You might be interested in …

[TheRecord] T-Mobile says hack affected more than 40 million people

T-Mobile said on Tuesday that a data breach it was informed of late last week contained more than 40 million records belonging to former or prospective customers who had applied for credit with the company, as well as information on approximately 7.8 million current postpaid customer accounts. The stolen information included first and last names, […]

Read More

[NCSC-FI News] Mobile device monitoring services do not authenticate API requests

The backend infrastructure shared by multiple mobile device monitoring services does not adequately authenticate or authorize API requests, creating an IDOR (Insecure Direct Object Reference) vulnerability. These services and their associated apps can be used to perform non-consensual, unauthorized monitoring and are commonly called “stalkerware.” An unauthenticated remote attacker can access personal information collected from […]

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.