22 Jun 2021

Bugs in NVIDIA’s Jetson Chipset Opens Door to DoS Attacks, Data Theft

NVIDIA has patched nine high severity bugs found in its Jetson SoC framework pertaining to the way the program handles low-level cryptographic algorithms. The flaws allegedly impact millions of IoT devices utilizing the Jetson chips. This leaves the devices vulnerable to a variety of attacks, including denial-of-service (DoS) and data

Read More
18 Jun 2021

Carnival Confirms Another Breach Impacting Staff and Passengers

Carnival Corporation, one of the world’s largest cruise ship operators, has disclosed a data breach that occurred in mid-March. It is unclear how many passengers, customers, employees, and crew were affected by the incident. Carnival runs some of the globe’s leading cruise lines and has suffered from a data breach

Read More
16 Jun 2021

Millions of Connected Cameras Open to Eavesdropping

According to a warning released by the Cybersecurity and Infrastructure Security Agency, millions of connected security and home cameras contain a critical software vulnerability that could allow for remote attackers to view video feeds. The bug has been designated as a 9.1 CVSS score, meaning that it is of high

Read More
16 Jun 2021

Facebook awards $30,000 bounty for exploit exposing private Instagram content

Bounty hunter Mayur Fartade has been awarded $30,000 for discovering and reporting a vulnerability in Instagram’s privacy features. According to Fartade, he uncovered a set of vulnerable endpoints within the Instagram app that allowed hackers to view private media on the platform without following a targeted account. Fartade wrote in

Read More
02 Jun 2021

Amazon Sidewalk Poised to Sweep You Into Its Mesh

Amazon has announced a new initiative set to be released on June 8. The program, called Amazon Sidewalk, introduces a new long-term effort to extend the working range of low bandwidth, low-power, smart lights, sensors, and other low-cost devices customers install at the edge of their home network. Amazon Sidewalk

Read More
25 May 2021

Air India Confirms Data of 4.5M Travelers Compromised

Air India has confirmed that a cyberattack led to the exposure of data belonging to roughly 4.5 million global passengers. According to the company, aviation IT provider SITA’s Passenger Service System was accessed by an unauthorized third party in early March. This system stores and processes all of the personal

Read More
24 May 2021

Amex Fined After Sending Over Four Million Spam Emails

American Express has been fined by the UK’s Information Commissioner’s Office (ICO) for sending out over four million spam emails, becoming the latest big-name brand to receive a fine from the data protection regulator. The company has been fined £90,000 for the emails, which were marketing messages. The ICO alleges

Read More
20 May 2021

Android apps exposed data of millions of users through cloud authentication failures

Check Point Research published a report on Thursday detailing Android apps that contain critical cloud misconfiguration that allow for the potential exposure of data belonging to 100 million users. The report states that 23 popular mobile apps contain a variety of misconfiguration of third-party cloud services, which are widely used

Read More
19 May 2021

Recruiter’s Cloud Snafu Exposes 20,000 CVs and ID Documents

Website Planet researchers recently uncovered an AWS S3 web bucket left unsecured by FastTrack Reflex Recruitment, which has been renamed to TeamBMS. The database included personal information pertaining to tens of thousands of jobseekers and held sensitive data and documents such as dates of birth, email addresses, full names, home

Read More
17 May 2021

‘Scheme Flooding’ Allows Websites to Track Users Across Browsers

Security researchers have discovered a new vulnerability that allows browsers to enumerate applications on a machine, threatening cross-browser anonymity in popular search engines such as Chrome, Firefox, Microsoft Edge, Safari, and Tor. The vulnerability is referred to as “scheme flooding,” and allows websites to identify users across different desktop browsers,

Read More