<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>Security Breach Archives - Gizmochina</title>
	<atom:link href="https://www.gizmochina.com/tag/security-breach/feed/" rel="self" type="application/rss+xml" />
	<link>https://www.gizmochina.com/tag/security-breach/</link>
	<description>Latest Tech News, Product Reviews and Deals</description>
	<lastBuildDate>Thu, 04 Apr 2024 01:35:10 +0000</lastBuildDate>
	<language>en-US</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=5.9.9</generator>
	<item>
		<title>Microsoft Employee Discovers Critical Flaw in Linux Utility, Prevents Widespread Global Impact</title>
		<link>https://www.gizmochina.com/2024/04/04/critical-microsoft-backdoor-vulnerability-detected/</link>
		
		<dc:creator><![CDATA[Anubhav]]></dc:creator>
		<pubDate>Thu, 04 Apr 2024 01:35:10 +0000</pubDate>
				<category><![CDATA[Microsoft]]></category>
		<category><![CDATA[News]]></category>
		<category><![CDATA[Linux]]></category>
		<category><![CDATA[Security Breach]]></category>
		<guid isPermaLink="false">https://www.gizmochina.com/?p=615686</guid>

					<description><![CDATA[<img width="300" height="169" src="https://www.gizmochina.com/wp-content/uploads/2023/07/microsoft-logo-01-300x169.webp?x44794" class="webfeedsFeaturedVisual wp-post-image" alt="Microsoft" style="display: block; margin: auto; margin-bottom: 5px;max-width: 100%;" link_thumbnail="" srcset="https://www.gizmochina.com/wp-content/uploads/2023/07/microsoft-logo-01-300x169.webp 300w, https://www.gizmochina.com/wp-content/uploads/2023/07/microsoft-logo-01-1024x576.webp 1024w, https://www.gizmochina.com/wp-content/uploads/2023/07/microsoft-logo-01-768x432.webp 768w, https://www.gizmochina.com/wp-content/uploads/2023/07/microsoft-logo-01-696x392.webp 696w, https://www.gizmochina.com/wp-content/uploads/2023/07/microsoft-logo-01-1068x601.webp 1068w, https://www.gizmochina.com/wp-content/uploads/2023/07/microsoft-logo-01-746x420.webp 746w, https://www.gizmochina.com/wp-content/uploads/2023/07/microsoft-logo-01.webp 1247w" sizes="(max-width: 300px) 100vw, 300px" /><p>Microsoft has issued a critical security advisory concerning a backdoor vulnerability (CVE-2024-3094) found within the widely used XZ Utils file compressor. This major flaw, with a maximum severity score of 10.0 on the CVSS scale, affects several popular Linux distributions including Fedora, Kali Linux, OpenSUSE, and Alpine Linux. Potentially, this vulnerability could have had a [&#8230;]</p>
<p>The post <a rel="nofollow" href="https://www.gizmochina.com/2024/04/04/critical-microsoft-backdoor-vulnerability-detected/">Microsoft Employee Discovers Critical Flaw in Linux Utility, Prevents Widespread Global Impact</a> appeared first on <a rel="nofollow" href="https://www.gizmochina.com">Gizmochina</a>.</p>
]]></description>
										<content:encoded><![CDATA[<img width="300" height="169" src="https://www.gizmochina.com/wp-content/uploads/2023/07/microsoft-logo-01-300x169.webp?x44794" class="webfeedsFeaturedVisual wp-post-image" alt="Microsoft" loading="lazy" style="display: block; margin: auto; margin-bottom: 5px;max-width: 100%;" link_thumbnail="" srcset="https://www.gizmochina.com/wp-content/uploads/2023/07/microsoft-logo-01-300x169.webp 300w, https://www.gizmochina.com/wp-content/uploads/2023/07/microsoft-logo-01-1024x576.webp 1024w, https://www.gizmochina.com/wp-content/uploads/2023/07/microsoft-logo-01-768x432.webp 768w, https://www.gizmochina.com/wp-content/uploads/2023/07/microsoft-logo-01-696x392.webp 696w, https://www.gizmochina.com/wp-content/uploads/2023/07/microsoft-logo-01-1068x601.webp 1068w, https://www.gizmochina.com/wp-content/uploads/2023/07/microsoft-logo-01-746x420.webp 746w, https://www.gizmochina.com/wp-content/uploads/2023/07/microsoft-logo-01.webp 1247w" sizes="(max-width: 300px) 100vw, 300px" />
<p><a href="http://gizmochina.com/tag/microsoft">Microsoft </a>has issued a critical security advisory concerning a backdoor vulnerability (CVE-2024-3094) found within the widely used XZ Utils file compressor. This major flaw, with a maximum severity score of 10.0 on the CVSS scale, affects several popular <a href="http://gizmochina.com/tag/linux">Linux </a>distributions including Fedora, Kali Linux, OpenSUSE, and Alpine Linux. Potentially, this vulnerability could have had a widespread global impact.</p>



<h3>Andres Freund was investigating a 500-millisecond delay in SSH connections</h3>



<p>Thankfully, a Microsoft Linux developer, Andres Freund, stumbled upon the issue while investigating a suspicious 500-millisecond delay in SSH connections. He uncovered a malicious backdoor embedded within the XZ software itself.</p>



<div class="wp-block-image"><figure class="aligncenter size-large"><img loading="lazy" width="1024" height="768" src="https://www.gizmochina.com/wp-content/uploads/2023/07/microsoft-1-1-2-1024x768.jpg?x44794" alt="Microsoft" class="wp-image-551195" srcset="https://www.gizmochina.com/wp-content/uploads/2023/07/microsoft-1-1-2-1024x768.jpg 1024w, https://www.gizmochina.com/wp-content/uploads/2023/07/microsoft-1-1-2-300x225.jpg 300w, https://www.gizmochina.com/wp-content/uploads/2023/07/microsoft-1-1-2-768x576.jpg 768w, https://www.gizmochina.com/wp-content/uploads/2023/07/microsoft-1-1-2-696x522.jpg 696w, https://www.gizmochina.com/wp-content/uploads/2023/07/microsoft-1-1-2-1068x801.jpg 1068w, https://www.gizmochina.com/wp-content/uploads/2023/07/microsoft-1-1-2-560x420.jpg 560w, https://www.gizmochina.com/wp-content/uploads/2023/07/microsoft-1-1-2-80x60.jpg 80w, https://www.gizmochina.com/wp-content/uploads/2023/07/microsoft-1-1-2-265x198.jpg 265w, https://www.gizmochina.com/wp-content/uploads/2023/07/microsoft-1-1-2.jpg 1200w" sizes="(max-width: 1024px) 100vw, 1024px" /></figure></div>



<p>At the time of writing, only four out of 63 security vendors on VirtusTotal are correctly flagging this exploit as harmful. This incident highlights the importance of vigilance, as many users might have overlooked the seemingly minor delay. It also brings to attention the potential vulnerability of open-source software to malicious actors.</p>



<p>If you&#8217;re concerned about your system&#8217;s safety, versions 5.6.0 and 5.6.1 of XZ Utils are confirmed to be compromised. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recommends using older, verified versions of the software as a precaution.</p>



<p>Several third-party tools can also help identify the vulnerability. Security firms Qualys and Binarly offer free scanners:</p>



<ul><li><strong>Qualys:</strong> Look for VULNSIGS version 2.6.15-6, with the vulnerability ID (QID) &#8220;379548.&#8221;</li><li><strong>Binary:</strong> This free XZ backdoor scanner will display a message like &#8220;XZ malicious implant detected&#8221; if your system is affected.</li></ul>



<p><strong><span style="text-decoration: underline">RELATED:</span></strong></p>



<ul><li><a href="https://www.gizmochina.com/2024/04/02/microsoft-tongue-gestures-patent/">Tongue Gestures? Microsoft’s Future Products may Redefine Gesture Control (Or Not)</a></li><li><a href="https://www.gizmochina.com/2024/03/30/microsoft-openai-plan-100-billion-ai-supercomputer-stargate/">Microsoft &amp; OpenAI planning $100 billion supercomputer Stargate AI</a></li><li><a href="https://www.gizmochina.com/2023/11/07/get-100-off-on-lenovo-legion-y700-2023-gamin-tablet-at-giztop/">Lenovo Legion Y700 2023: Save $100 on this 8-inch gaming Android tablet</a></li><li><a href="https://www.gizmochina.com/2024/01/05/get-50-discount-on-xiaomi-band-8-pro-genshin-impact-edition-at-giztop-coupon/">Xiaomi Band 8 Genshin Impact custom edion get a huge discount.</a></li><li><a href="https://www.gizmochina.com/awards/best-of-mwc-2024-ai-phone-transparent-laptop-3d-tablet-more%ef%bf%bc/">Best of MWC 2024: AI Phone, Transparent Laptop, 3D Tablet &amp; More</a></li></ul>



<figure class="wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio"><div class="wp-block-embed__wrapper">
<iframe loading="lazy" title="Xiaomi 14 Ultra Full Review: I prefer to call it &quot;13S Ultra&quot;" width="696" height="392" src="https://www.youtube.com/embed/S2waR16nk1o?feature=oembed" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" referrerpolicy="strict-origin-when-cross-origin" allowfullscreen></iframe>
</div></figure>



<p>(<a href="https://www.neowin.net/news/microsoft-employee-accidentally-saves-global-linux-meltdown-from-cve-2024-3094-xz-backdoor/">Via</a>)</p>



<p></p>
<p>The post <a rel="nofollow" href="https://www.gizmochina.com/2024/04/04/critical-microsoft-backdoor-vulnerability-detected/">Microsoft Employee Discovers Critical Flaw in Linux Utility, Prevents Widespread Global Impact</a> appeared first on <a rel="nofollow" href="https://www.gizmochina.com">Gizmochina</a>.</p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>Microsoft&#8217;s popular code-sharing platform GitHub under attack, potentially affecting millions</title>
		<link>https://www.gizmochina.com/2024/03/02/github-repos-hit-by-attackers-malicious-code/</link>
		
		<dc:creator><![CDATA[Soumyakanti]]></dc:creator>
		<pubDate>Sat, 02 Mar 2024 15:40:20 +0000</pubDate>
				<category><![CDATA[Microsoft]]></category>
		<category><![CDATA[News]]></category>
		<category><![CDATA[github]]></category>
		<category><![CDATA[Malware]]></category>
		<category><![CDATA[Security Breach]]></category>
		<guid isPermaLink="false">https://www.gizmochina.com/?p=608690</guid>

