vpnMentor reports: vpnMentor’s research team, led by cybersecurity analyst Noam Rotem, recently uncovered a data breach originating from the Fleek social media app. While it appears Fleek ceased operating in 2019, it failed to secure a huge amount of sensitive data collected from users since it launched in 2016. Fleek was marketed as an ‘x-rated’ alternative to Snapchat’s “Campus Stories”, with…
Category: Business Sector
UK: Wentworth Golf Club members informed of hack
Golf Punk reports: The exclusive Wentworth Club in Surrey home to the European Tour has suffered a data breach with membership data stolen. The club’ membership, which reads like a whos who of the rich and famous, has been informed by the club and asked to remain vigilant. The entire membership of over 4,000 members…
FIN11 e-crime group shifted to CL0P ransomware and big game hunting
Derek B. Johnson reports: The financially motivated FIN11, which increasingly incorporated CL0P ransomware into their operations in 2020, appeared to rely on low-effort volume techniques like spamming malware for initial entry, but put a substantial amount of effort into each follow-up compromise. “Several of their recent ransom notes explicitly name data stolen from workstations that…
Cn: 30 Firms Reprimanded Over Data Privacy Violations in Guangdong
Regulation Asia reports: The Guangdong Communications Administration ordered 30 firms including banks and securities firms to fix the breaches and revamp their mobile phone apps. China’s GDCA (Guangdong Communications Administration) has reprimanded 30 banks, financial services and fintech firms for unauthorised data access and collection through their mobile phone apps, the SCMP reports. The GDCA alleges that…
Cybercriminals are Bypassing Multi-factor Authentication to Access Organisation’s Cloud Services
Graham Cluley writes: The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning to companies to better protect their cloud-based accounts after several recent successful attacks. According to an advisory published by CISA, an increasing number of attacks have succeeded as more employees have begun to work remotely with a variety…
Ph: Privacy Commission summons operators of website that exposed car owners’ personal data
There’s an update to a data leak situation previously noted on this site. It’s always interesting to me to see how other countries handle privacy violations or data leaks. It looks like the NPC has the authority — and uses it — to order ISPs to block access to problematic web sites that violate privacy….