28 September 2022

Data Security

Data Security News. Data needs to be protected from unauthorised access, modification, or deletion. This involves ensuring data is protected in …

UK may fine TikTok $29 million for failing to protect children’s privacy tiktok
2 min read

UK may fine TikTok $29 million for failing to protect children’s privacy

RiSec.Mitch 28 September 2022
Sept 26 (Reuters) – Britain could fine TikTok 27 million pounds ($28.91 million) following an investigation that found the short-form video app may have breached UK’s data protection law by failing to safeguard privacy of children using the platform. The investigation found that TikTok could have processed data of children under the age of 13 without appropriate parental consent and failed to provide proper information to its users in a transparent way. The Information Commissioner’s Office (ICO) has issued TikTok and TikTok Information Technologies UK Ltd with a “notice...
Continue Reading
Revolut hack exposes data of 50,000 users, fuels new phishing wave Revolut
3 min read

Revolut hack exposes data of 50,000 users, fuels new phishing wave

RiSec.n0tst3 26 September 2022
Revolut has suffered a cyberattack that gave unauthorized third-party access to the personal information of tens of thousands of clients. The incident occurred a week ago, on Sunday night, and has been described as “highly targeted.” Founded in 2015, Revolut is a financial technology company that has seen rapid growth, now offering banking, money management, and investment services to customers all over the world. In a statement, a company spokesperson said that an unauthorized party had access “for a short period of time” to details of only a 0.16% of its customers, BleepingComputer reports...
Continue Reading
Morgan Stanley fined $35M after unencrypted, unwiped hard drives are auctioned morgan stanley
3 min read

Morgan Stanley fined $35M after unencrypted, unwiped hard drives are auctioned

RiSec.Mitch 21 September 2022
“Astonishing failures” over a 5-year span. Morgan Stanley on Tuesday agreed to pay the Securities and Exchange Commission (SEC) a $35 million penalty for data security lapses that included unencrypted hard drives from decommissioned data centers being resold on auction sites without first being wiped. The SEC action said that the improper disposal of thousands of hard drives starting in 2016 was part of an “extensive failure” over a five-year period to safeguard customers’ data as required by federal regulations. The agency said that the failures also included the...
Continue Reading
How to request a CVE: From vulnerability discovery to disclosure How to request a CVE
5 min read

How to request a CVE: From vulnerability discovery to disclosure

RiSec.n0tst3 21 September 2022
What is a CVE? A CVE, meaning Common Vulnerabilities and Exposure, is a publicly reported vulnerability in software products. Vulnerabilities are assigned CVE IDs to ensure clarity when discussing vulnerabilities in software products. Otherwise, it can be difficult to correlate reports of a single vulnerability since different organizations will assign them different names, and the same product may have multiple instances of the same vulnerability (buffer overflows, remote code execution and so on). The CVE reservation process The researcher that discovers a vulnerability has the ability to reserve a...
Continue Reading
Rockstar confirms hack after Grand Theft Auto 6 leak Rockstar confirms hack after Grand Theft Auto 6 leak
3 min read

Rockstar confirms hack after Grand Theft Auto 6 leak

RiSec.n0tst3 19 September 2022
Over the weekend, a hacker illegally obtained and leaked unreleased footage from “Grand Theft Auto VI,” the upcoming installment in Rockstar Games’ hit franchise, the studio acknowledged Monday. A user on the GTA Forums posted a 3-gigabyte file — which included 90 videos with “GTA VI” footage, PC Gamer reported. According to the report, the hacker said they may “leak more data soon,” including “GTA V” and “GTA VI” source code, assets and test builds. Grand Theft Auto 6 Leak Confirmed Rockstar on Monday confirmed the “GTA 6” leak, saying it was...
Continue Reading
Uber Data Breach: Ride-hailing Giant Investigating disruptive ‘incident’ Uber Data Breach: Ride-hailing Giant Investigating disruptive 'incident'
3 min read

Uber Data Breach: Ride-hailing Giant Investigating disruptive ‘incident’

RiSec.n0tst3 16 September 2022
Unconfirmed reports claim an 18-year-old kid is behind the massive Uber hack. Uber is investigating a cybersecurity incident where a hacker claimed to have breached its internal networks and taken down multiple engineering and communications systems. As discussed on social media, the incident affected Uber’s Internal Slack messaging, which was shut down after a ‘cybersecurity incident’ We are currently responding to a cybersecurity incident. We are in touch with law enforcement and will post additional updates here as they become available. Uber What happened? Reportedly, on Thursday 15th, Uber...
Continue Reading
Types of Phishing Attacks & How to Identify Them: The Definitive Guide phishing
9 min read