					<description><![CDATA[<img width="300" height="169" src="https://www.gizmochina.com/wp-content/uploads/2024/03/Github-300x169.jpg?x44794" class="webfeedsFeaturedVisual wp-post-image" alt="Github" loading="lazy" style="display: block; margin: auto; margin-bottom: 5px;max-width: 100%;" link_thumbnail="" srcset="https://www.gizmochina.com/wp-content/uploads/2024/03/Github-300x169.jpg 300w, https://www.gizmochina.com/wp-content/uploads/2024/03/Github-1024x576.jpg 1024w, https://www.gizmochina.com/wp-content/uploads/2024/03/Github-768x432.jpg 768w, https://www.gizmochina.com/wp-content/uploads/2024/03/Github-696x392.jpg 696w, https://www.gizmochina.com/wp-content/uploads/2024/03/Github-1068x601.jpg 1068w, https://www.gizmochina.com/wp-content/uploads/2024/03/Github-746x420.jpg 746w, https://www.gizmochina.com/wp-content/uploads/2024/03/Github.jpg 1100w" sizes="(max-width: 300px) 100vw, 300px" /><p>Millions of developers and users are on alert as the popular code-sharing platform GitHub faces a large-scale attack. Security researchers at Apiiro have identified a concerning trend where malicious actors are targeting GitHub repositories, potentially compromising over 100,000 projects. Massive Malware Campaign Targets Over 100,000 GitHub Repositories The attack involves a technique called &#8220;malicious repository [&#8230;]</p>
<p>The post <a rel="nofollow" href="https://www.gizmochina.com/2024/03/02/github-repos-hit-by-attackers-malicious-code/">Microsoft&#8217;s popular code-sharing platform GitHub under attack, potentially affecting millions</a> appeared first on <a rel="nofollow" href="https://www.gizmochina.com">Gizmochina</a>.</p>
]]></description>
										<content:encoded><![CDATA[<img width="300" height="169" src="https://www.gizmochina.com/wp-content/uploads/2024/03/Github-300x169.jpg?x44794" class="webfeedsFeaturedVisual wp-post-image" alt="Github" loading="lazy" style="display: block; margin: auto; margin-bottom: 5px;max-width: 100%;" link_thumbnail="" srcset="https://www.gizmochina.com/wp-content/uploads/2024/03/Github-300x169.jpg 300w, https://www.gizmochina.com/wp-content/uploads/2024/03/Github-1024x576.jpg 1024w, https://www.gizmochina.com/wp-content/uploads/2024/03/Github-768x432.jpg 768w, https://www.gizmochina.com/wp-content/uploads/2024/03/Github-696x392.jpg 696w, https://www.gizmochina.com/wp-content/uploads/2024/03/Github-1068x601.jpg 1068w, https://www.gizmochina.com/wp-content/uploads/2024/03/Github-746x420.jpg 746w, https://www.gizmochina.com/wp-content/uploads/2024/03/Github.jpg 1100w" sizes="(max-width: 300px) 100vw, 300px" />
<p>Millions of developers and users are on alert as the popular code-sharing platform GitHub faces a large-scale attack. Security researchers at Apiiro have identified a concerning trend where malicious actors are targeting GitHub repositories, potentially compromising over 100,000 projects.</p>



<div class="wp-block-image"><figure class="aligncenter size-large"><img loading="lazy" width="1024" height="576" src="https://www.gizmochina.com/wp-content/uploads/2024/03/Github-1024x576.jpg?x44794" alt="Github" class="wp-image-608691" srcset="https://www.gizmochina.com/wp-content/uploads/2024/03/Github-1024x576.jpg 1024w, https://www.gizmochina.com/wp-content/uploads/2024/03/Github-300x169.jpg 300w, https://www.gizmochina.com/wp-content/uploads/2024/03/Github-768x432.jpg 768w, https://www.gizmochina.com/wp-content/uploads/2024/03/Github-696x392.jpg 696w, https://www.gizmochina.com/wp-content/uploads/2024/03/Github-1068x601.jpg 1068w, https://www.gizmochina.com/wp-content/uploads/2024/03/Github-746x420.jpg 746w, https://www.gizmochina.com/wp-content/uploads/2024/03/Github.jpg 1100w" sizes="(max-width: 1024px) 100vw, 1024px" /><figcaption>Credit: zbw mediatalk</figcaption></figure></div>



<h2>Massive Malware Campaign Targets Over 100,000 GitHub Repositories</h2>



<p>The attack involves a technique called &#8220;malicious repository obfuscation&#8221; where attackers clone legitimate repositories, inject harmful code, and re-upload them to the platform. These tampered repositories can then be downloaded by unsuspecting users, potentially compromising their systems or infecting them with malware.</p>



<p>The report by Apiiro highlights several factors making <a href="https://www.gizmochina.com/tag/github/" target="_blank" rel="noreferrer noopener">GitHub</a> vulnerable to such attacks. The platform&#8217;s ease of use, readily available APIs, and the presence of numerous hidden repositories create an ideal environment for attackers to launch &#8220;watering hole attacks.&#8221;</p>



<p>In these attacks, attackers target popular and frequently downloaded repositories. They inject malicious code into these repositories and then re-upload them. To further amplify their reach, attackers create numerous fake forks of the compromised repositories using automated methods. These fake forks can then be spread through social media, online forums, and other channels, tricking users into downloading the malicious versions.</p>



<p>The report acknowledges that GitHub has been notified and has taken down most of the identified malicious repositories. However, the activity is ongoing, with attackers constantly attempting to inject harmful code. This ongoing struggle resembles a game of whack-a-mole, where GitHub plays catch-up, removing malicious code after it has already been uploaded, potentially putting users at risk.</p>



<p>The report further reveals that this attack campaign began in May 2023 and has been steadily growing. This continuous activity raises concerns that even more repositories and users could be compromised in the future. Developers and users are advised to exercise caution when downloading code from GitHub, especially from unfamiliar repositories. It&#8217;s crucial to verify the source and legitimacy of the code before integrating it into projects.</p>



<p><strong><span style="text-decoration: underline">RELATED:</span></strong></p>



<ul><li><a href="https://www.gizmochina.com/2024/02/22/microsoft-teams-with-intel-on-18a-process-chip-development/">Microsoft teams with Intel on 18A process chip development</a></li><li><a href="https://www.gizmochina.com/2024/02/19/popcnt-instruction-windows-update-older-cpu/">Older CPUs or PCs may lose out on future Windows 11 updates</a></li><li><a href="https://www.gizmochina.com/awards/best-of-mwc-2024-ai-phone-transparent-laptop-3d-tablet-more%ef%bf%bc/">Best of MWC 2024: AI Phone, Transparent Laptop, 3D Tablet &amp; More</a></li><li><a href="https://www.gizmochina.com/2023/12/27/get-30-discount-on-aoostar-wtr-r1-n100-mini-pc-at-geekwills/">Big Discount: AOOSTAR R1 N100 NAS Mini PC Only For $159</a></li><li><a href="https://www.gizmochina.com/2023/12/27/get-the-latest-oneplus-12-at-geekwills/">Get latest Oneplus 12 Phone for $699 on Geekwills</a></li></ul>



<figure class="wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio"><div class="wp-block-embed__wrapper">
<iframe loading="lazy" title="TECNO MWC24 Booth Tour: The Booth Got Crazy Attention!" width="696" height="392" src="https://www.youtube.com/embed/qQTYDxaDm0Q?feature=oembed" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" allowfullscreen></iframe>
</div></figure>



<p>(<a href="https://apiiro.com/blog/malicious-code-campaign-github-repo-confusion-attack/" target="_blank" rel="noreferrer noopener">Source</a>)</p>
<p>The post <a rel="nofollow" href="https://www.gizmochina.com/2024/03/02/github-repos-hit-by-attackers-malicious-code/">Microsoft&#8217;s popular code-sharing platform GitHub under attack, potentially affecting millions</a> appeared first on <a rel="nofollow" href="https://www.gizmochina.com">Gizmochina</a>.</p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>Comcast&#8217;s Xfinity Faces Data Breach: Citrix Bleed Vulnerability Exposes 36 Million Customers&#8217; Information</title>
		<link>https://www.gizmochina.com/2023/12/26/comcast-xfinity-data-breach/</link>
		
		<dc:creator><![CDATA[Sudhanshu]]></dc:creator>
		<pubDate>Tue, 26 Dec 2023 21:30:04 +0000</pubDate>
				<category><![CDATA[News]]></category>
		<category><![CDATA[Comcast]]></category>
		<category><![CDATA[data breach]]></category>
		<category><![CDATA[Security Breach]]></category>
		<guid isPermaLink="false">https://www.gizmochina.com/?p=594052</guid>

					<description><![CDATA[<img width="300" height="169" src="https://www.gizmochina.com/wp-content/uploads/2021/09/Comcast-Logo-2-300x169.png?x44794" class="webfeedsFeaturedVisual wp-post-image" alt="Comcast Logo" loading="lazy" style="display: block; margin: auto; margin-bottom: 5px;max-width: 100%;" link_thumbnail="" srcset="https://www.gizmochina.com/wp-content/uploads/2021/09/Comcast-Logo-2-300x169.png 300w, https://www.gizmochina.com/wp-content/uploads/2021/09/Comcast-Logo-2-768x432.png 768w, https://www.gizmochina.com/wp-content/uploads/2021/09/Comcast-Logo-2-1024x576.png 1024w, https://www.gizmochina.com/wp-content/uploads/2021/09/Comcast-Logo-2-696x392.png 696w, https://www.gizmochina.com/wp-content/uploads/2021/09/Comcast-Logo-2-1068x601.png 1068w, https://www.gizmochina.com/wp-content/uploads/2021/09/Comcast-Logo-2-747x420.png 747w, https://www.gizmochina.com/wp-content/uploads/2021/09/Comcast-Logo-2.png 1600w" sizes="(max-width: 300px) 100vw, 300px" /><p>In a security setback Comcast, the parent company of Xfinity experienced a concerning incident where they fell victim to a vulnerability known as Citrix Bleed. This unfortunate event resulted in information belonging to 36 million Xfinity customers being exposed to hackers. The vulnerability, which was identified in Citrix networking devices commonly used by corporations had [&#8230;]</p>
<p>The post <a rel="nofollow" href="https://www.gizmochina.com/2023/12/26/comcast-xfinity-data-breach/">Comcast&#8217;s Xfinity Faces Data Breach: Citrix Bleed Vulnerability Exposes 36 Million Customers&#8217; Information</a> appeared first on <a rel="nofollow" href="https://www.gizmochina.com">Gizmochina</a>.</p>
]]></description>
										<content:encoded><![CDATA[<img width="300" height="169" src="https://www.gizmochina.com/wp-content/uploads/2021/09/Comcast-Logo-2-300x169.png?x44794" class="webfeedsFeaturedVisual wp-post-image" alt="Comcast Logo" loading="lazy" style="display: block; margin: auto; margin-bottom: 5px;max-width: 100%;" link_thumbnail="" srcset="https://www.gizmochina.com/wp-content/uploads/2021/09/Comcast-Logo-2-300x169.png 300w, https://www.gizmochina.com/wp-content/uploads/2021/09/Comcast-Logo-2-768x432.png 768w, https://www.gizmochina.com/wp-content/uploads/2021/09/Comcast-Logo-2-1024x576.png 1024w, https://www.gizmochina.com/wp-content/uploads/2021/09/Comcast-Logo-2-696x392.png 696w, https://www.gizmochina.com/wp-content/uploads/2021/09/Comcast-Logo-2-1068x601.png 1068w, https://www.gizmochina.com/wp-content/uploads/2021/09/Comcast-Logo-2-747x420.png 747w, https://www.gizmochina.com/wp-content/uploads/2021/09/Comcast-Logo-2.png 1600w" sizes="(max-width: 300px) 100vw, 300px" />
<p>In a security setback <a href="https://www.gizmochina.com/tag/comcast/" target="_blank" rel="noreferrer noopener">Comcast</a>, the parent company of Xfinity experienced a concerning incident where they fell victim to a vulnerability known as Citrix Bleed. This unfortunate event resulted in information belonging to 36 million Xfinity customers being exposed to hackers. The vulnerability, which was identified in Citrix networking devices commonly used by corporations had been exploited by cybercriminals since August.</p>



