Data privacy, Mobile and Social Engineering

Tim Hortons Privacy Investigation, Social Engineering Kill-Chain, Hospitals Sending Facebook Your Data

Security Boulevard

JUNE 26, 2022

The Tim Hortons mobile app created a “a mass invasion of Canadians’ privacy” by conducting continuous location tracking without user consent even when the app was closed, what is a social engineering kill-chain and how can this help understand and prevent attacks, and new research shows 33 out of the top 100 hospitals in America […].

Social Engineering

Social Engineering Engineering Mobile Healthcare

SIM Swappers Try Bribing T-Mobile and Verizon Staff $300

Security Boulevard

APRIL 16, 2024

The post SIM Swappers Try Bribing T-Mobile and Verizon Staff $300 appeared first on Security Boulevard. Not OK: SMS 2FA — Widespread spam targets carrier employees, as scrotes try harder to evade two-factor authentication.

Mobile

Mobile Authentication Social Engineering Wireless

DuckDuckGo Browser Allows Microsoft Trackers, Stolen Verizon Employee Database, Attacking Powered Off iPhones

Security Boulevard

JUNE 5, 2022

The DuckDuckGo mobile browser allows Microsoft trackers due to an agreement in their syndicated search content contract, a database of contact details for hundreds of Verizon employees was compromised after an employee was social engineered to give the attacker remote access to their corporate computer, and details about new research that shows that (..)

Social Engineering

Social Engineering Mobile Engineering Data breaches

Sprint Exposed Customer Support Site to Web

Krebs on Security

JANUARY 29, 2020

leaked internal customer support data to the Internet, mobile provider Sprint has addressed a mix-up in which posts to a private customer support community were exposed to the Web. A message Microsoft sent to customers affected by their recent leak of customer support data. Fresh on the heels of a disclosure that Microsoft Corp.

Social Engineering

Social Engineering Telecommunications Data privacy Engineering

TikTok Ban Incoming — but ByteDance Fights Back

Security Boulevard

MARCH 8, 2024

Hilltop BillTok: ByteDance mobilizing addicted user base, as U.S. TikTok ban steamrolls through Capitol Hill after unanimous committee vote. The post TikTok Ban Incoming — but ByteDance Fights Back appeared first on Security Boulevard.

Mobile

Mobile Social Engineering Spyware Media

ADPPA US Privacy Law: Coming Soon in Wake of Roe v. Wade Redo

Security Boulevard

JUNE 27, 2022

But the American Data Privacy and Protection Act wasn’t the only privacy related issue on Capitol Hill last week. The post ADPPA US Privacy Law: Coming Soon in Wake of Roe v. We could soon have a federal GDPR. Wade Redo appeared first on Security Boulevard.

Data privacy

Data privacy Social Engineering Security Awareness Engineering

Three Risk Mitigation Strategies to Address the Latest Data Security Threats

CyberSecurity Insiders

JUNE 7, 2023

The RESTRICT Act outlines guidelines for data sharing, encompassing a wide range of information beyond personal data; and establishes a risk-based process directed toward identifying and mitigating foreign threats to information and communications technology products and services. Assess your identity and access management framework.

Risk

Risk Artificial Intelligence Technology Digital transformation

Security Roundup May 2023

BH Consulting

MAY 23, 2023

Curated advice, guidance, learning and trends in cybersecurity and privacy, as chosen by our consultants. Say it again, I double dare you Anyone familiar with phishing and social engineering will know scammers often use psychological tricks to get victims to divulge personal data.

Artificial Intelligence

Artificial Intelligence Identity Theft Social Engineering InfoSec

MY TAKE: COVID-19’s silver lining could turn out to be more rapid, wide adoption of cyber hygiene

The Last Watchdog

MAY 11, 2020

Related: How the Middle East has advanced mobile security regulations Over the past couple of decades, meaningful initiatives to improve online privacy and security, for both companies and consumers, incrementally gained traction in the tech sector and among key regulatory agencies across Europe, the Middle East and North America.

Computers and Electronics

Computers and Electronics Data privacy Encryption Media

Not the Invasion They Warned Us About: TikTok and the Continued Erosion of Online Privacy

Approachable Cyber Threats

AUGUST 2, 2021

social engineer a mobile provider employee to facilitate a SIM swap). Data collection should always remain explicitly opt-in except for a well-defined bare minimum data set required to deliver the service and the service alone with explicitly stated usage details for such data required.

Data collection

Data collection Media Mobile Identity Theft

How can small businesses ensure Cybersecurity?

