Data privacy, InfoSec and Mobile - Cyber Security Informer

DuckDuckGo Browser Allows Microsoft Trackers, Stolen Verizon Employee Database, Attacking Powered Off iPhones

Security Boulevard

JUNE 5, 2022

The DuckDuckGo mobile browser allows Microsoft trackers due to an agreement in their syndicated search content contract, a database of contact details for hundreds of Verizon employees was compromised after an employee was social engineered to give the attacker remote access to their corporate computer, and details about new research that shows that (..)

Social Engineering

Social Engineering Mobile Engineering Data privacy

Tim Hortons Privacy Investigation, Social Engineering Kill-Chain, Hospitals Sending Facebook Your Data

Security Boulevard

JUNE 26, 2022

The Tim Hortons mobile app created a “a mass invasion of Canadians’ privacy” by conducting continuous location tracking without user consent even when the app was closed, what is a social engineering kill-chain and how can this help understand and prevent attacks, and new research shows 33 out of the top 100 hospitals in America […].

Social Engineering

Social Engineering Engineering Mobile Healthcare

Security Roundup May 2023

BH Consulting

MAY 23, 2023

MORE Rowenna Fielding’s excellent primer on rights and freedoms for data privacy. MORE Threat Prompt newsletter covers the intersection between AI and infosec. MORE How public agencies can manage mobile devices: a guide from Ireland’s NCSC. MORE MITRE ATT&CK, the knowledge base of adversary tactics, hits version 13.

Artificial Intelligence

Artificial Intelligence Identity Theft Social Engineering InfoSec

The Importance of Opting Out of CPNI Data Sharing

Security Boulevard

NOVEMBER 15, 2023

Let’s talk about a topic that’s incredibly important for your privacy and data security. In this blog I’m going to talk about why you should opt out of the sharing of CPNI data and why that seemingly simple annual email from your mobile phone provider is more significant than you might think. What is CPNI? …

Mobile

Mobile Telecommunications Internet Internet

Most Advanced iPhone Exploit Ever, Google’s $5 Billion Settlement, Apple’s Journal App

Security Boulevard

JANUARY 7, 2024

In this episode, we discuss the most sophisticated iPhone exploit ever, Google’s agreement to settle a $5 billion lawsuit about tracking users in ‘incognito’ mode, and a new iOS app, Journal. The iPhone exploit, known as Operation Triangulation, has complex chains of events that lead to compromised iPhone security.

Data privacy

Data privacy Mobile InfoSec Technology

Okta Hacked Again, Quishing Is The New Phishing, Google Play Protect Real-Time Scanning

Security Boulevard

NOVEMBER 5, 2023

In this episode, we explore the recent Okta breach where hackers obtained sensitive customer data via unauthorized access to the Okta support system. Next, we discuss the emerging threat of “quishing,” a combination of voice calls and phishing that preys on unsuspecting victims.

Phishing

Phishing Hacking Data privacy Data breaches

Password Managers Under Attack, Shady Reward Apps on Google Play, Meta Account Center 2FA Bypass

Security Boulevard

FEBRUARY 5, 2023

The attacks on password managers and their users continue as Bitwarden and 1Password users have reported seeing paid ads for phishing sites in Google search results for the official login page of the password management vendors.

Password Management

Password Management Passwords Accountability Phishing

Multi-Factor Authentication Fatigue Attack, Signal Account Twilio Hack, Facebook and Instagram In-App Browser

Security Boulevard

AUGUST 21, 2022

A Cisco employee was compromised by a ransomware gang using a technique called multi-factor authentication fatigue, an attack on the Signal messenger app’s SMS service Twilio potentially disclosed the phone numbers of 1,900 users, and details on how Facebook and Instagram track what you click on including your web browsing history by using their in-app (..)

