American Express Employee Compromises Customer Information

American Express has been quietly contacting some of its customers with a tersely worded communication that reads, in part, as follows: “It was brought to our attention that personal information related to your American Express Card account listed above, may have been wrongfully accessed by one of our employees in an attempt to conduct fraudulent activity, including potentially opening accounts …

Zynga Games Has Data Breach Including Personal Information

Zynga is a wildly successful gaming company with a number of hit titles under their belt including FarmVille, Words with Friends, Zynga Poker, Mafia Wars, and Café World. Their titles boast more than a billion players, worldwide, which is a number that would make most gaming outfits green with envy. Naturally, their success has painted a giant target on the …

Vimeo Could Have Collected Biometric Data Without Consent

The popular video site Vimeo now finds itself in hot water and are facing a lawsuit for allegedly violating the Illinois Biometrics Information Privacy Act.  The act requires all private companies collecting biometric information to maintain a publicly available, written policy that explains their practices concerning this type of information.  It also includes guidelines relating to the retention and destruction …

Google Adds Several New Password Features To Help Users

Google is taking additional steps to provide a safer and more secure environment for their massive user base.  Chrome is the most widely used browser in the world. In recent months, Google has made moves to provide better password security. Most recently, they released a Chrome Extension called Password Checkup that scans all of your stored login credentials to see …

Browser Update Warnings May Actually Be Malicious Hackers

Researchers at FireEye have recently unearthed a particularly nasty new campaign that is both multi-faceted and dangerous. At the heart of the attack are hacked websites which display seemingly innocuous popup message informing the site visitor that their browser is out of date. It will helpfully provide a one-touch solution to the non-existen21t problem via a button that promises to download …

Hackers Now Can Access Data In Secure PDF Files

A team of six researchers from Ruhr-University Bouchum and Munster University, in Germany have discovered a critical flaw in the way that popular PDF viewers display data. This makes it possible for an attacker to exfiltrate data from encrypted PDF files.   The researchers tested twenty-seven different desktop and web-based PDF viewer apps ranging from the ubiquitous Adobe Reader, to …

New Exploit Discovered That Adds Malware To Advertisements

Hackers and scammers have a new tool in their toolbox, and they’re making rapid use of it.  Recently, researchers from Confiant have discovered a new campaign involving a Chrome for iOS exploit. They discovered  an unknown group of attackers getting around the browser’s built in pop-up blocker to deliver fake ads. This happened to half a billion users from the …

DoorDash Leaks Personal Data Of Users And Drivers

Another week, another high-profile data breach. This time, DoorDash confirmed on a recent blog post that data on nearly five million of its users had been accessed by an unauthorized (and at this point unknown) third party. According to information released by the company, the breach occurred on May the 4th, 2019. The unknown parties accessed information on the company’s …

Attachment Extensions Carrying Malware Banned On Microsoft Outlook

One of the most common means by which malware winds up on the computers of its victims is via an email attachment.  All it takes is one careless moment.  One click to open a file that turns out to be poisoned and you’re in for a world of trouble. That’s the exact reason why email providers tend to be incredibly …

Vulnerabilities Found In Consumer Based Routers And Devices

The SOHOpelessly Broken 2.0 study has been released by Independent Security Evaluators . The picture it paints of routers and the so-called ‘smart’ devices that make up the rapidly expanding Internet of Things (IoT) is not pretty. The researchers sum up their findings as follows: “Today, we show that security controls put in place by device manufacturers are insufficient against …