The emerging ransomware group RansomedVC has claimed an attack against Sony Corporation, offering to sell the data they claim to have stolen from the Japanese technology giant. The threat actors have also shared the tree structure of the accessed databases as proof of the breach onto Sony’s systems, as well as samples of access on … The post RansomedVC Claims Attack Against . . .
Zero-day Vulnerability in Ubiquitous Lib Puts Millions at Risk
A high-severity heap buffer overflow vulnerability in libwebp, fixed recently as a zero-day flaw on Google Chrome, has a much broader impact than initially thought. Libwebp is an open-source library that programs incorporate to gain the ability to encode and decode images in the WebP format, a modern lossless/lossy compression format used extensively in web … The post Zero-day . . .
T-Mobile Allegedly Suffers Another Breach, Employee Data Leaked on Hacking Forum
Samples of data allegedly belonging to the telecom giant T-Mobile appeared on a popular hacking forum earlier today. The forum user who posted the leak released 90 GB of data that has allegedly been exfiltrated from T-Mobile earlier this year, and first released today. The threat actor on the hacking forum has fully released all … The post T-Mobile Allegedly Suffers Another . . .
New ‘Privacy Badger’ Extension Better Protects Against Google Link Tracking
The EFF (Electronic Frontier Foundation) has announced the availability of a new version of ‘Privacy Badger’ that features better link-tracking blocks for Google services. Privacy Badger is a browser extension for Chrome, Firefox, Opera, and Edge, that blocks ads and trackers dynamically, employing algorithmic mechanisms to determine what constitutes tracking or violation of . . .
Proton Pass Retains Passwords in Cleartext Form in Memory
The Proton Pass password manager follows the bad practice of keeping unencrypted usernames and passwords in the computer’s memory. To make matters worse, this sensitive data is not wiped from the memory when the vault is locked post-login, making it susceptible to exfiltration by info-stealer malware or attackers with physical access to the target machine. … The post Proton . . .