#Privacy: Over 40m Iranian Telegram user IDs exposed online

Security researchers have discovered 42 million records from a third-party version of messaging app Telegram online.  The Comparitech team and Bob Diachenko discovered the exposed data on March 21, after it was posted on an Elasticsearch cluster with no password authentication.  After contacting the hosting provider on March 24, the cluster was deleted a day […]

#Privacy: Banking Trojan resurfaces amidst global pandemic

Following a three year hiatus, the Zeus Sphinx banking Trojan is back, appearing in a coronavirus-themed phishing campaign. First seen in August 2015, Sphinx is based on the leaked source of the Zeus banking trojan. IBM X-Force researchers Amir Gandler and Limor Kessen explained that Sphinx’s main capability is to harvest online banking credentials.  Following […]

#Privacy: Domain registration companies take steps to combat fraudulent COVID-19 websites

US domain registration companies are taking action against coronavirus related fraud.  One of America’s largest US domain registry companies, GoDaddy has revealed that it has taken down numerous fraudulent websites as part of its “human review process.” A GoDaddy spokesperson said: “We do not tolerate abuse on our platform and our Universal Terms of Service […]

#Privacy: FTC warns VoIP service providers against “assisting and facilitating” coronavirus-related telemarketing calls

The Federal Trade Commission (FTC) has warned nine Voice over Internet Protocol (VoIP) service providers that “assisting and facilitating” illegal telemarketing calls related to COVID-19 is against the law.  Many of these illegal telemarketing or robocalls related to the global pandemic, prey upon consumers’ fear of the virus to sow disinformation or perpetrate scams.  “It’s never […]

#Privacy: New phishing campaign claims recipients have been exposed to COVID-19

In a new phishing campaign, threat actors are claiming to be from a local hospital in the hopes of getting recipients to open a malicious email attachment.  In the current global pandemic, cyber criminals are now capitalising on the growing concerns and desire for information about COVID-19 by launching a variety of cyber attacks including […]

#Privacy: Virgin Media data breach compensation could total £4.5bn

Virgin Media could be liable to pay up to £4.5 billion after a data breach resulted in the personal details of 900,000 customers being publicly accessible online.  The breach caused by an misconfigured database exposed customers’ full names, email addresses, dates of birth, contact numbers and information linking some customers to pornography and explicit websites, […]

#Privacy: Students claim online exam software violates privacy rights

Students at Florida State University have started a petition claiming that the technology used by the institution to assess students and detect academic misconduct, violates privacy rights.  In response to COVID-19, Florida State University (FSU) launched remote learning on Monday for its entire campus, in addition the university announced that staff could use Honorlock, software designed […]

#Privacy: ACSC warns of COVID-19 themed malicious cyber activity

The Australian Cyber Security Centre (ACSC) has issued a threat update to raise awareness and provide cyber security advice surrounding COVID-19 themed malicious cyber activity.  The update explains that with cyber criminals capitalising on people’s growing concerns and desire for information about the global pandemic, there will likely be an increase in the frequency and […]