Privacy | SC Media

Privacy

Instagram fixed after researcher finds way to link account info to PII

Facebook has repaired a vulnerability in its Instagram social media platform, after a researcher found that it could be exploited to link users’ phone numbers to their account numbers, usernames and actual names. With the help a brute-force algorithm and a network of bots, malicious actors could have leveraged the flaw to bypass data security…

Backdoor

StealthFalcon backdoor using Windows BITS to hide action

The cyberespionage group Stealth Falcon is using a previously unreported binary backdoor along with Windows BITS to communicate with its command and controls server. The revelation was made by ESET researchers who came across the backdoor, which it named Win32/StealthFalcon, which the security firm believes has many similarities with another PowerShell script with backdoor capabilities…

election hacking

Facebook releases more election security changes

In the runup to the 2020 presidential election Facebook shared additional steps it is taking to help ensure campaign ads are properly attributed and vetted. Katie Harbath, Facebook’s public policy director, global elections, said the changes include strengthening the authorization process for U.S. advertisers and showing users more information about each advertiser. This includes placing…

Capital One hacker to ask for release on bail

The person behind the massive Capital One data breach that exposed more than 100 million records will go before a federal judge on Friday and ask to be released on bail. The transgender Paige Thompson, who identifies as female, is expected to say that being held in jail with male inmates is a threat to…

UK businesses far more confident re GDPR than their European counterparts

Researcher: GDPR’s Right of Access policy can be abused to steal others’ personal info

An Oxford University scholar says he was able to trick dozens of European companies into sending him sensitive data about his fiancée, simply by impersonating her while invoking GDPR’s “Right of Access” policy. Doctor of philosophy student James Pavur, who presented his research findings Thursday at the Black Hat conference in Las Vegas, exploited the policy…

How to craft a U.S. privacy law fit for a tech company

Facebook, Google, IBM, and Microsoft have all reportedly “aggressively lobbied” the current administration to start developing a federal privacy mandate. Recently, Cisco joined that chorus of tech giants (“Big Tech”) calling for stronger American privacy laws. Intel has gone a few steps further, drafting its own version of a U.S. privacy bill and opening an…

AppleMalware2

Apple halts contractors listening to Siri recordings, will offer opt-out

Apple will temporarily suspend its practice of allowing human contractors to grade snippets recordings of Siri conversations for accuracy. The move follows a Guardian report in which a former worker claimed contractors regularly hear confidential medical information, drug deals, and recordings of couples having sex” as part of their job.  While Apple says user requests…

FTC levies historic fine on Facebook for privacy violations

The U.S. Federal Trade Commission today announced that it has penalized Facebook $5 billion as punishment for what it described as deceptive privacy practices, and imposed new restrictions on the social media giant. Facebook likewise announced that it has agreed to the terms of the deal. In conjunction, the Department of Justice officially filed a…

FSB headquarters Lubyanka Square Moscow

Hackers leak documents stolen from contractor for Russian intel agency

Hackers reportedly stole 7.5 TB of data from a contractor for the Russian intelligence service FSB, and revealed details on several of its activities or prospective projects, including the collecting of information on users of social media services, Tor and P2P networks. The contractor, SyTech, has worked for FSB’s radio-electronic intelligence unit 71330 since 2009,…

Next post in Security News