97% of all email users do not know what a phishing email looks like. 21% of all ransomware is sent through email and 92% of all malware is sent through emails. The average financial cost of a data breach is $3.86m. Email phishing is a very dangerous and also very common way for cyber criminals to take your money and your personal information. The term “phishing” derives from “fishing” because the adversary will bait the...

The AWS database was exposed on the internet for several years until it was secured on July 1, 2019.The compromised data included users’ full names, birth dates, genetic health information, and other medical conditions. A misconfigured Amazon Web Services (AWS) database had left more than 3,000 client health reports exposed to the internet for several years. The exposed data belonged to a DNA-testing service vendor Vitagene Inc. What data was exposed? On July 1, Vitagene...

Apple has disabled the Walkie Talkie app from its Apple Watch products after a vulnerability was discovered enabling bad actors to eavesdrop on iPhone conversations. Apple has temporarily disabled the Walkie-Talkie feature from the Apple Watch due to a vulnerability that could allow potential attackers to eavesdrop in on iPhone calls, a TechCrunch report said. The Apple Watch Walkie-Talkie app allows users to converse with friends in real-time, without having to make a phone call,...

The data breach occurred after Nemadji Research Corporation, a contractor of the L.A. County Department of Health Services fell victim to a phishing attack in March 2019.The exposed data includes patient names, addresses, dates of birth, medical record numbers and Medi-Cal identification numbers. Almost 14,591 patients who received medical care through Los Angeles County’s hospitals and clinics had their personal information compromised in a data breach. What happened? The data breach occurred after Nemadji Research...

The server contained source code, passwords, configuration details, and other sensitive information related to GE Aviation’s internal infrastructure.It was one of the 5,495 publicly available Jenkins instances as indexed by Shodan. A publicly available Jenkins server of GE Aviation was found spilling sensitive data out in the open. Security researcher Bob Diachenko came across this exposed server during a search for open Jenkins instances on the Shodan search engine. The server is believed to be...

Mobile phones have a huge impact on the day-to-day lives and the way one communicates with the world. With leading mobile messaging platform WhatsApp recently revealing a major security flaw that could let hackers access phones, it’s time to reconsider safety measures for mobile networks. Even in the corporate world, it’s hard to find an employee today who doesn’t use a mobile phone to respond to emails at the least. It’s also common for employees...

Around 900 customers are said to have been targeted in the attack, who collectively lost around ¥55 million.The attackers exploited a security flaw in 7pay, a mobile payment app developed by 7-Eleven. Popular supermarket chain 7-Eleven has become the latest victim in a cyber attack. Attackers banked on a security flaw in 7-Eleven’s 7pay and stole around ¥55 million. This was done by making fraudulent payments from 7pay accounts of around 900 Japanese customers. The...

The campaign was found responsible for adding “1800ForBail” or “1800ForBail – One+Number” keywords to titles of hundreds of WordPress sites.It was reported that the attackers in the campaign exploited vulnerabilities in WordPress plugins to load malicious code from the targeted sites. Recently, a new attack campaign responsible for adding phony keywords in the titles of vulnerable WordPress sites was discovered. The attackers added “1800ForBail” or “1800ForBail – One+Number” in the titles of the compromised sites....

(Bloomberg) — Attunity Ltd., a company that manages and safeguards data, left internal files exposed on the internet for clients including Ford Motor Co., and the Toronto-Dominion Bank, in the latest example of sensitive information being publicly accessible on the web.  The incident revealed passwords and network information about Attunity as well as emails and technology designs from some of its high-profile customers. Researchers at UpGuard Inc., a cybersecurity company, found more than a terabyte of data left unsecured...

The vulnerabilities in EA’s Origin platform could be exploited by abusing authentication tokens and related trust mechanisms.Origin is known for digital distribution of some of the popular video games published by EA. Origin, the digital distribution platform by video game company Electronic Arts (EA), was found containing numerous vulnerabilities that could have led to account takeover attacks on its users. The vulnerabilities were identified by security researchers from Check Point Research and CyberInt. According to...