<figure class="wp-block-image size-large"><img loading="lazy" width="1024" height="576" src="https://www.gizmochina.com/wp-content/uploads/2021/09/Comcast-Logo-2-1024x576.png?x44794" alt="Comcast Logo" class="wp-image-412552" srcset="https://www.gizmochina.com/wp-content/uploads/2021/09/Comcast-Logo-2-1024x576.png 1024w, https://www.gizmochina.com/wp-content/uploads/2021/09/Comcast-Logo-2-300x169.png 300w, https://www.gizmochina.com/wp-content/uploads/2021/09/Comcast-Logo-2-768x432.png 768w, https://www.gizmochina.com/wp-content/uploads/2021/09/Comcast-Logo-2-696x392.png 696w, https://www.gizmochina.com/wp-content/uploads/2021/09/Comcast-Logo-2-1068x601.png 1068w, https://www.gizmochina.com/wp-content/uploads/2021/09/Comcast-Logo-2-747x420.png 747w, https://www.gizmochina.com/wp-content/uploads/2021/09/Comcast-Logo-2.png 1600w" sizes="(max-width: 1024px) 100vw, 1024px" /></figure>



<p>It has been confirmed that the hackers took advantage of the Citrix Bleed flaw and managed to access systems between October 16 and October 19. However, it was not, until October 25 that the breach was discovered. The compromised customer data includes usernames hashed passwords, names, contact information, the four digits of social security numbers dates of birth well as secret questions and answers.</p>



<p>Despite Citrix releasing patches in October to address the vulnerability issue it is reported that Comcast took nine days to secure their network against this threat. In response to this incident, Xfinity is strongly urging customers to change their passwords especially if they have been using the same password across multiple platforms. Additionally, Xfinity advises customers to remain vigilant against phishing attempts and is implementing prompts for password changes upon customer login. They are also encouraging customers to utilize two-factor authentication for added security.</p>



<p>Xfinity has promptly reported this incident to law enforcement agencies. Is currently undergoing data analysis, for further investigation. Customers can find information in an official notice sent out by Xfinity which stresses the importance of taking proactive measures in order to mitigate potential risks.</p>



<div style="height:100px" aria-hidden="true" class="wp-block-spacer"></div>



<p><strong><span style="text-decoration: underline">RELATED:</span></strong></p>



<ul><li><a href="https://www.gizmochina.com/2023/11/17/samsungs-latest-data-breach-exposes-uk-customer-information-for-over-a-year/">Samsung’s latest data breach exposes customer information for over a year</a></li><li><a href="https://www.gizmochina.com/2023/12/26/intel-secures-grant-from-israel-for-25-billion-chip-plant-expansion/">Intel Secures $3.2 Billion Grant from Israel for $25 Billion Chip Plant Expansion</a></li><li><a href="https://www.gizmochina.com/2023/12/21/huawei-freeclip-open-ear-earbuds-review-clip-on-comfort-with-c-bridge-design/">HUAWEI FreeClip Open-Ear Earbuds Review: Clip-on Comfort with C-bridge Design</a></li><li><a href="https://www.gizmochina.com/2023/12/15/giztops-christmas-holiday-savings-discount/">Giztop’s Christmas Holiday Savings: Unwrap Joy with Exclusive Discount</a></li><li><a href="https://www.gizmochina.com/2023/12/26/epic-games-store-free-games-december/">Epic Games Store Gifts 17 Free Games – Grab Human Resource Machine for Free on Epic Store Now</a></li><li><a href="https://www.gizmochina.com/2023/12/26/aula-s98-mechanical-keyboard-launched/">Aula S98 mechanical keyboard with Gasket, triple-mode connectivity launched in China for 139 Yuan ($19)</a></li><li><a href="https://www.gizmochina.com/2023/12/26/rockstar-games-medieval-project-ethos/">Rockstar Games’ Bold Leap into Medieval Realms with Project Ethos</a></li></ul>



<figure class="wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio"><div class="wp-block-embed__wrapper">
<iframe loading="lazy" title="OnePlus 12 Review: The OnePlus Phone With The Fewest Cons" width="696" height="392" src="https://www.youtube.com/embed/XqxF96Kq-l8?feature=oembed" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" allowfullscreen></iframe>
</div></figure>



<p>(<a href="https://www.prnewswire.com/news-releases/console--associates-pc-comcast-xfinity-reports-data-breach-exposing-confidential-information-of-35-million-customers-302019318.html" target="_blank" rel="noreferrer noopener">via</a>)</p>
<p>The post <a rel="nofollow" href="https://www.gizmochina.com/2023/12/26/comcast-xfinity-data-breach/">Comcast&#8217;s Xfinity Faces Data Breach: Citrix Bleed Vulnerability Exposes 36 Million Customers&#8217; Information</a> appeared first on <a rel="nofollow" href="https://www.gizmochina.com">Gizmochina</a>.</p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>Nintendo Takes Mario Kart 8 &#038; Splatoon Offline Because of Security Exploit</title>
		<link>https://www.gizmochina.com/2023/03/04/nintendo-taking-mario-kart-8-splatoon-offline/</link>
		
		<dc:creator><![CDATA[Anubhav]]></dc:creator>
		<pubDate>Sat, 04 Mar 2023 10:43:09 +0000</pubDate>
				<category><![CDATA[News]]></category>
		<category><![CDATA[Mario]]></category>
		<category><![CDATA[Nintendo]]></category>
		<category><![CDATA[Security Breach]]></category>
		<guid isPermaLink="false">https://www.gizmochina.com/?p=520034</guid>

					<description><![CDATA[<img width="300" height="169" src="https://www.gizmochina.com/wp-content/uploads/2023/03/ca1a9c50-b9ee-11ed-bfff-db34ef8db50e-300x169.webp?x44794" class="webfeedsFeaturedVisual wp-post-image" alt="Mario Kart 8" loading="lazy" style="display: block; margin: auto; margin-bottom: 5px;max-width: 100%;" link_thumbnail="" srcset="https://www.gizmochina.com/wp-content/uploads/2023/03/ca1a9c50-b9ee-11ed-bfff-db34ef8db50e-300x169.webp 300w, https://www.gizmochina.com/wp-content/uploads/2023/03/ca1a9c50-b9ee-11ed-bfff-db34ef8db50e-768x432.webp 768w, https://www.gizmochina.com/wp-content/uploads/2023/03/ca1a9c50-b9ee-11ed-bfff-db34ef8db50e-696x391.webp 696w, https://www.gizmochina.com/wp-content/uploads/2023/03/ca1a9c50-b9ee-11ed-bfff-db34ef8db50e-747x420.webp 747w, https://www.gizmochina.com/wp-content/uploads/2023/03/ca1a9c50-b9ee-11ed-bfff-db34ef8db50e.webp 875w" sizes="(max-width: 300px) 100vw, 300px" /><p>Nintendo has announced that it has taken Mario Kart 8 and Splatoon offline due to security issues. The company posted a message on its website stating that urgent maintenance was required to fix a vulnerability related to online play. Nintendo has not yet provided an estimated time for when the network services will be restored. [&#8230;]</p>
<p>The post <a rel="nofollow" href="https://www.gizmochina.com/2023/03/04/nintendo-taking-mario-kart-8-splatoon-offline/">Nintendo Takes Mario Kart 8 &amp; Splatoon Offline Because of Security Exploit</a> appeared first on <a rel="nofollow" href="https://www.gizmochina.com">Gizmochina</a>.</p>
]]></description>
										<content:encoded><![CDATA[<img width="300" height="169" src="https://www.gizmochina.com/wp-content/uploads/2023/03/ca1a9c50-b9ee-11ed-bfff-db34ef8db50e-300x169.webp?x44794" class="webfeedsFeaturedVisual wp-post-image" alt="Mario Kart 8" loading="lazy" style="display: block; margin: auto; margin-bottom: 5px;max-width: 100%;" link_thumbnail="" srcset="https://www.gizmochina.com/wp-content/uploads/2023/03/ca1a9c50-b9ee-11ed-bfff-db34ef8db50e-300x169.webp 300w, https://www.gizmochina.com/wp-content/uploads/2023/03/ca1a9c50-b9ee-11ed-bfff-db34ef8db50e-768x432.webp 768w, https://www.gizmochina.com/wp-content/uploads/2023/03/ca1a9c50-b9ee-11ed-bfff-db34ef8db50e-696x391.webp 696w, https://www.gizmochina.com/wp-content/uploads/2023/03/ca1a9c50-b9ee-11ed-bfff-db34ef8db50e-747x420.webp 747w, https://www.gizmochina.com/wp-content/uploads/2023/03/ca1a9c50-b9ee-11ed-bfff-db34ef8db50e.webp 875w" sizes="(max-width: 300px) 100vw, 300px" />
<p>Nintendo has announced that it has taken <a href="http://gizmochina.com/tag/mario-kart">Mario Kart 8</a> and Splatoon offline due to security issues. The company posted a message on its website stating that urgent maintenance was required to fix a vulnerability related to online play. Nintendo has not yet provided an estimated time for when the network services will be restored. The company apologizes for any inconvenience caused by this situation.</p>



