Connect with us

Press Release

T-Mobile data leak revealed call logs and phone numbers

Published

on

T-Mobile data leak revealed call logs and phone numbers

T-Mobile has disclosed a data breach that exposed customer proprietary network information (CPNI), which includes phone numbers and call history.

T-Mobile started texting consumers about a “security incident” that revealed the details of their accounts yesterday.

T-Mobile claims that recently, their systems had “malicious, unauthorised access” uncovered by their security staff. T-Mobile hired a cybersecurity company to conduct an investigation, and the results showed that threat actors had gotten access to CPNI, or customer-generated network information, used for telecommunications.

Phone numbers, call history, and the number of lines on an account are among the data compromised in this attack.

“The Federal Communications Commission (FCC) regulations’ definition of customer proprietary network information (CPNI) was accessed. The CPNI that was accessed might have included your phone number, the number of lines you have subscribed to, and, in some cases, call-related data gathered as part of your wireless service’s routine operation “T-Mobile claimed in a notification of a data breach.

According to T-Mobile, the compromised data did not include the names, addresses, email addresses, financial information, credit card information, social security numbers, tax IDs, passwords, or PINs of account holders.

T-Mobile claimed that this hack only affected a “small number of consumers (less than 0.2%)” in a statement to BleepingComputer. There are roughly 200,000 persons who have been impacted by this breach out of T-estimated Mobile’s 100 million customers.

“Less than 0.2% of our clients are now receiving notifications that some account information may have been improperly accessed. Names connected to the account, financial information, credit card details, social security numbers, passwords, PINs, and physical or email addresses were NOT among the data obtained. Phone numbers, the number of lines a user subscribes to, and, in a few rare situations, call-related data gathered as part of routine operation and service, were among the data that may have been accessed “Tells BleepingComputer, T-Mobile.

Anyone who has received a text alert about this incident should be on the watch for any suspicious texts that seem to be from T-Mobile and ask for information or contain links to websites that are not owned by T-Mobile.

Threat actors frequently employ information they have obtained from other targeted phishing and smishing efforts in an effort to obtain sensitive data such login names and passwords.

Prior data breaches at T-Mobile occurred in 2018, 2019 for prepaid customers, and in March 2020, which exposed personal and financial information.

Continue Reading

Press Release

NVIDIA resolves critical issues affecting Windows and Linux devices.

Published

on

NVIDIA resolves critical issues affecting Windows and Linux devices.

NVIDIA has released security upgrades to fix ten more bugs impacting the NVIDIA Virtual GPU (vGPU) management software in addition to six security holes discovered in Windows and Linux GPU display drivers.

The flaws make Windows and Linux systems vulnerable to attacks that could cause a denial of service, privilege escalation, data manipulation, or information disclosure.

Because all of these security flaws need local user access, potential attackers must first get access to susceptible targets via a different attack method.

Patching of eleven high severity vulnerabilities
Attackers can simply escalate privileges to obtain permissions above those provided by the OS after successfully exploiting one of the vulnerabilities fixed today.

Denial-of-service attacks or gaining access to otherwise inaccessible information can also be used to temporarily disable workstations running vulnerable drivers or software.

With the exception of the security flaws identified as CVE-2021-1052, CVE-2021-1053, and CVE-2021-1056 affecting the Linux GPU Display Driver for Tesla GPUs, which will start receiving an updated driver version on January 18, 2021, NVIDIA has patched all impacted software products and platforms.

The flaws have CVSS V3 base ratings ranging from 5.3 to 8.4, and NVIDIA has classified 11 of them as high-risk.

The risk assessment “is based on an average of risk across a broad set of deployed systems and may not represent the true risk of your local installation,” according to NVIDIA’s security alert.

To accurately assess the risk these vulnerabilities represent to your particular system configuration, the business further suggests speaking with an IT or security specialist.

The January 2021 Security Bulletin is a complete list of security problems that NVIDIA patched this month.

Several driver updates are accessible from hardware vendors.
NVIDIA advises users to use the security updates offered on the NVIDIA Driver Downloads page to upgrade their GeForce, NVIDIA RTX, Quadro, NVS, and Tesla GPU display drivers, as well as Virtual GPU Manager and guest driver software.

According to the business, certain consumers who choose not to manually fix the weaknesses might also get security upgrades bundled with Windows GPU display driver 460.84, 457.49, and 452.66 versions from their computer hardware vendors.

