A bug in the Instagram code—which appears to have been responsible for Selena Gomez’s account being hacked—allowed hackers to scrape email addresses and contact information for over six million accounts. Read more.
Equifax, one of the “big-three” U.S. credit bureaus, said today a data breach at the company may have affected 143 million Americans, jeopardizing consumer Social Security numbers, birth dates, addresses and some driver’s license numbers. Read more.
A critical security vulnerability that allows an attacker to remotely run code on servers that run applications using the REST plugin — built with Apache Struts — has been patched reports ZDNet. Read more.
Hackers have stolen $225 million worth of digital currencies through phishing scams in 2017 according to a new report from Chainalysis. In these scams, would-be investors were tricked into sending money to internet addresses claiming to be funding sites for virtual token offerings on Ethereum’s blockchain. Read more.
Microsoft has declined to patch a security bug discovered by researchers from Cisco’s Talos group that affects the Edge browser reports BleepingComputer. While Apple and Google patched a similar flaw in Safari and Chrome, Microsoft claims the reported issue is by design. Read more.
Hackers could tamper with Germany’s election results due to the country relying on poorly protected software reports Bloomberg. German tech watchdog Chaos Computer Club found passwords online for the voting software the country uses and published a report stating that the software isn’t secure due to using an older encryption method with only one secret key, rather than newer and more secure “asymmetrical” combinations. Read more.
An excess of endpoint security tools in organizations is driving “information security debt” according to the “Voice of the Enterprise” report produced by 451 Research and Digital Guardian. The report shows the more endpoint security systems an enterprise has, the greater the cost of managing them. Read more.