Lost24

A few days ago, Medily's customer data was leaked.


The data leak had its source in the servers of Medily, which provides Aurero software used to manage visits to various clinics throughout Poland. In its statements, Medily indicated that it had multiple layers of security in place and that the compromise occurred on a test server, not a production server.


The problem is that the test server contained patient data that should have been deleted in 2021.
The clinic's privacy policy shows that it processes data such as:

first name and last name,
PESEL or date of birth,
sex
Phone number,
e-mail adress


there is also a description of the t

Tuesday 26 March 2024, Safety Guide

Attack on The North Face?

Lost24

The VF Group, which includes the popular outdoor and lifestyle clothing brand - The North Face, has most likely been the victim of a hacker attack. The company warns customers about a possible security breach of their personal data. The attack took place on December 13 and included unauthorized access to some of the company's IT systems. There is a risk of leakage of personal data such as e-mail address, name, surname, telephone number and address.

Although there is no certainty about the leak of detailed bank or payment card data, the company is taking steps to protect customers. A process for removing attacking entities has been implemented. Also company informs that cybersecurity specialists have been engaged.

It is recom

Lost24

Millions of users may fear for their data, after the hack into France Travail and Cap Emploi, personal data, birthdays, e-mails, residential addresses and telephone numbers were leaked. According to Infosecurity Magazine, the hack occurred on February 6, and the case was reported only on March 8.

Fortunately, login details and banking information were not leaked.


Source: cyberdefence24.pl


Tuesday 12 March 2024, Safety Guide

Avast antivirus sold user data

Lost24

An antivirus that sells its users' data is quite controversial. According to the FTC, this was the case with Avast. The antivirus allegedly acted contrary to the application's assumptions and policy.

The Federal Trade Commission (FTC) will fine Avast $16.5 million. Is a program that is supposed to protect the user working to his detriment? A place like this shouldn't happen.


However, Avast reported that the data sold was devoid of personally identifiable information. However, the FTC claims that the data was purchased to be associated with a specific user.

Source:

Lost24

which you don't know how to get out or you need help. You don't have internet, GPS doesn't work. What to do in such a situation?

Well, the new Android 15 system comes to the rescue, and it probably includes free satellite communication.

According to the portal instalki.pl: "The smartphone will automatically connect to the satellite when there is no cellular connection - it is recommended to be in a spacious place where you can see a clear sky."

However, free calls will likely only be made when sending help to emergency services.

It is worth mentioning that Apple recently introduced such a solution.



Source:

Lost24

This week, about 6 million entries were published on the Tor forum called Cebulka, which were supposed to contain Polish users' login details for the most popular portals.


How were the passwords stolen? There is a probability that they were downloaded from users by means of malware, so-called "stealer". Once infected, it downloads all the passwords on the victim's computer and sends them to the creators. Additionally, it is quite likely that the database is very up to date. It can be concluded that it has data even from 2023, and the number of victims is estimated at over 100,000 victims.


Example domains and number of items:


Lost24


The 82-year-old answered the phone and was informed that there were burglars in the block. The person who deceived her was a woman impersonating a policewoman.


Unfortunately, the woman was manipulated. She packed 150,000 in a plastic bag and ... threw them over the balcony to be "secured" by the police. What did the scammers do next. They took the bag with the money and ran away.



Why do older people get fat? Probably too much trust in people and especially in the services. Lack of knowledge about fraud trends. Such a person is unlikely to use the Internet, so there is no way to be informed what scams exist and whether sim

Lost24

According to the niebezpiecznik.pl portal, a woman from whom such a large amount was extorted does not have to pay it back.


How did this deception happen? The thieves called the victim from the bank's official telephone number using a spoofing technique. The person who called her knew the victim's personal details, so that made the scam process much easier. She even knew part of the victim's credit card number. A purported bank employee ordered QuickSupport to be installed. This is a remote access application.

What happened next?

Lost24

As reported by the Niebezpiecznik.pl portal, a few days ago, many Internet users received e-mails informing them about the update of information on their Allegro account - in the absence of a click and updating this information, the account is suspended.


However, this is obviously false information. After clicking on the link, an attempt is made to phishing our data.


Just clicking, however, does not mean that we have been robbed. However, providing our personal data, numbers and sensitive data - yes.



Source: 

Lost24

Many of you probably associate ChatGPT from OpenAI - a tool thanks to which we can discover the internet anew. By sending an appropriate query or issuing a specific and precise command of artificial intelligence, which is "on the other side of the screen", we can easily obtain information on various topics, e.g. programming, cooking, general information, you can also create abstract things, fictional stories, stories, etc. .


However, CyberArk tried something else. They noticed that the chatbot from OpenAI is able to create polymorphic malware, which is simply a "virus" that is able to change its code in real time to be undetectable for the object it attacks.



Lost24

Some time ago, the sekurak.pl portal shared information about a very harmful but simple vulnerability on Linkedin.


Namely, it was possible to download each user's CV without logging in, without authorization or any unnecessary steps. It was enough to enter a specific address, e.g. "linkedin.com/api/v4/download_resume?id=827387" and successively enter random numbers to display more CVs of users.


The vulnerability was patched and a bounty of $5,000 was paid for finding it.


Source: 

Read more

0 - Comment

Lost24

Sad news for LastPass password manager users. As the creators informed, this time the passwords were leaked. Hackers have access to encrypted passwords. It is not known how many passwords have been leaked.


Relevant services and companies were engaged to patch the gap in the system and investigate the case.


Unfortunately, however, due to such an event, the application will no longer be perceived as the most secure. The password manager from which the passwords were stolen does not sound secure and is hard to trust.


Source: 

Read more

0 - Comment