Top 10 Stories

Big-name websites leaked people's private session keys and personal information into strangers' browsers, due to a Cloudflare bug uncovered by Google researchers. As we'll see, a single character – '>' rather than '=' – in Cloudflare's software source code sparked the security blunder. Cloudflare helps companies spread their websites and online services across the internet. Due to a programming blunder, for several months Cloudflare's systems slipped random chunks of server memory into webpages, under certain...

Nearly one million Coachella accounts are reportedly currently up for sale on the dark web. An underground data trader is allegedly selling over 950,000 Coachella user accounts data, which includes usernames, hashed passwords and email addresses, for $300. "Coachella complete database dump from this month," the cybercriminal, who uses the handle Berkut, wrote in their listing, on the popular dark web marketplace Tochka, Motherboard reported. View full story ORIGINAL SOURCE: International Business Times

Waymo, the self-driving car company owned by Google’s parent Alphabet, filed a suit against Uber on Thursday alleging that the ride-share company engaged in the “calculated theft” of its self-driving technology. The suit is the latest setback for Uber, which is still reeling from the viral #DeleteUber campaign and which this week launched an “urgent investigation” into claims of sexual harassment. View full story ORIGINAL SOURCE: The Guardian

Russia's military has admitted for the first time the scale of its information warfare effort, saying it was significantly expanded post-Cold War. Defence Minister Sergei Shoigu said that Russian "information troops" were involved in "intelligent, effective propaganda", but he did not reveal details about the team or its targets. The admission follows repeated allegations of cyberattacks against Western nations by the Russian state. View full story ORIGINAL SOURCE: BBC

A British man has been arrested at Luton Airport accused of a cyber attack in Germany last year which hit a million homes. The 29-year-old suspect was held on a European arrest warrant accused of wiping out internet access to Deutsche Telekom subscribers in a planned attack. "The Briton stands accused of attempted computer sabotage in a particularly serious case," said German police. Around a million of Deutsche Telekom's 20 million customers were unable to...

The federal W-2 forms of as many as 600 current and former Mount Healthy City Schools employees may be in the hands of hackers or scam artists. School district administrators said the district's emails have been hacked or phished as part of a nationwide W-2 email phishing scam. Superintendent Dr. Reva Cosby told WLWT on Tuesday that she learned the W-2s from 2016 were potentially sent out last Wednesday by an employee who replied to...

A reconnaissance campaign dubbed "Operation BugDrop" has stolen gigabytes of data from at least 70 organizations in Ukraine and elsewhere. The threat intelligence research team at CyberX came across the operation after discovering an in-the-wild malware campaign. So far, the malware has captured documents, passwords, and screenshots from dozens of targets located in Ukraine, Saudi Arabia, and Austria. Those victims include a manufacturer of industrial control system monitoring equipment, a human rights institution, and a...

A federal magistrate judge in Chicago recently denied the government’s attempt to force people in a particular building to depress their fingerprints in an attempt to open any seized Apple devices as part of a child pornography investigation. This prosecution, nearly all of which remains sealed, is one of a small but growing number of criminal cases that pit modern smartphone encryption against both the Fourth Amendment protection against unreasonable search and seizure, and also the Fifth Amendment...

A new variant of the Lockdroid Android ransomware has chosen a unique way of unlocking devices by asking users to speak a code provided after paying the ransom. This ransomware, one of the oldest families on the Android market, has seen a lot of changes lately, with crooks experimenting with various methods through which victims can get in contact with the ransomers. View full story ORIGINAL SOURCE: Bleeping Computer

Britain's National Crime Agency (NCA) has arrested a suspect in connection with last year's cyber attack which infected nearly 1 million Deutsche Telekom routers, German federal police said on Thursday. The NCA arrested the 29-year-old Briton at one of London's airports on Wednesday, the police said in a statement. The attack on Deutsche Telekom, Germany's largest telecom company, took place in late November. Internet outages hit as many as 900,000 of its users, or about...