Posts by Ryan Norfolk

Global gaming hardware manufacturing company Razer leaked the personal information of around 100,000 customers by storing their data in an Elasticsearch cluster that was misconfigured to enable public access, security researcher Bob Diachenko has revealed. The personal information of around 100,000 Razer customers was stored by the company in a large log chunk within an…

Digital Infrastructure Minister Matt Warman today announced £500,000 in fresh government funding to help medical suppliers, primary care providers, and other businesses in the healthcare sector boost their cyber security. The fresh government funding comes in response to the National Cyber Security Centre’s assessment that malicious actors are carrying out large-scale cyber campaigns targeting organisations…

Security researchers have discovered hundreds of vulnerabilities across major hotel and airline and travel booking websites, some of which have already suffered major breaches. UK-based consumer rights group Which? and tech consultancy 6point6 studied 98 travel sector companies, probing websites, subdomains, employee portals and other web properties with lawful online tools. They found Marriott-owned websites…

Millions of WordPress sites are being probed in automated attacks looking to exploit a recently discovered plugin vulnerability, according to security researchers. Wordfence, which itself produces a plugin for the platform, revealed news of the zero-day bug at the start of September. It affects File Manager which, as the name suggests, is a plugin that helps users…

The world’s largest webmaster form has been found wanting in terms of its cybersecurity posture after researchers discovered an unprotected database leaking data on nearly 900,000 users. Digital Point provides a platform for members to chat and buy and sell websites, domains and digital services. Back in July, researchers at WebsitePlanet teamed up with Jeremiah…

New research from Kaspersky has discovered that of the 32% of Brits provided with a corporate desktop computer, only 77% have adequate anti-virus or cybersecurity software installed, leaving 23% of company desktops significantly insecure and exposed to cyber-threats. This is also the case for company smartphones, 23% of which are unprotected, according to the security…

A family of Android apps is using the lure of free items to distribute a novel ad fraud botnet. Victims of the scam are told that they will receive a complimentary gift when they download an app from the Google Play Store. However, the only thing received by victims is an infection of malware that…

A vulnerability in the TeamViewer app could allow malicious actors to steal passwords. The high-severity flaw was discovered in the desktop version of the app for Windows before 15.8.3. By exploiting the weakness, authenticated threat actors operating remotely could execute code on victims’ systems or crack their TeamViewer passwords. TeamViewer is a proprietary software application that allows users…

DATA BREACH Popular stock photo site Freepik has disclosed a major data breach affecting over eight million customers. The incident also affected users of the sister site Flaticon, which claims to run the world’s largest database of free icons. In a breach notice over the weekend, the firm claimed an attacker had compromised an SQL…

Nearly half (47%) of UK IT leaders have not updated their security strategies to account for their move to cloud environments, putting their organizations at higher risk of cyber-attack, according to a new study by Trend Micro commissioned for CLOUDSEC Online. This is despite the fact that traditional on-premises security such as firewalls, network intrusion prevention systems (IPS/IDS)…