fbpx

Download free GDPR compliance checklist!

Tag Archives for " cybersecurity "

US Government-funded Android phones come preinstalled with unremovable malware

An Android phone subsidized by the US government for low-income users comes preinstalled with malware that can’t be removed without making the device cease to work, researchers reported on Thursday.

The first is heavily obfuscated malware that can install adware and other unwanted apps without the knowledge or permission of the user. The second unpleasant surprise is something called Wireless Update. While it provides a mechanism for downloading and installing phone updates, it also loads a barrage of unwanted apps without permission.

Source: US Government-funded Android phones come preinstalled with unremovable malware | Ars Technica

Top Apps Invade User Privacy By Collecting and Sharing Personal Data

A new report published today by the Norwegian Consumer Council (NCC) looks at the hidden side of the data economy and its findings are alarming.

Scrutinizing 10 popular apps in Google Play Store, such as Grindr, Clue, and Perfect365, the NCC report’s technical analysis reveals comprehensive tracking and profiling practices. Personal data is systematically collected and shared with dozens of third-party companies without users’ knowledge.

Source: Top Apps Invade User Privacy By Collecting and Sharing Personal Data, New Report Finds

The 5 Biggest Cybersecurity Trends In 2020 Everyone Should Know About

More and more of our vital infrastructure is coming online and vulnerable to digital attacks, data breaches involving the leak of personal information are becoming more frequent and bigger, and there’s an increasing awareness of political interference and state-sanctioned cyberattacks.

Here’s what will be top of the agenda when it comes to cybersecurity over the coming year:

  1. Artificial intelligence (AI) will play an increasing role in both cyber-attack and defense
  2. Political and economic divisions between east and west lead to increased security threats
  3. Political interference increasingly common and increasingly sophisticated
  4. The cybersecurity skills gap continues to grow
  5. Vehicle hacking and data theft increases

Full article: The 5 Biggest Cybersecurity Trends In 2020 Everyone Should Know About

Exploit Fully Breaks SHA-1 encryption

Users of GnuPG, OpenSSL and Git could be in danger from an attack that’s practical for ordinary attackers to carry out.

A proof-of-concept attack has been pioneered that “fully and practically” breaks the Secure Hash Algorithm 1 (SHA-1) code-signing encryption, used by legacy computers to sign the certificates that authenticate software downloads and prevent man-in-the-middle tampering.

Source: Exploit Fully Breaks SHA-1, Lowers the Attack Bar | Threatpost

Study finds consumers would choose biometric authentication over passwords

Passwords are a double-edged sword: they are meant to protect information, but they are also frustrating with so many to remember and manage.

A recent Visa survey showed that 68% of U.S. shoppers have abandoned an online purchase due to forgetting a password, trouble logging in, or issues receiving a one-time passcode.

According to Visa, more than half of credit cardholders who responded to the survey (53%) say they would switch banks if their current doesn’t offer biometric authentication options.

Source: #Privacy: Study finds consumers would choose biometric authentication over passwords

ICO Delays British Airways and Marriott GDPR Fines

Further to the publication of the ICO’s notices of intention to fine British Airways and Marriott in July 2019, the ICO has recently issued a statement delaying the issuance of both GDPR fines which had originally been expected by the end of 2019.

The ICO’s initial notices of intention to fine had stated that British Airways would face a fine of £183m ($228m) and Marriott, a fine of £99m ($123m). ICO will now have until March 31, 2020 to finalize the penalties imposed on both British Airways and Marriott, which were the result of two high-profile data breaches and subsequent ICO investigations.

Source: ICO Delays British Airways and Marriott GDPR Fines

Google To Settle Lawsuit Over Google+ Data Breaches for $7.5 million

Google has agreed to pay $7.5 million to resolve a class-action lawsuit over data breaches that exposed private information of former Google+ users to outside developers.

The proposed settlement allows users of the defunct Google+ who were affected by data breaches to receive between $5 and $12.

Source: Google Agrees To Settle Lawsuit Over Google+ Data Breaches 01/08/2020

Serious security flaws in TikTok identified

Researchers at CheckPoint have discovered a flaw within TikTok which allows hackers to text users malicious links.

Over the past couple of months, CheckPoint researchers identified multiple vulnerabilities within the TikTok application leaving users vulnerable to hackers.

Source: #Privacy: Serious security flaws in TikTok identified

LifeLabs faces proposed class action after data breach affects up to 15M clients

A proposed class action lawsuit has been filed against medical services company LifeLabs over a data breach that allowed hackers to gain access to the personal information of up to 15 million customers.

The plaintiffs allege LifeLabs “failed to implement adequate measures and controls to detect and respond swiftly to threats and risks to the Personal Information and health records of the class members,” in violation of the company’s own privacy policy.

Source: LifeLabs faces proposed class action after data breach affects up to 15M clients | CTV News

Man sues Ring after someone hacked security camera

A lawsuit filed by an Alabama man alleges that someone gained access to his Ring security camera and used the device’s two way-speaker system to harass his children.

The lawsuit, filed in federal court in California, claims that the camera systems are “fatally flawed.” It also states that the company does not offer two-factor authentication and only requires its users to use basic passwords when setting up the devices.

Source: U.S. man sues Ring after someone hacked security camera, harassed his children | CTV News

>