Kritti Bhalla reports: Microblogging website Twitter, on December 21, admitted that a malicious code was inserted into its mobile-app that may have compromised some user’s information. The privacy breach is said to have taken place worldwide, including India. “We don’t have evidence that malicious code was inserted into the app or that this vulnerability was…
Canada’s broadcasting agency fines company behind the Orcus malware
Catalin Cimpanu reports: Canada’s broadcasting agency has fined a company with 115,000 Canadian dollars (roughly 87,000 US dollars) for selling malware. The fine was imposed by the Canadian Radio-television and Telecommunications Commission (CRTC) on Orcus Technologies, a company that sold a remote access trojan (RAT) named Orcus. Read more on ZDNet.
Ransomware: The number of victims paying up is on the rise, and that’s bad news
Danny Palmer reports: The number of organisations that are giving into the extortion demands of cyber criminals after falling victim to ransomware attacks has more than doubled this year. A rise in the number of ransomware attacks in the past year has contributed to to the increased number of organisations opting to pay a ransom for…
Member of “Turkish Crime Family” who attempted to extort Apple in 2017 gets no prison time
Catalin Cimpanu reports: A 22-year-old man was sentenced today in London for his involvement in an extortion attempt against Apple, during which the suspect and co-conspirators threatened to mass-hack iCloud accounts and factory reset 250 million iPhones and iPads. The man, Kerem Albayrak, was sentenced today to a two-year suspended jail term, 300 hours of…
Healthcare startup Lyfebin exposed medical images; startup denies they were real or identifiable patient data
Zack Whittaker reports: Healthcare startup Lyfebin exposed thousands of medical imaging files, such as X-rays, MRI scans and ultrasounds. The Los Angeles-based healthcare startup allows doctors and medical staff to store medical images in its “secure environment,” per its website, allowing patients and doctors access from anywhere. This seems to be one of those situations…
Fashion rental company HURR Collective exposed user information through misconfigured plugin
James Walker reports: HURR Collective, a UK-based fashion rental company, has notified around 400 users of a data security incident that resulted in their email addresses being exposed, The Daily Swig has learned. A misconfigured plugin on the HURR website meant that users’ email addresses could be obtained simply by clicking ‘View Source’ on certain web pages….