Hackers stole names, email addresses, and phone numbers of 57 million Uber riders around the world in a breach dating back to October 2016. Data on more than 7 million drivers was also stolen, including over 600,000 drivers' license records. Trip records, location data, and social security numbers were not stolen in the breach, the company said.
The company's former CSO kept the hack a secret & paid the hackers $100,000 to delete the data and to keep details of the breach quiet. The breach happened under the watch of former chief executive Travis Kalanick, who knew about the cyberattack. His former deputy, CSO Joe Sullivan, a former federal prosecutor and senior Facebook executive, covered up the breach, the publication reported.
Do you really want to go there? Mozilla developer Nihanth Subramanya has revealed the organisation's Firefox browser will soon warn users if they visit sites that have experienced data breaches that led to user credential leaks.
Subramanya explained that Mozilla has teamed with haveibeenpwned.com to source data that will warn users.
The feature's not complete, in code or conceptually.
Another set of malicious apps has made it into the official Android app store. ESET security systems as identified them as Android/TrojanDropper.Agent.BKY, these apps form a new family of multi-stage Android malware, legitimate-looking and with delayed onset of malicious activity. These malware samples all employ a multi-stage architecture and encryption to stay under the radar.After being downloaded and installed, these apps do not request any suspicious permissions and even mimic the activity the user expects them to exhibit.
Two of most recent samples of Android/TrojanDropper.Agent.BKY were caught downloading either MazarBot, a notorious banking trojan, or spyware.
Given its nature, this downloader can deliver any payload of the criminalsâ choice as long as it doesnât get flagged by the Google Protect mechanism.
British Intelligence service is reportedly worried that Kaspersky Antivirus offered by Barclays to its customers may be being used by Russian Intelligence agency to spy, according to The Financial Times. Intelligence officials fear that this might allow Russia to gather intelligence from the computers of Government employees members of the military who are customers of the Bank and have downloaded the software. FT said that "No evidence suggests that any data of Barclays customers have been compromised by use of Kaspersky software on their computers."
After years of litigation in two countries, a federal court in the US has weighed in on a thorny question: Does Google US have to obey a Canadian court order requiring Google to take down information around the world, ignoring contrary rules in other jurisdictions?
According to the Northern District of California, the answer is no. The case is Google v. Equustek, and it's part of a growing trend in which courts around the world order companies to take actions far beyond the borders those courts usually respect.
A security researcher has turned up new ways to silently hijack and infect Android devices via malicious Wi-Fi packets over the air. Scotty Bauer, a Linux kernel developer, described in detail how he found a bunch of exploitable programming blunders in the qcacld Wi-Fi driver that supports Qualcomm Atheros chipsets.
These chips and their associated driver are used in a number of Android phones, tablets, routers, and other gizmos, including some Pixel and Nexus 5 handhelds, for wireless networking.