Ticketmaster and multiple other organizations have had significant amounts of information stolen in a data breach at cloud storage company Snowflake, security researchers report. The theft of Ticketmaster data came to light last week, when a notorious hacking group claimed to have exfiltrated the information of 560 million users, asking $500,000 for the data. READ MORE...
After falling victim to a leak that put 25,000 of its current and former employees at risk, the BBC has confirmed it experienced a breach, or "data security incident," compromising the information of its BBC pension scheme members. According to the update on the BBC's My Pension website, files containing personal information of its members were copied by threat actors from a cloud-based storage service. READ MORE...
OpenAI has revealed operations linked to Russia, China, Iran and Israel have been using its artificial intelligence tools to create and spread disinformation, as technology becomes a powerful weapon in information warfare in an election-heavy year. The San Francisco-based maker of the ChatGPT chatbot said in a report on Thursday that five covert influence operations had used its AI models to generate text, images, and comments/replies at a high volume. READ MORE...
AI platform Hugging Face says that its Spaces platform was breached, allowing hackers to access authentication secrets for its members. Hugging Face Spaces is a repository of AI apps created and submitted by the community's users, allowing other members to demo them. "Earlier this week our team detected unauthorized access to our Spaces platform, specifically related to Spaces secrets," warned Hugging Face in a blog post. READ MORE...
Kaspersky has released a new virus removal tool named KVRT for the Linux platform, allowing users to scan their systems and remove malware and other known threats for free. The security firm notes that despite the common misconception that Linux systems are intrinsically secure from threats, there has been a constant supply of "in the wild" examples that prove otherwise, most recently, the XZ Utils backdoor. READ MORE...
US spyware vendor pcTattletale has shut down its operations following a serious data breach that exposed sensitive information about its customers, as well as data stolen from some of their victims. pcTattletale was promoted as "employee and child monitoring software" designed to "protect your business and family." Of course, what it actually was, was a way to surreptitiously spy upon other people's phones and computers - secretly viewing everything they did. READ MORE...
Security researchers on Thursday warned an exploited vulnerability linked to attacks against Check Point Software VPN customers is far more serious than previously disclosed. Exploitation started in late April, Mnemonic researchers said Friday in an updated blog post. The vulnerability, listed as CVE-2024-24919, allows attackers to read information on internet-connected gateways with remote access VPN or mobile access enabled, according to Check Point. READ MORE...
The US Cybersecurity and Infrastructure Security Agency has added a critical security bug in Linux to its list of vulnerabilities known to be actively exploited in the wild. The vulnerability, tracked as CVE-2024-1086 and carrying a severity rating of 7.8 out of a possible 10, allows people who have already gained a foothold inside an affected system to escalate their system privileges. READ MORE...