CyberSecurity Insiders

JUNE 7, 2023

This culture has given rise to a large number of personal devices like mobile phones, laptops, and tablets that can easily access sensitive information. Legal ramifications Small organizations are also subject to various industry legal and regulatory regulations like GDPR , HIPAA , and CCPA to maintain data privacy.

Small Business

Small Business Cybersecurity Cyber Attacks Data breaches

South Korean iPhone Ban: MDM DMZ PDQ

Security Boulevard

APRIL 29, 2024

MDM Hindered: Android phones are still OK; this is Samsung’s home, after all. The post South Korean iPhone Ban: MDM DMZ PDQ appeared first on Security Boulevard.

Social Engineering

Social Engineering Data privacy Engineering IoT

FCC: Phone Network Bugs Must Be Fixed — But are SS7/Diameter Beyond Repair?

Security Boulevard

APRIL 5, 2024

Fast enough for government work: The Federal Communications Commission is finally minded to do something about decades-old vulnerabilities. The post FCC: Phone Network Bugs Must Be Fixed — But are SS7/Diameter Beyond Repair? appeared first on Security Boulevard.

Government

Government Digital transformation Social Engineering Telecommunications

House Passes Privacy-Preserving Bill, but Biden Blasts it

Security Boulevard

APRIL 18, 2024

The post House Passes Privacy-Preserving Bill, but Biden Blasts it appeared first on Security Boulevard. Are you a FANFSA fan? The White House isn’t. It says the bill “threatens national security.”

Social Engineering

Social Engineering Advertising Data privacy Engineering

What Is a Vulnerability Assessment? Types, Steps & Benefits

eSecurity Planet

APRIL 20, 2023

Application vulnerability assessment: This type includes assessments of web applications, mobile apps, and other software platforms, looking for code vulnerabilities, unapplied patches, access management issues, and more. Social engineering methods include phishing , baiting, and tailgating.

Social Engineering

Social Engineering Wireless Data breaches Software

Revealed: Facebook’s “Incredibly Aggressive” Alleged Theft of Snapchat App Data

Security Boulevard

MARCH 27, 2024

The post Revealed: Facebook’s “Incredibly Aggressive” Alleged Theft of Snapchat App Data appeared first on Security Boulevard. Meta MITM IAAP SSL bump: Zuck ordered “Project Ghostbusters”—with criminal consequences, says class action lawsuit.

Social Engineering

Social Engineering VPN Data privacy Engineering

Apple OTP FAIL: ‘MFA Bomb’ Warning — Locks Accounts, Wipes iPhones

Security Boulevard

MARCH 28, 2024

Rethink different: First, fatigue frightened users with multiple modal nighttime notifications. Next, call and pretend to be Apple support. The post Apple OTP FAIL: ‘MFA Bomb’ Warning — Locks Accounts, Wipes iPhones appeared first on Security Boulevard.

Accountability

Accountability Social Engineering Authentication Data privacy

Apple M-Series FAIL: GoFetch Flaw Finds Crypto Keys

Security Boulevard

MARCH 22, 2024

GoFAIL: Researchers worm their way into broken cache-filling microcode in most Macs and iPads. The post Apple M-Series FAIL: GoFetch Flaw Finds Crypto Keys appeared first on Security Boulevard.

Social Engineering

Social Engineering Data privacy Engineering Security Awareness

5 Cybersecurity Trends in the Professional Services Sector

Security Affairs

SEPTEMBER 21, 2019

Hackers aren’t only coders — they’re also social engineers. Hackers Target Mobile Devices. Data Privacy and Data Stewardship Are Becoming High Priorities. New data regulations, like the GDPR in Europe , have made data breaches more costly than ever. Most phishing happens over email.

Cybersecurity

Cybersecurity Data breaches Artificial Intelligence Phishing

XZ Utils-Like Takeover Attempt Targets the OpenJS Foundation

Security Boulevard

APRIL 17, 2024

The OpenJS Foundation, which oversees multiple JavaScript projects, thwarted a takeover attempt of at least one project that has echoes of the dangerous backdoor found in versions of the XZ Utils data compression library that failed only because a Microsoft engineer incidentally discovered it.

Engineering

Engineering Social Engineering Data privacy Software

PRC State Hacking: ‘Chinese Edward Snowden’ Spills I?Soon Secrets in Huge Dump of TTPs

Security Boulevard

FEBRUARY 22, 2024

Underpaid, overworked and angry: Whistleblower in hacker contractor firm for Chinese government blows lid off tactics, techniques and procedures. The post PRC State Hacking: ‘Chinese Edward Snowden’ Spills I‑Soon Secrets in Huge Dump of TTPs appeared first on Security Boulevard.

