Group items tagged

""What is emerging is that [Aadhaar] is being used to create a panopticon, a centralized database that's linked to every aspect of our lives - finances, travel, birth, deaths, marriage, education, employment, health, etc.," Reetika Khera, an Indian economist and social scientist, told VICE News. Security concerns have plagued the system for years, but in recent weeks criticism has grown deafeningly loud. Earlier this month, as part of the Supreme Court case on privacy, an activist's freedom of information request suggested that foreign firms were being given "full access" to the classified data - including fingerprints and iris scans."

"A data trust is a legal entity that collects and manages people's personal data on their behalf. Though the structure and function of these trusts are still being defined, and many questions remain, data trusts are notable for offering a potential solution to long-standing problems in privacy and security."

""This is the largest impact on the energy system in the United States we've seen from a cyberattack, full stop," says Rob Lee, CEO of the critical-infrastructure-focused security firm Dragos. Aside from the financial impact on Colonial Pipeline or the many providers and customers of the fuel it transports, Lee points out that around 40 percent of US electricity in 2020 was produced by burning natural gas, more than any other source. That means, he argues, that the threat of cyberattacks on a pipeline presents a significant threat to the civilian power grid. "You have a real ability to impact the electric system in a broad way by cutting the supply of natural gas. This is a big deal," he adds. "I think Congress is going to have questions. A provider got hit with ransomware from a criminal act, this wasn't even a state-sponsored attack, and it impacted the system in this way?""

"Bitcoin is stored on software known as a digital wallet that is secured through encryption. A password is used as a decryption key to open the wallet and access the bitcoin. When a password is lost the user cannot open the wallet. The fraudster had been sentenced to more than two years in jail for covertly installing software on other computers to harness their power to "mine" or produce bitcoin. When he went behind bars, his bitcoin stash would have been worth a fraction of the current value. The price of bitcoin has surged over the past year, hitting a record high of US$42,000 in January. It was trading at US$37,577 on Friday, according to cryptocurrency and blockchain website Coindesk."

""Mexico's capacity to spy on its citizens is immense. [And] it's extremely easy for the technology and the information obtained through the spyware to fall into private hands - be it organised crime or commercial," said Jorge Rebolledo, a Mexico City security consultant. "What we know about is only the tip of the iceberg." Andrés Manuel López Obrador Andrés Manuel López Obrador. The data leak is a list of more than 50,000 phone numbers that, since 2016, are believed to have been selected as belonging to people of interest by government clients of NSO Group."

"  The Immigration & Checkpoints Authority (ICA) has been progressively implementing more secure and efficient immigration clearance, in collaboration with the Home Team Science and Technology Agency (HTX). Since July 2020, all automated and manual immigration lanes and counters at the passenger halls of Singapore's land, sea and air checkpoints have been equipped with iris and facial scanners"

"Twitter suffered a major security breach on Wednesday that saw hackers take control of the accounts of major public figures and corporations, including Joe Biden, Barack Obama, Elon Musk, Bill Gates, Jeff Bezos and Apple. The company confirmed the breach Wednesday evening, more than six hours after the hack began, and attributed it to a "coordinated social engineering attack" on its own employees that enabled the hackers to access "internal systems and tools"."

"Chinese consumers are increasingly standing up to Internet giants for their digital privacy in an unprecedented way. China is in the early stages of setting up a data protection regulatory system. The Cyber Security Law, effective Jun 1, 2017, included for the first time a set of data protection provisions in the form of national-level legislation. The 2018 e-Commerce Law incorporated data privacy protections for consumers such as the "right to be forgotten", similar to the EU's General Data Protection Regulation."

"According to the report, Twitter's security "problems" were only exacerbated by the push to remote work necessitated by the coronavirus pandemic. Like many other newly remote workers, Twitter's employees experienced tech problems working from home. Hackers were able to capitalize on this, tricking at least one Twitter employee into believing the hacker was a member of Twitter's IT team."

"TL;DR: all recent macOS devices are no longer safe to use if left alone, even if you have them powered down. The root of trust on macOS is inherently broken They can bruteforce your FileVault2 volume password They can alter your macOS installation They can load arbitrary kernel extensions"

"The Singapore government is to establish a new Data Security Office and implement a number of measures to better safeguard citizen information, following a series of serious government data leaks.  "

""Critical, user-facing vulnerabilities" were found in the Chinese supplier's fixed-broadband products caused by poor code quality and an old operating system, the Huawei Cyber Security Evaluation Centre Oversight Board said in a report. "U.K. operators needed to take extraordinary action to mitigate the risk.""

"Amazon customers have one week to opt out of a plan that would turn every Echo speaker and Ring security camera in the US into a shared wireless network, as part of the company's plan to fix connection problems for its smart home devices."

Read the facts before it all goes wrong...

"Ukraine has been hit by a "massive" cyber-attack, with the websites of several government departments including the ministry of foreign affairs and the education ministry knocked out. Officials said it was too early to draw any conclusions but they pointed to a "long record" of Russian cyber assaults against Ukraine, with the attack coming after security talks between Moscow and the US and its allies this week ended in stalemate."

"The brochure also advertised "Optional Demographic Profiling Facial analysis algorithms", including "gender, race/ethnicity, age" profiling. A second, Italian-based, company was also cited on Hikvision's website as offering racial profiling. The company removed both claims from its website following an inquiry from the Guardian, and said the technology had never been sold in the UK. The document, it said, detailed the "potential application of our cameras, with technology built independently by FaiceTech and other partners"."

"But it isn't just major retailers deploying facial recognition software. Backlash to private use of facial recognition culminated on Wednesday when Livonia skating rink in Michigan was accused of banning a Black teenager after its facial recognition software mistakenly implicated her in a brawl. Lamya Robinson told Fox2 that after her mom dropped her off at the skating rink last Saturday, security guards refused to let her inside, claiming her face had been scanned and the system indicated she was banned after starting a fight in March."

"Cybersecurity researchers say the My2022 mobile app - the official app of the Beijing Winter Olympics - has serious security vulnerabilities and that "all Olympian audio is being collected, analyzed and saved on Chinese servers." Why This Matters: The Chinese government is mandating all Olympic athletes, coaches, and attendees use the My2022 app and, as of Thursday morning, the app is still available in the Apple and Android U.S. app stores where Americans can download it too."

"The university presidents' council said this morning that the security of its central admissions system has been upgraded after the personal data of around 23,000 students was advertised for sale on the dark web. The university presidents' council insisted that the leaked admissions data, which included personal information and examination results, was only current through last May after anger erupted over the data breach. #BanTCAS was surging on Thai Twitter this morning in reference to the Thai University Central Admission System, or TCAS."