A phishing campaign has been identified attempting to harvest customers’ bank account information and user credentials. The Cofense Phishing Defense Center (PDC) researchers who discovered the Stripe phishing campaign, found that the attackers are using the “Review your details” button, which redirects customers to their phishing pages, to hide their actual destination. “The true destination […]
Privacy
#Privacy: Schools in Vermont are spying on their students’ online activity
A report by VTDigger has revealed that five schools in Vermont have hired a Burlington-based firm to track the online activities of their students. VTDigger sent a public records request to all 52 superintendents in Vermont asking if any social media monitoring contracts had been signed. Of the 52, five stated that they either had […]
#Privacy: MCMC suspends contract of company responsible of data breach
The Malaysian Communications and Multimedia Commission (MCMC) has suspended the contract of the independent contractor Nuemera (M) Sdn Bhd. The 2014 data breach exposed the personal details of 46.2 million mobile phone subscribers, leaking the unique serial numbers linked to individual mobile phones, phone numbers, home addresses and names. The suspension was confirmed in a […]
#Privacy: Hundreds of thousands of CVs exposed online
Both Authentic Jobs and Sonic Jobs have exposed more than 200,000 CVs, subsequently making them publicly accessible to possible threat actors. Security researcher Gareth Llewellyn discovered the data breaches. Authentic Jobs, a US-based jobs board utilised by companies including the New York Times, made 221,130 CVs publicly accessible. Whilst Sonic Jobs, a UK jobs app […]
#Privacy: Researchers have devised a method to scoop unencrypted Tor network traffic data
Researchers have found a way to harvest unencrypted Tor network data from exit nodes and piece them together. Deloitte Canada researchers, Adam Podgorski and Milind Bhargava have also claimed to be able to obtain personally identifiable information (PII) of mobile users. The irony is that Tor is an anonymising software and network, and allows traffic […]
#Privacy: Canadian students share their passwords with friends
According to the Quebec Access to Information Commission (CAI), Canadian students are sharing their passwords with friends as proof of friendship. For the past three years, the CAI has been visiting secondary schools across Quebec informing children about their campaign “Ce que tu publies, penses-y”, which briefly translates to “Think before you publish.” The aim […]
#Privacy: Could you be in line for Yahoo pay-out after data breach settlement?
If your Yahoo account was among the three billion accounts hit by the multiple data breaches suffered by Yahoo between 2013 and 2016, you could qualify for a $358 windfall or two free years of credit monitoring. Should courts in California approve the settlement, Yahoo could portion off over $117.5 million among consumers whose names, […]
#Privacy: French media giant hit by ransomware
Groupe M6 has confirmed that on Saturday morning it was struck by a ransomware attack. As a result of the ransomware attack, phone lines and email servers are currently down, but fortunately due to the staff’s speedy response the attack did not affect the company’s TV and radio channels. In an announcement published on Twitter […]
#Privacy: Mississippi government agencies failing in cyber-security compliance
An analysis has revealed that Mississippi government institutions are not complying with industry standard cyber-security practices. A survey of 125 state agencies, boards, commissions, and universities was conducted by The Auditor’s Office, to check if they were meeting the requirements of the State of Mississippi Enterprise Security Program. The survey revealed that 54 of the […]
#Privacy: Imperva blames AWS stolen API key for data breach
The cybersecurity firm has released a detailed update on the security breach that was disclosed in August. The data breach at Imperva exposed the email addresses, API keys, scrambled passwords and SSL certificate of some firewall users. In the update, the company stated that following a thorough investigation with internal security teams and external forensics […]