Authentication

Authentication Accountability Hacking Ransomware

Emergency Satellite Messaging, Stagnation in User Cybersecurity Habits

Security Boulevard

OCTOBER 13, 2024

In the milestone 350th episode of the Shared Security Podcast, the hosts reflect on 15 years of podcasting, and the podcast’s evolution from its beginnings in 2009. They discuss the impact of a current hurricane on Florida, offering advice on using iPhone and Android satellite communication features during emergencies.

Cybersecurity

Cybersecurity Password Management Passwords Media

Ohio’s New Social Media Law, Meta’s Link History Feature, 175 Million Passcode Guesses

Security Boulevard

JANUARY 14, 2024

In episode 312, Tom and Scott discuss the implications of a new law in Ohio that may require parental consent for children under 16 using social media, including the pros and cons of this legislation.

Media

Media Data privacy InfoSec Technology

Reflecting on Y2K: Lessons for the Next Tech Crisis and AI Safety

Security Boulevard

JANUARY 5, 2025

Plus, in our Aware Much segment, Scott shares tips on protecting your data if your phone is stolen. Join us as we reminisce about Y2K, the panic, the preparations, and the lessons learned 25 years later. We also discuss the implications for future technology like AI and potential cybersecurity crises.

Technology

Technology Cybersecurity Data privacy Cyber threats

Apple Finally Adopts RCS, AI Powered Scams Targeting the Elderly

Security Boulevard

NOVEMBER 26, 2023

In this episode, Tom shows off AI generated images of a “Lonely and Sad Security Awareness Manager in a Dog Pound” and the humorous outcomes. The conversation shifts to Apple’s upcoming support for Rich Communication Services (RCS) and the potential security implications.

Scams

Scams Security Awareness Social Engineering Data privacy

Janet Jackson Can Crash Laptops, Credential Phishing Attacks Skyrocket, A Phone Carrier That Doesn’t Track You

Security Boulevard

AUGUST 28, 2022

Janet Jackson’s “Rhythm Nation” has been recognized as an exploit for a vulnerability after Microsoft reported it can crash the hard drives of certain old laptop computers, phishing attacks that compromise credentials using brand impersonation are on the rise, and details about a new privacy focused phone carrier that doesn’t track your location or (..)

Phishing

Phishing Social Engineering Surveillance Data privacy

How security professionals will rise to the challenge of cyber defense in 2022

CyberSecurity Insiders

DECEMBER 8, 2021

We can expect to see a steep rise in US state-by-state data privacy requirements and movement toward a potential federal privacy law in 2022. In fact, by 2023, it’s expected that 65% of the world’s population will be covered by privacy laws. Infosec will dominate our lives in the tech space for the foreseeable future.

Data breaches

Data breaches Ransomware Government Risk

Cyber Security Informer

DuckDuckGo Browser Allows Microsoft Trackers, Stolen Verizon Employee Database, Attacking Powered Off iPhones

Tim Hortons Privacy Investigation, Social Engineering Kill-Chain, Hospitals Sending Facebook Your Data

Trending Sources

Security Roundup May 2023

The Importance of Opting Out of CPNI Data Sharing

Most Advanced iPhone Exploit Ever, Google’s $5 Billion Settlement, Apple’s Journal App

Okta Hacked Again, Quishing Is The New Phishing, Google Play Protect Real-Time Scanning

Password Managers Under Attack, Shady Reward Apps on Google Play, Meta Account Center 2FA Bypass

Multi-Factor Authentication Fatigue Attack, Signal Account Twilio Hack, Facebook and Instagram In-App Browser

Emergency Satellite Messaging, Stagnation in User Cybersecurity Habits

Ohio’s New Social Media Law, Meta’s Link History Feature, 175 Million Passcode Guesses

Reflecting on Y2K: Lessons for the Next Tech Crisis and AI Safety

Apple Finally Adopts RCS, AI Powered Scams Targeting the Elderly

Janet Jackson Can Crash Laptops, Credential Phishing Attacks Skyrocket, A Phone Carrier That Doesn’t Track You

How security professionals will rise to the challenge of cyber defense in 2022

Stay Connected