Category: Tech

A 29-year-old man in Ukraine was arrested this week for using hacked accounts to create 1 million virtual servers used to mine $2 million in cryptocurrency.  As announced today by Europol, the suspect is believed to be the mastermind behind a large-scale cryptojacking scheme that involves hijacking cloud computing resources for crypto-mining. By using the computing resources of others’ servers to…

Starting in the mid-20th century, companies began distorting and manipulating science to favor specific commercial interests. Big tobacco is both the developer and the poster child of this strategy. When strong evidence that smoking caused lung cancer emerged in the 1950s, the tobacco industry began a campaign to obscure this fact. The Unmaking of Science The tobacco industry scientific disinformation…

ALBANY – Alphabet’s Google violated US labour law by refusing to bargain with a union representing contract workers for YouTube Music, a federal agency has ruled. The National Labour Relations Board (NLRB) in a decision on Jan 3 rejected claims by Google, which owns YouTube, that it should not be considered the employer of workers provided by staffing firm Cognizant…

Adult media giant Aylo has blocked access to many of its websites, including PornHub, to visitors from Montana and North Caroline as new age verifications laws go into effect. This move also impacts other adult sites owned by the company, including Tube8, RedTube, and Brazzers. As of January 1st, new age verification laws went into effect in Montana and North…

Apple has said it would suffer “irreparable harm” after the White House allowed a ban on imports on some of its watches following a dispute over the devices’ blood oxygen technology. The tech giant is filing an emergency motion asking a court to allow it to sell two of its most popular watches – the Series 9 and Ultra 2…

The Idaho National Laboratory (INL) confirmed that attackers stole the personal information of more than 45,000 individuals after breaching its cloud-based Oracle HCM HR management platform last month. INL is one of 17 U.S. Department of Energy’s (DOE’s) national laboratories, and it employs 6,100 researchers and support staff involved in national security and nuclear research. On November 20, it confirmed…

A U.S. federal court jury has decided that Google’s Android app store has been protected by anti-competitive barriers that have damaged smartphone consumers and software developers, dealing a blow to a major pillar of a technology empire. The unanimous verdict reached Monday came after just three hours of deliberation following a four-week trial revolving around a lucrative payment system within…

Valve has reportedly fixed an HTML injection flaw in Counter-Strike 2 that was heavily abused today to inject images into games and obtain other players’ IP addresses. While initially thought to be a more severe Cross Site Scripting (XSS) flaw, which allows JavaScript code to be executed in a client, the bug was determined only to be an HTML injection…

Cold storage and logistics giant Americold has confirmed that over 129,000 employees and their dependents had their personal information stolen in an April attack, later claimed by Cactus ransomware. Americold employs 17,000 people worldwide and operates more than 24 temperature-controlled warehouses across North America, Europe, Asia-Pacific, and South America. The April network breach led to an outage affecting the company’s operations after…

Toyota Financial Services (TFS) is warning customers it suffered a data breach, stating that sensitive personal and financial data was exposed in the attack. Toyota Financial Services, a subsidiary of Toyota Motor Corporation, is a global entity with a presence in 90% of the markets where Toyota sells its cars, providing auto financing to its customers. Last month, the company…

Genetic testing company 23andMe announced on Friday that hackers accessed around 14,000 customer accounts in the company’s recent data breach. In a new filing with the U.S. Securities and Exchange Commission published Friday, the company said that, based on its investigation into the incident, it had determined that hackers had accessed 0.1% of its customer base. According to the company’s most recent…

Security researchers developed a new attack, which they named AutoSpill, to steal account credentials on Android during the autofill operation. In a presentation at the Black Hat Europe security conference, researchers from the International Institute of Information Technology (IIIT) at Hyderabad said that their tests showed that most password managers for Android are vulnerable to AutoSpill, even if there is no…

Kentucky health system Norton Healthcare has confirmed that a ransomware attack in May exposed personal information belonging to patients, employees, and dependents. Norton Healthcare serves adult and pediatric patients in more than 40 clinics and hospitals across Greater Louisville, Southern Indiana, and the Commonwealth of Kentucky. With over 20,000 employees, more than 1,750 employed medical providers, and over 3,000 total…

US-based genomics scientist Kevin McKernan says he has lost an estimated US $200,000 worth of research data after his account on file hosting service MEGA was deleted overnight. It appears that McKernan’s account was deleted by MEGA in response to an urgent injunction granted to New Zealand’s (NZ) Ministry of Health (MOH) to prevent the sharing of anonymised data leaked…

As Genetic testing provider 23andMe faces multiple lawsuits for an October credential stuffing attack that led to the theft of customer data, the company has modified its Terms of Use to make it harder to sue the company. In October, a threat actor attempted to sell 23andMe customer data and, after failing to do so, leaked the data for 1 million…

Academic researchers developed a new side-channel attack called SLAM that exploits hardware features designed to improve security in upcoming CPUs from Intel, AMD, and Arm to obtain the root password hash from the kernel memory. SLAM is a transient execution attack that takes advantage of a memory feature that allows software to use untranslated address bits in 64-bit linear addresses for…