Similar Posts
Massive US Government Data Breach: What You Need to Know Now
Elon Musk’s advisory board, the Department of Government Efficiency (DOGE), has gained alarming access to sensitive U.S. government data, including personal information of millions of federal employees and a $6 trillion payment system. Comprised mainly of young staff from Musk’s companies, DOGE’s questionable cybersecurity practices, such as using personal email accounts for government communications, have raised concerns among lawmakers and cybersecurity experts. The lack of oversight and transparency regarding staff security clearances has led to fears of potential data breaches, national security risks, and legal repercussions. Lawmakers are demanding clarity on DOGE’s operations and authority as the situation unfolds.
Facebook Rewards Researcher $100,000 for Discovering Vulnerability with Internal Access Potential
In October 2024, security researcher Ben Sadeghipour discovered a significant vulnerability in Facebook’s ad platform, allowing him to gain control over critical server infrastructure. The flaw, related to an unpatched issue in the Chrome browser, enabled him to hijack Facebook’s ad server using a headless Chrome browser. Meta, Facebook’s parent company, promptly fixed the vulnerability within an hour of being notified and awarded Sadeghipour a $100,000 bug bounty. He highlighted the risks associated with such vulnerabilities in online advertising and noted that similar issues could exist in other platforms, underscoring the need for enhanced security measures across the industry.
Unveiling Potential Paragon Spyware Customers: Countries Under the Spotlight
Recent findings by The Citizen Lab have raised alarms about Israeli spyware maker Paragon Solutions, linked to governments in Australia, Canada, Cyprus, Denmark, Israel, and Singapore. A report details potential deployments of Paragon’s spyware, Graphite, which targets apps stealthily. WhatsApp previously notified users about possible Paragon spyware, igniting controversy. Despite Paragon’s claims of serving only democratic clients, its credibility is under scrutiny, especially following its acquisition by U.S. firm AE Industrial Partners. The report emphasizes the risks of commercial spyware misuse against civil society, highlighting the urgent need for accountability in the surveillance industry.
Hertz Data Breach: Personal Data and Driver’s Licenses Compromised – What You Need to Know
Hertz has reported a significant data breach affecting customers’ personal information, including driver’s licenses, due to a cyberattack on its vendor, Cleo Software, between October and December 2024. The breach has impacted customers in regions including Australia, Canada, the EU, New Zealand, and the UK, with at least 3,400 individuals in Maine affected. Stolen data includes names, dates of birth, contact details, payment card information, and Social Security numbers. The attack is linked to the Clop ransomware group, which exploited vulnerabilities in Cleo’s platform. Hertz confirmed unauthorized access to customer data, prompting concerns over data security in the rental industry.
OpenAI Reveals: Deleted Operator Data Could Be Stored for Up to 90 Days!
OpenAI announced that its new AI tool, Operator, may retain chat logs and screenshots for up to 90 days, even if users delete them. This policy, which contrasts with ChatGPT’s 30-day retention, aims to address potential misuse of the technology and enhance user safety. Operator, available to $200-per-month ChatGPT Pro subscribers, automates tasks such as travel booking and online shopping using a built-in browser. While it captures screenshots to facilitate interactions, it avoids sensitive information like passwords. OpenAI emphasizes that access to this data is restricted to authorized personnel for abuse investigations and legal purposes.