#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cybersecurity

web security | Breaking Cybersecurity News | The Hacker News

Category — web security
CitySights NY Data Breach Exposes 110,000 Customers' Personal Information

CitySights NY Data Breach Exposes 110,000 Customers' Personal Information

Dec 23, 2010
CitySights NY, a company that organizes New York City tours on double-decker buses, has experienced a significant data breach. The personal information of 110,000 customers, including names, addresses, email addresses, credit card numbers, expiration dates, and Card Verification Value (CVV2) codes, was stolen. The breach likely occurred on September 26, when attackers used an SQL injection to upload a malicious script to the web server. The intrusion was discovered on October 25 by a web programmer who found the unauthorized script. According to a breach notification letter sent to and published by New Hampshire's attorney general, Twin America, CitySights NY's parent company, confirmed the compromise. In response to the breach, Twin America has taken several steps to enhance data security, including: Changing all administrative-level passwords to more complex ones. Restricting access to the administration panel and server to a few pre-approved IP addresses. Patching scri
Google Enhances Search Security to Flag Compromised Web Pages

Google Enhances Search Security to Flag Compromised Web Pages

Dec 19, 2010
Google has introduced a new security feature in its search engine to flag more web pages that might have been compromised by hackers. This new feature expands Google's long-standing program that marks websites hosting malicious software with a "This site may harm your computer" warning. Now, a new notation, "This site may be compromised," will indicate pages that may not be malicious but show signs that the site might not be fully controlled by its legitimate owner. This often happens when spammers add invisible links or redirects to unrelated websites, such as pharmacy sites. Additionally, Google will identify sites that have had phishing pages added by hackers. According to the Anti-Phishing Working Group, between 75% and 80% of phishing sites are legitimate sites that have been hacked and seeded with phishing kits to mimic trusted e-commerce and banking sites. It remains to be seen if Google can speed up the process of re-vetting sites flagged as compromised after th
5 Actionable Steps to Prevent GenAI Data Leaks Without Fully Blocking AI Usage

5 Actionable Steps to Prevent GenAI Data Leaks Without Fully Blocking AI Usage

Oct 01, 2024Generative AI / Data Protection
Since its emergence, Generative AI has revolutionized enterprise productivity. GenAI tools enable faster and more effective software development, financial analysis, business planning, and customer engagement. However, this business agility comes with significant risks, particularly the potential for sensitive data leakage. As organizations attempt to balance productivity gains with security concerns, many have been forced to choose between unrestricted GenAI usage to banning it altogether. A new e-guide by LayerX titled 5 Actionable Measures to Prevent Data Leakage Through Generative AI Tools is designed to help organizations navigate the challenges of GenAI usage in the workplace. The guide offers practical steps for security managers to protect sensitive corporate data while still reaping the productivity benefits of GenAI tools like ChatGPT. This approach is intended to allow companies to strike the right balance between innovation and security. Why Worry About ChatGPT? The e
Cybersecurity
Expert Insights / Articles Videos
Cybersecurity Resources