A Cloudflare CDN flaw that can expose some location data to an attacker was patched before being ethically disclosed, but the security researcher that discovered it says that the trick still works with the use of a VPN service and some extra steps.
Cyber Security
Cyber criminals, state-sponsored hackers and even the occasional disgruntled employee are constantly looking to gain unauthorized access for a variety of purposes: theft of money, cyber espionage, personal information for sale or for use in scams, and damage to critical infrastructure for just a few of the most common.
So how does an organization mitigate an entire world full of continual cyber attacks? Just as buildings have a number of necessary elements of physical security: access control, cameras, alarms and so on; there are similar key elements of cyber security that are absolutely vital for just about any modern business.
It starts with identifying and closing the most common doors that attackers use. For example, phishing attacks on employees are far and away the most common initial point of entry. The breach of even a low-level employee account can quickly turn into an escalation in access privileges and the ability to reach sensitive information. This is also true of smart devices, which are generally more poorly secured than computers and phones.
Law firm Wolf Haldenstein Adler Freeman & Herz LLP has notified more than 3.4 million people that a December 2023 data breach exposed their personal information.
Hackers are using Google Ads to direct victims to phishing sites that steal advertiser accounts in the “most egregious malvertising campaign” tracked by cybersecurity firm Malwarebytes.
Biden's Executive Order 14110 of Oct. 30, 2023 was aimed at developers of "the most powerful" AI systems. It required reporting of potential AI risks and sharing of results of their red-team safety tests with federal agencies.
Blood donation service OneBlood has confirmed that the July 2024 ransomware attack claimed by the Russian RansomHub cybercrime group resulted in personal data breach.
A recent breach of the US Treasury yielded access to Secretary Janet Yellen's computer along with those of two of her lieutenants, according to inside sources speaking to Bloomberg News reporters.
Just days before the inauguration ceremony, the outgoing Biden administration issued a sweeping cybersecurity executive order aimed primarily at improving the defenses of federal agencies and their contractors.
The UN’s aviation agency, the International Civil Aviation Organization (ICAO), suffered a data breach that leaked the personal information of nearly 12,000 job applicants.
EdTech firm PowerSchool suffered a significant data breach that leaked the sensitive personal information of students, teachers, and guardians, resulting in ransom payment.
A new proposal from the Home Office would prevent the NHS as well as schools and local councils from making ransomware payments, and certain limitations would also be put on private companies along with the public sector.