<div class="wp-block-image"><figure class="aligncenter size-full"><img loading="lazy" width="875" height="492" src="https://www.gizmochina.com/wp-content/uploads/2023/03/ca1a9c50-b9ee-11ed-bfff-db34ef8db50e.webp?x44794" alt="Mario Kart 8" class="wp-image-520037" srcset="https://www.gizmochina.com/wp-content/uploads/2023/03/ca1a9c50-b9ee-11ed-bfff-db34ef8db50e.webp 875w, https://www.gizmochina.com/wp-content/uploads/2023/03/ca1a9c50-b9ee-11ed-bfff-db34ef8db50e-300x169.webp 300w, https://www.gizmochina.com/wp-content/uploads/2023/03/ca1a9c50-b9ee-11ed-bfff-db34ef8db50e-768x432.webp 768w, https://www.gizmochina.com/wp-content/uploads/2023/03/ca1a9c50-b9ee-11ed-bfff-db34ef8db50e-696x391.webp 696w, https://www.gizmochina.com/wp-content/uploads/2023/03/ca1a9c50-b9ee-11ed-bfff-db34ef8db50e-747x420.webp 747w" sizes="(max-width: 875px) 100vw, 875px" /></figure></div>



<p>According to Dataminer OatmealDome, the issue is “almost certainly” due to ENLBufferPwn. This exploit could allow an attacker to take control of a victim&#8217;s system by simply being matched with them in an online multiplayer game. It was previously found to be a problem in Mario Kart 7 on the 3DS and several other Switch games, including Mario Kart 8 Deluxe, Animal Crossing: New Horizons,<a href="http://gizmochina.com/tag/nintendo-switch"> Nintendo Switch</a> Sports, Splatoon 2 and 3. However, Nintendo has already patched those titles to protect them against the exploit.</p>



<p>A video posted by YouTuber PabloMK7 showed ENLBufferPwn in action on Mario Kart 7. It allowed custom firmware to be inserted onto the targeted console, and it could have potentially been used to steal account or credit card information, as well as to record a victim using the 3DS&#8217; mic and cameras.</p>



<p>Although it may disappoint those still playing the games on the discontinued <a href="http://gizmochina.com/tag/wii">Wii</a> U system, it seems that Nintendo had little choice but to take the online features offline until the security issue is resolved. Nintendo takes its privacy issues quite seriously, and it doesn’t help that Mario Kart 8 was the biggest-selling game on the Wii U, with nearly 8.5 million copies sold. On the other hand, the original Splatoon sold almost 5 million copies.</p>



<p>The issue surfaced just a few weeks before March 27, as Nintendo is shutting down the Wii U and 3DS eShops. After that, owners of the systems will not be able to make purchases on the digital storefronts, but they will still be able to download titles they previously bought.</p>



<p><strong><span style="text-decoration: underline">RELATED:</span></strong></p>



<ul><li><a href="https://www.gizmochina.com/2023/02/22/nintendo-switch-cloud-online-service/">Nintendo’s Latest Leak Hints at Cloud Gaming via Switch Online Service</a></li><li><a href="https://www.gizmochina.com/2023/02/12/nintendo-switch-beat-sony-ps4-become-third-best-selling-console/">Nintendo Switch Overtakes Sony’s PS4 to Become the Third Best-Selling Console of All Time</a></li><li><a href="https://www.gizmochina.com/2023/02/28/mwc-2023-best-products-announcements-from-day-1/">MWC 2023: Best Products &amp; Announcements From Day 1</a></li></ul>



<figure class="wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio"><div class="wp-block-embed__wrapper">
<iframe loading="lazy" title="realme GT Neo 5 Full Review: Charge a minute, games an hour" width="696" height="392" src="https://www.youtube.com/embed/7LYF0Ld9Ips?feature=oembed" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" allowfullscreen></iframe>
</div></figure>



<p>(<a href="https://www.engadget.com/nintendo-takes-wii-u-games-mario-kart-8-and-splatoon-offline-over-security-issues-183052954.html?src=rss">Via</a>)</p>
<p>The post <a rel="nofollow" href="https://www.gizmochina.com/2023/03/04/nintendo-taking-mario-kart-8-splatoon-offline/">Nintendo Takes Mario Kart 8 &amp; Splatoon Offline Because of Security Exploit</a> appeared first on <a rel="nofollow" href="https://www.gizmochina.com">Gizmochina</a>.</p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>Acer suffers from major security breach, affects millions of Indian users</title>
		<link>https://www.gizmochina.com/2021/10/18/acer-suffers-security-breach-affect-million-indians/</link>
		
		<dc:creator><![CDATA[Sean]]></dc:creator>
		<pubDate>Mon, 18 Oct 2021 10:44:14 +0000</pubDate>
				<category><![CDATA[Acer]]></category>
		<category><![CDATA[News]]></category>
		<category><![CDATA[data breach]]></category>
		<category><![CDATA[hackers]]></category>
		<category><![CDATA[Security Breach]]></category>
		<guid isPermaLink="false">https://www.gizmochina.com/?p=419773</guid>

					<description><![CDATA[<img width="300" height="169" src="https://www.gizmochina.com/wp-content/uploads/2021/07/Acer-Logo-Featured-A-300x169.jpg?x44794" class="webfeedsFeaturedVisual wp-post-image" alt="Acer Logo Featured A" loading="lazy" style="display: block; margin: auto; margin-bottom: 5px;max-width: 100%;" link_thumbnail="" srcset="https://www.gizmochina.com/wp-content/uploads/2021/07/Acer-Logo-Featured-A-300x169.jpg 300w, https://www.gizmochina.com/wp-content/uploads/2021/07/Acer-Logo-Featured-A-768x432.jpg 768w, https://www.gizmochina.com/wp-content/uploads/2021/07/Acer-Logo-Featured-A-1024x576.jpg 1024w, https://www.gizmochina.com/wp-content/uploads/2021/07/Acer-Logo-Featured-A-696x392.jpg 696w, https://www.gizmochina.com/wp-content/uploads/2021/07/Acer-Logo-Featured-A-1068x601.jpg 1068w, https://www.gizmochina.com/wp-content/uploads/2021/07/Acer-Logo-Featured-A-747x420.jpg 747w, https://www.gizmochina.com/wp-content/uploads/2021/07/Acer-Logo-Featured-A-1920x1080.jpg 1920w" sizes="(max-width: 300px) 100vw, 300px" /><p>The servers of Acer have just been hit with a major breach recently. This breach has lead to loss of important internal business information related to several millions of users in India. According to a NotebookCheck report, the Taiwanese PC maker suffered from a major breach that has affected its after sales services systems. This [&#8230;]</p>
<p>The post <a rel="nofollow" href="https://www.gizmochina.com/2021/10/18/acer-suffers-security-breach-affect-million-indians/">Acer suffers from major security breach, affects millions of Indian users</a> appeared first on <a rel="nofollow" href="https://www.gizmochina.com">Gizmochina</a>.</p>
]]></description>
										<content:encoded><![CDATA[<img width="300" height="169" src="https://www.gizmochina.com/wp-content/uploads/2021/07/Acer-Logo-Featured-A-300x169.jpg?x44794" class="webfeedsFeaturedVisual wp-post-image" alt="Acer Logo Featured A" loading="lazy" style="display: block; margin: auto; margin-bottom: 5px;max-width: 100%;" link_thumbnail="" srcset="https://www.gizmochina.com/wp-content/uploads/2021/07/Acer-Logo-Featured-A-300x169.jpg 300w, https://www.gizmochina.com/wp-content/uploads/2021/07/Acer-Logo-Featured-A-768x432.jpg 768w, https://www.gizmochina.com/wp-content/uploads/2021/07/Acer-Logo-Featured-A-1024x576.jpg 1024w, https://www.gizmochina.com/wp-content/uploads/2021/07/Acer-Logo-Featured-A-696x392.jpg 696w, https://www.gizmochina.com/wp-content/uploads/2021/07/Acer-Logo-Featured-A-1068x601.jpg 1068w, https://www.gizmochina.com/wp-content/uploads/2021/07/Acer-Logo-Featured-A-747x420.jpg 747w, https://www.gizmochina.com/wp-content/uploads/2021/07/Acer-Logo-Featured-A-1920x1080.jpg 1920w" sizes="(max-width: 300px) 100vw, 300px" /><p>The servers of <a href="https://www.gizmochina.com/tag/acer/" target="_blank" rel="noopener noreferrer">Acer</a> have just been hit with a major breach recently. This breach has lead to loss of important internal business information related to several millions of users in India.</p>
<p><img loading="lazy" class="aligncenter wp-image-297549 size-full" src="https://www.gizmochina.com/wp-content/uploads/2019/12/201912231455446402_Chinese-APT20-hacker-group-bypassing-2FA-in-latest-attacks_SECVPF.jpg?x44794" alt="Acer" width="620" height="414" srcset="https://www.gizmochina.com/wp-content/uploads/2019/12/201912231455446402_Chinese-APT20-hacker-group-bypassing-2FA-in-latest-attacks_SECVPF.jpg 620w, https://www.gizmochina.com/wp-content/uploads/2019/12/201912231455446402_Chinese-APT20-hacker-group-bypassing-2FA-in-latest-attacks_SECVPF-300x200.jpg 300w" sizes="(max-width: 620px) 100vw, 620px" /></p>
<p>According to a <a href="https://www.notebookcheck.net/Major-security-breach-hits-Acer-affecting-millions-of-Indian-users-hacking-group-claims-responsibility.573580.0.html" target="_blank" rel="noopener noreferrer"><em>NotebookCheck</em> </a>report, the Taiwanese PC maker suffered from a major breach that has affected its after sales services systems. This marks the second major cyberattack that the company has faced this year. As of right now, Hacker group Desorden have claimed responsibility for the attack. The hacker group claimed that they have stolen 60GB worth of data, which includes customer information, corporate data, sensitive accounts, financial data, and audit data.</p>
<p>Furthermore, the breach also includes login details of Acer retailers and distributors in India as well. The hacker group has also stated that it will also offer the company the rights to verify the authenticity of the breach and the stolen data. Reportedly, the publicly available data of 10,000 individuals has been already available. This breach first took place on 5th October 2021, with the hackers claiming to also have acquired sensitive data of millions of Acer customers that it will release for a fee.</p>
<p><img loading="lazy" class="aligncenter wp-image-10616" src="https://www.gizmochina.com/wp-content/uploads/2013/03/AcerLogo.jpg?x44794" alt="Acer" width="527" height="395" srcset="https://www.gizmochina.com/wp-content/uploads/2013/03/AcerLogo.jpg 500w, https://www.gizmochina.com/wp-content/uploads/2013/03/AcerLogo-300x225.jpg 300w" sizes="(max-width: 527px) 100vw, 527px" /></p>
<p>According to an official spokesperson from the company, We have recently detected an isolated attack on our local after-sales service system in India. Upon detection, we immediately initiated our security protocols and conducted a full scan of our systems. We are notifying all potentially affected customers in India. The incident has been reported to local law enforcement and the Indian Computer Emergency Response Team, and has no material impact to our operations and business continuity.”</p>
<p><strong>RELATED:</strong></p>
<ul>
<li><a href="https://www.gizmochina.com/2021/10/14/acer-predator-gaming-projectors-feature-support-for-variable-refresh-rate/" target="_blank" rel="noopener noreferrer">Acer Predator Gaming Projectors feature support for variable refresh rate</a></li>
<li><a href="https://www.gizmochina.com/2021/10/14/acer-conceptd-7-spatiallabs-laptop-with-glasses-free-3d-display-to-launch/" target="_blank" rel="noopener noreferrer">Acer&#8217;s ConceptD 7 SpatialLabs Edition laptop allows one to see 3D content without glasses</a></li>
<li><a href="https://www.gizmochina.com/2021/10/14/acer-hummingbird-future-environmental-edition-sale-china/" target="_blank" rel="noopener noreferrer">Acer Hummingbird Future Environmental Edition goes on sale in China; price starts at 4,899 yuan ($761)</a></li>
</ul>
<p><iframe loading="lazy" title="Padmate PaMu Z1 ANC Wireless Earbuds Review: Great sound with a beautiful price" width="696" height="392" src="https://www.youtube.com/embed/7uuc3xzeFVY?feature=oembed" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe></p>
<p>&nbsp;</p>
<p>The post <a rel="nofollow" href="https://www.gizmochina.com/2021/10/18/acer-suffers-security-breach-affect-million-indians/">Acer suffers from major security breach, affects millions of Indian users</a> appeared first on <a rel="nofollow" href="https://www.gizmochina.com">Gizmochina</a>.</p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>Tesla and hundreds more face security breach, hackers gain access of Verkada security cameras</title>
		<link>https://www.gizmochina.com/2021/03/10/tesla-security-breach-hackers-control-verkada-cameras/</link>
		
