Amer Owaida reports: Around 3.5 million security cameras installed in homes and offices mainly in Asia and Europe have serious vulnerabilities that expose the gadgets’ owners to the risk that attackers will spy on them, steal their data or target other devices on the same networks, the United Kingdom’s consumer watchdog Which? has warned. “Brands with…
‘Vendetta’ hackers are posing as Taiwan’s CDC in data-theft campaign
Sean Lyngaas reports: A mysterious hacking group has been posing as Taiwan’s top infection-disease official in an attempt to steal sensitive data from Taiwanese users, researchers said Monday. The hackers sent meticulously written spearphishing emails to a select group of targets, which may have included Taiwan’s Centers for Disease Control employees, according to ElevenPaths, the cybersecurity unit of…
845GB of racy dating app records exposed to entire internet via leaky AWS buckets
Robbie Harb reports: Hundreds of thousands of sensitive dating app profiles – including images of “a graphic, sexual nature” – were exposed online for anyone stumbling across them to download. Word of the uncontrolled emission burst forth from vpnMentor this week, which claims it found a misconfigured AWS S3 bucket containing 845GB of private dating app records….
KR: Police Launch Probe into Possible Leak of Credit Card Data
KBS reports that Seoul police are investigating a “possible massive leak” of data of local credit and debit cards. Police said on Monday that they seized two external hard drives from a suspect surnamed Lee, who allegedly attempted to hack into the computer network of a local commercial bank last year. The seized hard drives…
Privnotes.com Is Phishing Bitcoin from Users of Private Messaging Service Privnote.com
Brian Krebs reports: For the past year, a site called Privnotes.com has been impersonating Privnote.com, a legitimate, free service that offers private, encrypted messages which self-destruct automatically after they are read. Until recently, I couldn’t quite work out what Privnotes was up to, but today it became crystal clear: Any messages containing bitcoin addresses will be automatically altered…
Magecart attackers hit Claire’s, Intersport web shops
Zeljka Zorz reports: Magecart attackers have compromised web shops belonging to large retail chains Claire’s and Intersport and equipped them with payment card skimmers. The compromise of Claire’s online store and that of its sister brand Icing has been flagged by Sansec researchers. Read more on Help Net Security. Update of June 17: Intersport sent the following…