PT-2026-5763

Name of the Vulnerable Software and Affected Versions ingress-nginx affected versions not specified Description A denial of service condition exists in the validating admission controller feature. Sending large requests to the validating admission controller can lead to excessive memory...

WeTransfer walks back clause that said it would train AI on your files

File sharing site WeTransfer has rolled back language that allowed it to train machine learning models on any files that its users uploaded. The change was made after criticisms from its users. The company had quietly inserted the new language in the terms and conditions on its website. Sometime...

DHS Faces New Pressure Over DNA Taken From Immigrant Children

The US government has added the DNA of approximately 133,000 migrant children and teens to a criminal database, which critics say could mean police treat them like suspects “indefinitely.”...

The US Is Building a One-Stop Shop for Buying Your Data

Plus: A mysterious hacking group’s secret client is exposed, Signal takes a swipe at Microsoft Recall, Russian hackers target security cameras to spy on aid to Ukraine, and more...

Trump Pardons Silk Road Founder Ross Ulbricht, Calls Prosecutors ‘Scum’

President Trump pardons Silk Road founder Ross Ulbricht, slamming prosecutors as "scum." The move reignites debates on cybercrime…...

NSA Watchdog Will Review Tucker Carlson Spy Claims

The National Security Agency’s Inspector General Robert Storch has announced a review of whether the agency illegally conducted cyber-espionage and collected the electronic communications of Fox News opinion-show host Tucker Carlson, who has accused the NSA of trying to capture embarrassing...

Signal Adds Cryptocurrency Support

According to Wired, Signal is adding support for the cryptocurrency MobileCoin, "a form of digital cash designed to work efficiently on mobile devices while protecting users privacy and even their anonymity." Moxie Marlinspike, the creator of Signal and CEO of the nonprofit that runs it, describe...

Zoom Caught in Cybersecurity Debate — Here's Everything You Need To Know

Over the past few weeks, the use of Zoom video conferencing software has exploded ever since it emerged the platform of choice to host everything from cabinet meetings to yoga classes amidst the ongoing coronavirus outbreak and work from home became the new normal. The app has skyrocketed to 200...

IoT Security Regulation is on the Horizon

LONDON, UK – Internet of things IoT device security continues to worry the tech industry – however, experts believe that the right type of global regulation could be key for ensuring security standards. The question is when those regulatory efforts will be fleshed out. Ken Munro, with Pen Test...

Google may limit ad blockers for Chrome users

By Ryan De Souza Google May Limit Ad blockers for Regular Users Amidst Criticism from Consumer Advocates. Google Chrome is perhaps the most popular of all web and mobile browsers at the moment, and this popularity is a result of various user-friendly features that it offers. However, the recent...

Egyptian 'Fake News' Law Threatens Citizens with 5000-plus Followers

Do you or someone you know lives in Egypt and holds an account on Facebook, Twitter, or/and other social media platforms with more than 5000 followers? If yes, your account can be censored, suspended and is subject to prosecution for promoting or spreading the fake news through social media...

Google openly“history's most severe”Windows RCE vulnerability details-vulnerability warning-the black bar safety net

Google Project Zero security team researcher Tavis Ormandy and Natalie Silvanovich that Windows found a serious vulnerability. Such as, within 90 days, the vulnerability has not been repaired, then they might publish the details. Recently, the vulnerability details have been released. Google to...

Built-In Backdoor Found in Popular Chinese Android Smartphones

Chinese smartphone manufacturers have been criticized many times for suspected backdoors in its products, the popular Chinese smartphone brands, Xiaomi and Star N9500 smartphones are the top examples. Now, the China's third-largest mobile and world's sixth-largest phone manufacturer 'Coolpad', ha...

Privacy Criticism Hits OSX Yosemite over Location Data

Apple has fixed a huge number of security vulnerabilities in OS X and iTunes and, at the same time, is being hit with criticisms about privacy issues in the new version of OS X. The latest version of the operating system, known as Yosemite, sends location information to Apple by default via the...

UltraDNS Dealing with DDoS Attack

UPDATE – UltraDNS said it has mitigated a distributed denial of service DDoS attack for most of its customers after the service was held down for most of the day. “Currently, only customers utilizing a segment of UltraDNS Name Server addresses are experiencing resolution latency due to intermitte...

Charitable Prelude to Pwn2Own Not Without Its Critics

VANCOUVER – The prelude to the annual Pwn2Own contest between sponsor HP’s Zero Day Initiative and Pwnium contest sponsor Google produced not only zero-day exploits for Internet Explorer and Safari, but some skepticism about whether the exploits and details on the vulnerabilities were held for th...

MIT University website defaced by Anonymous hackers in honor of Aaron Swartz

Today is January 11, 2014 and the last year on the same day a 26-year-old, young hacker, Reddit cofounder and the digital Activist, Aaron H. Swartz committed suicide. He found dead in his Brooklyn, New York apartment, where he had hanged himself.Swartz was indicted by a federal grand jury in July...

Climategate 2.0? Popular Climate Blog Hacked, E-mails, Passwords Leaked

The website of Skeptical Science, a blog that is critical of climate change skeptics, was hacked over the weekend, and users’ e-mails, passwords and IP addresses were taken, according to a post on the site Sunday. The bulk of the site’s database was taken, uploaded to a Russian website and linked...

An End to Offensive Security Research? Unlikely

Many industries tend to run in identifiable cycles. Financial services, the auto industry, entertainment–they all have cycles. Because the security industry isn’t nearly as old as any of these, it hasn’t had much of a chance to establish such cycles. But one seems to be appearing now in the form ...

Google Launches New Privacy Policy to Worldwide Criticism

Search giant Google rolled out a sweeping new privacy policy on Thursday, despite continuing opposition from countries in Europe and Asia to the changes. The company announced a sweeping revision to dozens of overlapping privacy plans in January and set March 1st as the date on which the new,...