		<dc:creator><![CDATA[Sean]]></dc:creator>
		<pubDate>Wed, 10 Mar 2021 07:53:51 +0000</pubDate>
				<category><![CDATA[News]]></category>
		<category><![CDATA[Top Stories]]></category>
		<category><![CDATA[hackers]]></category>
		<category><![CDATA[Security Breach]]></category>
		<category><![CDATA[Tesla]]></category>
		<guid isPermaLink="false">https://www.gizmochina.com/?p=376221</guid>

					<description><![CDATA[<img width="300" height="169" src="https://www.gizmochina.com/wp-content/uploads/2021/02/tesla-logo-300x169.jpg?x44794" class="webfeedsFeaturedVisual wp-post-image" alt="Tesla Logo" loading="lazy" style="display: block; margin: auto; margin-bottom: 5px;max-width: 100%;" link_thumbnail="" srcset="https://www.gizmochina.com/wp-content/uploads/2021/02/tesla-logo-300x169.jpg 300w, https://www.gizmochina.com/wp-content/uploads/2021/02/tesla-logo-768x432.jpg 768w, https://www.gizmochina.com/wp-content/uploads/2021/02/tesla-logo-1024x576.jpg 1024w, https://www.gizmochina.com/wp-content/uploads/2021/02/tesla-logo-696x392.jpg 696w, https://www.gizmochina.com/wp-content/uploads/2021/02/tesla-logo-1068x601.jpg 1068w, https://www.gizmochina.com/wp-content/uploads/2021/02/tesla-logo-747x420.jpg 747w, https://www.gizmochina.com/wp-content/uploads/2021/02/tesla-logo.jpg 1280w" sizes="(max-width: 300px) 100vw, 300px" /><p>A small group of hackers has managed to cause a security breach, which has affected hundreds of businesses. This includes the popular electric vehicle maker Tesla after hackers gained access to surveillance cameras from Verkada. According to a Reuters report, the hacker group gained access to the live feed of the security cameras and even [&#8230;]</p>
<p>The post <a rel="nofollow" href="https://www.gizmochina.com/2021/03/10/tesla-security-breach-hackers-control-verkada-cameras/">Tesla and hundreds more face security breach, hackers gain access of Verkada security cameras</a> appeared first on <a rel="nofollow" href="https://www.gizmochina.com">Gizmochina</a>.</p>
]]></description>
										<content:encoded><![CDATA[<img width="300" height="169" src="https://www.gizmochina.com/wp-content/uploads/2021/02/tesla-logo-300x169.jpg?x44794" class="webfeedsFeaturedVisual wp-post-image" alt="Tesla Logo" loading="lazy" style="display: block; margin: auto; margin-bottom: 5px;max-width: 100%;" link_thumbnail="" srcset="https://www.gizmochina.com/wp-content/uploads/2021/02/tesla-logo-300x169.jpg 300w, https://www.gizmochina.com/wp-content/uploads/2021/02/tesla-logo-768x432.jpg 768w, https://www.gizmochina.com/wp-content/uploads/2021/02/tesla-logo-1024x576.jpg 1024w, https://www.gizmochina.com/wp-content/uploads/2021/02/tesla-logo-696x392.jpg 696w, https://www.gizmochina.com/wp-content/uploads/2021/02/tesla-logo-1068x601.jpg 1068w, https://www.gizmochina.com/wp-content/uploads/2021/02/tesla-logo-747x420.jpg 747w, https://www.gizmochina.com/wp-content/uploads/2021/02/tesla-logo.jpg 1280w" sizes="(max-width: 300px) 100vw, 300px" /><p>A small group of hackers has managed to cause a security breach, which has affected hundreds of businesses. This includes the popular electric vehicle maker <a href="https://www.gizmochina.com/tag/tesla/" target="_blank" rel="noopener noreferrer">Tesla</a> after hackers gained access to surveillance cameras from Verkada.</p>
<p><img loading="lazy" class="aligncenter wp-image-370219 size-full" src="https://www.gizmochina.com/wp-content/uploads/2021/02/tesla-logo.jpg?x44794" alt="Tesla Logo" width="1280" height="720" srcset="https://www.gizmochina.com/wp-content/uploads/2021/02/tesla-logo.jpg 1280w, https://www.gizmochina.com/wp-content/uploads/2021/02/tesla-logo-300x169.jpg 300w, https://www.gizmochina.com/wp-content/uploads/2021/02/tesla-logo-768x432.jpg 768w, https://www.gizmochina.com/wp-content/uploads/2021/02/tesla-logo-1024x576.jpg 1024w, https://www.gizmochina.com/wp-content/uploads/2021/02/tesla-logo-696x392.jpg 696w, https://www.gizmochina.com/wp-content/uploads/2021/02/tesla-logo-1068x601.jpg 1068w, https://www.gizmochina.com/wp-content/uploads/2021/02/tesla-logo-747x420.jpg 747w" sizes="(max-width: 1280px) 100vw, 1280px" /></p>
<p>According to a <a href="https://www.reuters.com/article/us-verkada-breach/verkada-surveillance-cameras-at-tesla-hundreds-more-businesses-breached-hackers-idUSKBN2B2048" target="_blank" rel="noopener noreferrer"><em>Reuters</em> </a>report, the hacker group gained access to the live feed of the security cameras and even archived surveillance footage from hundreds of businesses. The group even managed to breach Tesla by gaining administrative access to the camera maker Verkada over the past two days, as per sources involved in the security breach incident. Tillie Kottmann, a Swedish software developer, shared screenshots on Twitter from inside a Tesla warehouse in California and an Alabama jail.</p>
<p>Kottman gained attention for finding security flaws in mobile applications and other systems. As per the software developer, the breach was to draw attention to the pervasive monitoring of people after having found login information for Verkada&#8217;s administrative tools publicly online earlier this week. Verkada has since acknowledged an intrusion and said that it has disabled all internal administrator accounts to prevent any unauthorized access.</p>
<p><img loading="lazy" class="aligncenter wp-image-297549 size-full" src="https://www.gizmochina.com/wp-content/uploads/2019/12/201912231455446402_Chinese-APT20-hacker-group-bypassing-2FA-in-latest-attacks_SECVPF.jpg?x44794" alt="Tesla" width="620" height="414" srcset="https://www.gizmochina.com/wp-content/uploads/2019/12/201912231455446402_Chinese-APT20-hacker-group-bypassing-2FA-in-latest-attacks_SECVPF.jpg 620w, https://www.gizmochina.com/wp-content/uploads/2019/12/201912231455446402_Chinese-APT20-hacker-group-bypassing-2FA-in-latest-attacks_SECVPF-300x200.jpg 300w" sizes="(max-width: 620px) 100vw, 620px" /></p>
<p>As per an official statement &#8220;Our internal security team and external security firm are investigating the scale and scope of this issue, and we have notified law enforcement.” Notably, the hacker group could have used its access to control the camera gear to access other parts of the company&#8217;s networks with Tesla and even software makers Cloudflare and Okta, as per Kottman.</p>
<p><strong>RELATED:</strong></p>
<ul>
<li><a href="https://www.gizmochina.com/2021/02/24/woman-chasing-summoned-tesla-model-3-rolling-away/" target="_blank" rel="noopener noreferrer">Dashcam captures woman chasing after a summoned Tesla Model 3 thinking it was rolling away</a></li>
<li><a href="https://www.gizmochina.com/2021/03/03/india-tesla-incentives-cheaper-production-costs-china/" target="_blank" rel="noopener noreferrer">India pursues Tesla with incentives like cheaper production costs than China</a></li>
<li><a href="https://www.gizmochina.com/2021/01/11/tesla-rival-nio-car-500km-range-competition-rise-china/" target="_blank" rel="noopener noreferrer">Tesla rival NIO offers EV with a record 700km range, raises competition in China</a></li>
</ul>
<p><iframe loading="lazy" title="Xiaomi Redmi K40 Full Review: The Budget flagship killer in 2021" width="696" height="392" src="https://www.youtube.com/embed/oijDIwkux8g?feature=oembed" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe></p>
<p>&nbsp;</p>
<p>The post <a rel="nofollow" href="https://www.gizmochina.com/2021/03/10/tesla-security-breach-hackers-control-verkada-cameras/">Tesla and hundreds more face security breach, hackers gain access of Verkada security cameras</a> appeared first on <a rel="nofollow" href="https://www.gizmochina.com">Gizmochina</a>.</p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>OnePlus to launch a Bug Bounty program, users can earn up to $7000 (49,000 CNY)</title>
		<link>https://www.gizmochina.com/2019/12/20/oneplus-to-launch-a-bug-bounty-program-users-can-earn-up-to-7000-49000-cny/</link>
		
