Epik data breach impacts 15 million users, including non-customers

Enlarge Tom Roberts Epik has now confirmed that an "unauthorized intrusion" did in fact occur into its systems. The announcement follows last week's incident of hacktivist collective Anonymous leaking 180 GB of data stolen from online service provider Epik. To mock the company's initial response to the data breach claims,…

0 Comments

Cryptocurrency launchpad hit by $3 million supply chain attack

Enlarge Austin Distel SushiSwap's chief technology officer says the company's MISO platform has been hit by a software supply chain attack. SushiSwap is a community-driven decentralized finance (DeFi) platform that lets users swap, earn, lend, borrow, and leverage cryptocurrency assets all from one place. Launched earlier this year, Sushi's newest offering, Minimal Initial…

0 Comments

Security researchers at Wiz discover another major Azure vulnerability

Enlarge / This isn't how the OMIGOD vulnerability works, of course—but lightning is much more photogenic than maliciously crafted XML. Aurich Lawson | Getty Images Further Reading “Worst cloud vulnerability you can imagine” discovered in Microsoft Azure Cloud security vendor Wiz—which recently made news by discovering a massive vulnerability in Microsoft…

0 Comments

Feds list the top 30 most exploited vulnerabilities. Many are years old

Enlarge Getty Images Government officials in the US, UK, and Australia are urging public- and private-sector organizations to secure their networks by ensuring firewalls, VPNs, and other network-perimeter devices are patched against the most widespread exploits. In a joint advisory published Wednesday, the US FBI and CISA (Cybersecurity and Infrastructure…

0 Comments

VPN servers seized by Ukrainian authorities weren’t encrypted

Enlarge Getty Images Privacy tools-seller Windscribe said it failed to encrypt company VPN servers that were recently confiscated by authorities in Ukraine, a lapse that made it possible for the authorities to impersonate Windscribe servers and capture and decrypt traffic passing through them. The Ontario, Canada-based company said earlier this…

0 Comments