You are here

Topic: Privacy

Over 60,000 android apps infected with adware. (Pixabay) News 

60,000+ Android Apps Present Risk to User Privacy Through Adware Infestation

Nitin Misra, , ,

Over the last half-year, Bitdefender, a cybersecurity research team, has identified over 60,000 Android applications that contain adware, which poses a considerable danger to users. Adware refers to software that is often bundled with programs such as mobile apps. Its purpose is to generate revenue for malicious actors by displaying advertisements either in the foreground or in the background of the user’s smartphone. Unfortunately, this not only causes you to lose money, it drains your device’s battery and causes it to overheat as well. Interestingly, these malicious apps were not…

Read More
Saudi use of the Pegasus spying tool has come up in other controversial cases. (Unsplash ) News 

NSO Group Sued by Khashoggi’s Widow for Alleged Phone Hacking

Febin Mathew, , ,

According to a lawsuit filed by the widow of slain Saudi journalist Jamal Khashoggi, the Israeli surveillance firm NSO Group’s spyware was utilized to monitor her messages in the period preceding her husband’s murder. In a civil lawsuit filed Thursday in Northern Virginia, Hanan Elatr Khashoggi said NSO had “deliberately targeted” her equipment and “caused her tremendous harm both through the tragic loss of her husband and her own loss of safety, privacy, and autonomy.” The NSO initially said it had not seen the lawsuit. When the company was sent…

Read More
The subpoena claims Meta has violated the 'Capture or Use of Biometric Identifier Act' News 

Texas AG Demands Pfizer Hand Over Documents Related to Meta Ads

Jim Hendler, , , ,

Texas State Attorney General Ken Paxton’s office has demanded that Pfizer and other firms provide advertising data linked to Meta, the social media giant. The move comes after the state raised concerns about consumer data privacy in its ongoing legal dispute with Meta. According to Law360, the Texas Attorney General alleges that millions of Texans have had their private biometric data misused over the last decade. The order requires the vaccine maker to share any information it has about the use of Meta’s facial recognition technology, in addition to allegations…

Read More
In many cases, when people share their name and phone number while ordering food from a pizza outlet or paying the bill at a café, these places not only store such data but also become a source of data leaks News 

Beware of Data Theft: Think Twice Before Sharing Personal Information at Food and Shopping Outlets

Adarsh V.K, , ,

It was previously believed that scammers obtained phone number lists from banks or telecom operators, but a DoT official has revealed that many fraudsters use random dialing or alternative methods. Data leaks can also occur when individuals provide their name and phone number while ordering food or paying bills at establishments such as pizza outlets and cafes, which store and potentially share this information. It is believed that while there is a small chance that an insider at a telecommunications company will hand over information in exchange for money to…

Read More
A Swedish regulator says the company wasn't transparent enough about its handling of user data. News 

Spotify Fined $5.4 Million for Breaching GDPR Data Regulations

Jim Hendler, ,

Spotify has been fined SEK 58 million ($5.4 million) by a Swedish regulator for breaching the General Data Protection Regulation (GDPR) of the European Union. The violation pertains to the way the company manages users’ personal data and their access to it. Advocacy group Noyb, led by privacy campaigner Max Schrems, filed a complaint against Spotify and other major tech companies in early 2019. In the complaint, Noyb claimed, among other things, that Spotify did not provide all personal data to users upon request and that it has not disclosed…

Read More
Government has rejected all allegations of a CoWin data breach. (CoWin) News 

Union Minister Rejects Allegations of CoWin Data Breach

Adriana Marais, , , ,

Union Minister Rajeev Chandrasekhar responded to numerous reports claiming a significant CoWin data breach by providing a detailed rebuttal on Twitter. It was previously claimed that the CoWin data breach had leaked the information of many people who had given their personal information while taking the Covid vaccine. A huge number of people had registered with CoWin by providing their identity proofs like Aadhaar Card, PAN Card, Passport and many more. CoWin is an application developed as an IT solution to implement the COVID-19 vaccination in India. According to the…

Read More
Citizens' Personal Data Leaked on Telegram via Co-WIN. (HT_PRINT) News 

Private Data of Vaccine Recipients Leaked on Telegram Through CoWIN Platform

Nitin Misra, ,

Disturbing reports have emerged regarding a significant data breach that has jeopardized the personal information of citizens in our nation. The breach encompasses crucial particulars, including PAN and Aadhaar card data. To make matters worse, this leaked information has been detected on the messaging app Telegram, which is a cause for concern. The Fourth News has reported that the data breach was caused by vulnerabilities in the CoWIN portal. Many people used this portal to register their personal details for Covid vaccination purposes. According to the report, when the phone…