		<dc:creator><![CDATA[Sean]]></dc:creator>
		<pubDate>Fri, 20 Dec 2019 08:11:28 +0000</pubDate>
				<category><![CDATA[News]]></category>
		<category><![CDATA[Oneplus]]></category>
		<category><![CDATA[data breach]]></category>
		<category><![CDATA[OnePlus]]></category>
		<category><![CDATA[OnePlus breach]]></category>
		<category><![CDATA[Security Breach]]></category>
		<guid isPermaLink="false">https://www.gizmochina.com/?p=296342</guid>

					<description><![CDATA[<img width="300" height="201" src="https://www.gizmochina.com/wp-content/uploads/2019/11/oneplus7t-300x201.jpg?x44794" class="webfeedsFeaturedVisual wp-post-image" alt="oneplus 7t" loading="lazy" style="display: block; margin: auto; margin-bottom: 5px;max-width: 100%;" link_thumbnail="" srcset="https://www.gizmochina.com/wp-content/uploads/2019/11/oneplus7t-300x201.jpg 300w, https://www.gizmochina.com/wp-content/uploads/2019/11/oneplus7t-696x466.jpg 696w, https://www.gizmochina.com/wp-content/uploads/2019/11/oneplus7t-627x420.jpg 627w, https://www.gizmochina.com/wp-content/uploads/2019/11/oneplus7t.jpg 750w" sizes="(max-width: 300px) 100vw, 300px" /><p>OnePlus, the smartphone manufacturer, had publicly announced the second data breach in two years back in November 2019. Since then, the company has promised to launch a new bug bounty program by the end of the year 2019. The move was made to bump up security measures and prevent future breaches. Now, the company has [&#8230;]</p>
<p>The post <a rel="nofollow" href="https://www.gizmochina.com/2019/12/20/oneplus-to-launch-a-bug-bounty-program-users-can-earn-up-to-7000-49000-cny/">OnePlus to launch a Bug Bounty program, users can earn up to $7000 (49,000 CNY)</a> appeared first on <a rel="nofollow" href="https://www.gizmochina.com">Gizmochina</a>.</p>
]]></description>
										<content:encoded><![CDATA[<img width="300" height="201" src="https://www.gizmochina.com/wp-content/uploads/2019/11/oneplus7t-300x201.jpg?x44794" class="webfeedsFeaturedVisual wp-post-image" alt="oneplus 7t" loading="lazy" style="display: block; margin: auto; margin-bottom: 5px;max-width: 100%;" link_thumbnail="" srcset="https://www.gizmochina.com/wp-content/uploads/2019/11/oneplus7t-300x201.jpg 300w, https://www.gizmochina.com/wp-content/uploads/2019/11/oneplus7t-696x466.jpg 696w, https://www.gizmochina.com/wp-content/uploads/2019/11/oneplus7t-627x420.jpg 627w, https://www.gizmochina.com/wp-content/uploads/2019/11/oneplus7t.jpg 750w" sizes="(max-width: 300px) 100vw, 300px" /><p><a href="https://www.gizmochina.com/brand/oneplus/" target="_blank" rel="noopener noreferrer">OnePlus</a>, the smartphone manufacturer, had publicly announced <a href="https://www.gizmochina.com/2019/11/23/oneplus-customer-data-breached-yet-again-names-and-addresses-likely-exposed/" target="_blank" rel="noopener noreferrer">the second data breach in two years back in November 2019</a>. Since then, the company has promised to launch a new bug bounty program by the end of the year 2019. The move was made to bump up security measures and prevent future breaches. Now, the company has finally announced that its bug bounty program is live.</p>
<p>For users that find any bug or vulnerabilities in the systems, they can submit it on OnePlus&#8217;s official website that features a new bug report section. Users must login first and apparently, the company will be creating and updating a leaderboard of top contributors. The company will even feature the top three contributors on the bug bounty&#8217;s main page as well.</p>
<p><figure id="attachment_168713" aria-describedby="caption-attachment-168713" style="width: 590px" class="wp-caption aligncenter"><img loading="lazy" class="wp-image-168713 size-full" src="https://www.gizmochina.com/wp-content/uploads/2018/01/oneplus-credit-card-breach-response.jpg?x44794" alt="OnePlus Credit Card Breach Response" width="590" height="515" srcset="https://www.gizmochina.com/wp-content/uploads/2018/01/oneplus-credit-card-breach-response.jpg 590w, https://www.gizmochina.com/wp-content/uploads/2018/01/oneplus-credit-card-breach-response-300x262.jpg 300w" sizes="(max-width: 590px) 100vw, 590px" /><figcaption id="caption-attachment-168713" class="wp-caption-text">The first breach in OnePlus that caused credit card information being leaked for a number of users</figcaption></figure></p>
<p>In the about section of the bug bounty program, OnePlus promises to reward users that submit reports according to certain tiers.</p>
<ul>
<li style="list-style-type: none">
<ul>
<li id="JGJpr2">Special cases: up to $7,000 (roughly 49,000 CNY)</li>
<li id="BOoZk8">Critical: $750–$1,500 (5,258-10,517 CNY)</li>
<li id="PK2vyn">High: $250–$750 (1,752-5,258 CNY)</li>
<li id="iliPdn">Medium: $100–$250 (701-1752 CNY)</li>
<li id="cUB2Hk">Low: $50–$100 (350-701 CNY)</li>
</ul>
</li>
</ul>
<h6 class="related"><strong>Editor&#8217;s Pick: <a href="https://www.gizmochina.com/2019/12/19/oneplus-7-and-oneplus-7-pro-latest-update-brings-back-hide-notch-feature/">OnePlus 7 and OnePlus 7 Pro’ latest update brings back “Hide Notch” feature</a></strong></h6>
<p>The exact definition of the tiers are still uncertain, however, OnePlus states that the reward you may receive is, &#8220;determined based on vulnerabilities severity and actual business impact.&#8221; The company had previously announced that it would partner up with a world renowned security platform in December 2019. That is now confirmed to be the startup HackerOne.</p>
<p><img loading="lazy" class="size-full wp-image-191625 aligncenter" src="https://www.gizmochina.com/wp-content/uploads/2018/05/OnePlus-logo-1.jpg?x44794" alt="oneplus logo" width="1280" height="719" srcset="https://www.gizmochina.com/wp-content/uploads/2018/05/OnePlus-logo-1.jpg 1280w, https://www.gizmochina.com/wp-content/uploads/2018/05/OnePlus-logo-1-300x169.jpg 300w, https://www.gizmochina.com/wp-content/uploads/2018/05/OnePlus-logo-1-768x431.jpg 768w, https://www.gizmochina.com/wp-content/uploads/2018/05/OnePlus-logo-1-1024x575.jpg 1024w" sizes="(max-width: 1280px) 100vw, 1280px" /></p>
<p>The collaboration with HackerOne is starting as a pilot program which would see numerous select security researchers being invited to test against OnePlus&#8217; systems. The company also mentioned that a public version of the same will be launched in 2020.</p>
<h6 class="related"><strong>UP NEXT: <a href="https://www.gizmochina.com/2019/12/20/richard-yu-huawei-shipments-to-reach-230-million-by-the-end-of-2019/">Richard Yu: Huawei shipments to reach 230 million by the end of 2019</a></strong></h6>
<p>&nbsp;</p>
<p>(<a href="https://forums.oneplus.com/threads/were-opening-a-new-bug-bounty-program-and-partnering-with-security-platform-hackerone.1155756/" target="_blank" rel="noopener noreferrer">Source</a>,<a href="https://www.theverge.com/2019/12/19/21030187/oneplus-bug-bounty-program-data-breach-november-january-hackerone-prize" target="_blank" rel="noopener noreferrer">Via</a>)</p>
<p>The post <a rel="nofollow" href="https://www.gizmochina.com/2019/12/20/oneplus-to-launch-a-bug-bounty-program-users-can-earn-up-to-7000-49000-cny/">OnePlus to launch a Bug Bounty program, users can earn up to $7000 (49,000 CNY)</a> appeared first on <a rel="nofollow" href="https://www.gizmochina.com">Gizmochina</a>.</p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>OnePlus Customer Data Breached yet again, Names and Addresses likely exposed</title>
		<link>https://www.gizmochina.com/2019/11/23/oneplus-customer-data-breached-yet-again-names-and-addresses-likely-exposed/</link>
		
		<dc:creator><![CDATA[Joel Joseph]]></dc:creator>
		<pubDate>Sat, 23 Nov 2019 17:00:06 +0000</pubDate>
				<category><![CDATA[Featured]]></category>
		<category><![CDATA[News]]></category>
		<category><![CDATA[Oneplus]]></category>
		<category><![CDATA[data breach]]></category>
		<category><![CDATA[OnePlus]]></category>
		<category><![CDATA[OnePlus breach]]></category>
		<category><![CDATA[OnePlus customer]]></category>
		<category><![CDATA[Security Breach]]></category>
		<guid isPermaLink="false">https://www.gizmochina.com/?p=291051</guid>

