A security researcher has discovered a publicly-accessible database containing the details of millions of Instagram users, including their contact information. As TechCrunch reports, Anurag Sen discovered the database of more than 49 million records - exposed for anyone to access via the internet, no password required, on an unprotected Amazon Web...

The notorious Magecart malware, that blights online stores by stealing payment card details from unsuspecting shoppers at checkout, has claimed another high profile victim. Security researcher Troy Mursch raised the alarm on Twitter that the Forbes magazine subscription website had been compromised with malicious code that was siphoning off...

For the second time in a year, Baltimore city government computers have been infected by ransomware. Malicious hackers are demanding that a ransom is paid for the safe recovery of encrypted files on affected computers and servers. On Tuesday, Mayor Bernard C. “Jack” Young tweeted how the city had "shut down the majority of its servers" out of "an...

Last month the world was reminded once again of the danger of supply chain attacks, as it was revealed that hackers had compromised the network of Taiwanese technology giant ASUS to push out a malicious software update to as many as one million laptops. The attack, dubbed "Operation ShadowHammer" by security researchers, saw hackers successfully...

It's not as though 27-year-old Vishwanath Akuthota made it hard for authorities to prove that he was the person who destroyed $58,000 worth of college equipment in February this year. On Valentine's Day, February 14th 2019, Akuthota walked around the campus of the College of Saint Rose in Albany, New York. He had graduated from the college in 2017...

A British man has been jailed for over six years after exploiting ad networks on pornographic websites to spread malware onto innocent users' computers. 24-year-old Zain Qaiser made massive profits from victims in over 20 countries around the world through a criminal scheme which involved malware and blackmail. According to the National Crime Agency...

Barely a day goes by anymore without another report of sensitive data being left accessible to anyone on Elasticsearch servers or MongoDB databases that have not been properly configured. Today is no different. As ZDNet reports, researchers have discovered several exposed servers that belong to Chinese recruitment firms. Security experts Devin...

Taiwan-based technology giant ASUS is advising concerned customers to run a newly-created diagnostic tool on their Windows computers after hackers pushed out malware to what some security researchers have estimated to be as many as one million PCs using ASUS's own Live Update software tool. As Motherboard reported earlier this week, researchers at...

Even the most tech savvy companies in the world can fall for business email compromise. A Lithuanian man has this week pleaded guilty to tricking Google and Facebook into transferring over $100 million into a bank account under his control after posing as a company that provided the internet giants with hardware for their data centers. Fifty-year...

Take a look at the security headlines, and you'll see report after report of businesses and large organisations being hacked. Sensitive databases are accessed, passwords are stolen, email archives are plundered, innocent people are put at risk and corporations get a kick up the backside that they need to take security more seriously. But what you...

Following a ransomware attack at a medical billing company, thousands of patients are being warned that their highly sensitive medical information and personal details were amongst the breached data. Michigan-based Wolverine Solutions Group (WSG) says that it discovered its systems had suffered a security breach on September 25 last year. Malware...

If you think back to last year, Coinhive was everywhere. The service offered any website an arguably legitimate way of generating income that didn't rely upon online adverts. And plenty of well-known sites, such as Showtime, Salon.com and The Pirate Bay, were happy to give it a go. Rather than making money through ads that might irritate you or...

Car maker Toyota admitted earlier today that it had suffered what appears to have been a malware attack at its facilities in Melbourne, Australia that knocked out its website and other communications. The first public sign of a problem appeared on Toyota Australia's website, which was offline for a period of time in the aftermath of the attack. The...

FBI agents have arrested a 20-year-old man alleged to have been part of a hacking gang that not only launched distributed denial-of-service (DDoS) attacks but also launched a wave of bomb and shooting threats against thousands of schools in the United States and United Kingdom. Timothy Dalton Vaughn of Winston-Salem, North Carolina, is alleged to be...

Anyone who has a presence on the internet is likely to be suffering from breach fatigue. Data leaks are reported in the headlines on a daily basis, and users can feel so overwhelmed by the sheer number of breaches that they feel there's little they can do to keep ahead of hackers. It can almost feel like a full-time job as you try to determine if...

Security researchers are warning of a new wave of phishing emails which are using an unusual disguise in their attempt to both bypass scanners at email gateways and dupe unsuspecting users. The attack arrives in users' inboxes in the form of an email purporting to be a notification about a voice message using subject lines such as "PBX Message," ...

A criminal Magecart gang successfully compromised hundreds of e-commerce websites via a malicious script that silently harvested personal data and payment card information as customers bought goods and services online. Rather than specifically target individual websites, the hackers audaciously hacked a third-party Javascript library from French...

A large number of Reddit users are being told that they will have to reset their passwords in order to regain access to their accounts following what the site is calling a "security concern." The lockout occurred as Reddit's security team investigates what appears to have been an attempt to log into many users' accounts through a credential-stuffing...

The website of Luas, the tram system operating in Ireland's capital city of Dublin, has been taken offline this morning after hackers defaced the site and demanded a ransom be paid within five days. Early morning visitors to the website were greeted with a message from the hackers, claiming that data had been stolen from operator Transdev Ireland,...

Not everyone is a fan of it, but it's hard to argue convincingly that facial recognition isn't going to play a role in the future of technology. The newest Apple iPhones and Android smartphones have built-in facial recognition features that can unlock your device, but you would be wrong to think that the reliability and accuracy of the features is...