Cyber security news for all

More

    Data breach in the controversial startup Clearview

    Clearview AI first made headlines back in New York Times exposé detailed its massive facial recognition database, which consists of billions of images scraped from websites and social media platforms.

    On a negligent configured server of the US company specializing in automated facial recognition, there were temporarily sensitive internal files such as the source code of the biometric application, apps for the operating systems, 70,000 videos and access IDs for operational messenger communication. Anyone with knowledge of the vulnerability could have easily picked up the company’s data.

    The System Allowed To Register As A New User Without Any Requirements

    It is said that the data storage access was protected by a password query, but the system allowed it to register as a new user without any requirements and to log in with the user IDs it had created.

    The source code stored on the server directory that can be reached in this way could be used, to compile and run your own apps for the solution. The company’s service allows users to take a photo of a person, upload it and compare it with a database of billion portraits that Clearview compiled largely from social networks. This makes it easy to find out the identity of the person being photographed.

    The Clearview server also contained secret keys for additional cloud storage, which in addition leads to executable software that contained some apps that were still in the development stage and access tokens, which could be used to access private messages from employees without a password.

    Possible Data Protection Violations

    Last month, the customer list had already fallen into the hands of hackers and was later processed by the media. Contrary to public assertion, not only law enforcement agencies are among the users of the service, but also many department store chains. Several lawsuits against the company are pending in the United States. The attorneys are investigating this violated data protection regulations.

    Recent Articles

    The warning sent to employees about Tiktok app was a mistake says Amazon

    On Friday morning, Amazon sent out a memo to its employees, asking them to uninstall the popular social media app TikTok off their phone....

    Other Android phones sold in the US contains pre-installed malware

    There’s a discovery of Pre-installed malware on another phone by researchers from Malwarebytes; through the lifeline Assistance program for sale in the United States....

    About 15 billion stolen passwords and usernames sold on the dark web.

    A recent finding has shown that about 15 billion passwords and usernames are distributed on the dark web. This compromise will bring about credential...

    Hundreds of multinational companies aimed by Russian BEC Gang

    According to the security firm Agari, there has been a discovery of a newly uncovered Russia-based business email compromise gang; BEC gang that scams...

    The slamming of undeletable Adware on Android users

    Researchers have discovered that about 14.8% of users of android phones that were targeted with mobile adware or malware the previous year have undeletable...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox