The Federal Trade Commission (FTC) has approved a record $5 billion settlement with Facebook following an investigation into allegations of data privacy violations. The fine follows after an investigation opened into Facebook’s data practices March 2018, once news broke about the political consultancy firm, Cambridge Analytica, improperly accessing the data of tens of millions of […]
Author: Meera Narendra
Google investigates leak of smart speaker recordings
An investigation is taken place by Google following learning that one of their smart speakers violated their data security policies. Belgian broadcaster VRT NWS announced discovering that Google Home devices have been eavesdropping, and had exposed the recordings made by the devices in Belgium and the Netherlands. An individual who works for a Google subcontractor […]
17,000 sites compromised by Magecart group
More than 17,000 web domains have been infected with digital skimming code caused by the scanning of misconfigured Amazon S3 buckets. RiskIQ’s Yonathan Klijnsma explained that the campaign started in early April 2019, and by May, there were reports of thousands of websites being infected. “These actors automatically scan for buckets which are misconfigured to […]
Engineer steals source code of US train firm and flees to China
A software engineer who stole proprietary information from a locomotive manufacturer, is now in hiding. The engineer, Xudong “William” Yao, was hired by the unnamed manufacturer in 2014, and within two weeks of starting his new role, Yao had downloaded more than 3,000 electronic files “containing proprietary and trade secret information relating to the system […]
Japanese cryptocurrency exchange Bitpoint hacked for $32m
Bitpoint has announced today that the cryptocurrency exchange has lost 3.5 billion yen ($32m) in crypto assets. As a result, Bitpoint has suspended all services including deposits and withdrawals to investigate the hack. RemixPoint Inc., the owner of the exchange, released a document explaining that around 2.5 billion yen had been stolen from funds belonging […]
TrustArc receives funding to further advance their leadership position in the privacy market
The privacy management company TrustArc has announced that it has received $70 million Series D growth investment led by private equity firm, Bregal Sagemount. TrustArc announced today that the raised $70 million in Series D funding, bringings its total raised to over $100 million. “We are very excited to bring on Sagemount as a strategic […]
OneTrust raises $200 million Series A funding
OneTrust has announced today that it has closed a $200 million Series A investment, led by Insight Partners. OneTrust is a privacy, security and third-party risk technology platform that helps companies comply with global privacy and security laws including CCPA and GDPR. Today, OneTrust announced it had raised $200 million in Series A funding round, […]
Phishing remains a concern for organisations worldwide
An analysis of workers’ cyber knowledge gaps revealed that phishing identification and data protection are the top problem areas for end users. The report from Proofpoint, “Beyond the Phish 2019” analysed data from nearly 130 million questions answered by Proofpoint’s customers’ end users. Question categories ranged from insider threats to avoiding ransomware attacks. It was […]
eCh0raix ransomware targeting network attached storage devices
Researchers at Anomali have discovered a new ransomware targeting QNAP network attached storage (NAS) devices. The ransomware dubbed eCh0raix, targets NAS devices produced by the Taiwanese firm QNAP systems. eCh0raix compromises consumer and enterprise devices by brute-force credential attacks and exploiting known vulnerabilities. “The malicious payload encrypts the targeted file extensions on the NAS using […]
160,000 personal resumes exposed online
Two employees from Zhilian Zhaopin, a recruitment site in China, assisted in leaking as many as 160,000 resumes. At a Beijing trial the Chinese company released evidence that the resumes uploaded onto their site had been stolen and leaked. First reported to the police in June 2018, the company had found that users’ personal information […]