Read More
News18 could not independently verify the claims and has reached out to the MiETY and CERT-In. Reports, however, pointed out that this could have happened due to a security breach related to the CoWIN portal where all these details were available News 

Expert Warns of Data Breach After Telegram Bot Exposes Personal Info Shared on CoWIN

Nitin Misra, , ,

Recent reports and social media posts have indicated that personal information of Indians, such as their Aadhaar and passport details, phone number, date of birth, and gender, were briefly accessible on the Telegram app. This has raised concerns about a security breach related to the CoWIN portal, where all of this information was stored. It was found that if the communication bot was given a phone number, it provided all of this information, including the location where the Covid vaccination was administered. Apparently the bot wasn’t working this morning. According…

Read More
The European Union (EU) has warned Meta Founder and CEO Mark Zuckerberg to take immediate action on protecting kids on Instagram or face "heavy sanctions". News 

European Union Threatens Mark Zuckerberg With Severe Punishment If Instagram Does Not Safeguard Children’s Privacy

Jim Hendler, , ,

Mark Zuckerberg, the Founder and CEO of Meta, has been cautioned by the European Union (EU) to promptly address the issue of safeguarding children on Instagram, or else face severe penalties. The warning comes after reports that Instagram’s recommendation algorithms are promoting networks of pedophiles who order and sell child sexual abuse content on the popular photo-sharing platform. The Wall Street Journal worked with researchers from Stanford University and the University of Massachusetts Amherst to encrypt and expose such a network of Instagram accounts. EU Internal Market Commissioner Thierry Breton…

Read More
PDFs are the primary malicious email attachment type being used over 66 per cent of the time to deliver malware via email in 2022. News 

Researchers Issue Warning Regarding Malware in PDF File Attachments

Sanjay Patil, , ,

According to a new report released on Wednesday, PDFs are the most commonly used type of malicious email attachment, accounting for over 66% of malware delivered via email in 2022. According to researchers at Palo Alto Networks Unit 42, monthly registrations of both benign and malicious domains increased by 910% with ChatGPT’s AI chatbot between November 2022 and April 2023. The researchers also saw a huge increase (17,818 percent) in attempts to imitate ChatGPT using squatting domains – website names deliberately registered to look similar to a popular brand or…

Read More
Healthcare organisations had a 73.7 per cent likelihood of paying a ransomware demand, and they are also the fourth most targeted sector by ransomware attacks (13 per cent) globally. News 

73.7% of Healthcare Companies Agree to Pay Ransomware Demands

Adarsh V.K, , ,

According to a recent report, healthcare organizations are the fourth most targeted sector by ransomware attacks worldwide, accounting for 13% of all attacks. The report also revealed that these organizations have a high probability of paying ransom demands, with a likelihood of 73.7%. As ransomware attacks become more common, organizations are taking steps to mitigate the damage, if it has been experienced, according to Arete, a global Internet risk management firm. Some of the most powerful controls include backups, multi-factor authentication (MFA), and endpoint detection and response (EDR), all of…

Read More
Enhancements to Private Browsing make you harder to track and identify. News 

Safari Gains Enhanced Privacy Features and Web App Dock Support

Febin Mathew, , ,

Although Safari may not be the most thrilling aspect of macOS, Apple is still investing in its web browser. The newest edition boasts several practical enhancements, such as enhanced privacy controls, encryption capabilities, and the option to generate “apps” from any webpage. The best feature might be the new web apps. This puts the website in the dock on macOS, just like any other app, and opens it with a simple interface that helps hide the fact that you’re just using a web page in a browser. If this sounds…

Read More
Users who do not have a paid Google Workspace licence have their private drive actions left undocumented. News 

Google Workspace Vulnerability Could Enable Unidentified Data Theft From Drive Files

Adriana Marais, ,

A major flaw in the forensic security of Google Workspace has been uncovered by cybersecurity experts, which allows a hacker to extract data from Google Drive undetected. According to researchers at Mitiga Security, once a malicious insider accesses an organization’s Google Drive, they can take action without logging in. This error only affects users who do not have a paid Google Workspace business license. Users who do not have a paid Google Workspace license leave their driving activity undocumented. Hackers can disable registration and registration by canceling the paid license…

Read More
Amazon agreed to pay $25 million to settle allegations it violated children's privacy rights when it failed to delete Alexa recordings at the request of parents News 

