Amazon agreed to pay $25 million to settle allegations it violated children's privacy rights when it failed to delete Alexa recordings at the request of parents

Amazon Pays $30 Million for Alexa & Doorbell Camera Privacy Breach

Jim HendlerJune 1, 23Alexa, Amazon, Privacy, Security

Amazon.com and one of its subsidiaries reached separate multimillion-dollar settlements with the U.S. Federal Trade Commission on Wednesday over violations of children’s privacy using its Alexa voice assistant and its Ring camera in a doorbell. Amazon has agreed to pay $25 million to settle allegations that it violated children’s privacy by failing to delete Alexa recordings at parents’ request and keeping them longer than necessary, according to a filing in federal court in Seattle. “While we disagree with the FTC’s allegations against both Alexa and Ring and deny any violation…

The attack on MCNA is the largest health breach this year.

News

Ransomware attack exposes sensitive information of nearly 9 million dental patients

Febin MathewJune 1, 23internet, Privacy, ransomware, Security

A recently disclosed ransomware attack compromised some particularly sensitive medical data. Dental insurer Managed Care of North America (MCNA) said the intruder accessed patients and took copies of patient information between February 26 and March 7, including addresses, social security numbers, driver’s licenses and insurance information. MCNA says some of the information is for parents, guardians and guarantors (people who pay bills on behalf of others). A filing provided by the Maine Attorney General indicates that more than 8.9 million people have been affected. The company has not identified the…

Indian researchers have come across a new malware called DogeRAT (Remote Access Trojan)—which is targeting users through the distribution of fake Android apps masquerading as legitimate apps. Here's what we know.

News

A new malware called DogeRAT is spreading through fake Android apps

Sanjay PatilMay 31, 23Android, cyber security, DogeRAT, malware, Privacy, Security

A new malware called DogeRAT (Remote Access Trojan) targets users by distributing fake Android apps. The apps containing the malware are said to be sent to users via Telegram and other social media apps. Discovered by CloudSEK’s TRIAD team, DogeRAT is an open-source Android malware that can steal important information such as bank passwords and government credentials, leaving victims vulnerable. It targets users in a variety of industries, including banking, e-commerce, and entertainment. DogeRAT is a malware that disguises itself as popular apps, and once it infects a victim’s device…

Authorities said the virus is also capable of "bypassing anti-virus programs and deploying ransomware on the targeted devices"

News

“Daam” virus steals call logs and reads history from Android phones

Sanjay PatilMay 27, 23Daam, hacking, Privacy, Security, Virus

The National Cyber Security Agency said in its latest alert that an Android malware called “booster” infects mobile phones and compromises sensitive data such as call logs, contacts, history and camera. India’s Computer Emergency Response Team, or CERT-In, said the virus is also capable of “bypassing antivirus software and spreading ransomware on target devices.” The agency is the federal technology division that combats cyberattacks and protects cyberspace from phishing, hacking, and similar cyberattacks. The agency said botnets are distributed through third-party websites or apps downloaded from untrusted/unknown sources. Once installed…

Play Store continues to harbour malicious apps that Google is finding to trace and remove before it causes damage.

News

Screen Recorder App recorded thousands of users without consent

Febin MathewMay 26, 23Android, Privacy, Security

Android apps have a notorious track record of circumventing privacy, either by acting maliciously or by using your phone to steal data or track it. Now, a new kind of problem has emerged in Android apps, where one of the apps available through the Play Store started recording users without their permission to use the microphone. That’s not all, the app even sent the data via an encrypted link to the app developer’s server. According to a report by Ars Technica, an app called iRecorder Screen Recorder was the guilty…

The tech giant uncovered stealthy and targeted malicious activity focused on post-compromise credential access and network system discovery aimed at critical infrastructure organisations in the US.

News

China-sponsored hackers targeting critical US infrastructure: Microsoft

Adriana MaraisMay 26, 23China, hacking, Microsoft, Privacy, Security

Microsoft has revealed that a state-sponsored Chinese hacker group called Volt Typhoon, which typically focuses on espionage and data collection, has targeted US critical infrastructure. The tech giant revealed a stealthy and targeted malicious activity focused on post-breach access and network discovery targeting critical infrastructure organizations in the United States. “The strike was carried out by Volt Typhoon, a state-sponsored actor in China. This campaign aims to develop capabilities that can disrupt critical communications infrastructure between the US and Asia during future crises,” the company said in a blog post…

Phone Link has been around for a long time, and it allows users to connect their Android phone to their PC via a Wi-Fi connection.

