Cambridge Analytica: FTC to fine Facebook $5bn

The Federal Trade Commission (FTC) has approved a record $5 billion settlement with Facebook following an investigation into allegations of data privacy violations.  The fine follows after an investigation opened into Facebook’s data practices March 2018, once news broke about the political consultancy firm, Cambridge Analytica, improperly accessing the data of tens of millions of […]

Google investigates leak of smart speaker recordings

An investigation is taken place by Google following learning that one of their smart speakers violated their data security policies.  Belgian broadcaster VRT NWS announced discovering that Google Home devices have been eavesdropping, and had exposed the recordings made by the devices in Belgium and the Netherlands.  An individual who works for a Google subcontractor […]

17,000 sites compromised by Magecart group

More than 17,000 web domains have been infected with digital skimming code caused by the scanning of misconfigured Amazon S3 buckets.  RiskIQ’s Yonathan Klijnsma explained that the campaign started in early April 2019, and by May, there were reports of thousands of websites being infected.  “These actors automatically scan for buckets which are misconfigured to […]

Engineer steals source code of US train firm and flees to China

A software engineer who stole proprietary information from a locomotive manufacturer, is now in hiding.  The engineer, Xudong “William” Yao, was hired by the unnamed manufacturer in 2014, and within two weeks of starting his new role, Yao had downloaded more than 3,000 electronic files “containing proprietary and trade secret information relating to the system […]

Japanese cryptocurrency exchange Bitpoint hacked for $32m

Bitpoint has announced today that the cryptocurrency exchange has lost 3.5 billion yen ($32m) in crypto assets.  As a result, Bitpoint has suspended all services including deposits and withdrawals to investigate the hack.  RemixPoint Inc., the owner of the exchange, released a document explaining that around 2.5 billion yen had been stolen from funds belonging […]

TrustArc receives funding to further advance their leadership position in the privacy market

The privacy management company TrustArc has announced that it has received $70 million Series D growth investment led by private equity firm, Bregal Sagemount. TrustArc announced today that the raised $70 million in Series D funding, bringings its total raised to over $100 million. “We are very excited to bring on Sagemount as a strategic […]

Phishing remains a concern for organisations worldwide

An analysis of workers’ cyber knowledge gaps revealed that phishing identification and data protection are the top problem areas for end users.  The report from Proofpoint, “Beyond the Phish 2019” analysed data from nearly 130 million questions answered by Proofpoint’s customers’ end users. Question categories ranged from insider threats to avoiding ransomware attacks.  It was […]

eCh0raix ransomware targeting network attached storage devices

Researchers at Anomali have discovered a new ransomware targeting QNAP network attached storage (NAS) devices. The ransomware dubbed eCh0raix, targets NAS devices produced by the Taiwanese firm QNAP systems.  eCh0raix compromises consumer and enterprise devices by brute-force credential attacks and exploiting known vulnerabilities.  “The malicious payload encrypts the targeted file extensions on the NAS using […]