Amazon Pays $30 Million for Alexa & Doorbell Camera Privacy Breach

Jim Hendler, , ,

Amazon.com and one of its subsidiaries reached separate multimillion-dollar settlements with the U.S. Federal Trade Commission on Wednesday over violations of children’s privacy using its Alexa voice assistant and its Ring camera in a doorbell. Amazon has agreed to pay $25 million to settle allegations that it violated children’s privacy by failing to delete Alexa recordings at parents’ request and keeping them longer than necessary, according to a filing in federal court in Seattle. “While we disagree with the FTC’s allegations against both Alexa and Ring and deny any violation…

Read More
The attack on MCNA is the largest health breach this year. News 

Ransomware attack exposes sensitive information of nearly 9 million dental patients

Febin Mathew, , ,

A recently disclosed ransomware attack compromised some particularly sensitive medical data. Dental insurer Managed Care of North America (MCNA) said the intruder accessed patients and took copies of patient information between February 26 and March 7, including addresses, social security numbers, driver’s licenses and insurance information. MCNA says some of the information is for parents, guardians and guarantors (people who pay bills on behalf of others). A filing provided by the Maine Attorney General indicates that more than 8.9 million people have been affected. The company has not identified the…

Read More
Indian researchers have come across a new malware called DogeRAT (Remote Access Trojan)—which is targeting users through the distribution of fake Android apps masquerading as legitimate apps. Here's what we know. News 

A new malware called DogeRAT is spreading through fake Android apps

Sanjay Patil, , , , ,

A new malware called DogeRAT (Remote Access Trojan) targets users by distributing fake Android apps. The apps containing the malware are said to be sent to users via Telegram and other social media apps. Discovered by CloudSEK’s TRIAD team, DogeRAT is an open-source Android malware that can steal important information such as bank passwords and government credentials, leaving victims vulnerable. It targets users in a variety of industries, including banking, e-commerce, and entertainment. DogeRAT is a malware that disguises itself as popular apps, and once it infects a victim’s device…

Read More
Authorities said the virus is also capable of "bypassing anti-virus programs and deploying ransomware on the targeted devices" News 

“Daam” virus steals call logs and reads history from Android phones

Sanjay Patil, , , ,

The National Cyber Security Agency said in its latest alert that an Android malware called “booster” infects mobile phones and compromises sensitive data such as call logs, contacts, history and camera. India’s Computer Emergency Response Team, or CERT-In, said the virus is also capable of “bypassing antivirus software and spreading ransomware on target devices.” The agency is the federal technology division that combats cyberattacks and protects cyberspace from phishing, hacking, and similar cyberattacks. The agency said botnets are distributed through third-party websites or apps downloaded from untrusted/unknown sources. Once installed…

Read More
Play Store continues to harbour malicious apps that Google is finding to trace and remove before it causes damage. News 

Screen Recorder App recorded thousands of users without consent

Febin Mathew, ,

Android apps have a notorious track record of circumventing privacy, either by acting maliciously or by using your phone to steal data or track it. Now, a new kind of problem has emerged in Android apps, where one of the apps available through the Play Store started recording users without their permission to use the microphone. That’s not all, the app even sent the data via an encrypted link to the app developer’s server. According to a report by Ars Technica, an app called iRecorder Screen Recorder was the guilty…

Read More
The tech giant uncovered stealthy and targeted malicious activity focused on post-compromise credential access and network system discovery aimed at critical infrastructure organisations in the US. News 

China-sponsored hackers targeting critical US infrastructure: Microsoft

Adriana Marais, , , ,

Microsoft has revealed that a state-sponsored Chinese hacker group called Volt Typhoon, which typically focuses on espionage and data collection, has targeted US critical infrastructure. The tech giant revealed a stealthy and targeted malicious activity focused on post-breach access and network discovery targeting critical infrastructure organizations in the United States. “The strike was carried out by Volt Typhoon, a state-sponsored actor in China. This campaign aims to develop capabilities that can disrupt critical communications infrastructure between the US and Asia during future crises,” the company said in a blog post…

Read More
Phone Link has been around for a long time, and it allows users to connect their Android phone to their PC via a Wi-Fi connection. News 

Cyberstalkers Using Windows 11 Phone Link Feature to Monitor iPhone

Jim Hendler, , , , ,

Microsoft’s recently released Phone Link feature for Windows 11 users, which allows iPhone owners to view notifications on their Windows PCs, could pose a significant security risk. According to app developer Certo Software, the inclusion of the new Windows 11 feature raises concerns about potential security vulnerabilities that cyberstalkers can exploit against iPhone users. Phone Link has been around for a long time, and it allows users to connect an Android phone to a computer over Wi-Fi. Last month, Microsoft released the Phone Link feature for iOS to all Windows…

Read More