Passwords to Access Over a Half Million Car Tracking Devices Leaked Online

We’ve seen a lot of data breaches this year: some big, some small, some that are dangerous, and some that are just embarrassing. But if we were to name one as the creepiest data breach of 2017, this leak of logins for car tracking devices might take the cake. Read More >>

data breach
Viacom Leak May Have Exposed Hundreds of Digital Properties—Paramount Pictures, Comedy Central, MTV, and More

An Amazon server containing roughly a gigabyte’s worth of credentials and configuration files belonging to behemoth media conglomerate Viacom were discovered online and unsecured, according to UpGuard, a California-based “cyber resiliency” firm. A security researcher working for the company discovered the server flapping in the wind last month—without so much as a password between it and the public web. Read More >>

Journalist Nearly Banned From YouTube and Gmail For Posting Al-Qaeda Videos From Chelsea Manning Trial

YouTube’s latest push to ban terrorist propaganda across its ubiquitous video platform is getting off to a rough start. Earlier this week, noted investigative reporter and researcher Alexa O’Brien woke to find that not only had she been permanently banned from YouTube, but that her Gmail and Google Drive accounts had been suspended as well. She would later learn that a reviewer who works for Google had mistakenly identified her channel, in the words of a YouTube representative, as “being dedicated to terrorist propaganda.” Read More >>

Vevo Just Got Hacked

Another day, another multinational video service brought to its knees by a group of rogue hackers with a bone to pick. Read More >>

A Smart Pump Used by Hospitals to Deliver IV Drugs Is Vulnerable to Wireless Attacks

The last place you should have to worry about being hacked is laid out in a hospital bed. But as wireless devices continue to fill patient rooms, those fears can’t help but grow. Read More >>

Mexican Tourism Company Leaked Tens of Thousands of Credit Cards and Passports Online

Security researchers last month discovered a trove of scanned images depicting the credit cards and passports of more than 88,600 international travellers. It’s unknown for how long the documents, which were secured on Wednesday, had been sitting online, just waiting to be stolen. Read More >>

Hackers Deface WikiLeaks Homepage (But That’s About it)

If you tried visiting WikiLeaks late Wednesday evening, you might’ve gotten the impression that the website was hacked. For now at least, that doesn’t appear to be the case. Read More >>

FBI Arrest Chinese National Linked to US Government Agency Data Breach

A 36-year-old Chinese national was arrested in Los Angeles this week in connection with a computer hacking conspiracy involving malware linked to the 2014 US Office of Personnel Management (OPM) data breach. The OPM is responsible for managing civil service employment for the federal government, meaning the hacking incident was a national-level breach of privacy. Read More >>

digital rights
DOJ Demands Troves of Data About Visitors to Anti-Trump Website

A web hosting provider has revealed the US Justice Department’s efforts to obtain records about an activist website established to coordinate “mass protests to shut down the inauguration of Donald Trump.” Read More >>

Google Expels Spyware From Play Store That Recorded Audio and Took Photos Without Permission

Android users are facing new threats to their privacy with the recent discovery of over a thousand spyware apps on the loose. A security firm found that at least three of these apps — which are capable of covertly taking photos, recording audio, retrieving call logs, and more — were available for download on Google Play. Read More >>

Top Security Firm May Be Leaking ‘Terabytes’ of Confidential Data From Major Companies

A leading American security firm and purveyor of anti-malware detection services is waking up to a damning report about a massive vulnerability in its flagship product. The report describes an unimaginable leak, the scope of which covers a wide range of confidential data, including customer credentials and financial records, among other sensitive files. Read More >>

Lawsuit Claims Disney Sold Children’s Info to Advertisers

The Walt Disney Company is facing a lawsuit alleging it violated US federal law aimed at protecting children’s online privacy. The company allegedly allowed advertising tech companies to embed software in its apps, enabling the collection of children’s personal information. Read More >>

The WannaCry Ransomware Attackers Are Cashing Out Their Bitcoin at a Dangerous Time

When the WannaCry ransomware attack hit back in May, it was really good at causing chaos but not so great at generating ransom money. Some analysts said that the attackers were amateurish in their methods. If the people behind the malware are as clumsy as they seem, they should be worried, because they recently started moving what Bitcoin they did collect during a particularly perilous time for cybercriminals. Read More >>

Most Guns Sold on the Dark Web Originate from the United States, Study Finds, Surprising No One  

Roughly three-fifths of the weapons sold on a selection of dark web marketplaces originate from the United States, according to a new study examining the scope of the internet’s black market arms trade. Read More >>

Nearly 90,000 Sex Bots Invaded Twitter in ‘One of the Largest Malicious Campaigns Ever Recorded on a Social Network’

Last week, Twitter’s security team purged nearly 90,000 fake accounts after outside researchers discovered a massive botnet peddling links to fake “dating” and “romance” services. The accounts had already generated more than 8.5 million posts aimed at driving users to a variety of subscription-based scam websites with promises of—you guessed it—hot internet sex. Read More >>