Kenyans to rely on new Data Protection Law

Data protection

The Data Protection Act that came into effect last month is expected to provide a framework for data protection in the country, and help boost privacy of the citizens. Before the Act was passed, Kenya did not have a specific data protection law that regulated the sector, exposing private data of citizens to misuse. The law conceived in 2015 is meant to provide a regulatory provision in the collection, retrieval, processing, storing, use and disclosure of personal data. Under Article 31(c), the Act outlines the right of every person not…

Read More

Kenyan Parents Urged to Monitor Children’s online consumption

Parents

Now that the children have closed school for the holidays, it is no doubt that some if not most of them will be on their phones chatting and sharing pictures on the different social media platforms and browsing on the internet for what’s new and trendy. Some children as young as 10 years old own phones. This is totally different from how things were in the past. Nowadays children prefer staying indoors and using their phones or playing video games than playing outside. ICT regulator Communications Authority of Kenya (CA)…

Read More

17 Canadian federal depts. and agencies failed basic tests for credit card data security

Facebook

The Canada Revenue Agency, the RCMP, Statistics Canada and more than a dozen other federal departments and agencies have failed an international test of the security of their credit card payment systems. Altogether, half of the 34 federal institutions authorized by the banking system to accept credit-card payments from citizens and others have flunked the test — risking fines and even the revocation of their ability to accept credit and debit payments. Those 17 departments and agencies continue to process payments on Visa, MasterCard, Amex, the Tokyo-based JCB and China…

Read More

South Africa’s Second biggest database leak exposes almost 1 million personal records

Barely a year after South Africa’s largest data leak was revealed in 2017, the country has suffered yet another data leak as 934,000 personal records of South Africans have been leaked publicly online. The data includes, among others, national identity numbers (ID numbers), e-mail addresses, full names, as well as plain text passwords to what appears to be a traffic fines related online system. Working together with Troy Hunt, an Australian Security consultant and founder of haveibeenpwned, along with an anonymous source that has been communicating with iAfrikan and Hunt, we’ve managed to establish that the…

Read More

Hackers Threaten ‘Game of Thrones,’ as HBO Confirms Cyberattack

HBO has been the latest target of a cyber-attack. HBO confirmed on Monday that the network had been the target of a cyberattack, as an anonymous hacker boasted about leaking full episodes of upcoming shows along with written material from next week’s episode of “Game of Thrones.” The hack was announced to media via an anonymous email which claimed 1.5 terabytes of data from secure HBO networks was accessed, according to Entertainment Weekly. Unaired episodes of “Ballers” and “Room 104” may have been published online, and the hacker vowed more…

Read More

Cyber spies use female ‘honey pot’ to lure LinkedIn targets

MIA Ash is an attractive 30-year-old  British woman with two art school degrees , a successful career as a photographer with hundreds of social media connections. She has common favorite hobbies with social media users, so when she adds a target as a friend,  they probably get flattered and a little bit excited. After exchanging messages on LinkedIn, The target is happy to continue the conversation on Facebook and WhatsApp. One problem though, Mia does not exist. Instead, she’s a persona, her biography fabricated and her photos stolen from another…

Read More

Microsoft Patches 56 Vulnerabilities

Microsoft has released an urgent update to stop hackers taking control of computers with a single email. The unusual bug, in Microsoft anti-malware software such as Windows Defender, could be exploited without the recipient even opening the message. Researchers working for Google’s Project Zero cyber-security outfit discovered the flaw at the weekend. The fix has been specially pushed out hours before the software giant’s monthly Tuesday security update. The update CVE-2017-0290 addresses a vulnerability that could allow remote code execution if the Microsoft Malware Protection Engine scans a specially crafted file.…

Read More

Machine learning set to Impact Online Security

Artificial Intelligence

Technology moves swiftly. Nowhere is that more accurate than in the current state of machine learning. A lack of awareness of security issues in the C-Suite and among employees is part of the problem, but the major cause is the enormous complexity of modern infrastructure deployments and the data generated by corporate and government networks. Finding security breaches is incredibly difficult. Online criminals want to remain hidden — if they’re discovered, it’s game over. They invest significant resources into hiding their presence, but it’s impossible for them to hide completely. There…

Read More

Google’s battle with Android malware: Who wins?

While most people are aware of the malicious threats targeting their computers, many still don’t realise that their mobile devices are an increasingly lucrative a target for cybercriminals. The main way smartphones are attacked is though apps, often ones which pose as innocent and useful but actually aim to steal data or in the case of ransomware, force users to pay up. Recently, google uncovered the Android version of Pegasus, a mobile spyware created by NSO Group, an Israeli surveillance company considered the most advanced producer of mobile spyware on…

Read More

Google Docs phishing attack is fixed

Google Docs users were hit by a widespread phishing attempt everywhere being spammed with what appeared to be malicious invitations to log on to their Google accounts. Unlike your garden-variety cyberattack, many of the telltale signs that could tip off that something was awry are absent. What made this attack so tricky to detect was that it took advantage of Google’s legitimate tool for sharing data with responsible third-party apps. Since the bogus invitation was being routed through Google’s real system, nothing was misspelled, the icons looked accurate, and it’s hard to know something’s…

Read More