Latest News

2019/11/28

HP Warns That Some SSD Drives Will Fail at 32,768 Hours of Use

Hewlett Packard Enterprise (HPE) released firmware updates for a number of its Serial-Attached SCSI solid-state drives to prevent their failure at exactly 32,768 hours of operation time.

The devices are used in multiple server and storage products for enterprise, such as HPE ProLiant, Synergy, Apollo, JBOD D3xxx, D6xxx, D8xxx, MSA, StoreVirtual 4335 and StoreVirtual 3200.

The abnormal expiration time translates to 3 years, 270 days and 8 hours, a lot less than the normal lifespan of these products. For some of them, the warranty can be extended to up to five years.
2019/11/28

IoT Smartwatch Exposes Kids’ Personal, GPS Data

Researchers are warning parents that a children’s connected smartwatch has vulnerabilities that leak users’ personal and GPS data, and allow attackers to listen in on and manipulate conversations. Worse, the smartwatch in question, SMA M2, is currently used by 5,000 children worldwide.

Chinese manufacturer Shenzhen Smart Care Technology Ltd. (SMA) said that the SMA M2 smartwatch, which costs $35, helps parents track their children using a companion app that tracks the smartwatch’s GPS location and allows them to send messages or make phone calls.
2019/11/25

T-Mobile confirms customers' personal data accessed in hack

It's been a rough month for customers who care about their privacy, with data breaches affecting businesses as diverse as high-end department stores, camgirl websites and online domain registrars. Yet another cybersecurity issue has allowed hackers to access data about prepaid customers of popular US and European telecom brand T-Mobile, as revealed by blog TmoNews.
2019/11/25

Data-Enriched Profiles on 1.2B People Exposed in Gigantic Leak

An open Elasticsearch server has exposed the rich profiles of more than 1.2 billion people to the open internet.

First found on October 16 by researchers Bob Diachenko and Vinny Troia, the database contains more than 4 terabytes of data. It consists of scraped information from social media sources like Facebook and LinkedIn, combined with names, personal and work email addresses, phone numbers, Twitter and Github URLs, and other data commonly available from data brokers – i.e., companies which specialize in supporting targeted advertising, marketing and messaging services.
2019/11/20

Macy’s Suffers Data Breach by Magecart Cybercriminals

The department store Macy’s is warning that web skimmer malware was discovered on Macys.com collecting customers’ payment card information. The attack has been linked to Magecart, a notorious umbrella group made up of various cybercriminal affiliates that is known for injecting payment card skimmers into ecommerce websites.

According to a data breach notice sent to customers, “an unauthorized third party added unauthorized computer code” to Macys.com on Oct. 7. The code, which was discovered and removed on Oct. 15, was collecting customers’ first and last names, addresses, phone number and email addresses, payment card information (including number, security code, and expiration dates).