Zack Whittaker reports: A security researcher has found several vulnerabilities in the popular open-source Horde web email software that allow hackers to near-invisibly steal the contents of a victim’s inbox. […] Numan Ozdemir disclosed his vulnerabilities to Horde in May. An attacker can scrape and download a victim’s entire inbox by tricking them into clicking a malicious…
Category: Miscellaneous
NSW Labor headquarters reported for possible data breach
Angus Grigg and Edmund Tadros report: The NSW Labor party could be dragged into the troubles of an embattled Sydney mayor after he was accused of breaching data privacy laws and misusing the electoral roll. Ryde mayor Jerome Laxale was reported to the NSW Electoral Commission after sending a seemingly innocuous birthday letter to a…
American Cancer Society’s online store infected with credit card stealing malware
Zack Whittaker reports: The American Cancer Society’s online store has become the latest victim of credit card-stealing malware. Security researcher Willem de Groot found the malware on the organization’s store website, buried in obfuscated code designed to look like legitimate analytics code. The code was designed to scrape credit card payments from the page, like similar attacks…
Ontario Science Centre data breach exposes 174,000 names, email addresses
David Rider reports: A summertime data breach exposed the names and email addresses of 174,000 Ontario Science Centre members, donors and others including customers for camps and birthday parties, the Star has learned. Campaigner, a company that does email blasts for the provincially owned tourist attraction, informed the science centre on Aug. 16 that “someone…
UKIP leader suspended over data theft allegations
BBC reports: UKIP has suspended its leader and three other members after they were accused of stealing data from the party. An email to all members from chairman Kirstan Herriot said she was “forced to take serious action” against Richard Braine, Tony Sharp, Jeff Armstrong and Mark Dent. This included reporting them to Action Fraud…
The Untold Story of the 2018 Olympics Cyberattack, the Most Deceptive Hack in History
Andy Greenberg reports: Just before 8 pm on February 9, 2018, high in the northeastern mountains of South Korea, Sang-jin Oh was sitting on a plastic chair a few dozen rows up from the floor of Pyeongchang’s vast, pentagonal Olympic Stadium. He wore a gray and red official Olympics jacket that kept him warm despite the…