Home > Cyber Security News > bleepingcomputer.com

Tor says it’s "still safe" amid reports of police deanonymizing users

The Tor Project is attempting to assure users that the network is still safe after a recent investigative report warned that law enforcement from Germany and other countries are working together to deanonymize users through timing attacks.

Disney ditching Slack after massive July data breach

The Walt Disney Company is reportedly ditching Slack after a July data breach exposed over 1TB of confidential messages and files posted to the company's internal communication channels.

Clorox says cyberattack caused $49 million in expenses

Clorox has confirmed that a September 2023 cyberattack has so far cost the company $49 million in expenses related to the response to the incident.

Check if you're in Google Chrome's third-party cookie phaseout test

Google has started testing the phasing out of third-party cookies on Chrome, affecting about 1% of its users or approximately 30 million people. Learn how to check if you are part of the initial test.

23andMe data breach: Hackers stole raw genotype data, health reports

Genetic testing provider 23andMe confirmed that hackers stole health reports and raw genotype data of customers affected by a credential stuffing attack that went unnoticed for five months, from April 29 to September 27.

LockBit ransomware leaks gigabytes of Boeing data

The LockBit ransomware gang published data stolen from Boeing, one of the largest aerospace companies that services commercial airplanes and defense systems.

Apple fixes new WebKit zero-day exploited to hack iPhones, Macs

Apple has released emergency security updates to address a new zero-day vulnerability used in attacks to hack iPhones, iPads, and Macs.

Hyundai, Kia patch bug allowing car thefts with a USB cable

Automakers Hyundai and KIA are rolling out an emergency software update on several of their car models impacted by an easy hack that makes it possible to steal them.

Netgear warns users to patch recently fixed WiFi router bug

Netgear has fixed a high-severity vulnerability affecting multiple WiFi router models and advised customers to update their devices to the latest available firmware as soon as possible.

Google Home speakers allowed hackers to snoop on conversations

A bug in Google Home smart speaker allowed installing a backdoor account that could be used to control it remotely and to turn it into a snooping device by accessing the microphone feed.

Ukraine shuts down fraudulent call center claiming 18,000 victims

A group of imposters operating out of a Ukrainian call center defrauded thousands of victims while pretending to be IT security employees at their banks and leading them to believe that attackers had gained access to their bank accounts.

Android malware apps with 2 million installs spotted on Google Play

A new set of Android malware, phishing, and adware apps have infiltrated the Google Play store, tricking over two million people into installing them.

Revolut hack exposes data of 50,000 users, fuels new phishing wave

Revolut is sending out notices of a data breach to a small percentage of impacted users, informing them of a security incident where an unauthorized third party accessed internal data.

LastPass says hackers had internal access for four days

LastPass says the attacker behind the August security breach had internal access to the company's systems for four days until they were detected and evicted.

Google, Microsoft can get your passwords via web browser's spellcheck

Enhanced Spellcheck features in Google Chrome and Microsoft Edge web browsers transmit form data, including personally identifiable information (PII) and in some cases, passwords, to Google and Microsoft respectively.

Thousands lured with blue badges in Instagram phishing attack

A new Instagram phishing campaign is underway, attempting to scam users of the popular social media platform by luring them with a blue-badge offer.

Cyberspies use Google Chrome extension to steal emails undetected

A North Korean-backed threat group tracked as Kimsuky is using a malicious browser extension to steal emails from Google Chrome or Microsoft Edge users reading their webmail.

Google patches new Chrome zero-day flaw exploited in attacks

Google has released Chrome 103.0.5060.114 for Windows users to address a high-severity zero-day vulnerability exploited by attackers in the wild, the fourth Chrome zero-day patched in 2022.

Hacker claims to have stolen data on 1 billion Chinese citizens

An anonymous threat actor is selling several databases they claim to contain more than 22 terabytes of stolen information on roughly 1 billion Chinese citizens for 10 bitcoins (approximately $195,000).

Microsoft Defender adds network protection for Android, iOS devices

Microsoft has announced the introduction of a new Microsoft Defender for Endpoint (MDE) feature in public preview to help organizations detect weaknesses affecting Android and iOS devices in their enterprise networks.

Facebook logo Twitter logo LinkedIn logo Instagram logo