Users of the NVIDIA vGPU enterprise software must sign into the NVIDIA Enterprise Application Hub in order to download updates from the NVIDIA Licensing Center.

Continue Reading

Press Release

Internet Explorer 11 support will no longer be offered by WordPress.

Published

on

Internet Explorer 11 support will no longer be offered by WordPress.

WordPress, the most well-known and widely used blogging platform, is thinking about removing support for Internet Explorer 11 when its usage falls below 1%.

WordPress has discovered that the cumulative usage of IE 11 is less than 1% using the following three metrics:

according to StatCounter’s GlobalStats, 0.71%.
from W3 Counter, 1.2%
from WordPress.com, 0.46%
When WordPress stopped supporting Internet Explorer 8, 9, and 10 in 2017, these usage figures were comparable.

WordPress plans to discontinue support for Internet Explorer 11 in the future due to the low number of users and the significant expense of maintaining the browser.

“Regarding the present WordPress user experience, the majority of WordPress users ought to be aware by now that a flag was introduced to BrowseHappy around 13 months ago to not recommend IE. In connection with this, the entire IE11 experience is subpar and comes with a significant maintenance cost for developers “Last week, WordPress clarified in a blog post.

WordPress is requesting feedback from individuals and organisations that still use the browser by March 18th in order to formulate their strategies for ceasing support.

WordPress is not the only platform to stop supporting IE 11.

Microsoft Teams’ web app will no longer be supported by Internet Explorer, and Microsoft 365 would stop supporting it on August 17, 2021, according to a 2020 August Microsoft announcement.

Continue Reading

Press Release

Major Canadian banks experience a bizarre, hours-long outage

Published

on

Major Canadian banks experience a bizarre, hours-long outage

Major Canadian banks fell unavailable for several hours, denying consumers access to e-transfers, online and mobile banking, and other services.

The Canadian Imperial Bank of Commerce, Scotiabank, Bank of Montreal, and Royal Bank of Canada (RBC) are among the institutions apparently affected by the outage (CIBC).

For many, online banking and e-Transfers are not working.
Yesterday, the main banks in Canada went offline, making it difficult for many people to access e-Transfers, online, and mobile banking services.

The number of reports of people experiencing problems accessing their online banking peaked on Wednesday between 5 and 6 p.m. Eastern time, while BleepingComputer is still receiving an influx of these reports today:

 

An RBC spokesman acknowledged that “we are currently having technical challenges with our online and mobile banking, as well as our phone services.”

“We have no ETA to offer at this time, but our specialists are looking into it and striving to fix it as soon as they can. We value your tolerance.”

Customers continued to report problems a few hours later, within 30 minutes of RBC declaring that all systems were operating normally:

Andrew Currie, an RBC client, stated that the disruption left him without “access to my money at the grocery store” and forced him to wait in line for the cash register for 30 minutes.

Customers of BMO also noticed that the bank’s “Global Money Transfer service” was unavailable “all day” and that transfers were being automatically denied without any apparent cause. Such customers were advised to contact customer care by a BMO representative.

Inconsistencies with their internet banking were not acknowledged by CIBC.

Customers were apparently locked out of the TD Bank mobile banking app, and customer support agents said they “haven’t been told of recent concerns with our online service through EasyWeb.”

According to a TD Bank representative speaking to BleepingComputer, the bank had no significant system issues or outages.

It’s unclear at this moment whether some people’s difficulties at the ATMs were caused by the outage. According to an RBC staffer, the customer experiencing ATM problems is using an old debit card:

Some transfers are subject to rules under the Emergencies Act.

Although the reason for the outage is unknown, its timing is very intriguing because it comes only a few days after Canadian Prime Minister Justin Trudeau used the Emergencies Act in the midst of ongoing “Freedom Convoy” rallies.

Deputy Prime Minister Chrystia Freeland detailed the new rules that payment service providers must follow in accordance with the recently implemented Emergencies Act on Monday during a press briefing on Parliament Hill.

Additionally, without a court ruling and without risking civil liability, the Emergencies Act gives banks the power to freeze the accounts of people and companies they believe to be connected to the illegal blockades.

However, as the Deputy PM notes, since banks are currently required to report to FINTRAC, it is still unclear how new legislation will cause a planned or unanticipated outage.

Continue Reading

Trending