News

A large database with approximately 33 million profiles for people seeking jobs in China has been fully accessible and unprotected online. This information included sensitive information that could have been used for scammers and identity theft. The database was discovered by Sanyam Jain, a security researcher and member of GDI.Foundation, who found the database using the Shodan search engine. The 57GB Elasticsearch database contains the profiles of users in China who uploaded their resume and personal information...

The use of more artificial intelligence to improve security has been touted for a while. New research from Webroot reveals that a majority of business are now actively exploring the technology. It finds 71 percent of businesses surveyed in the United States plan to use more artificial intelligence and machine learning in their cybersecurity tools this year. However, a worrying 58 percent say that aren't sure what that technology really does. Although over one-third (36 percent) of...

Iranian hackers in recent months broke into the personal phone of Benny Gantz, a leading candidate in next month’s elections, and obtained its entire contents, according to a report Thursday. Two senior Shin Bet security service officials approached the Blue and White party chairman last month to inform him that his cellular phone had been hacked shortly after he announced his political bid, with programmers in Iran getting hold of his personal details and texts,...

The rash of e-commerce sites infected with card-skimming malware is showing no signs of abating. Researchers on Thursday revealed that seven sites—each with more than 500,000 collective visitors per month—have been compromised with a previously unseen strain of sniffing malware designed to surreptitiously swoop in and steal payment card data as soon as visitors make a purchase. One of those sites, UK sporting goods outlet Fila.co.uk, had been infected since November and had only removed...

Gearbest, a Chinese online shopping giant, has exposed millions of user profiles and shopping orders, security researchers have found. Security researcher Noam Rotem found an Elasticsearch server leaking millions of records each week, including customer data, orders and payment records. The server wasn’t protected with a password, allowing anyone to search the data. Gearbest ranks as one of the top 250 global websites, and serves top brands, including Asus, Huawei, Intel and Lenovo. Source: TechCrunch

Concord, Mass.-based Emerson Hospital sent letters to 6,314 patients alerting them of a May2018 cybersecurity attack that may have affected their information, according to the HIPAA Journal. The security incident, which happened between May 9-17, was the result of a former MiraMed Global Services, a company that helps hospitals collect payments, who sent patient files to an unauthorized third party. Information that may have been affected included names, addresses, Social Security numbers and insurance policy information....

Kathmandu, an outdoor wear and equipment retailer, revealed that it suffered a data breach that disclosed its customers’ credit card and personal information. The New Zealand-based company stated that unknown intruders allegedly gained access to its online trading website for over a month between January 8, 2019, and February 12, 2019. Kathmandu stated the hackers may have captured customer personal information and payment details entered at the check-out points. The company clarified that all Kathmandu...

A Sydney man has been arrested after allegedly selling hundreds of thousands of compromised account details for subscription streaming services, including for Netflix, Hulu and music streaming service Spotify – raking in about $212,000 ($300,000 AUD) in profit in the process. The Australian Federal Police (AFP) were tipped off to the 21-year-old malefactor’s alleged activities by the FBI last May, as part of an investigation into a now-defunct account generator website called WickedGen.com. He was...

Hackers have used ransomware to encrypt files at a school, causing it to lose some students' GCSE coursework. The Sir John Colfox Academy in Bridport, Dorset, said a member of staff mistakenly opened an email containing a virus. The email claimed to be from a colleague at another Dorset school and infected the computer network. Coursework from one subject submitted by Year 11 students, which was saved on the school' system, has been lost. Source:...

A slew of Facebook-owned sites are experiencing a worldwide outage, leaving thousands of users unable to connect to social media for several hours. Facebook, Messenger, and Instagram have all been having issues since around noon (ET), in some cases resulting in a ‘total blackout.’ The three apps crashed primarily in major urban areas across the United States and Europe, along with parts of South America. WhatsApp - also owned by Facebook - has been hit by spotty service...