Security researchers have uncovered more than 1,500 apps leaking the Algolia application programming interface key and application ID, potentially exposing user data. Discovered by researchers at CloudSEK Information Security Pte. Ltd. and shared with Infosecurity Magazine today, 32 applications were found to have critical administrative secrets hardcoded, with 57 unique admin keys found so far. Algolia ...

Google LLC’s Cloud Security team released a set of YARA Rules Nov. 17 to help detect and deter malicious attacks that use Cobalt Strike. Cobalt Strike is penetrative testing software with legitimate uses to test security but can also be used by bad actors to attack a company. The software has been popular for years ...

Two iOS security researchers have found that Apple Inc.’s claim of protecting iPhone user privacy from tracking is not all it’s cracked up to be. As detailed late Sunday by researchers Tommy Mysk and Tala Haj Bakry on Twitter, Apple is using a marker called “Direct Services Identifier” to track users. When users set up ...

Data integration startup Equalum Ltd. today announced a new service that allows users of legacy solutions to gain access to a more significant feature set on-premises or in private clouds. The Equalum Competitive Replacement Program brings the company’s Change Data Capture solution to users of legacy solutions such as HVR, Striim and StreamSets, providing the CDC at a ...

Adaptive cloud infrastructure security solutions startup Solvo today announced the general availability of Data Posture Manager, its new cloud data and infrastructure management solution for public cloud users. Data Posture Manager is designed to deliver enhanced visibility into users and cloud components with sensitive data access. The service alerts organizations to excessive or newly granted ...

A new report today from Palo Alto Networks Inc.’s Unit 42 details the disturbing rise of a ransomware group that has invested in call centers and infrastructure to target individual victims. Luna Moth, also known as the Silent Ransom Group, has been active since March, starting with a campaign that breaches organizations with fake subscription renewals. The ...

Security experts and regulators are warning attendees of the World Cup not to download Qatar’s World Cup apps for visitors because of serious privacy concerns. The latest warning comes from the German Federal Data Protection Authority, which said in a statement Tuesday that the two apps visitors are being asked to download go much further than the ...

The rise of artificial-intelligence-created videos, while technically impressive, has raised serious concerns around the use of the technology for nefarious purposes, such as fake porn. As AI technology continues to improve, identifying what is real and what isn’t has become increasingly difficult, but Intel Corp. says it now has a solution. Launched Monday, Intel’s new ...

Meta Platforms Inc. has reportedly fired more than two dozen staff and contractors in the last year for improperly taking over accounts and, in some cases, taking bribes. The Wall Street Journal, referencing people familiar with the matter, today reported that some of those fired were contractors working as security guards at Meta facilities. They were ...

Content delivery network provider Cloudflare Inc. today announced that its Workers Launchpad funding program has grown to $2 billion for potential investments in startups and has added 14 new partners. The program launched in September with $1.25 billion in funding for startups that use the Cloudflare Workers platform. It enables the instant deployment of serverless ...