LastPass 2022 Breach Led to Years-Long Cryptocurrency Thefts, TRM Labs Finds

The encrypted vault backups stolen from the 2022 LastPass data breach have enabled bad actors to take advantage of weak master passwords to crack them open and drain cryptocurrency assets as recently as late 2025, according to new findings from TRM Labs. The blockchain intelligence firm said...

Deepfake-posting man faces huge $450,000 fine

A man is facing a $450,000 AU fine after he published deepfake images of prominent Australian women on the now-defunct MrDeepfakes web site. That's if Australia's online safety regulator gets its way. Anthony Rotondo faces charges of posting these and other explicit deepfake images to the...

Deepfake-posting man faces huge $450,000 fine

A man is facing a $450,000 AU fine after he published deepfake images of prominent Australian women on the now-defunct MrDeepfakes web site. That's if Australia's online safety regulator gets its way. Anthony Rotondo faces charges of posting these and other explicit deepfake images to the...

Australia Passes Bill to Fine Companies up to $50 Million for Data Breaches

The Australian government has passed a bill that markedly increases the penalty for companies suffering from serious or repeated data breaches. To that end, the maximum fines have been bumped up from the current AU$2.22 million to AU$50 million, 30% of an entity's adjusted turnover in the relevan...

Privacy-by-design… not by accident

The concept of privacy-by-design was actually devised almost 30 years ago by Ann Cavoukian, PhD, former Ontario Information and Privacy Commissioner. If youre reading a blog about privacy, chances are good you have at least a passing familiarity with Dr. Cavoukians seminal contribution to the...

OSV-2020-353 Stack-buffer-overflow in ot::MeshCoP::Commissioner::GeneratePskc

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19386 Crash type: Stack-buffer-overflow WRITE Crash state: ot::MeshCoP::Commissioner::GeneratePskc ot::Ncp::NcpBase::HandlePropertySetSPINELPROPMESHCOPCOMMISSIONERGENERATEPS ot::Ncp::NcpBase::HandlePropertySetForSpecialPropert...

CVE-2019-20791

OpenThread before 2019-12-13 has a stack-based buffer overflow in MeshCoP::Commissioner::GeneratePskc...

CVE-2019-20791

OpenThread before 2019-12-13 has a stack-based buffer overflow in MeshCoP::Commissioner::GeneratePskc...

Stack overflow

OpenThread before 2019-12-13 has a stack-based buffer overflow in MeshCoP::Commissioner::GeneratePskc...

CVE-2019-20791

CVE-2019-20791 describes a stack-based buffer overflow in OpenThread before 2019-12-13, specifically in MeshCoP::Commissioner::GeneratePskc. The NVD entry lists a base score of 9.8 (CVSS-3.1) with CRITICAL impact, network attack vector, low attack complexity, no privileges required, and no user i...

TGI Fridays Delivers Customer Indigestion Over Data Exposure

Customers of TGI Fridays Australia were “strongly recommended” to change their MyFridays membership rewards program passwords. According to an email sent to customers this week, the company had inadvertently left sensitive loyalty program data exposed on the internet. News of the leaky server...

British Airways Fined £183 Million Under GDPR Over 2018 Data Breach

Britain's Information Commissioner's Office ICO today hit British Airways with a record fine of £183 million for failing to protect the personal information of around half a million of its customers during last year's security breach. British Airways, who describes itself as "The World's Favorite...

UK Slaps Facebook with $645K Fine Over Cambridge Analytica Scandal

The UK has fined Facebook $645,000 over Cambridge Analytica’s data harvesting practices, which exploited the data of 87 million users of the social network. That represents a gnat bite for the tech giant, which generated $5.1 billion in net profit in the second quarter of the year. However, the...

800K Patient Records At Issue in ProCare Health Snafu

Four healthcare IT companies are warning that one of New Zealand’s largest networks of family doctors, nurses and general practice teams has been storing hundreds of thousands of patient records containing personally identifiable information PII – without the knowledge or consent of the data...

Facebook agrees to Stop using UK Users' WhatsApp Data for Targeted Ads

In August, Facebook introduced a hugely controversial data sharing plan to start harvesting data from its WhatsApp messaging app from September 25 for delivering more relevant ads on the social network. Many users were not happy with the move, because there was no real way of opting out from the...

Germany Orders Facebook to Stop Collecting Data on WhatsApp Users

A German privacy regulator issued an order this week prohibiting Facebook from collecting user data on German WhatsApp users, calling the company’s actions misleading and in violation of the nation’s data protection law. The move comes a few weeks after a recent WhatsApp policy change that said t...

EC Ruling Invalidates Safe Harbor - Now What?

In a ruling on October 7, 2015 the European Court of Justice ECJ invalidated the principal European component of the U.S.-E.U. Safe Harbor Framework when it ruled in Schrems v. Data Protection Commissioner. In the ruling the court said that the existing U.S.-EU Safe Harbor agreement, overseen by...

Canada NRC Hit by Apparent Chinese Cyber Attack

One of Canada’s premier research and technology organizations was hit with a cyber-attack recently that forced the cooperative offline; the attack – which appears to be Chinese in origin – was so serious the organization is being forced to rebuild its entire system. The National Research Council ...

FTC Finalizes Facebook Settlement over Privacy

The U.S. Federal Trade Commission today announced it had finalized its settlement with Facebook, which is now subject to biennial privacy audits for the next 20 years and requires its nearly 1 billion users opt in to any future privacy policy changes. The settlement announcement follows news that...

CapitalOne Bank taken down by Anonymous hackers

CapitalOne Bank taken down by Anonymous hackers Anonymous Hackers claim to taken down the official website of CapitalOne Bank. Currently Site is showing message on Homepage that "Site under maintenance". In a pastebin release Anonymous Hacker wrote "ya know.. every guy Fawkes day companies go hir...