Gadgets Now reports: At the Mobile Pwn2Own event, being held in Tokyo, Japan, a couple of hackers successfully made use of an iOS 12.1 bug to access photos from an iPhone that have been deleted. As reported by Forbes, the hackers named Richard Zhu and Amat Cama teamed up as to use the loophole and…
Category: Commentaries and Analyses
One in five Magecart-infected stores get reinfected within days
Catalin Cimpanu reports: Online stores that have been infected with the Magecart malware –known to record and steal credit card details from checkout forms– often get reinfected after clean-up operations, a recent report has revealed. “In the last quarter, 1 out of 5 breached stores were infected (and cleaned) multiple times, some even up to…
WordPress GDPR plugin inadvertently exposed sites to hackers
Keumars Afifi-Sabet reports: Attackers have been exploiting a flaw in a WordPress GDPR-compliance plugin to hijack vulnerable websites and implement remote code execution. The flaw had been present in Wordfence’s GDPR Compliance plugin for at least four months and, ironically, allowed hackers to gain access to a site using the tool. Hackers could then execute any…
Italian prosecutors have given up on catching the person who hacked and destroyed Hacking Team
Cory Doctorow reports: Hacking Team (previously) was an Italian company that developed cyberweapons that it sold to oppressive government around the world, to be used against their own citizens to monitor and suppress political oppositions; in 2015, a hacker calling themselves “Phineas Fisher” hacked and dumped hundreds of gigabytes’ worth of internal Hacking Team data,…
A DJI Bug Exposed Drone Photos and User Data
Lily Hay Newman reports: DJI makes some of the most popular quadcopters on the market, but its products have repeatedly drawn scrutiny from the United States government over privacy and security concerns. Most recently, the Department of Defense in May banned the purchase of consumer drones made by a handful of vendors, including DJI. Now DJI has…
Facebook May Face 100M Euro Lawsuit From France’s Internet Society Over Privacy Breach
Daniel R. Stoller reports: A French nongovernmental organization wants Facebook Inc. to pay 100 million euros ($113 million) and fix any problems stemming from recent data security incidents and privacy breaches. The Internet Society of France, a public interest group that advocates for online rights, sent a formal notice to Facebook and its subsidiaries Instagram…