					<description><![CDATA[<img width="300" height="168" src="https://www.gizmochina.com/wp-content/uploads/2018/05/OnePlus-logo-300x168.jpg?x44794" class="webfeedsFeaturedVisual wp-post-image" alt="OnePlus logo" loading="lazy" style="display: block; margin: auto; margin-bottom: 5px;max-width: 100%;" link_thumbnail="" srcset="https://www.gizmochina.com/wp-content/uploads/2018/05/OnePlus-logo-300x168.jpg 300w, https://www.gizmochina.com/wp-content/uploads/2018/05/OnePlus-logo-768x431.jpg 768w, https://www.gizmochina.com/wp-content/uploads/2018/05/OnePlus-logo-1024x575.jpg 1024w, https://www.gizmochina.com/wp-content/uploads/2018/05/OnePlus-logo.jpg 2048w" sizes="(max-width: 300px) 100vw, 300px" /><p>OnePlus&#8217; customer data has been breached, yet again. The smartphone maker made an announcement a few hours back stating that some of its customer&#8217;s information like &#8220;name, contact number, email, and shipping address within certain orders&#8221; may have been exposed by the most recent data breach. However, information like payment information, passwords and accounts are [&#8230;]</p>
<p>The post <a rel="nofollow" href="https://www.gizmochina.com/2019/11/23/oneplus-customer-data-breached-yet-again-names-and-addresses-likely-exposed/">OnePlus Customer Data Breached yet again, Names and Addresses likely exposed</a> appeared first on <a rel="nofollow" href="https://www.gizmochina.com">Gizmochina</a>.</p>
]]></description>
										<content:encoded><![CDATA[<img width="300" height="168" src="https://www.gizmochina.com/wp-content/uploads/2018/05/OnePlus-logo-300x168.jpg?x44794" class="webfeedsFeaturedVisual wp-post-image" alt="OnePlus logo" loading="lazy" style="display: block; margin: auto; margin-bottom: 5px;max-width: 100%;" link_thumbnail="" srcset="https://www.gizmochina.com/wp-content/uploads/2018/05/OnePlus-logo-300x168.jpg 300w, https://www.gizmochina.com/wp-content/uploads/2018/05/OnePlus-logo-768x431.jpg 768w, https://www.gizmochina.com/wp-content/uploads/2018/05/OnePlus-logo-1024x575.jpg 1024w, https://www.gizmochina.com/wp-content/uploads/2018/05/OnePlus-logo.jpg 2048w" sizes="(max-width: 300px) 100vw, 300px" /><p>OnePlus&#8217; customer data has been breached, yet again. The smartphone maker made an announcement a few hours back stating that some of its customer&#8217;s information like &#8220;name, contact number, email, and shipping address within certain orders&#8221; may have been exposed by the most recent data breach. However, information like payment information, passwords and accounts are safe.</p>
<p><a href="https://www.gizmochina.com/wp-content/uploads/2018/05/OnePlus-logo.jpg?x44794"><img loading="lazy" class="aligncenter size-full wp-image-191556" src="https://www.gizmochina.com/wp-content/uploads/2018/05/OnePlus-logo.jpg?x44794" alt="OnePlus logo" width="2048" height="1150" srcset="https://www.gizmochina.com/wp-content/uploads/2018/05/OnePlus-logo.jpg 2048w, https://www.gizmochina.com/wp-content/uploads/2018/05/OnePlus-logo-300x168.jpg 300w, https://www.gizmochina.com/wp-content/uploads/2018/05/OnePlus-logo-768x431.jpg 768w, https://www.gizmochina.com/wp-content/uploads/2018/05/OnePlus-logo-1024x575.jpg 1024w" sizes="(max-width: 2048px) 100vw, 2048px" /></a></p>
<p><a href="https://www.gizmochina.com/tag/oneplus">OnePlus</a> hasn&#8217;t given out an exact number of affected users, however, the company said that it has already sent out emails to the users whose data has been breached. If you were one of the affected customers, you should have received a mail similar to <a href="https://twitter.com/iJackWilson/status/1197934987548471296">this</a> sometime in the past couple of days. If you haven&#8217;t got an email from the company, then your data wasn&#8217;t breached.</p>
<h6 class="related"><strong>Editor&#8217;s Pick: <a href="https://www.gizmochina.com/2019/11/19/oneplus-3-3t-receive-their-final-security-update-ends-official-support/">OnePlus 3 &amp; 3T receive their Final Security update, ends official support</a></strong></h6>
<p>The official OnePlus website seems to be the point of the breach but the company assured that they have thoroughly inspected the website to ensure there are no similar security flaws. The company also adds that affected users &#8216;may receive spam and phishing emails as a result of this incident&#8217;.</p>
<p>This isn&#8217;t the <a href="https://www.gizmochina.com/2018/01/23/oneplus-confirms-credit-card-breach-impacted-40000-customers/">first time OnePlus had a security breach</a>. Last year, in January, credit card information of nearly 40,000 OnePlus customers was breached through the company&#8217;s OnePlus.net website. Unfortunately, the company has not revealed the scale of this particular breach.</p>
<p><figure id="attachment_281348" aria-describedby="caption-attachment-281348" style="width: 1620px" class="wp-caption aligncenter"><a href="https://www.gizmochina.com/wp-content/uploads/2019/10/OnePlus-7T-Hands-on-volume-button-featured.jpg?x44794"><img loading="lazy" class="size-full wp-image-281348" src="https://www.gizmochina.com/wp-content/uploads/2019/10/OnePlus-7T-Hands-on-volume-button-featured.jpg?x44794" alt="OnePlus 7T Hands on volume button featured" width="1620" height="1080" srcset="https://www.gizmochina.com/wp-content/uploads/2019/10/OnePlus-7T-Hands-on-volume-button-featured.jpg 1620w, https://www.gizmochina.com/wp-content/uploads/2019/10/OnePlus-7T-Hands-on-volume-button-featured-300x200.jpg 300w, https://www.gizmochina.com/wp-content/uploads/2019/10/OnePlus-7T-Hands-on-volume-button-featured-768x512.jpg 768w, https://www.gizmochina.com/wp-content/uploads/2019/10/OnePlus-7T-Hands-on-volume-button-featured-1024x683.jpg 1024w, https://www.gizmochina.com/wp-content/uploads/2019/10/OnePlus-7T-Hands-on-volume-button-featured-696x464.jpg 696w, https://www.gizmochina.com/wp-content/uploads/2019/10/OnePlus-7T-Hands-on-volume-button-featured-1068x712.jpg 1068w, https://www.gizmochina.com/wp-content/uploads/2019/10/OnePlus-7T-Hands-on-volume-button-featured-630x420.jpg 630w" sizes="(max-width: 1620px) 100vw, 1620px" /></a><figcaption id="caption-attachment-281348" class="wp-caption-text">OnePlus 7T is its most recent flagship</figcaption></figure></p>
<p>Security breaches are never good for a company. However, the company assures that it will partner &#8220;with a world-renowned security platform next month, and will launch an official bug bounty program by the end of December&#8221;. This is definitely the right way moving forward, however, OnePlus should have probably done this immediately after the first breach to avoid a second incident.</p>
<h6 class="related"><strong>UP NEXT: <a href="https://www.gizmochina.com/2019/11/22/oneplus-7-pros-audio-is-almost-as-good-as-the-note-10-reveals-dxomark-audio-test/">OnePlus 7 Pro&#8217;s audio is almost as good as the Note 10+ reveals DxOMark Audio Test</a></strong></h6>
<p>&nbsp;</p>
<p>(<a href="https://forums.oneplus.com/threads/security-notification.1144088/">Source</a>)</p>
<p>The post <a rel="nofollow" href="https://www.gizmochina.com/2019/11/23/oneplus-customer-data-breached-yet-again-names-and-addresses-likely-exposed/">OnePlus Customer Data Breached yet again, Names and Addresses likely exposed</a> appeared first on <a rel="nofollow" href="https://www.gizmochina.com">Gizmochina</a>.</p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>WeChat and QQ&#8217;s 364 million Chinese users data exposed online</title>
		<link>https://www.gizmochina.com/2019/03/05/wechat-and-qqs-364-million-chinese-users-data-exposed-online/</link>
		
		<dc:creator><![CDATA[Simranpal Singh]]></dc:creator>
		<pubDate>Tue, 05 Mar 2019 08:31:45 +0000</pubDate>
				<category><![CDATA[News]]></category>
		<category><![CDATA[China]]></category>
		<category><![CDATA[QQ]]></category>
		<category><![CDATA[Security Breach]]></category>
		<category><![CDATA[WeChat]]></category>
		<guid isPermaLink="false">https://www.gizmochina.com/?p=239553</guid>

