Latest News


Post-Data Breach, British Airways Slapped With Record $230M Fine

A record $230 million fine has been proposed against British Airways after a 2018 data breach impacted 500,000 of the airline’s customers. If approved, the fee would be the biggest General Data Protection Regulation (GDPR) fine to be issued to a company so far.

On Monday, the Information Commissioner’s Office (ICO), a U.K. privacy watchdog organization, said it will fine British Airways £183.39 million ($230.5 million) for infringements of GDPR. Privacy experts say that the penalty represents a “wake-up” call for companies when it comes to ramifications for data privacy incidents.

“Companies need to do a better job assessing and managing the risk associated with third parties in their cyber supply chain,” Matan Or-El, CEO of Panorays said in an email. “The £183 million fine that British Airways is facing is likely just the tip of the iceberg for what is to come, and should serve as a wake-up call for organizations that GDPR is here and being enforced.”

17-Year-Old Weakness in Firefox Let HTML File Steal Other Files From Device

Except for phishing and scams, downloading an HTML attachment and opening it locally on your browser was never considered as a severe threat until a security researcher today demonstrated a technique that could allow attackers to steal files stored on a victim's computer.
Barak Tawily, an application security researcher, shared his findings with The Hacker News, wherein he successfully developed a new proof-of-concept attack against the latest version of Firefox by leveraging a 17-year-old known issue in the browser.
The attack takes advantage of the way Firefox implements Same Origin Policy (SOP) for the "file://" scheme URI (Uniform Resource Identifiers), which allows any file in a folder on a system to get access to files in the same folder and subfolders.

Mac Malware Pushed via Google Search Results, Masquerades as Flash Installer

Never-before-seen Mac malware, dubbed OSX/CrescentCore, has been discovered in the wild. The trojan, spotted on various websites masquerading as an Adobe Flash Player installer, drops malicious applications and browser extensions on victims’ systems when downloaded.

OSX/CrescentCore is spread via various websites, where it is masqueraded as an Adobe Flash Player installer. However, the “installer” is actually a .dmg file (an Apple disk image) that delivers the malware.

Facebook Removes Accounts Used to Infect Thousands With Malware

Facebook has shut down more than 30 accounts spreading malware through malicious links that purport to be news about the ongoing political situation in Libya. The campaign, ongoing since 2014, has infected tens of thousands of victims with remote access trojans (RATs), according to researchers.

The campaign, dubbed “Operation Tripoli,” took advantage of the political situation in Libya to lure victims into clicking links that claimed to be Libya-related news. The links purported to be information about news like the latest airstrike in the country or the capturing of terrorists, but instead, contained malware. It’s important to note that Facebook itself wasn’t breached – however, the hack points to how social media platforms can be abused to launch malware attacks, researchers said.

Internet wobble caused by Cloudflare glitch

Internet users faced problems accessing many websites for about an hour because of a problem with Cloudflare.

The company provides internet security and other services meant to help online businesses operate smoothly.

Many members of the public had reported seeing "502 errors" displayed in their browsers when they tried to visit its clients.