21 Sep 2022

Spell-Checking in Google Chrome, Microsoft Edge Browsers Leaks Passwords

Spell-check features in both Google Chrome and Microsoft Edge are reportedly responsible for leaking sensitive user information such as username, emails, and passwords to Google and Microsoft. Specifically, the data is harvested when consumers fill in forms on popular websites and cloud-based enterprise apps. The issue was identified by security

Read More
14 Sep 2022

ShadowPad-Associated Hackers Targeted Asian Governments

Threat actors associated with the ShadowPad remote access Trojan have implemented a new toolset to assist its campaigns. The group is targeting various government and state-owned organizations spanning multiple Asian countries, according to Symantec. Symantec released an advisory regarding the threats earlier this week. In the report, the security firm

Read More
01 Sep 2022

Cosmetics giant Sephora first to be fined for violating California’s Consumer Privacy Act

Sephora, an international cosmetics giant, has become the first company to be publicly fined for violating California’s relatively new Consumer Privacy Act. The fine was announced in a press release on Wednesday, and California Attorney General Rob Bonta mentioned the settlement. California alleges that Sephora violated the privacy act, resulting

Read More
10 Jun 2022

Feds Forced Travel Firms to Share Surveillance Data on Hacker

The US government has reportedly ordered two travel companies to provide information about the movement of an individual from Russia who is suspected of hacking. The individual, Aleksi Burkov, was monitored by Sabre and Travelport on a weekly basis for two years. The US government claims that the surveillance eventually

Read More
10 May 2022

Government hackers made hundreds of thousands of stolen credit cards ‘worthless’ to crooks

The UK’s Ministry of Defence and the intelligence agency GCHQ recently launched a joint operation aimed at taking action against computer networks utilized by cybercriminals. The operation seeks to protect the public from cyberattacks and render hundreds of thousands of stolen credit cards worthless to the cybercriminals who stole them.

Read More
03 May 2022

Mobile health apps leak sensitive data through APIs, report finds

Knight Ink recently partnered with mobile security company Approov to hack 30 different mobile health apps to analyze whether they pose a threat to valuable health information belonging to users. Cybersecurity researcher Alissa Knight notes how lucrative health information is to cyberattacks, stating that a single PHI record goes for

Read More
27 Apr 2022

In Business, Like In War, Data Is A Weapon

This is part of a series providing insights aimed at corporate strategists seeking competitive advantage through better and more accurate decision-making. The full series is available at our special section on Decision Intelligence.  Members are also invited to discuss this topic at the OODA Member Forum. Broadly speaking, a weapon is anything

Read More
08 Feb 2022

News Corp Discloses Cyber-Attack

News Corp, a publishing company, has officially disclosed that it was the victim of a cyberattack that occurred last month when threat actors compromised email accounts belonging to employees of the company. News Corp is owned by Australian American media tycoon Rupert Murdoch. News Corp delivered an email to its

Read More
08 Feb 2022

Washington Warns of POLARIS Breach

The Washington State Department of Licensing has temporarily closed down its Professional Online Licensing and Regulatory Information System (POLARIS) after detecting suspicious activity on its networks. POLARIS stores sensitive information about license holders and applicants, ranging from cosmetology license holders, drivers and vehicle license, real estate brokers, bail bondsmen, and

Read More
03 Feb 2022

Online Ad Association Fined for Privacy Violation

An association for online advertising companies, IAB Europe, was found to be in violation of European Union data laws, and fined hundreds of thousands of dollars. The association allegedly developed an ad-targeting tool that violated privacy laws and lead to a loss of control over citizen’s personal data. The Belgian

Read More