Private data including tens of millions of SMS text messages linked to communication company TrueDialog have been found exposed online putting data related to millions of Americans at risk. Found and publicized today by security researchers at vpnMentor, the breach involved an unsecured Oracle Marketing Cloud database exposed on Microsoft Azure. The 604 gigabytes of data in the database ...

A newly discovered Android vulnerability being exploited in the wild allows attackers to insert fake login screens into legitimate apps to steal credentials as well as undertake various other nefarious activities. Detailed today by security researchers at Promon, the vulnerability, dubbed “StrandHogg,” exists as a result of the way Android handles multitasking.  Found in all versions of Android including ...

U.K.-based music streaming service Mixcloud Ltd. has been hacked, with about 21 million customer records stolen. The hack is believed to have occurred in November and only came to light after a “dark web” seller provided a portion of the stolen data to some outlets. The data included usernames, email addresses, signup dates and login ...

Millions may have been stolen after the chief executive of a little-known Asian cryptocurrency exchange called IDAX disappeared with the keys to the company’s cold wallets. The origins of the company are cloudy, but the company appears to be operated out of Shanghai. Cryptocurrency exchanges are illegal in China, but the company was registered in ...

An Ethereum research scientist was arrested at Los Angeles International Airport Friday on allegations that he breached U.S. sanctions by attending a conference in North Korea and discussing blockchain technology. Virgil Griffith, 36, a resident of Singapore but a U.S. citizen, stands accused of speaking at the Pyongyang Blockchain and Cryptocurrency Conference in April. He’s alleged by the ...

In a sign of the times, a longstanding botnet has changed its behavior, switching its activity to cryptomining while using YouTube as part of its process. Discovered Tuesday by security researchers at ESET spol s.r.o, the shift involves the Statinko Botnet that has been around since 2012 and was previously used as part of a massive adware campaign. Those ...

Global banking conglomerate HSBC Holdings PLC is doubling down on its use of blockchain solutions, saying it intends to shift $20 billion worth of assets onto a new blockchain-based custody platform by March. Reuters reported today that the platform, known as Digital Vault, has been designed to give investors real-time access to records of securities bought on ...

Marking the end of an era, Apple Inc.’s Chief Design Officer Jony Ive has left the company after nearly 30 years. Ive’s intended departure was announced in June as the legendary designer said he would leave to start a new design firm, though one with Apple as its first customer. Apple did not make a formal ...

South Korean cryptocurrency exchange Upbit has been hacked and the equivalent of about $52 million in cryptocurrency stolen. The hack, which involved the theft of 342,000 Ethereum, took place earlier today and involved those behind the hack transferring the ETH from a hot wallet to an unknown external wallet. Lee Seok-woo, the chief executive officer of the ...

Unknown hackers have launched a new campaign that’s actively scanning for vulnerable Docker application container instances to inject cryptomining code. Discovered by cybersecurity firm Bad Packets LLC, the group is actively scanning for vulnerable Docker instances that have application programming interface endpoints exposed to the internet. Although efforts by hackers to find and hijack servers ...