Hacking

Hacking Government Digital transformation Social Engineering

Cheap Video Doorbell Cams: Tools of Stalkers and Thieves

Security Boulevard

MARCH 1, 2024

EKEN IoT FAIL: Amazon, Sears and Shein still sell security swerving stuff. The post Cheap Video Doorbell Cams: Tools of Stalkers and Thieves appeared first on Security Boulevard.

IoT

IoT Social Engineering Internet Internet

‘Total Bollocks’ — No, Your Toothbrush isn’t DDoS’ing

Security Boulevard

FEBRUARY 7, 2024

PR FAIL: Were 3 million toothbrushes hacked into a botnet? Or does a Fortinet spokeschild have egg on his face? The post ‘Total Bollocks’ — No, Your Toothbrush isn’t DDoS’ing appeared first on Security Boulevard.

Hacking

Hacking Social Engineering DDOS Internet

US Will Fight Russian Disinformation — Hacks and Leaks and Deepfakes, Oh My!

Security Boulevard

FEBRUARY 27, 2024

Pay no attention to that man: State Dept. Global Engagement Centre chief James Rubin (pictured) follows the yellow brick road. The post US Will Fight Russian Disinformation — Hacks and Leaks and Deepfakes, Oh My! appeared first on Security Boulevard.

Hacking

Hacking Social Engineering Data privacy Engineering

Malicious AdTech Spies on People as NatSec Targets

Security Boulevard

JANUARY 25, 2024

Targeted ads target targets: Patternz and Nuviad enable potentially hostile governments to track individuals by misusing ad bidding. The post Malicious AdTech Spies on People as NatSec Targets appeared first on Security Boulevard.

Government

Government Social Engineering Advertising Data privacy

Linux Vendors Squawk: PATCH NOW — CVSS 9.8 Bootkit Bug in shim.efi

Security Boulevard

FEBRUARY 8, 2024

Snow joke: A Microsoft researcher found it—and it’s somehow Microsoft’s fault. The post Linux Vendors Squawk: PATCH NOW — CVSS 9.8 Bootkit Bug in shim.efi appeared first on Security Boulevard.

Social Engineering

Social Engineering Data privacy Engineering IoT

LockBit Takedown by Brits — Time for ‘Operation Cronos’

Security Boulevard

FEBRUARY 20, 2024

RaaS nicked: 11-nation army led by UK eliminates ransomware-for-hire scrotes’ servers. The post LockBit Takedown by Brits — Time for ‘Operation Cronos’ appeared first on Security Boulevard.

Ransomware

Ransomware Social Engineering Data privacy Engineering

Telegram Privacy Nightmare: Don’t Opt In to P2PL

Security Boulevard

MARCH 26, 2024

Scary SMS shenanigans: Avoid Telegram’s new “Peer-To-Peer Login” program if you value your privacy or your cellular service. The post Telegram Privacy Nightmare: Don’t Opt In to P2PL appeared first on Security Boulevard.

Social Engineering

Social Engineering Authentication Data privacy Security Awareness

Facebook’s New Privacy Nightmare: ‘Link History’

Security Boulevard

JANUARY 3, 2024

The post Facebook’s New Privacy Nightmare: ‘Link History’ appeared first on Security Boulevard. How stupid does he think we are? You’ll want to turn off this new app setting.

Social Engineering

Social Engineering Advertising Data privacy Engineering

China Cracks Apple Private Protocol — AirDrop Pwned

Security Boulevard

JANUARY 10, 2024

AirDrop hashing is weaksauce: Chinese citizens using peer-to-peer wireless comms “must be identified.” The post China Cracks Apple Private Protocol — AirDrop Pwned appeared first on Security Boulevard.

Wireless

Wireless Social Engineering Firewall Data privacy

Massive ‘New’ Leaked Credentials List: Naz.API Pwns Troy

Security Boulevard

JANUARY 18, 2024

Have I been pwned? Yes, you probably have. Stop reusing passwords, already. Here’s what else you should do. The post Massive ‘New’ Leaked Credentials List: Naz.API Pwns Troy appeared first on Security Boulevard.

