Subterms
A hacker has uploaded ransom notes on 22,900 MongoDB databases left exposed online without a password, a number that accounts for roughly 47% of all MongoDB databases accessible online, ZDNet has learned today. The hacker is using an automated script to scan for misconfigured MongoDB databases, wiping their content, and leaving a ransom note behind […] More
In one of the biggest password re-use studies of its kind, an analysis of more than one billion leaked credentials has discovered that one out of every 142 passwords is the classic “123456” string. The study, carried out last month by computer engineering student Ata Hakçıl, analyzed username and password combinations that leaked online after […] More
A potent form of Android malware which can steal bank details, personal information, private communications and more has returned with a new campaign which spreads itself via SMS phishing attacks. FakeSpy malware has been active since 2017, initially targeting users in Japan and South Korea, but now it’s targeting Android users around the world – […] More
AT&T is being sued for the second time over the alleged theft of cryptocurrency belonging to a customer, facilitated by a SIM-swap attack. Seth Shapiro, an advisor in business and technology, claims that his “life savings” were stolen after an AT&T employee facilitated the transfer of a phone number to a hacker’s control. SIM-swapping attacks […] More
The UK High Court has ordered the closure and wind-up of GPay, a cryptocurrency platform that scammed traders through fake celebrity endorsements. On June 30, the UK government’s Insolvency Service posted a notice which explained that GPay Ltd, trading as XtraderFX — formerly known as Cryptopoint — has been closed after “losing” £1.5 million ($1.8m) […] More
Microsoft has published on Tuesday two out-of-band security updates to patch two vulnerabilities in the Microsoft Windows Codecs Library. Tracked as CVE-2020-1425 & CVE-2020-1457, the two bugs only impact Windows 10 and Windows Server 2019 distributions. In security advisories published today, Microsoft said the two security flaws can be exploited with the help of a […] More
Apple is encouraging developers to prioritize newer web technologies inside their iOS and macOS applications. In a short technical presentation at the WWDC 2020 conference last week, Apple shared some internal statistics in the hope of convincing app developers to adopt new web technologies and protocols, such as IPv6, HTTP/2, TLS 1.3, and Multipatch TCP. […] More
The Federal Communications Commission on Tuesday formally designated Huawei and ZTE as national security threats, meaning telecoms can no longer use the FCC’s Universal Service Fund to purchase equipment or services from the Chinese firms. Back in November, the FCC implemented a rule barring any money from the fund from going to suppliers deemed a […] More