News

Cyberstalkers Using Windows 11 Phone Link Feature to Monitor iPhone

Jim HendlerMay 22, 23Cyber, iPhone, Privacy, Security, Windows, Windows 11

Microsoft’s recently released Phone Link feature for Windows 11 users, which allows iPhone owners to view notifications on their Windows PCs, could pose a significant security risk. According to app developer Certo Software, the inclusion of the new Windows 11 feature raises concerns about potential security vulnerabilities that cyberstalkers can exploit against iPhone users. Phone Link has been around for a long time, and it allows users to connect an Android phone to a computer over Wi-Fi. Last month, Microsoft released the Phone Link feature for iOS to all Windows…

Apple has joined the growing list of conglomerates that have asked their employees to stop using generative AI-based chatbots—including OpenAI's ChatGPT.

News

Apple bans employees from using ChatGPT over data leak

Adriana MaraisMay 19, 23Apple, ChatGPT, Privacy, Security

After Samsung, Apple has joined a growing number of groups asking their employees to stop using creative AI-powered chatbots — including OpenAI’s ChatGPT — to prevent the leak of confidential information about internal company matters. According to a report by The Wall Street Journal, Apple has stated that generative artificial intelligence cannot be used for work purposes. They’ve even banned other AI-based platforms like Github Copilot, which happens to be owned by Microsoft, which allows users to automate writing code. By default, ChatGPT records user conversations, which are later used…

If you have an internet router that is not up to date or obsolete, you may want to be careful—as a new report claims that Chinese hackers are targeting them to install backdoor malware to compromise networks.

News

Chinese Hackers Exploiting Internet Routers and Installing Malware to Compromise Networks: Report

Adriana MaraisMay 17, 23China, hacking, internet, malware, Privacy

If you have an internet router that is out of date or out of date, you should be careful, as a new report claims that Chinese hackers are targeting them to install backdoor malware to compromise networks. As reported by Check Point Research, a hacker group called Camaro Dragon is planting malware on TP-Link routers, including a backdoor called “Horse Shell.” This backdoor agent can give hackers full control over the infected device. it remains undetected and continues to access compromised networks. The attacks are said to be targeting European…

The breach hit systems for processing TRANServe transit benefits that reimburse government employees for some commuting costs

News

The US Department of Transportation suffered a major data breach, 237,000 employee records compromised

Adriana MaraisMay 13, 23May 14, 23Cyber, Government, Privacy, Security

The personal information of 237,000 current and former federal employees was exposed in a data breach at the U.S. Department of Transportation (USDOT), sources briefed on the matter said Friday. Violation systems for processing TRANServe’s transit benefits, which compensate state employees for part of their commuting expenses. It was not clear whether the personal data was used for criminal purposes. USDOT said in a statement to Reuters that the breach did not affect the transportation security systems. It did not say who might be responsible for the hack. The department…

With security keys, even if someone has your Apple ID and password, they still cannot access your account without your physical security key.

News

Protecting your Apple ID with security keys: A step-by-step guide

Adriana MaraisMay 12, 23Apple, Apple ID, Privacy, Security

US tech giant Apple recently released a new security feature to help users protect their Apple ID account. The company introduced Security Keys, a physical device that can authenticate your Apple ID instead of a password. This new feature is considered the most secure way to protect your Apple ID. With the release of iOS 16.3, iPadOS 16.3, and macOS Ventura 13.2, Apple introduced support for security keys or physical devices that can verify your Apple ID instead of a password. To enable this feature, users need to configure it…

WhatsApp offers a host of features which needs access to your phone's mic, camera and storage. But that has raised concerns.

News

WhatsApp didn’t spy: Google confirms Android bug caused privacy breach

Jim HendlerMay 12, 23Google, Privacy, Security, WhatsApp

Earlier this week, WhatsApp was accused of using the phone’s microphone without the user’s permission. Many people criticized the messaging app, Elon Musk said that WhatsApp is not safe and some of you even wanted to take action against WhatsApp for this privacy breach. Meta, the company that owns WhatsApp, claimed in its defense that a bug in Android caused this problem, implying that the messaging app was not to blame for this behavior. Turns out they were right after all. Google has confirmed that there is a bug in…

Western Digital Corp said on Friday it had restored My Cloud services and expects customer access to its online store to be normalized in the week of May 15, more than a month after the data storage chip maker disclosed a security breach.

