Ugh. vpnMentor reports: A group of free VPN (virtual private network) apps left their server completely open and accessible, exposing private user data for anyone to see. ….. Each of these VPNs claims that their services are “no-log” VPNs, which means that they don’t record any user activity on their respective apps. However, we found multiple…
Category: Business Sector
Citrix denies dark web claim of network compromise and ransomware attack
Simon Sharwood reports: Citrix has taken the unusual step of rebutting dark web discourse that alleges its networks have been compromised. A Wednesday post penned by CISO Fermin J. Serna says the company is aware of “threat intelligence report circulated concerning claims made on the dark web by a threat actor alleging compromise of the Citrix network,…
Russian BEC Gang Targets Hundreds of Multinational Companies
Akshaya Asokan reports: A newly uncovered Russia-based business email compromise gang has been targeting hundreds of large, multinational corporations in over 40 countries since 2019, according to the security firm Agari. The gang, which Agari calls Cosmic Lynx, uses a combination of social engineering techniques and well-crafted email messages designed to target the upper echelon of…
Revenge is mine, saith a hacker. No big deal, saith a researcher.
Vinny Troia, a self-described security researcher and and the owner of cybersecurity firms Night Lion Security and DataViper.io, will be the opening keynote speaker at SecureWorld’s virtual conference this coming Wednesday. He has promoted himself and his talk by claiming that he will reveal all of the identities of key members of thedarkoverlord, GnosticPlayers, and…
Id: Telkomsel Employee Arrested for Data Theft
Farouk Arnaz and Heru Andriyanto report on an incident in Indonesia: A man who works at the customer service unit of state-owned telecommunication company Telkomsel was arrested for allegedly stealing personal data of social media sensation Denny Siregar, police said on Friday. The suspect is identified by initials F.P.H., 27, who works at Telkomsel’s Grapari office…
Google-backed Indian delivery startup Dunzo suffers data breach
Ivan Mehta reports: Google-backed Indian hyperlocal delivery service Dunzo said it suffered a data breach that left customer data including email IDs and phone numbers exposed. Dunzo provides pick up and deliver services in over seven cities in India. Read more on The Next Web.