Bill Toulas reports: An ongoing phishing campaign impersonating E-ZPass and other toll agencies has surged recently, with recipients receiving multiple iMessage and SMS texts to steal personal and credit card information. The messages embed links that, if clicked, take the victim to a phishing site impersonating E-ZPass, The Toll Roads, FasTrak, Florida Turnpike, or another toll authority…
Category: Miscellaneous
Hacking Verizon Call Records: A Security Breach with National Security Implications
Kirsten Doyle reports: Security researcher Evan Connelly recently identified a security vulnerability in the Verizon Call Filter iOS app which made it possible for a malicious actor to leak call history logs of Verizon Wireless customers. Call logs can be highly valuable, particularly for nation-states, as they enable intelligence agencies to map social networks, track high-value targets, figure…
Canada’s Privacy Commissioner launches breach risk self-assessment tool for organizations
March 26, 2025 – Gatineau, Quebec Privacy Commissioner of Canada Philippe Dufresne has launched a new online tool that will help businesses and federal institutions that experience a privacy breach to assess whether the breach is likely to create a real risk of significant harm to individuals. The privacy breach risk self-assessment tool is a convenient web-based application…
Alleged Data Breach at Korea Aerospace Research Institute Sparks Major Investigation
In today’s reminder of the insider threat, Jung Suk-yee reports that employees of the Korea Aerospace Research Institute (KARI) are being investigated by the Daejeon Metropolitan Police Agency for leaking sensitive technology: The investigation, which has captured national attention, involves a suspected breach of data related to South Korea’s ambitious Nuri space launch vehicle project….
Microsoft wouldn’t look at a bug report without a video. Researcher maliciously complied
Connor Jones reports: A vulnerability analyst and prominent member of the infosec industry has blasted Microsoft for refusing to look at a bug report unless he submitted a video alongside a written explanation. Senior principal vulnerability analyst Will Dormann said last week he contacted Microsoft Security Response Center (MSRC) with a clear description of the…
Appellate court upholds sentence for former Uber cyber executive Joe Sullivan
Jonathan Greig reports: The conviction of former Uber chief security officer Joe Sullivan on obstruction of justice charges was upheld by the U.S. Court of Appeals for the Ninth Circuit in California this week after the cybersecurity expert disputed several aspects of his sentence and charges. Sullivan was given three years probation by a U.S….