News

Western Digital Brings Services Back Online Soon After Breach: All the Details

Febin MathewMay 7, 23hacking, Privacy, Security, Western Digital

Western Digital Corp said Friday it has restored My Cloud services and expects customer access to its online store to return to normal in the week of May 15, more than a month after the storage chip maker disclosed a security breach. Western Digital said it was moving forward with the restoration process and most systems and services were operational. An “unauthorized party” obtained customers’ names, phone numbers and partial credit card numbers from their systems, Western Digital said in a statement. The company said it is communicating directly with…

India witnessed an 18 per cent increase in weekly cyber attacks during the first quarter (Q1) of 2023, with each organisation facing an average of 2,108 attacks per week,

News

India Sees 18% Increase in Weekly Cyber Attacks in Q1 2023: Report

Adarsh V.KMay 6, 23Cyber, India, Privacy, Security

In India, the number of weekly cyber attacks increased by 18 percent in the first quarter of 2023, with each organization facing an average of 2,108 attacks per week, a new report released on Friday showed. According to Check Point Research (CPR), global weekly cyber attacks increased 7 percent in the first quarter of 2023 compared to the same quarter last year, with each organization experiencing an average of 1,248 attacks per week. Globally, in the first quarter of 2023, the education/research sector suffered the most attacks, with an average…

WhatsApp has slowly become a hub for spam calls and messages but a new issue raises further alarm.

News

Beware! There is a new WhatsApp calling scam that demands your attention

Jim HendlerMay 6, 23Privacy, Scam, Security, WhatsApp

WhatsApp has become a hub for spam and marketing messages, which is the exact reason why millions of people switched to the messaging app from traditional text messages. But the sophistication of WhatsApp scams is evolving. Now you don’t have to worry about nagging advertising messages from brands (who are not allowed to message you on WhatsApp), there have been regular cases of people receiving WhatsApp calls (both voice and video calls) from random international calls. numbers which, according to the given ISD codes, originate from Malaysia, Kenya and Vietnam.…

The call forwarding scam has been in existence for a while now—with fraudsters finding new and unique ways to trick their victims. Here's how you can be safe.

News

How to protect yourself from call forwarding scams: tips and more

Febin MathewMay 6, 23Privacy, Security

In the online world, with the proliferation of mobile phones in countries including India, the call forwarding scam has been around for quite some time – scammers have found new and unique ways to trick their victims. There are a few ways you can prevent falling victim to these scams. But before we learn the ways, let’s understand how the call forwarding scam works. According to Truecaller, scammers can call you pretending to be your mobile operator or Internet Service Provider (ISP) – claiming that your account has been compromised…

News

Google is making strides in online security with cross-passwords for more secure logins

Adriana MaraisMay 4, 23Google, Password, Privacy, Security

Good news for all password haters: Google has taken a big step to make them an afterthought by adding “passwords” as a simpler and more secure way to log into its services. Here’s what you need to know: WHAT ARE PASSION KEYS? Passwords provide a more secure alternative to passwords and SMS verification codes. Users never see them directly; instead, a web service like Gmail uses them to communicate directly with a trusted device like a phone or computer to sign in. All you need to do is verify your…

The researchers have recently discovered a Telegram channel advertising this new information-stealing malware.

News

Hackers are selling new malware on Telegram that targets MacOS users

Adriana MaraisMay 1, 23Apple, hacking, macOS, Privacy, Security, Telegram

Threat actors are selling a new malware called Atomic macOS Stealer (AMOS) for macOS platforms on the Telegram channel, which is capable of extracting autofill information, passwords, wallets and more. According to Cyble Research and Intelligence Labs (CRIL), the Atomic macOS Stealer malware is specifically designed to target macOS and can steal sensitive data from a victim’s machine. Researchers have recently discovered a Telegram channel promoting this new data-stealing malware. Also, according to the report, the hacker behind this thief is constantly improving this malware and adding new features to…