Types of Phishing Attacks & How to Identify Them: The Definitive Guide

RiSec.Mitch 13 September 2022
Every data breach begins with a phishing attack. To prevent your organization from becoming the next victim, you need to understand the different types of phishing attacks and how to identify them. Phishing is a type of cyberattack that uses fraudulent emails or websites to trick victims into sharing sensitive information, such as login credentials or financial information. According to a survey, 91% of cyberattacks begin with phishing emails. There are different phishing attacks, and each uses another method to trick victims. This blog will discuss the common types of phishing attacks...
Continue Reading
Facebook Engineers Admit They Don’t Know What They Do With Your Data 5Million Facebook accounts at risk due to cyber attack
4 min read

Facebook Engineers Admit They Don’t Know What They Do With Your Data

RiSec.Mitch 10 September 2022
In a court hearing, a Facebook engineer said Facebook’s engineering culture is “terrifying.” Earlier this year, Motherboard reported about an internal Facebook document that said the company has no idea where users’ data goes, and what the company is doing with it. During a previously sealed court hearing in March, two veteran Facebook engineers confirmed what the leaked document revealed. “It would take multiple teams on the ad side to track down exactly the—where the [user] data flows,” said Eugene Zarashow, a Facebook engineering director who’s worked at the company since...
Continue Reading
UK: Holiday Inn hotels hit by cyber-attack security
2 min read

UK: Holiday Inn hotels hit by cyber-attack

RiSec.n0tst3 8 September 2022
Holiday Inn owner, Intercontinental Hotels Group (IHG), has confirmed the company has been hit by a cyber-attack. IHG, which has some of the world’s largest hotel chains, issued a statement saying it was investigating “unauthorised access” to a number of its technology systems. The UK-based company said its “booking channels and other applications” had been disrupted since Monday. The company manages the Holiday Inn, Crowne Plaza and Regent hotels. “IHG is working to fully restore all systems as soon as possible,” the company said. IHG confirmed it was assessing...
Continue Reading
Security Breach Allegations Hover Over TikTok Research: Preventative Approach Could Block 90% of Cyber-attacks
3 min read

Security Breach Allegations Hover Over TikTok

RiSec.Mitch 6 September 2022
Hacking Group AgainstTheWest Claims to Have Leaked User Data and Source Code. On Friday, September 2, 2022, information emerged on a hacking forum about a data breach that affected TikTok and WeChat social networks. Representatives of TikTok denied firmly the allegation of stolen data. The claim was made by AgainstTheWest, a hacking group that posted screenshots of the database which supposedly was extracted from the two companies. An Alibaba cloud instance was pointed to contain a huge 790GB database with 2.05 billion records. The extracted information contains, but doesn’t...
Continue Reading
en English
af Afrikaanssq Albanianam Amharicar Arabichy Armenianaz Azerbaijanieu Basquebe Belarusianbn Bengalibs Bosnianbg Bulgarianca Catalanceb Cebuanony Chichewazh-CN Chinese (Simplified)zh-TW Chinese (Traditional)co Corsicanhr Croatiancs Czechda Danishnl Dutchen Englisheo Esperantoet Estoniantl Filipinofi Finnishfr Frenchfy Frisiangl Galicianka Georgiande Germanel Greekgu Gujaratiht Haitian Creoleha Hausahaw Hawaiianiw Hebrewhi Hindihmn Hmonghu Hungarianis Icelandicig Igboid Indonesianga Irishit Italianja Japanesejw Javanesekn Kannadakk Kazakhkm Khmerko Koreanku Kurdish (Kurmanji)ky Kyrgyzlo Laola Latinlv Latvianlt Lithuanianlb Luxembourgishmk Macedonianmg Malagasyms Malayml Malayalammt Maltesemi Maorimr Marathimn Mongolianmy Myanmar (Burmese)ne Nepalino Norwegianps Pashtofa Persianpl Polishpt Portuguesepa Punjabiro Romanianru Russiansm Samoangd Scottish Gaelicsr Serbianst Sesothosn Shonasd Sindhisi Sinhalask Slovaksl Slovenianso Somalies Spanishsu Sudanesesw Swahilisv Swedishtg Tajikta Tamilte Teluguth Thaitr Turkishuk Ukrainianur Urduuz Uzbekvi Vietnamesecy Welshxh Xhosayi Yiddishyo Yorubazu Zulu