Category cyber-attacks

Web Portal Exposes Kids’ Chat with AI Toy to Anyone with a Gmail Account

Vulnerability Discovered in AI-Enabled Children’s Toy Reveals Sensitive Data In a concerning incident this month, security researcher Joseph Thacker uncovered a significant vulnerability in Bondus, a line of stuffed dinosaur toys equipped with artificial intelligence chat functions aimed at children. The toy allows kids to engage in interactive conversations, functioning…

Read MoreWeb Portal Exposes Kids’ Chat with AI Toy to Anyone with a Gmail Account

Flawed Patch for Oracle WebLogic Vulnerability Reopens Servers to Cyber Attacks

Critical Vulnerability Resurfaces in Oracle WebLogic Server Earlier this month, Oracle issued a patch addressing a significant Java deserialization remote code execution vulnerability in its WebLogic Server component, part of the Fusion Middleware suite. This flaw, identified as CVE-2018-2628, poses a severe threat, potentially allowing attackers to gain complete control…

Read MoreFlawed Patch for Oracle WebLogic Vulnerability Reopens Servers to Cyber Attacks

ICE Acts Like a Military Force: Its Tactics Risk Endangering Real Soldiers

Recent developments within U.S. immigration enforcement agencies indicate a troubling shift in tactics that could have significant implications for civil liberties and public safety. Echoing the adage that “war is politics by other means,” state-sponsored violence—specifically actions taken by Immigration and Customs Enforcement (ICE)—has escalated under the guidance of White…

Read MoreICE Acts Like a Military Force: Its Tactics Risk Endangering Real Soldiers

Man Sentenced to 7 Years for Hacking Jail Systems to Secure Friend’s Early Release

A recent case underscores the persistent threat posed by cybersecurity breaches, particularly within government systems. **Konrads Voits**, a young hacker from Ypsilanti, Michigan, has been sentenced to over seven years in prison for attempting to breach the Washtenaw County Jail’s computer system. His objective was to manipulate prison records in…

Read MoreMan Sentenced to 7 Years for Hacking Jail Systems to Secure Friend’s Early Release

County Awards $600,000 Settlement to Penetration Testers Arrested for Courthouse Security Assessment

Security Professionals Settle Lawsuit Following Unauthorized Arrest During Courthouse Assessment Two security experts, arrested in 2019 while conducting a sanctioned security evaluation of a courthouse in Iowa, have agreed to a $600,000 settlement in a lawsuit alleging wrongful arrest and defamation. Gary DeMercurio and Justin Wynn, penetration testers affiliated with…

Read MoreCounty Awards $600,000 Settlement to Penetration Testers Arrested for Courthouse Security Assessment

Hackers Discover New Method to Bypass Microsoft Office 365 Safe Links

Recent findings from security researchers indicate that some hacking groups have discovered a method to circumvent a critical security feature within Microsoft Office 365, aimed at safeguarding users from phishing and malware threats. Known as Safe Links, this feature is bundled with Microsoft’s Advanced Threat Protection (ATP) and operates by…

Read MoreHackers Discover New Method to Bypass Microsoft Office 365 Safe Links

AI Toy Leaked 50,000 Chat Logs with Children Accessible to Anyone with a Gmail Account

Recent discussions among cybersecurity experts highlight serious concerns regarding data privacy in AI-enabled toys, with specific focus on Bondu, a company producing these products. Security researchers Margolis and Thacker have raised alarms over access to sensitive user data, questioning how many employees within these organizations can view such information, the…

Read MoreAI Toy Leaked 50,000 Chat Logs with Children Accessible to Anyone with a Gmail Account

Microsoft Addresses Two Actively Exploited Zero-Day Vulnerabilities

As businesses brace for vulnerabilities in their systems, Microsoft has announced the release of critical security patches during the May 2018 Patch Tuesday. This update addresses a staggering 67 security vulnerabilities, including two zero-day exploits under active attack by cybercriminals, a situation that demands immediate attention from organizations across various…

Read MoreMicrosoft Addresses Two Actively Exploited Zero-Day Vulnerabilities