05 Apr 2021

Trustwave Uncovers Vulnerability in Popular Website CMS

Cybersecurity firm Trustwave has uncovered a vulnerability in the website CMS, Umbraco. The organization posted about the bug, which is a privilege escalation issue, on their website earlier this week. The flaw allows for low privileged users to elevate themselves to the status of admin and reap associated benefits and

Read More
31 Mar 2021

Intel Sued Under Wiretapping Laws for Tracking User Activity on its Website

A class-action suit in Lake County, Florida, alleges that Intel unlawfully intercepted communications without user consent. The claim is backed by the usage of analytics technology on Intel’s company website. Intel capitalizes on session-replay software to capture the interactions of people visiting the corporate homepage, a violation of user rights.

Read More
31 Mar 2021

New poll shows Facebook’s severe trust problem

A new poll shows that Facebook is experiencing difficulties maintaining user trust. Facebook is often utilized as an echo chamber, a place to spread conspiracies, and a news source for more than half of all adult Americans. However, the Cambridge Analytica scandal has perhaps permanently tainted Americans’ view of Facebook

Read More
24 Mar 2021

Security Analysis Clears TikTok of Censorship, Privacy Accusations

Security researchers at CitizenLab have conducted an extensive research investigation into TikTok’s source code, concluding that the code is in line with industry standards. TikTok has been widely criticized for poor privacy and data-sharing practices, censorship concerns, and national security risks as the app is owned by Chinese tech giant

Read More
16 Mar 2021

Judge Upholds Privacy Lawsuit Against Google

A judge has upheld a lawsuit brought against Google in June of 2020 alleging that the tech giant has violated consumer privacy by failing to halt the gathering of personal data when users turn off data collection or operate in “incognito mode” when browsing the internet. According to the complaint,

Read More
16 Mar 2021

Utah Company Stored Passport Scans on Unsecured Server

Security researcher Bob Diachenko discovered an unsecured server hosted by Utah-based company Premier Diagnostics on February 22, in which he found sensitive information pertaining to 50,000 customers. Diachenko currently works for consumer privacy watchdog Compairtech, which aims to promote data privacy through testing various services. Customer data located within the

Read More
10 Mar 2021

Exposed Password Gave Hackers Access to 150,000 Cameras

A new report reveals details about a hacktivist endeavor that claims to have successfully targeted and hacked a leading surveillance camera manufacturer called Verkada. Verkada is based out of San-Mateo and conceded that they had to disable all internal administrative accounts to prevent unauthorized access. An international hacker collective seems

Read More
02 Mar 2021

Asian Food Distribution Giant JFC International Hit by Ransomware

JFC International has revealed that it has been hit by a ransomware attack disrupting several of its IT systems. The food giant is a major distributor and wholesaler of Asian food products to Europe and the US. The attacks allegedly impacted JFC International’s Europe Group, and the company expects to

Read More
26 Feb 2021

Health Website Leaks 8 Million COVID-19 Test Results

In India, a teenaged ethical hacker named Sourajeet Majumder uncovered a flawed endpoint associated with a health department in the state of Bengal that exposed eight million Covid-19 test results and personally identifiable information. The data leak, likely a human-related error, has exposed confidential health information for an entire geographic

Read More
04 Feb 2021

Clearview Facial-Recognition Technology Ruled Illegal in Canada

This week, Canadian authorities ruled that the use of facial recognition technology from Clearview is prohibited due to violations of federal and provincial privacy laws. Clearview has received backlash from the security industry for its controversial practice of harvesting faceprints from the internet and selling them. The company could feel

Read More