Chinese Hackers Believed to be Behind SITA, Air India Data Breach – Tempemail

The cyber assault on Air India that came to light last month lasted for a period of at least two months and 26 days, new research has revealed, which attributed the incident with moderate confidence to a Chinese nation-state threat actor called APT41. Group-IB dubbed the campaign “ColunmTK” based on Continue Reading

TikTok Quietly Updated Its Privacy Policy to Collect Users’ Biometric Data – Tempemail

Popular short-form video-sharing service TikTok quietly revised its privacy policy in the U.S., allowing it to automatically collect biometric information such as faceprints and voiceprints from the content its users post on the platform. The policy change, first spotted by TechCrunch, went into effect on June 2. TikTok users who Continue Reading

UK and EU investigate Facebook over unfair use of data in digital advertising | Facebook- Tempemail

UK and EU regulators are investigating Facebook over whether it is abusing its dominance in digital advertising. It marks the first time the regulators have coordinated on a major inquiry since Brexit, and strikes at the core of Facebook’s revenues, which rely heavily on selling advertising on its platform. The Continue Reading

Data Wiper Malware Disguised As Ransomware Targets Israeli Entities – Tempemail

Researchers on Tuesday disclosed a new espionage campaign that resorts to destructive data-wiping attacks targeting Israeli entities at least since December 2020 that camouflage the malicious activity as ransomware extortions. Cybersecurity firm SentinelOne attributed the attacks to a nation-state actor affiliated with Iran it tracks under the moniker “Agrius.” “An Continue Reading

Microsoft Warns of Data Stealing Malware That Pretends to Be Ransomware – Tempemail

Microsoft on Thursday warned of a “massive email campaign” that’s pushing a Java-based STRRAT malware to steal confidential data from infected systems while disguising itself as a ransomware infection. “This RAT is infamous for its ransomware-like behavior of appending the file name extension .crimson to files without actually encrypting them,” Continue Reading

Let’s make sure our personal data works for us – not against us – after the pandemic | Laura Spinney- Tempemail

How is it that we live in a world that is awash with our personal information, where most of us would be shocked if we knew exactly how much we give away about ourselves each day – and yet, when a crisis came along in which that information could have Continue Reading

23 Android Apps Expose Over 100,000,000 Users’ Personal Data – Tempemail

Misconfigurations in multiple Android apps leaked sensitive data of more than 100 million users, potentially making them a lucrative target for malicious actors. “By not following best-practices when configuring and integrating third-party cloud-services into applications, millions of users’ private data was exposed,” Check Point researchers said in an analysis published Continue Reading

How Apple Gave Chinese Government Access to iCloud Data and Censored Apps – Tempemail

In July 2018, when Guizhou-Cloud Big Data (GCBD) agreed to a deal with state-owned telco China Telecom to move users’ iCloud data belonging to Apple’s China-based users to the latter’s servers, the shift raised concerns that it could make user data vulnerable to state surveillance. Now, according to a deep-dive Continue Reading

Apple’s Find My Network Can be Abused to Exfiltrate Data From Nearby Devices – Tempemail

Latest research has demonstrated a new exploit that enables arbitrary data to be uploaded from devices that are not connected to the Internet by simply sending “Find My Bluetooth” broadcasts to nearby Apple devices. “It’s possible to upload arbitrary data from non-internet-connected devices by sending Find My [Bluetooth Low Energy] Continue Reading

Can Data Protection Systems Prevent Data At Rest Leakage? – Tempemail

Protection against insider risks works when the process involves controlling the data transfer channels or examining data sources. One approach involves preventing USB flash drives from being copied or sending them over email. The second one concerns preventing leakage or fraud in which an insider accesses files or databases with Continue Reading