#privacy: UK government publishes new cyber-attack defence measures for further education institutions

New guidance published by the UK government has advised colleges to take extra measures in order to protect themselves from cyber-attack. Staff training, thorough and secure data backup, email verification and firewalls are among the actions further education institutions should be executing to meet the rising threat of cyber-crime. The details were contained in a […]

#privacy: New funding round signals cyber security boost for UK

Cyber Security Minister, Nigel Adams has launched a third round of funding through the Cyber Skills Immediate Impact Fund (CSIIF), the government has revealed. A government blog post has detailed how the fund should push up the number and diversity of individuals going into a career in cyber security. In future, training providers will be […]

#privacy: Financial firm in Canada spends £53m in data breach aftermath

In June, news broke of how a former employee at financial co-operative Desjardins had shared confidential data with figures outside the company. The data of around 2.9 million individual members and 173,000 business members was illegally delivered to third parties, with details comprising social insurance numbers, names, residential addresses, transaction behaviours and purchases. In the wake […]

#privacy: New Android malware available for renting

A new banking Trojan, dubbed Cerberus, is now available for threat actors to rent. Security researchers from ThreatFabric, discovered the mobile banking malware in June. Cerberus has been written from scratch and does not use any components from other banking Trojans. Once the malware is in an Android device, it will ask for accessibility service […]

#privacy: Defence, police and banks caught up in biometrics data breach

The personal and private information of over 1 million citizens has been compromised following a biometrics system data breach.  The data was found available to public access on a database used by institutions including the Metropolitan police, defence firms and financial organisations. Fingerprints, facial recognition ID, personal data and unencrypted login credentials are among the […]

#privacy: Facebook admits to using workers to listen to users’ conversations

News reports reveal that employees have been paid to transcribe audio footage created by users on Facebook. The famous social network’s disclosure of relying on third-party staff to listen in on voice messages comes after reports of the practice being used by other tech giants, including Amazon, Microsoft, Apple and Google. According to Facebook, eavesdropping […]

#privacy: Further vulnerabilities found in British Airways cyber-security

A vulnerability within British Airways’ e-ticketing system has been found exposing passengers’ personally identifiable information (PII). Researchers from the security firm Wandera, discovered that the check-in links sent by British Airways, to passengers via email, were unencrypted and thus vulnerable to interception by an unauthorised third party. The check-in links contain booking references and surnames […]

#privacy: DSLR cameras can be hit by ransomware

Researchers have identified that DSLR cameras are vulnerable to ransomware attacks. In a report by Check Point Software Technologies, researchers demonstrated how to remotely install malware on a digital DSLR camera.  Security researcher Eyal Itkin, explained that the Picture Transfer Protocol (PTP) used by modern DSLR cameras to transfer digital images from the camera to […]

#privacy: Professor Woodrow Hartzog to speak at PrivSec New York

We are delighted to announce that Professor Woodrow Hartzog will address audiences at PrivSec conference, taking place November 5th and 6th at Columbia University, New York City. Hartzog is Professor of Law and Computing Science at Northeastern University School of Law and the Khoury College of Computer Sciences. He is also a non-resident Fellow at […]

#privacy: Microfinance agency exposes more than 140K user records

Credia.ge, a Georgia based agency, has exposed thousands of its customers personal and loan information.  Security researcher, Bob Diachenko, identified the Elasticsearch cluster on August 3rd. However it was discovered through a Shodan search that the cluster had been first indexed back in September 2018.  The database in question was named “compromised” in Shodan search and […]