IT Information Security

French CNIL fined Tiktok $5.4 Million for violating cookie laws

French data protection watchdog fined short-form video hosting service TikTok €5 million for breaking cookie consent rules. The Commission nationale de l’informatique et des libertés (CNIL) has fined short-form video hosting service TikTok €5 million (about $5.4 million) for violating cookie consent rules. French data protection watchdog claims that users are not able to refuse cookies, as easily […]

The post French CNIL fined Tiktok $5.4 Million for violating cookie laws appeared first on Security Affairs.

January 14, 2023
0 comment
Read More >>

NortonLifeLock: threat actors breached Norton Password Manager accounts

Gen Digital, formerly Symantec Corporation and NortonLifeLock, warns that hackers breached Norton Password Manager accounts. Gen Digital, formerly Symantec Corporation and NortonLifeLock, informed its customers that threat actors have breached Norton Password Manager accounts in credential-stuffing attacks. The company detected an unusually large volume of failed logins to customer accounts on December 12, 2022, and […]

The post NortonLifeLock: threat actors breached Norton Password Manager accounts appeared first on Security Affairs.

January 14, 2023
0 comment
Read More >>

Pro-Russia group NoName057(16) targets Ukraine and NATO countries

A Pro-Russian group named NoName057(16) is targeting organizations in Ukraine and NATO countries with DDoS attacks. A Pro-Russian cybercrime group named NoName057(16) (aka 05716nnm or Nnm05716) is behind a wave of DDoS attacks against organizations in Ukraine and NATO countries, SentinelOne researchers reported. The attacks started in March 2022 and targeted government and critical infrastructure […]

The post Pro-Russia group NoName057(16) targets Ukraine and NATO countries appeared first on Security Affairs.

January 13, 2023
0 comment
Read More >>

LockBit ransomware operation behind the Royal Mail cyberattack

The cyberattack on Royal Mail, Britain’s postal service, is a ransomware attack that was linked to the LockBit ransomware operation. Royal Mail, the British multinational postal service and courier company, this week announced that a “cyber incident” has a severe impact on its operation. The incident only impacted Royal Mail’s international export services, the company said it is temporarily […]

The post LockBit ransomware operation behind the Royal Mail cyberattack appeared first on Security Affairs.

January 13, 2023
0 comment
Read More >>

Threat actors target govt networks exploiting Fortinet SSL-VPN CVE-2022-42475 bug

Recently patched Fortinet FortiOS SSL-VPN zero-day exploited in attacks against government organizations and government-related targets. Fortinet researchers reported that threat actors exploited the recently patched FortiOS SSL-VPN vulnerability (CVE-2022-42475) in attacks against government organizations and government-related targets. In December, the security vendor urged its customers to update their installs to address an actively exploited FortiOS SSL-VPN […]

The post Threat actors target govt networks exploiting Fortinet SSL-VPN CVE-2022-42475 bug appeared first on Security Affairs.

January 13, 2023
0 comment
Read More >>

Critical bug in Cisco EoL Small Business Routers will receive no patch

Cisco warns of a critical flaw in small business RV016, RV042, RV042G, and RV082 routers, which have reached end of life (EoL). Cisco is warning of a critical vulnerability, tracked as CVE-2023-20025 (CVSS score of 9.0), that impacts small business RV016, RV042, RV042G, and RV082 routers. The IT giant announced that these devices will receive no security […]

The post Critical bug in Cisco EoL Small Business Routers will receive no patch appeared first on Security Affairs.

January 13, 2023
0 comment
Read More >>

Threat actors actively exploit Control Web Panel RCE following PoC release

Threat actors are actively exploiting a recently patched critical remote code execution (RCE) vulnerability in Control Web Panel (CWP). Threat actors are actively exploiting a recently patched critical vulnerability, tracked as CVE-2022-44877 (CVSS score: 9.8), in Control Web Panel (CWP). The exploitation attempts began on January 6, 2023, after a proof-of-concept (PoC) exploit code was published […]

The post Threat actors actively exploit Control Web Panel RCE following PoC release appeared first on Security Affairs.

January 12, 2023
0 comment
Read More >>

Threat actors claim access to Telegram servers through insiders

Researchers reported that a threat actor claims to provide access to internal servers at Telegram for $20,000. SafetyDetectives reported that a member of a dark web marketplace is claiming to provide access to internal servers at Telegram for $20,000. The seller claims that the access is permanent because is provided by insiders that are staff […]

The post Threat actors claim access to Telegram servers through insiders appeared first on Security Affairs.

January 12, 2023
0 comment
Read More >>

Twitter: 200M dataset was not obtained through the exploitation of flaws in its systems

Twitter said that its investigation revealed that users’ data offered for sale online was not obtained from its systems. Twitter provided an update on its investigation launched after data of 200 Million users were offered for sale online. The company has found “no evidence” that the data were obtained by hacking into its systems. Below […]

The post Twitter: 200M dataset was not obtained through the exploitation of flaws in its systems appeared first on Security Affairs.

January 12, 2023
0 comment
Read More >>

Social marketplace Trustanduse exposes nearly half a million users

Security loopholes on social marketplace website trustanduse.com exposed data of around 439,000 users including many businesses for at least six months. Disclosing personal data on platforms providing digital services is always risky. The Cybernews research team identified a publicly accessible database storing up to 855GB of sensitive user and business data that belongs to social […]

The post Social marketplace Trustanduse exposes nearly half a million users appeared first on Security Affairs.

January 12, 2023
0 comment
Read More >>