release on August 11, 2020, Microsoft included a zero day vulnerability that went unfixed for several years. This vulnerability, CVE-2020-1464 and dubbed “GlueBall”, could allow an attacker to bypass security features built into Windows to validate file signatures, ultimately allowing an attacker to run improperly signed binaries on a system. This spoofing vulnerability was first seen in the wild being used by malware in August 2018, when several researchers notified Microsoft of the problem. It is recommended that the MS20-AUG patch be applied immediately as it will correct how Windows validates file signatures.