					<description><![CDATA[<img width="300" height="169" src="https://www.gizmochina.com/wp-content/uploads/2019/03/china-internet-mobile_wide-8db228d07a76c83ac7167192e84407b2978b44cd-300x169.jpg?x44794" class="webfeedsFeaturedVisual wp-post-image" alt="china users" loading="lazy" style="display: block; margin: auto; margin-bottom: 5px;max-width: 100%;" link_thumbnail="" srcset="https://www.gizmochina.com/wp-content/uploads/2019/03/china-internet-mobile_wide-8db228d07a76c83ac7167192e84407b2978b44cd-300x169.jpg 300w, https://www.gizmochina.com/wp-content/uploads/2019/03/china-internet-mobile_wide-8db228d07a76c83ac7167192e84407b2978b44cd-768x432.jpg 768w, https://www.gizmochina.com/wp-content/uploads/2019/03/china-internet-mobile_wide-8db228d07a76c83ac7167192e84407b2978b44cd.jpg 996w" sizes="(max-width: 300px) 100vw, 300px" /><p>The security and privacy of the users&#8217; data is a major concern among poplar apps and websites. Many times, these companies have failed to provide a secure environment for the users&#8217; data. A similar incident has been witnessed by a security researcher Victor Gevers of non-profit organization GDI. As per a report from the Financial Times, [&#8230;]</p>
<p>The post <a rel="nofollow" href="https://www.gizmochina.com/2019/03/05/wechat-and-qqs-364-million-chinese-users-data-exposed-online/">WeChat and QQ&#8217;s 364 million Chinese users data exposed online</a> appeared first on <a rel="nofollow" href="https://www.gizmochina.com">Gizmochina</a>.</p>
]]></description>
										<content:encoded><![CDATA[<img width="300" height="169" src="https://www.gizmochina.com/wp-content/uploads/2019/03/china-internet-mobile_wide-8db228d07a76c83ac7167192e84407b2978b44cd-300x169.jpg?x44794" class="webfeedsFeaturedVisual wp-post-image" alt="china users" loading="lazy" style="display: block; margin: auto; margin-bottom: 5px;max-width: 100%;" link_thumbnail="" srcset="https://www.gizmochina.com/wp-content/uploads/2019/03/china-internet-mobile_wide-8db228d07a76c83ac7167192e84407b2978b44cd-300x169.jpg 300w, https://www.gizmochina.com/wp-content/uploads/2019/03/china-internet-mobile_wide-8db228d07a76c83ac7167192e84407b2978b44cd-768x432.jpg 768w, https://www.gizmochina.com/wp-content/uploads/2019/03/china-internet-mobile_wide-8db228d07a76c83ac7167192e84407b2978b44cd.jpg 996w" sizes="(max-width: 300px) 100vw, 300px" /><p>The security and privacy of the users&#8217; data is a major concern among poplar apps and websites. Many times, these companies have failed to provide a secure environment for the users&#8217; data. A similar incident has been witnessed by a security researcher Victor Gevers of non-profit organization GDI. As per a report from the Financial Times, the identities and other personal data of 300 million Chinese users were searchable on the internet if anyone knows the IP on Saturday, last week.</p>
<p><img loading="lazy" class="aligncenter size-full wp-image-239562" src="https://www.gizmochina.com/wp-content/uploads/2019/03/china-internet-mobile_wide-8db228d07a76c83ac7167192e84407b2978b44cd.jpg?x44794" alt="china users" width="996" height="560" srcset="https://www.gizmochina.com/wp-content/uploads/2019/03/china-internet-mobile_wide-8db228d07a76c83ac7167192e84407b2978b44cd.jpg 996w, https://www.gizmochina.com/wp-content/uploads/2019/03/china-internet-mobile_wide-8db228d07a76c83ac7167192e84407b2978b44cd-300x169.jpg 300w, https://www.gizmochina.com/wp-content/uploads/2019/03/china-internet-mobile_wide-8db228d07a76c83ac7167192e84407b2978b44cd-768x432.jpg 768w" sizes="(max-width: 996px) 100vw, 996px" /></p>
<p>The data of Chinese popular social messaging networks such as QQ and WeChat were exposed including Chinese citizen ID, photos, addresses, GPS location data along with the personal messages. It seems a major breach on the ChinaNet online, internet service provider servers. As per Gevers, later the data was distributed to over 17 different remote servers. It is not confirmed whether and why it is sent to over different servers and what&#8217;s the actual usage. But as per assumption, Gevers claims that the data is sent to police stations in different regions of China.</p>
<p>In actual he quoted that, <em>“There is no evidence that law enforcement is doing something active with this spoonfed data. But the infrastructure and well-planned data distribution are there.” </em> He further investigated the issue and shared some parts of Direct Messages that were supposed to be private. He even shared some snippets of the chats as proof on his Twitter handle.</p>
<p>Upon digging deep, the data patterns hinted that these users might be frequent gamers who used different cafes. There&#8217;s another possibility that its the Chinese government&#8217;s way of keeping a tap on users who don&#8217;t follow censorship in China. Even though, some local officers have also asked internet cafes to track the users&#8217; browsing history time-to-time with software.</p>
<p>Gevers accumulated the information while he was crawling Shodan search engine. As per him, the data was exposed in attempts by someone to frisk through the servers.</p>
<p>Later, Gevers resolved the issue by taking the matter to the Chinese internet service provider. In response, ChinaNet Online secured the data within a few hours.</p>
<ul>
<li><strong>Read More: <a href="https://www.gizmochina.com/2018/10/23/china-consumer-association-knocks-apple-asks-to-compensate-apple-id-theft-victims/">China Consumer Association knocks Apple, asks to compensate Apple ID theft victims</a></strong></li>
</ul>
<p>In China, the Government scans the users&#8217; activity routinely to ensure safety and security. Even though, most of the Chinese internet companies are quite straightforward in complying with the state policies. Most of the companies have added in their privacy policies that they “comply with applicable laws and regulations.”</p>
<p>We hope in the future, the telecom operators and internet service providers should be more stringent while handling users&#8217; data.</p>
<p>(<a href="https://www.theverge.com/2019/3/4/18250474/chinese-messages-millions-wechat-qq-yy-data-breach-police">Via</a>)</p>
<p>The post <a rel="nofollow" href="https://www.gizmochina.com/2019/03/05/wechat-and-qqs-364-million-chinese-users-data-exposed-online/">WeChat and QQ&#8217;s 364 million Chinese users data exposed online</a> appeared first on <a rel="nofollow" href="https://www.gizmochina.com">Gizmochina</a>.</p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>Facebook security breach puts 50 million user accounts at risk</title>
		<link>https://www.gizmochina.com/2018/09/28/facebook-security-breach-affects-50-million-user-accounts/</link>
		
		<dc:creator><![CDATA[Jeet]]></dc:creator>
		<pubDate>Fri, 28 Sep 2018 18:38:34 +0000</pubDate>
				<category><![CDATA[News]]></category>
		<category><![CDATA[Facebook]]></category>
		<category><![CDATA[Security Breach]]></category>
		<category><![CDATA[Social media]]></category>
		<guid isPermaLink="false">https://www.gizmochina.com/?p=214461</guid>

					<description><![CDATA[<img width="300" height="200" src="https://www.gizmochina.com/wp-content/uploads/2018/09/26405898387_5e9e0c2c56_b-300x200.jpg?x44794" class="webfeedsFeaturedVisual wp-post-image" alt="Facebook" loading="lazy" style="display: block; margin: auto; margin-bottom: 5px;max-width: 100%;" link_thumbnail="" srcset="https://www.gizmochina.com/wp-content/uploads/2018/09/26405898387_5e9e0c2c56_b-300x200.jpg 300w, https://www.gizmochina.com/wp-content/uploads/2018/09/26405898387_5e9e0c2c56_b-768x512.jpg 768w, https://www.gizmochina.com/wp-content/uploads/2018/09/26405898387_5e9e0c2c56_b.jpg 1024w" sizes="(max-width: 300px) 100vw, 300px" /><p>Facebook has said that an attack on its network has affected almost 50 million user accounts, exposing their personal information. The breach could allow attackers to take over the accounts of affected users. The full extent of the attack remains unknown at this time. The social media giant said that the security breach was discovered earlier [&#8230;]</p>
<p>The post <a rel="nofollow" href="https://www.gizmochina.com/2018/09/28/facebook-security-breach-affects-50-million-user-accounts/">Facebook security breach puts 50 million user accounts at risk</a> appeared first on <a rel="nofollow" href="https://www.gizmochina.com">Gizmochina</a>.</p>
]]></description>
										<content:encoded><![CDATA[<img width="300" height="200" src="https://www.gizmochina.com/wp-content/uploads/2018/09/26405898387_5e9e0c2c56_b-300x200.jpg?x44794" class="webfeedsFeaturedVisual wp-post-image" alt="Facebook" loading="lazy" style="display: block; margin: auto; margin-bottom: 5px;max-width: 100%;" link_thumbnail="" srcset="https://www.gizmochina.com/wp-content/uploads/2018/09/26405898387_5e9e0c2c56_b-300x200.jpg 300w, https://www.gizmochina.com/wp-content/uploads/2018/09/26405898387_5e9e0c2c56_b-768x512.jpg 768w, https://www.gizmochina.com/wp-content/uploads/2018/09/26405898387_5e9e0c2c56_b.jpg 1024w" sizes="(max-width: 300px) 100vw, 300px" /><p>Facebook has said that an attack on its network has affected almost 50 million user accounts, exposing their personal information. The breach could allow attackers to take over the accounts of affected users. The full extent of the attack remains unknown at this time.</p>
<p>The social media giant said that the security breach was discovered earlier this week on Tuesday. The company found that the attackers had exploited a feature in Facebook’s code that impacted ‘View As’, which lets people see what their own profile looks like to others. The attackers exploited the vulnerability, which leaked Facebook access token, giving attackers access to users’ accounts.</p>
<p><img loading="lazy" class="aligncenter wp-image-214085 size-full" src="https://www.gizmochina.com/wp-content/uploads/2018/09/26405898387_5e9e0c2c56_b.jpg?x44794" alt="Facebook" width="1024" height="683" srcset="https://www.gizmochina.com/wp-content/uploads/2018/09/26405898387_5e9e0c2c56_b.jpg 1024w, https://www.gizmochina.com/wp-content/uploads/2018/09/26405898387_5e9e0c2c56_b-300x200.jpg 300w, https://www.gizmochina.com/wp-content/uploads/2018/09/26405898387_5e9e0c2c56_b-768x512.jpg 768w" sizes="(max-width: 1024px) 100vw, 1024px" /></p>
<p>In a conference call with reports, Mark Zukerberg, CEO of Facebook, said, <em>&#8220;We’re taking it really seriously. We have a major security effort at the company that hardens all of our surfaces. I’m glad we found this. But it definitely is an issue that this happened in the first place.&#8221;</em></p>
<p>Currently the company’s internal investigation “is still in its early stages” and it has provided no details regarding who might be behind the attack or what user data (if any) was exfiltrated. Facebook has not revealed where in the world the affected 50 million users are, but says that it has informed Irish data regulators, where Facebook&#8217;s European subsidiary is based.</p>
<p>Over 90 million users were forced to log out of their accounts on Friday, which is a common security measure when accounts have been compromised. However, the users were not required to change their passwords.</p>
<p>The company said that it has fixed the vulnerability and has also notified law enforcement officials. It has temporarily disabled the View As feature while the company conducts a thorough security review. Facebook says that peoples&#8217; privacy and security are very important and apologises for the incident.</p>
<p style="text-align: center;"><strong>Read More: </strong><a href="https://www.gizmochina.com/2018/09/27/whatsapp-privacy-sold-co-founder-brian-acton/"><strong>WhatsApp co-founder Brian Acton feels he sold users’ privacy with Facebook acquisition</strong></a></p>
<p>The news about security breach comes at a time when Facebook is going through a rough time. It is currently facing federal investigation over its role in the Cambridge Analytica scandal in which the firm misused data from about 87 million Facebook users.</p>
<p>(<a href="https://newsroom.fb.com/news/2018/09/security-update/">Source,</a> <a href="http://www.thoughtcatalog.com">Image Source</a>)</p>
<p>The post <a rel="nofollow" href="https://www.gizmochina.com/2018/09/28/facebook-security-breach-affects-50-million-user-accounts/">Facebook security breach puts 50 million user accounts at risk</a> appeared first on <a rel="nofollow" href="https://www.gizmochina.com">Gizmochina</a>.</p>
]]></content:encoded>
					
		
		
			</item>
	</channel>
</rss>

<!--
Performance optimized by W3 Total Cache. Learn more: https://www.boldgrid.com/w3-total-cache/

Object Caching 127/159 objects using Redis
Page Caching using Disk: Enhanced 
Content Delivery Network Full Site Delivery via cloudflare
Database Caching 15/31 queries in 0.011 seconds using Redis
Fragment Caching 2/3 fragments using Redis

Served from: www.gizmochina.com @ 2026-06-15 22:56:26 by W3 Total Cache
-->