Over 100 Million JustDial Users' Personal Data Found Exposed On the Internet

An unprotected database belonging to JustDial , India's largest local search service, is leaking personally identifiable information of its every customer in real-time who accessed the service via its website, mobile app, or even by calling on its fancy "88888 88888" customer care number, The...

Over 100 Million JustDial Users' Personal Data Found Exposed On the Internet

An unprotected database belonging to JustDial, India's largest local search service, is leaking personally identifiable information of its every customer in real-time who accessed the service via its website, mobile app, or even by calling on its fancy "88888 88888" customer care number, The Hack...

TicTocTrack Smartwatch Flaws Can Be Abused to Track Kids

UPDATE A popular smartwatch that allows parents to track their children’s whereabouts, TicTocTrack, has been discovered to be riddled with security issues that could allow hackers to track and call children. Researchers at Pen Test Partners revealed vulnerabilities in the watch sold in Australia ...

Google Helps Police Identify Devices Close to Crime Scenes Using Location Data

It's no secret that Google tracks you everywhere, even when you keep Google's Location History feature disabled. As revealed by an Associated Press investigation in 2018, other Google apps like Maps or daily weather update service on Android allows the tech giant to continuously collect your...

Russia Fines Facebook $47 Over Citizens' Data Privacy Dispute

Yes, you read that right! Russia has fined Facebook with 3,000 rubles, roughly $47, for not complying with the country's controversial Data Localization law. It's bizarre and unbelievable, but true. In December last year, Russian Internet watchdog Roskomnadzor sent notifications to Twitter and...

What is personal information? In legal terms, it depends

In early March, cybersecurity professionals around the world filled the San Francisco Moscone Convention Center’s sprawling exhibition halls to discuss and learn about everything infosec, from public key encryption to incident response, and from machine learning to domestic abuse. It was RSA...

Georgia Tech Data Breach Exposes 1.3 Million Users' Personal Data

The Georgia Institute of Technology, well known as Georgia Tech, has confirmed a data breach that has exposed personal information of 1.3 million current and former faculty members, students, staff and student applicants. In a brief note published Tuesday, Georgia Tech says an unknown outside...

Personal Data Left on Used Laptops

A recent experiment found all sorts of personal data left on used laptops and smartphones. This should come as no surprise. Simson Garfinkel performed the same experiment in 2003, with similar results...

CVE-2018-17483

Lobby Track Desktop could allow a local attacker to obtain sensitive information, caused by an error in Reports while in kiosk mode. By visiting the kiosk and viewing the driver's license column, an attacker could exploit this vulnerability to view the driver's license number and other personal...

Lobby Track Desktop Information Disclosure Vulnerability (CNVD-2019-12456)

Jolly Technologies Lobby Track Desktop is a desktop visitor management application from Jolly Technologies USA. The program has features such as pre-registering visitors, capturing photos and scanning driver's licenses. A security vulnerability exists in Jolly Technologies Lobby Track Desktop...

Labs survey finds privacy concerns, distrust of social media rampant with all age groups

Before Cambridge Analytica made Facebook an unwilling accomplice to a scandal by appropriating and misusing more than 50 million users’ data, the public was already living in relative unease over the privacy of their information online. The Cambridge Analytica incident, along with other, seemingl...

vBulletin 4.2.5 Member Map 1.1.2 Open Redirection

Exploit Title : vBulletin 4.2.5 Member Map 1.1.2 Open Redirection Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 04/03/2019 Vendor Homepage : vbulletin.com dragonbyte-tech.com Software Information Link : dragonbyte-tech.com/store/member-map.229/ Software Affect...

Logic Flaw Vulnerability in Wave's Government Services Platform

Wave government service platform is a tooling platform product for administrative approval informatization. There is a logic flaw vulnerability in the Wave Government Service Platform that can be exploited by an attacker to modify the password of any account and obtain account-related privileges...

Almost Half A Million Delhi Citizens' Personal Data Exposed Online

Exclusive — A security researcher has identified an unsecured server that was leaking detailed personal details of nearly half a million Indian citizens... thanks to another MongoDB database instance that company left unprotected on the Internet accessible to anyone without password. In a report...

Almost Half A Million Delhi Citizens' Personal Data Exposed Online

Exclusive — A security researcher has identified an unsecured server that was leaking detailed personal details of nearly half a million Indian citizens... thanks to another MongoDB database instance that company left unprotected on the Internet accessible to anyone without password. In a report...

LPG Gas Company Leaked Details, Aadhaar Numbers of 6.7 Million Indian Customers

Why would someone bother to hack a so-called "ultra-secure encrypted database that is being protected behind 13 feet high and 5 feet thick walls," when one can simply fetch a copy of the same data from other sources. French security researcher Baptiste Robert, who goes by the pseudonym "Elliot...

Coffee Meets Bagel Dating App Warns Users of Breach

Popular dating app Coffee Meets Bagel has sent its users an email notifying them that their data may have been “acquired by an unauthorized party.” The news comes days after a massive database containing the information of around 6.2 million Coffee Meets Bagel users showed up on the Dark Web. Use...

Sextortion Bitcoin scam makes unwelcome return

Heads up: a particularly nasty sextortion Bitcoin scam from at least the middle of 2018 is making the rounds once again. The scam involves making use of old breach dumps, then emailing someone from the list and reminding them of their old password. When something lands in your mailbox with “Hey,...

Airbus Data Takes Flight; and Billions of Credentials Dumped on Dark Web

French airplane and military aircraft behemoth Airbus SE has become the latest victim of a cyberattack leading to a data breach, with an incident detected on its “commercial aircraft business” information systems. It is only the latest high-profile data exposure to come to light in recent days, a...

Airbus Suffers Data Breach, Some Employees' Data Exposed

European airplane maker Airbus admitted yesterday a data breach of its "Commercial Aircraft business" information systems that allowed intruders to gain access to some of its employees' personal information. Though the company did not elaborate on the nature of the hack, it claimed that the...