A Google researcher discovered a vulnerability that leaks data across sites. Since videos and audio have fewer restrictions on cross-site availability data the attacker can trick the browser into sending over sensitive data.
Reported by HackerNews
Tesla has sued an ex-employee for stealing confidential company data and providing it to 3rd parties. The ex-employee is claiming that he is a whistleblower concerned about Tesla’s operations. A previous email from Elon Musk also accused the employee of sabotage but it does not appear in the charges.
Reported by CNN Tech
With the increased regulation from GDPR many experts believed that Cyber Insurance would skyrocket. However, there is still lots of discussions about whether fines are even insurable
Reported by WSJ
ABC and other companies are also part of the PageUp data breach of employees going through the hiring process.
Reported by 3aw
MysteryBot, which targets banking apps, includes a keylogger, to steal banking malware. An interesting aspect is how it transitions into ransomware when someone tries to remove it from the device.
Reported by Fossbytes
Kaspersky believes that the criminals who attacked the Pyeongchang Olympics have come back targeting organizations which respond to chemical and biological attacks. Similar to the chaos caused during the Olympics Kaspersky is concerned that similar destructive targeting might disrupt investigations of these organizations.
Reported by Wired
Cybercriminals who broke into Liberty are claiming a ransom to not release top client information. The sensitive nature of these topics and the relative ease that criminals took information will likely lead to several lawsuits.
Reported by The Citizen
A bug in the EOS network caused the blockchain to grind to a halt for several hours on Saturday as developers scrambled to release a patch.
Reported by CCN
The SaaS company PageUp has confirmed that someone had access to their systems stealing customer data used to look for jobs. Several major companies (Target, Coles, the Austrailian Red Cross) may pursue a class action lawsuit against PageUp.
Reported by ZDNet
The Gloucestershire Police were fined £80,000 after sending out a mass email with names of child abuse victims. Remember to use BCC!
Reported by Infosecurity magazine