Passwords

Passwords Social Engineering Data privacy Authentication

Russia Hacks Ukraine, Ukraine Hacks Russia — Day#658

Security Boulevard

DECEMBER 13, 2023

When will it end? Russia takes down Kyivstar cellular system, Ukraine destroys Russian tax system. The post Russia Hacks Ukraine, Ukraine Hacks Russia — Day#658 appeared first on Security Boulevard.

Hacking

Hacking Digital transformation Social Engineering Data privacy

Google to Force-Block Ad Blockers — Time to Get Firefox?

Security Boulevard

NOVEMBER 17, 2023

Manifest V3: Destiny. Huge advertising monopoly flexes muscles: “Manifest V2” extensions to be nuked, but “V3” cripples ad blockers. The post Google to Force-Block Ad Blockers — Time to Get Firefox? appeared first on Security Boulevard.

Advertising

Advertising Social Engineering Data privacy Engineering

Tax Season is Upon Us, and So Are the Scammers

Security Boulevard

JANUARY 31, 2024

It’s still relatively early in the year, but bad actors are already targeting accounting and finance organizations as well as filers in the United States with tax-related scams. Researchers at cybersecurity company Proofpoint wrote in a report this week that the return of tax season reliably brought the threat group TA576 back into action.

Scams

Scams Accountability Cybersecurity Social Engineering

TikTok Ban Banned — Montana Loses in US Court

Security Boulevard

DECEMBER 1, 2023

For you plague, still: States can’t just ban apps, says federal judge. The post TikTok Ban Banned — Montana Loses in US Court appeared first on Security Boulevard.

Digital transformation

Digital transformation Social Engineering Spyware Data privacy

Google Whistles While OAuth Burns — ‘MultiLogin’ 0-Day is 70+ Days Old

Security Boulevard

JANUARY 2, 2024

What a Mickey Mouse operation: Infostealer scrotes having a field day with unpatched vulnerability. The post Google Whistles While OAuth Burns — ‘MultiLogin’ 0-Day is 70+ Days Old appeared first on Security Boulevard.

Social Engineering

Social Engineering Accountability Account Security Data privacy

Meta Sued for Ignoring its Underage Kids Problem (Because Money)

Security Boulevard

NOVEMBER 27, 2023

Don’t be square: Newly-unsealed COPPA suit says Zuck’s mob knows full well there are loads of users under the age of 13, but did nothing. The post Meta Sued for Ignoring its Underage Kids Problem (Because Money) appeared first on Security Boulevard.

Social Engineering

Social Engineering Identity Theft Data privacy Engineering

iPhone/iPad Warning: Update Now to Avoid Zero-Day Pain

Security Boulevard

OCTOBER 6, 2023

Apple’s embarrassing regression: iOS 17.0.3 fixes yet more nasty zero-days (and the overheating bug). The post iPhone/iPad Warning: Update Now to Avoid Zero-Day Pain appeared first on Security Boulevard.

Social Engineering

Social Engineering Data privacy Engineering Security Awareness

TikTok ‘Ban’ — ByteDance CEO and EFF are BFFs

Security Boulevard

MARCH 18, 2024

7521 momentum builds: Shou Zi Chew plays for time, while Electronic Frontier Foundation says TikTok-kill bill is DOA. The post TikTok ‘Ban’ — ByteDance CEO and EFF are BFFs appeared first on Security Boulevard.

Social Engineering

Social Engineering Spyware Media Data privacy

26 Cyber Security Stats Every User Should Be Aware Of in 2024

Security Affairs

FEBRUARY 8, 2024

Privacy Compliance: By 2024, 40% of privacy tools will rely on AI, highlighting its expanding role in ensuring data privacy and meeting regulations. Generative AI Impact : Generative AI will have a big role in cyber security, especially in areas like email protection and fighting social engineering attacks.

Social Engineering

Social Engineering Cyber Insurance Cyber Attacks IoT

More iOS Zero Days, More Mercenary Spyware — This Time: Cytrox Predator

Security Boulevard

SEPTEMBER 25, 2023

Apple Scrambled to Fix 3 More CVEs: Egyptian opposition presidential candidate Ahmed Eltantawy targeted “by the government. The post More iOS Zero Days, More Mercenary Spyware — This Time: Cytrox Predator appeared first on Security Boulevard.

Spyware

Spyware Government Social Engineering Data privacy

‘PrintListener’ Attack on Fingerprint Readers — Can You Trust Biometrics??

Security Boulevard

FEBRUARY 21, 2024

Mic Check: Researchers reconstruct your fingerprint by listening to you swipe. The post ‘PrintListener’ Attack on Fingerprint Readers — Can You Trust Biometrics?? appeared first on Security Boulevard.

