Former employee blamed for hack of WordPress plugin maker
The plugin’s users are recommended to change their passwords on WPML’s website following havoc reportedly wrought by a disgruntled ex-employee
News
Twitter bug may have exposed private tweets of Android users for years
If you use Twitter for Android and want your tweets to be private, you may want to play safe and review your settings
Car and almost $1m on offer for Tesla Model 3 hacks
The electric car maker is raising the ante in automotive security, putting one of its swanky models as a target at a hacking contest
Face unlock on many Android smartphones falls for a photo
No 3D-printed heads or realistic masks were needed to trick even a handful of high-end handset models into unlocking their screens
Personal data of German political elite dumped online
The vast trove of data was released online and disseminated via Twitter over the span of four weeks – without anybody really noticing
Marriott Starwood data breach: 5 defensive steps travelers should take now
Defensive steps for Marriott Starwood guests worried their personal information may have been compromised by the massive data breach
US indicts two over SamSam ransomware attacks
The hacking and extortion scheme took place over a 34-month period with the SamSam ransomware affecting over 200 organizations in the US and Canada
New Yorker accused of stealing $1m from Silicon Valley executive via SIM swap
The suspect is believed to have carried out the scam on no fewer than six executives in the Bay Area, albeit ultimately with varying success
Two Brits jailed for TalkTalk hack
The breach exposed the personal data of 160,000 people and cost the telecom company £77 million
Attackers exploit flaw in GDPR-themed WordPress plugin to hijack websites
The campaign’s goals aren’t immediately clear, as the malefactors don’t appear to be leveraging the hijacked websites for further nefarious purposes
US Air Force invites white hats to find hackable flaws, again
This is the third time that the Air Force asks ethical hackers to uncover chinks in its digital armor
Cathay Pacific breach exposes data of 9.4 million passengers
The data breach at the Hong Kong flag carrier is the third such incident to hit the aviation industry in two months
Tumblr patches bug that could have exposed user data
The microblogging platform is assuring its users that has found no evidence that any data was actually stolen
Facebook downgrades victim count, details data accessed in breach
While the number of victims is lower than previously thought, the data accessed for millions of them is more sensitive than originally believed
Google+ to shut down due to lack of adoption and privacy bug
Google has found no evidence of misuse of user information courtesy of a security glitch in the social platform’s API
Facebook: No evidence attackers used stolen access tokens on third-party sites
The social networking behemoth is expected to face a formal investigation by Ireland’s Data Protection Commission in what could be the “acid test” of GDPR since the law took effect in May
50 million Facebook users affected in breach
It has yet to be determined whether the accounts were misused or what information was accessed. In the meantime, you can improve your account security with a few easy steps
Twitter patches bug that may have spilled users’ private messages
The flaw affected one of the platform’s APIs between May 2017 and September 10 of this year, when it was patched “within hours”
Patch Tuesday: Microsoft plugs zero-day hole exploited by PowerPool
Microsoft and Adobe have each shipped out their scheduled batches of patches to address security flaws in their respective software
PoC targeting critical Apache Struts bug found online
The discovery was made barely two days after the release of a patch that fixes the critical flaw in the web application framework