Category: z-Exclude

Toyota Financial Services (TFS) is warning customers it suffered a data breach, stating that sensitive personal and financial data was exposed in the attack. Toyota Financial Services, a subsidiary of Toyota Motor Corporation, is a global entity with a presence in 90% of the markets where Toyota sells its cars, providing auto financing to its customers. Last month, the company…

Security researchers developed a new attack, which they named AutoSpill, to steal account credentials on Android during the autofill operation. In a presentation at the Black Hat Europe security conference, researchers from the International Institute of Information Technology (IIIT) at Hyderabad said that their tests showed that most password managers for Android are vulnerable to AutoSpill, even if there is no…

A French juvenile court on Friday convicted six teenagers for their roles in the beheading of a teacher by an Islamist extremist that shocked the country. Teacher Samuel Paty was killed outside his school in 2020 after showing his class cartoons of Islam’s Prophet Muhammad during a debate on free expression. The attacker, a young Chechen who had radicalized, was…

US-based genomics scientist Kevin McKernan says he has lost an estimated US $200,000 worth of research data after his account on file hosting service MEGA was deleted overnight. It appears that McKernan’s account was deleted by MEGA in response to an urgent injunction granted to New Zealand’s (NZ) Ministry of Health (MOH) to prevent the sharing of anonymised data leaked…

SINGAPORE – A co-founder of Cake DeFi, which operates a Singapore-based online platform that offers access to decentralised finance services and products, has filed for the company to be wound up. A winding up notice in The Straits Times on Dec 7 showed that the company’s co-founder and chief technology officer Chua U-Zyn, represented by law firm Rajah & Tann Singapore,…

Academic researchers developed a new side-channel attack called SLAM that exploits hardware features designed to improve security in upcoming CPUs from Intel, AMD, and Arm to obtain the root password hash from the kernel memory. SLAM is a transient execution attack that takes advantage of a memory feature that allows software to use untranslated address bits in 64-bit linear addresses for…

SEATTLE – Amazon.com is sharply cutting fees for merchants selling clothing priced below US$20 (S$26.80), a sign it is hunkering down for a price war with Chinese fast-fashion upstart Shein. On Dec 5, Amazon announced it would reduce seller fees on clothing products priced below US$15 to 5 per cent beginning in January. The rates on clothing priced from US$15…

Japanese car maker Nissan is investigating a cyberattack that targeted its systems in Australia and New Zealand, which may have let hackers access personal information. Details of the attack have not been published but the company informed customers of its Nissan Oceania division of a potential data breach, warning them that there is a risk of scams in the upcoming days….

LONDON: The Bank of England on Wednesday said its multiple interest-rate hikes aimed at cooling high inflation would prolong a cost-of-living crisis but stressed UK retail banks could contain the fallout. The BoE’s Financial Policy Committee (FPC) said in a report that almost five million UK homeowners would see mortgage repayments soar over the next three years. Retail banks tend…

IT services and business consulting company HTC Global Services has confirmed that they suffered a cyberattack after the ALPHV ransomware gang began leaking screenshots of stolen data. HTC Global Services is a managed service provider offering technology and business services to the healthcare, automotive, manufacturing, and financial industries. While HTC has not posted a statement to the company website, they…

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning about hackers actively exploiting a critical vulnerability in Adobe ColdFusion identified as CVE-2023-26360 to gain initial access to government servers. The security issue allows executing arbitrary code on servers running  Adobe ColdFusion 2018 Update 15 and older, and 2021 Update 5 and earlier. It was exploited as a zero day before Adobe…

The latest variants of the P2Pinfect botnet are now focusing on infecting devices with 32-bit MIPS (Microprocessor without Interlocked Pipelined Stages) processors, such as routers and IoT devices. Due to their efficiency and compact design, MIPS chips are prevalent in embedded systems like routers, residential gateways, and video game consoles. P2Pinfect was discovered in July 2023 by Palo Alto Networks…

Microsoft’s Threat Intelligence team issued a warning earlier today about the Russian state-sponsored actor APT28 (aka “Fancybear” or “Strontium”) actively exploiting the CVE-2023-23397 Outlook flaw to hijack Microsoft Exchange accounts and steal sensitive information. The targeted entities include government, energy, transportation, and other key organizations in the United States, Europe, and the Middle East. The tech giant also highlighted the…

Tipalti says they are investigating claims that the ALPHV ransomware gang breached its network and stole 256 GB of data, including data for Roblox and Twitch. Tipalti offers technology solutions for accounting, payment processing, eCommerce, and affiliate and influencer programs. The company has numerous well-known customers, including Twitch, Roblox, ZipRecruiter, Roku, GoDaddy, Canva, and X. “Over the past weekend, a…

The U.S. Department of Health and Human Services (HHS) warned hospitals this week to patch the critical ‘Citrix Bleed’ Netscaler vulnerability actively exploited in attacks. Ransomware gangs are already using Citrix Bleed (tracked as CVE-2023-4966) to breach their targets’ networks by circumventing login requirements and multifactor authentication protections. HHS’ security team, the Health Sector Cybersecurity Coordination Center (HC3), issued a sector…

A statistician has come forward with disturbing information that, if correct, will promote doubt on the safety of mRNA vaccination for decades into the future. The whistleblower was involved with building and implementing the New Zealand government database vaccine payment system, a ‘pay per dose system’ that would remit payments to vaccination providers. In an interview with New Zealand journalist…