Social Engineering

Social Engineering Authentication Data privacy Engineering

Google Kills 3rd-Party Cookies — but Monopolizes AdTech

Security Boulevard

SEPTEMBER 8, 2023

Firefox looking good right now: “Privacy Sandbox” criticized as a proprietary, hypocritical, anti-competitive, self-serving contradiction. The post Google Kills 3rd-Party Cookies — but Monopolizes AdTech appeared first on Security Boulevard.

Advertising

Advertising Social Engineering Data privacy Engineering

NSA iPhone Backdoor? Apple Avoids Russian Blame Game

Security Boulevard

DECEMBER 28, 2023

“No Ordinary Vulnerability” — Operation Triangulation research uncovers new details of fantastic attack chain. The post NSA iPhone Backdoor? Apple Avoids Russian Blame Game appeared first on Security Boulevard.

Digital transformation

Digital transformation Social Engineering Spyware Data privacy

Tim Hortons Privacy Investigation, Social Engineering Kill-Chain, Hospitals Sending Facebook Your Data

SIM Swappers Try Bribing T-Mobile and Verizon Staff $300

Trending Sources

DuckDuckGo Browser Allows Microsoft Trackers, Stolen Verizon Employee Database, Attacking Powered Off iPhones

Sprint Exposed Customer Support Site to Web

TikTok Ban Incoming — but ByteDance Fights Back

ADPPA US Privacy Law: Coming Soon in Wake of Roe v. Wade Redo

Three Risk Mitigation Strategies to Address the Latest Data Security Threats

Security Roundup May 2023

MY TAKE: COVID-19’s silver lining could turn out to be more rapid, wide adoption of cyber hygiene

Not the Invasion They Warned Us About: TikTok and the Continued Erosion of Online Privacy

How can small businesses ensure Cybersecurity?

South Korean iPhone Ban: MDM DMZ PDQ

FCC: Phone Network Bugs Must Be Fixed — But are SS7/Diameter Beyond Repair?

House Passes Privacy-Preserving Bill, but Biden Blasts it

What Is a Vulnerability Assessment? Types, Steps & Benefits

Revealed: Facebook’s “Incredibly Aggressive” Alleged Theft of Snapchat App Data

Apple OTP FAIL: ‘MFA Bomb’ Warning — Locks Accounts, Wipes iPhones

Apple M-Series FAIL: GoFetch Flaw Finds Crypto Keys

5 Cybersecurity Trends in the Professional Services Sector

XZ Utils-Like Takeover Attempt Targets the OpenJS Foundation

PRC State Hacking: ‘Chinese Edward Snowden’ Spills I?Soon Secrets in Huge Dump of TTPs

Cheap Video Doorbell Cams: Tools of Stalkers and Thieves

‘Total Bollocks’ — No, Your Toothbrush isn’t DDoS’ing

US Will Fight Russian Disinformation — Hacks and Leaks and Deepfakes, Oh My!

Malicious AdTech Spies on People as NatSec Targets

Linux Vendors Squawk: PATCH NOW — CVSS 9.8 Bootkit Bug in shim.efi

LockBit Takedown by Brits — Time for ‘Operation Cronos’

Telegram Privacy Nightmare: Don’t Opt In to P2PL

Facebook’s New Privacy Nightmare: ‘Link History’

China Cracks Apple Private Protocol — AirDrop Pwned

Massive ‘New’ Leaked Credentials List: Naz.API Pwns Troy

Russia Hacks Ukraine, Ukraine Hacks Russia — Day#658

Google to Force-Block Ad Blockers — Time to Get Firefox?

Tax Season is Upon Us, and So Are the Scammers

TikTok Ban Banned — Montana Loses in US Court

Google Whistles While OAuth Burns — ‘MultiLogin’ 0-Day is 70+ Days Old

Meta Sued for Ignoring its Underage Kids Problem (Because Money)

iPhone/iPad Warning: Update Now to Avoid Zero-Day Pain

TikTok ‘Ban’ — ByteDance CEO and EFF are BFFs

26 Cyber Security Stats Every User Should Be Aware Of in 2024

More iOS Zero Days, More Mercenary Spyware — This Time: Cytrox Predator

‘PrintListener’ Attack on Fingerprint Readers — Can You Trust Biometrics??

Google Kills 3rd-Party Cookies — but Monopolizes AdTech

NSA iPhone Backdoor? Apple Avoids Russian Blame Game

Stay Connected