#Privacy: Phishing attack targets Stripe users

A phishing campaign has been identified attempting to harvest customers’ bank account information and user credentials.  The Cofense Phishing Defense Center (PDC) researchers who discovered the Stripe phishing campaign, found that the attackers are using the “Review your details” button, which redirects customers to their phishing pages, to hide their actual destination.  “The true destination […]

#Privacy: MCMC suspends contract of company responsible of data breach

The Malaysian Communications and Multimedia Commission (MCMC) has suspended the contract of the  independent contractor Nuemera (M) Sdn Bhd.  The 2014 data breach exposed the personal details of 46.2 million mobile phone subscribers, leaking the unique serial numbers linked to individual mobile phones, phone numbers, home addresses and names.  The suspension was confirmed in a […]

#Privacy: Hundreds of thousands of CVs exposed online

Both Authentic Jobs and Sonic Jobs have exposed more than 200,000 CVs, subsequently making them publicly accessible to possible threat actors. Security researcher Gareth Llewellyn discovered the data breaches. Authentic Jobs, a US-based jobs board utilised by companies including the New York Times, made 221,130 CVs publicly accessible. Whilst Sonic Jobs, a UK jobs app […]

#Privacy: Researchers have devised a method to scoop unencrypted Tor network traffic data

Researchers have found a way to harvest unencrypted Tor network data from exit nodes and piece them together. Deloitte Canada researchers, Adam Podgorski and Milind Bhargava have also claimed to be able to obtain personally identifiable information (PII) of mobile users. The irony is that Tor is an anonymising software and network, and allows traffic […]

#Privacy: Canadian students share their passwords with friends

According to the Quebec Access to Information Commission (CAI), Canadian students are sharing their passwords with friends as proof of friendship. For the past three years, the CAI has been visiting secondary schools across Quebec informing children about their campaign “Ce que tu publies, penses-y”, which briefly translates to “Think before you publish.” The aim […]

#Privacy: Mississippi government agencies failing in cyber-security compliance

An analysis has revealed that Mississippi government institutions are not complying with industry standard cyber-security practices.  A survey of 125 state agencies, boards, commissions, and universities was conducted by The Auditor’s Office, to check if they were meeting the requirements of the State of Mississippi Enterprise Security Program.  The survey revealed that 54 of the […]

#Privacy: Imperva blames AWS stolen API key for data breach

The cybersecurity firm has released a detailed update on the security breach that was disclosed in August.  The data breach at Imperva exposed the email addresses, API keys, scrambled passwords and SSL certificate of some firewall users.  In the update, the company stated that following a thorough investigation with internal security teams and external forensics […]