The European Center for Digital Rights (noyb) has lodged a GDPR complaint against Ryanair, alleging that the airline’s requirements for customers to create accounts and submit intrusive biometric data to book flights violate European data protection laws. Unlike many other airlines, Ryanair mandates new customers to set up an account by providing personal information, including a biometric facial recognition process.
In a world where cybersecurity threats are continually evolving, a new critical security flaw has emerged in BeyondTrust’s Privileged Remote Access (PRA) and Remote Support (RS) products. This significant vulnerability has now been added to the U.S. Cybersecurity and Infrastructure Security Agency’s (CISA) Known Exploited Vulnerabilities (KEV) catalog, further underscoring the need for vigilant cybersecurity measures. Identified as CVE-2024-12356 and
The burgeoning interest and debate surrounding cryptocurrencies have made worldwide headlines as more than $3 trillion has been invested globally in the crypto market. Consequently, understanding the strengths and weaknesses of this digital asset landscape is crucial for potential investors. With over 100 million individuals actively engaging in crypto investments, the allure of decentralization, lower transaction fees, and high returns
In today’s digital age, data protection has become a critical concern for organizations worldwide. With the increasing frequency and sophistication of cyberattacks, safeguarding sensitive information is paramount. This article delves into effective data protection strategies to mitigate the growing cybersecurity threats, offering insights from industry experts and practical steps for organizations to enhance their security posture. Ensuring data protection isn’t
In a significant development highlighting the ongoing cybersecurity threats faced by state institutions, a recent cyberattack on Ukraine’s state registries, attributed to Russian hackers, has prompted an extensive investigation by the Security Service of Ukraine (SSU). This attack led to the suspension of the Unified and State Registries, both managed by the Ministry of Justice, raising serious concerns about potential
In an alarming development for Krispy Kreme, the popular doughnut company fell victim to a ransomware attack orchestrated by the infamous Play ransomware group, also known as PlayCrypt. First detected on November 29, 2024, the breach led to significant disruptions in their online ordering systems but fortunately left physical store operations unhindered. On December 19, PlayCrypt brazenly announced their responsibility
In a concerning development that has cybersecurity experts on high alert, a cracked version of the powerful Acunetix web application vulnerability scanner is being sold under the name “Araneida Scanner” for malicious purposes by cybercriminals. This tool, originally designed as a robust commercial product, is now being marketed as a cloud-based attack instrument on various cybercrime forums and through a
In the digital age where surveillance devices are ubiquitous, security concerns have become paramount, especially regarding Chinese-branded IoT devices such as web cameras and DVRs. A recent wave of attacks by Remote Access Trojans (RATs) has targeted popular brands like Hikvision and Xiongmai, exploiting vulnerabilities that have yet to be patched, much to the chagrin of their users. The FBI
In the ever-evolving landscape of network security, the recent discovery of a significant flaw in Fortinet’s Wireless LAN Manager (FortiWLM) has brought to light the grave risks posed to digital infrastructures worldwide. The vulnerability, identified as CVE-2023-34990, has the potential to leak sensitive information and allow unauthorized admin access, signaling an urgent need for immediate remedial action. This flaw, with
European companies in sectors such as automotive, chemical, and industrial compound manufacturing faced a major cybersecurity threat recently, as a sophisticated phishing campaign targeted their Microsoft Azure cloud infrastructures. Conducted by a cybercriminal aiming to infiltrate these systems, the campaign involved around 20,000 phishing emails sent to employees of various firms. These emails, which peaked in June 2024, imitated DocuSign
In a recent update, the Cybersecurity and Infrastructure Security Agency (CISA) has raised alarms by adding four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, highlighting the mounting risks associated with these security flaws. This development stresses the urgency for organizations worldwide to take immediate and proactive measures to safeguard their systems and sensitive data. The identified vulnerabilities, which
A sophisticated phishing campaign targeting European companies has recently come to light, and it is a stark reminder of the evolving threats in the cybersecurity landscape. The attack, peaking in June 2024, aims to harvest Microsoft Azure cloud credentials and compromise the victims’ cloud infrastructure. Phishing Attack Chain The campaign primarily targets automotive, chemical, and industrial compound manufacturing companies in
