News

The data stolen from BriansClub encompasses more than 26 million credit and debit card records taken from hacked online and brick-and-mortar retailers over the past four years, including almost eight million records uploaded to the shop in 2019 alone. Source: Krebs On Security

By Arnaud Crouzet, VP Security & Consulting at FIME As data breaches continue to rise globally, protecting the integrity of customer data (especially in the payments world) is vital. One essential security standard helping keep such data secure is PCI DSS – an information security standard for organizations that handle cardholder data. But aligning with the standard can be complex, time consuming and costly. And, as result, many payments stakeholders are becoming complacent about compliance. In fact, less...

Winnti Group hackers have updated their arsenal with a new modular Windows backdoor that they used to infect the servers of a high-profile Asian mobile hardware and software manufacturer. The hacking group's ShadowPad malware also received some updates, with random module IDs and some extra obfuscation being the most noteworthy additions according to ESET researchers who monitored the hackers' attacks throughout the year. Source: Bleeping Computer

A couple in the UK experienced a weird bug on their Samsung Galaxy S10 that allows bypassing the fingerprint reader to unlock the phone regardless of the biometric data registered in the device. Endeavors in the past tricked biometric protection in phones from multiple brands. Hackers were able to recreate a fingerprint from high-resolution photos and transfer them onto a thin film. Source: Bleeping Computer

Numerous people are reporting that they have been locked out of Facebook after reporting fake user profiles to the social site. Some users claim that this has been happening for over a week. According to claims by many users under the Twitter #FacebookLockout hashtag, when people report a fake account to Facebook, about 30 minutes later they find that they have been locked out of their account. Source: Bleeping Computer

Pitney Bowes reported today that it was hit with malware that has made some files inaccessible, but stopped short of calling it a ransomware attack. Pitney Bowes said the attack has encrypted some corporate information and disrupted customer access to certain services, but at this time the company does not believe any customer or employee information has been exfiltrated from its network. Company executives have made no mention of a ransom being demanded. Source: SC...

The company acknowledged it’s using ‘safe browsing’ technology from Tencent, which has ties to the Chinese government. Apple is sending some browsing history of iOS 13 Safari users to Tencent Holdings Limited, a Chinese multinational conglomerate. The data shared is tied to the Safari Safe Browsing technology. Revelations of the relationship have drawn criticism from security and privacy experts. Source: Threatpost

In order to understand what people are doing to protect themselves from the risk of compromised smart home devices, such as internet-connected TVs, smart thermostats, home assistants and more, ESET polled 4,000 consumers. Key findings include: Over a third of all respondents indicated they are concerned about unauthorized access of their home networks via connected home devices (smart TVs, smart thermostats etc.). 35% of Americans and 37% of Canadians indicated so in our survey. When purchasing a smart home device, most...

Security vulnerabilities in systems used by several South African banks exposed the personal data of people who applied for home loans. Information about the flaw came from a source who spoke to MyBroadband on condition that they remain anonymous. The existence of the flaws were confirmed by E4 Strategic, the company which develops and maintains the systems. The company also stated that the vulnerabilities were discovered and fixed, and that there is no evidence of any...

The rollout of fifth-generation mobile networks — which offer the potential for downloads speeds of up to 10 times faster than today’s — will change how we communicate, work and stream video. However, the faster speeds are also likely to present an opportunity for hackers to target more devices and launch bigger cyber attacks, experts say. The problem is unlikely to be the security of 5G technology itself. Despite researchers uncovering apparent flaws in 5G’s...