German COVID-19 Contact-Tracing Vulnerability Allowed RCE

A security vulnerability in the infrastructure underlying Germany’s official COVID-19 contact-tracing app, called the Corona-Warn-App (CWA), would have allowed pre-authenticated remote code execution (RCE). Researcher Alvaro Muñoz wrote in a report this week that he and his team at GitHub Read More …

COVID-19 Data-Sharing App Leaked Healthcare Worker Info

A platform used by healthcare workers in the Philippines designed to share data about COVID-19 cases contained multiple flaws that exposed healthcare worker data and could potentially could have leaked patient data. Vulnerabilities found in both the COVID-KAYA platform’s web Read More …

Millions of Hotel Guests Worldwide Caught Up in Mass Data Leak

A widely used hotel reservation platform has exposed 10 million files related to guests at various hotels around the world, thanks to a misconfigured Amazon Web Services S3 bucket. The records include sensitive data, including credit-card details. Prestige Software’s “Cloud Read More …

Marriott fined £18.4 million by UK watchdog over customer data breach

The Information Commissioner’s Office (ICO) has fined Marriott £18.4 million over a 2014 data breach, heavily reducing the penalty originally planned due to COVID-19 disruption. The Marriot hotel group was subject to a 2014 data breach impacting the Starwood resort Read More …

Abandoned Hunter Biden’s laptop contained phone numbers for the Clintons, Secret Service officers and most of the Obama cabinet

The son of the man expected by many to be America’s next President abandoned a laptop containing a treasure trove of top-secret material, including his father’s private emails and mobile phone numbers, The Mail on Sunday can reveal. In an Read More …

Lazada confirms 1.1M accounts compromised in RedMart security breach

Singapore-based online grocery platform RedMart has suffered a data breach that compromised personal data of 1.1 million accounts. An individual has claimed to be in possession of the database involved in the breach, which contains various personal information such as Read More …