Phil Muncaster reports: Walmart has become the latest big-name brand accused of violating California’s new data breach regulations. The retail giant is the subject of a new complaint alleging that customers now face “significant injuries and damage” after an unspecified incident. Customer names, addresses, financial and other information were among the haul for attackers, according…
Inside REvil Extortionist “Machine”: Predictive Insights
A new paper by AdvIntel is out, and it looks at the psychology of REvil, something that it obviously of great interest to me: We have investigated REvil’s discourse and behavior by applying the methodologies and concepts of criminal psychology to identify the group’s unique characteristics revealed by their recent involvement in large, ethically questionable…
Ca: University of Lethbridge reveals details regarding privacy breach at health centre
Quinn Campbell reports on an email gaffe that disclosed student health information: The University of Lethbridge says an Excel document with personal information of 1,225 patients at its health centre was inadvertently shared with a student. The document that was the subject of a privacy breach included names, dates of birth, personal health numbers, genders…
A hacker used Twitter’s own ‘admin’ tool to spread cryptocurrency scam
Zack Whittaker reports: A hacker allegedly behind a spate of Twitter account hacks on Wednesday gained access to a Twitter “admin” tool on the company’s network that allowed them to hijack high-profile Twitter accounts to spread a cryptocurrency scam, according to a person with direct knowledge of the incident. The account hijacks hit some of the most prominent…
No-Log VPNs Exposed Users’ Logs and Personal Details for All to See
Ugh. vpnMentor reports: A group of free VPN (virtual private network) apps left their server completely open and accessible, exposing private user data for anyone to see. ….. Each of these VPNs claims that their services are “no-log” VPNs, which means that they don’t record any user activity on their respective apps. However, we found multiple…
Google Cloud steps up privacy, security with Confidential VMs and Assured Workloads
Stephanie Condon reports: Google Cloud on Tuesday announced two new security offerings designed for customers with highly-regulated or sensitive data that requires extra protection in the cloud. The first, Confidential VMs, is the initial product in Google’s Confidential Computing portfolio, which promises to let customers keep data encrypted while in use. The second, Assured Workloads for Government,…