LastPass password manager developers have reported that hackers who recently broke into the company’s cloud storage have accessed it and stolen customer data, including password vaults that could now theoretically be hacked. Let me remind you that the compromise of the company’s cloud storage became known earlier this month. It is noteworthy that for this… Continue reading Hackers Stole Data from the LastPass Use Password Vault
Tag: Data Breaches
Hacktivists Stole 100,000 Emails from Atomic Energy Organization of Iran
The Atomic Energy Organization of Iran (AEOI) reported that the mail servers of one of its subsidiaries were hacked. Previously, the hacker group Black Reward published data stolen from the organization online, saying that in total they stole more than 100,000 messages and 50 GB of information. Let me remind you that we also reported… Continue reading Hacktivists Stole 100,000 Emails from Atomic Energy Organization of Iran
Weak Block Cipher in Microsoft Office 365 Leads to Message Content Disclosure
WithSecure (formerly F-Secure Business) researchers claim that the content of encrypted messages sent through Microsoft Office 365 can be partially or completely disclosed due to the use of a weak block cipher. Although the experts received a bug bounty for their discovery, no fix for this problem is expected, and Microsoft has stated that they… Continue reading Weak Block Cipher in Microsoft Office 365 Leads to Message Content Disclosure
Meta Finds over 400 Chinese Apps That Stole Data from 1 million Users
Meta has sued several Chinese companies (including HeyMods, Highlight Mobi and HeyWhatsApp) for developing and using “unofficial” WhatsApp apps for Android. The fact is that since May 2022, these applications have been used to steal more than a million WhatsApp accounts. By the way, also read our article: Top Facebook Scams 2022: How to Avoid… Continue reading Meta Finds over 400 Chinese Apps That Stole Data from 1 million Users
iOS VPN Bug Prevents Encryption of Traffic for Years, Researchers Say
A few years ago, engineers at Proton Technologies, the company behind ProtonMail and ProtonVPN, talked about a bug in iOS 13.3.1 that prevents VPN apps from encryption of all traffic. As information security experts now report, the problem has not yet been fixed. Let me remind you that we also wrote that Vulnerability in WebKit… Continue reading iOS VPN Bug Prevents Encryption of Traffic for Years, Researchers Say
Slack Is Resetting User Passwords Due to a Bug
Slack developers have notified about 0.5% of users that they are forcibly resetting their passwords due to a bug. They will need to change their passwords due to a recently fixed bug that exposed salted password hashes when creating or revoking invite links. Let me remind you that we also wrote that ToTok messenger turned… Continue reading Slack Is Resetting User Passwords Due to a Bug
Major corporations teamed up to fight AI bias
American corporations have teamed up to form the Data & Trust Alliance, which has developed a software assessment system to fight AI bias. When hiring employees, HR departments are increasingly turning to artificial intelligence (AI) technologies for help. With their help, CVs are analyzed, video interviews are conducted and the mental state of applicants is… Continue reading Major corporations teamed up to fight AI bias
Though 2020 is ending, the list of worst passwords is still topes “123456”
The end of the year is approaching, and the developers of the password manager NordPass have once again published a list of the most popular and weak passwords of 2020. The worst password in 2020 is still the same “123456”. Unfortunately, over the past 12 months, password security hasn’t improved at all. To compile the… Continue reading Though 2020 is ending, the list of worst passwords is still topes “123456”
HIBP (Have I Been Pwned?) leak aggregator opens the source code
Founder of Have I Been Pwned? (HIBP) Troy Hunt announced that after a series of unsuccessful attempts to sell the project, about which he talked this spring, he decided to open the source code. Let I remind you that HIBP, founded in 2013, is a service for verifying credentials for compromise. Collecting information about various… Continue reading HIBP (Have I Been Pwned?) leak aggregator opens the source code
Once More About MongoDB Data Breaches
One of the biggest breaches of databases happened recently – personal information on nearly 50 thousand users was stolen and replaced by random files with instructions on how to get the data back. Even those users who paid never got their information back. Why? Because it is not beneficial to other hackers – if you… Continue reading Once More About MongoDB Data Breaches