fbpx

Free tools and resources for Data Protection Officers!

Category Archives for "Security"

UK hacker must pay back £922k after cyber-attack spree

An English cyber-criminal who carried out targeted computer attacks on more than 100 firms from his UK base has been forced to pay back a stolen cryptocurrency haul worth £922.978.14, news reports reveal.

Argos, Uber and Sainsbury’s were among the victims of Mr Grant West, who was jailed for fraud for an elaborate hacking spree which duped company insiders into exposing huge swathes of confidential data.

Source: #privacy: UK hacker must pay back £922k after cyber-attack spree

Sharing your pet photos can lead to loss of privacy

People are hyper-vigilant these days about protecting their personal information, all the little details about themselves that can lead to stalking or harassment online.

But there’s one mistake they’re repeating so often it’s deserving of its own special reminder: leaving their home addresses and phone numbers exposed in photos of their beloved pets.

Full article: Stop Doxing Yourself With Your Pet Photos

Anonymisation does not work for big data

Recently, well-publicised research by data scientists at Imperial College in London and Université Catholique de Louvain in Belgium as well as a ruling by Judge Michal Agmon-Gonen of the Tel Aviv District Court have highlighted the shortcomings of outdated data protection techniques like “Anonymisation” in today’s big data world.

Anonymisation reflects an outdated approach to data protection developed when the processing of data was limited to isolated (siloed) applications prior to the popularity of “big data” processing that involves widespread sharing and combining of data.

Source: Anonymisation does not work for big data due to lack of protection for direct & indirect identifiers and easy re-identification vs pseudonymisation

Malware that can record computer screens discovered

A new malware has been discovered that is able to record the screen of an infected machine and identify a user who is viewing porn.

Researchers at IT security company ESET, first observed the malware dubbed “Varenyky” in May 2019. A month later, researchers saw the first malicious document infecting a victim’s computer which had been attached to an email message.

Source: #privacy: Malware that can record computer screens discovered

On privacy impact assessment and leaking data of millions of users

Anonymizing location data is hard. If you absolutely need to do this, better consult someone knowledgable.

Privacy impact assessments should not conform to fixed templates. These should be strict, technical analyses.

Full article: On privacy impact assessment and leaking data of millions of users

Tech giants unite to launch data security consortium

Big tech firms including Alibaba, Arm, Baidu, IBM, Intel, Google Cloud, Microsoft and Red Hat have announced they are to create the Confidential Computing Consortium in a bid to boost security for data in use.

Founded by the Linux Foundation, the group will seek to unite hardware vendors, developers, open source experts and other leading organisations to help safeguard the confidentiality of computing, improve open source standards and instil better standards around data protection.

Source: #privacy: Tech giants unite to launch data security consortium

How hackers can use stolen fingerprints

Hackers could use a stolen fingerprint to break into a fairly rudimentary security system. A more advanced system might be possible, too, if they have lots of time and money at their disposal.

There are multiple ways to fool fingerprint readers. Stolen fingerprints are more helpful to hackers if they also have metadata – associated identities and login information, since two-factor security systems often require both conventional passwords and fingerprint scans.

Full article: How criminals might use stolen fingerprints.

Amazon’s Ring Is a Perfect Storm of Privacy Threats

Recent reports show that Ring has partnered with police departments across the country to hawk this new surveillance system—going so far as to draft press statements and social media posts for police to promote Ring cameras.

This creates a vicious cycle in which police promote the adoption of Ring, Ring terrifies people into thinking their homes are in danger, and then Amazon sells more cameras.

Source: Amazon’s Ring Is a Perfect Storm of Privacy Threats | Electronic Frontier Foundation

Facebook is Opening Privacy Check-Up Cafes

In an attempt to convince its two billion users that it truly cares about their privacy, Facebook is opening a number of pop-up privacy check-up cafes.

At the five Facebook cafes, visitors will get free drinks and a tutorial on how to customize their privacy settings — something you’d normally have to pay people to do in their spare time.

Source: Facebook is Opening Privacy Check-Up Cafes, for Some Reason

4 Dating Apps Pinpoint Users’ Precise Locations – and Leak the Data

Grindr, Romeo, Recon and 3fun were found to expose users’ exact locations, just by knowing a user name. Four popular dating apps that together can claim 10 million users have been found to leak precise locations of their members.

“By simply knowing a person’s username we can track them from home, to work,” explained Alex Lomas, researcher at Pen Test Partners, in a blog on Sunday. “We can find out where they socialize and hang out. And in near real-time.”

Source: 4 Dating Apps Pinpoint Users’ Precise Locations – and Leak the Data | Threatpost

>