online privacy - itbusinessdirect

New Intel security flaw allows remote access to corporate laptops by hackers

January 16, 2018

Remember the latest “Spectre” and “Meltdown” vulnerabilities recently found in the micro-chips that are used in almost all computers, tablets and smartphones today? A new security flaw has been found in Intel hardware by Finish company F-Secure. The new vulnerability could enable hackers to access corporate laptops remotely. F-Secure said in a statement that the flaw was an issue within Intel Active Management Technology (AMT), “which is commonly found in most corporate laptops, (and) allows an attacker to take complete control over a user’s device in a matter of seconds,”…

Google Docs phishing attack is fixed

May 4, 2017 Dianne Jacobs

Google Docs users were hit by a widespread phishing attempt everywhere being spammed with what appeared to be malicious invitations to log on to their Google accounts. Unlike your garden-variety cyberattack, many of the telltale signs that could tip off that something was awry are absent. What made this attack so tricky to detect was that it took advantage of Google’s legitimate tool for sharing data with responsible third-party apps. Since the bogus invitation was being routed through Google’s real system, nothing was misspelled, the icons looked accurate, and it’s hard to know something’s…

Phishing attacks using internationalized domains are hard to block

April 24, 2017 Dianne Jacobs

Attackers can evade a security mechanism and abuse Unicode domains to phish for the login credentials of Chrome, Firefox, and Opera users. Security researcher Xudong Zheng has developed a proof-of-concept that exploits an issue in some web browsers. Attackers can abuse this sleight of hand to redirect users to phishing websites. All they need to do is use Punycode, which relies on ASCII characters to convey foreign characters. The Punycode domain “xn--pple-43d.com” is equivalent to “apple.com”, for example. As long as a web browser translates the Punycode into what’s known…

BankBot trojan hits Google Play

April 20, 2017April 21, 2017

A trojan virus that affects Android devices leaked online in January. This was the BankBot, a banking malware which disguised itself as a harmless program and able to avoid Google’s security scans. Weeks after the attack, the malware found its way to Google Play Store. What makes this vicious banking Trojan threatening is that it was able to find a way of hiding in apps using a variety of names on Play Store. On is Funny Videos 2017 and the other is the HappyTimes Videos, with the latter discovered just…

ISPs argue Web history isn’t “sensitive” they should be able to sell it

March 21, 2017April 21, 2017

Internet providers are continuing to argue that they should be free to share and sell users’ web history without permission because it isn’t “sensitive information.” “Web browsing and app usage history are not ‘sensitive information,’” CTIA said in a filing with the Federal Communications Commission yesterday. CTIA is the main lobbyist group representing mobile broadband providers such as AT&T, Verizon Wireless, T-Mobile USA, and Sprint. The disagreement is around whether internet providers should be treated differently than web companies, like Facebook and Google. Internet providers argue that it’s unfair that the…

WikiLeaks announces tech firm cooperation

March 10, 2017April 21, 2017

The anti-secrecy platform WikiLeaks has said it would work with tech firms to fix security flaws before publishing them. Customers’ trust in firms like Google and Apple has already been eroded by the Snowden leaks. Google, Apple, Microsoft, Samsung and other major tech companies have been faced with new dilemmas by the latest WikiLeaks release. The “Vault 7” dump of CIA files has exposed a number of security breaches in their software, which US intelligence has exploited and kept secret so that it can continue to hack into smartphones, computers,…

FCC halts regulations to protect data security

March 9, 2017April 21, 2017

Many people realize Web services like Facebook or Google are monitoring their activities and security is not guaranteed, but companies also collect data in less obvious ways. Large websites and smaller businesses running smartphone apps do everything they can to collect information to tailor advertising or sell it to third parties interested in doing the same. The Federal Communications Commission in the United states FCC has been pushing through rules requiring internet service providers to disclose in plain language how consumer data is collected, how it’s shared with third parties…

Tech devices in your home could be spying on you

February 21, 2017March 3, 2017

We’re living in a digital world where being connected is critical to almost everything we do. Some of the tech devices inside homes could be spying on you and tracking every move you make, but there are some things you can do to stop it. Tech experts say technology today is watching, copying, and even sharing that information and you may not realize it. From teapots to toasters to refrigerators, is your technology spying on you? Jerry Irvine, a member of Homeland Security’s Cyber Task Force says home technology is…

New York unveils final cybersecurity regulations

February 17, 2017March 3, 2017

Cybercriminals can cause significant financial losses for business entities as well as for consumers whose private information may be revealed and/or stolen for illicit purposes. The financial services industry is a significant target of cybersecurity threats. The New York Department of Financial Services unveiled the final cybersecurity regulations, which includes certain regulatory minimum standards while encouraging firms to keep pace with technological advances. New York is the financial capital of the world, and it’s critical that we do everything in our power to protect consumers and our financial system from the…

Google Gets Rid of 1.7 Billion Bad Ads

January 31, 2017 Dianne Jacobs

Google has reported that it removed 1.7 billion bad advertisements from its various sites in 2016, more than double the prior year’s totals. The firm took several steps to crack down on the deceptive advertising, including updating its policies to protect users from “misleading and predatory offers.” It also beefed up its technology to help identify misleading ads and remove them, according to Scott Spencer, Google’s director of product management, sustainable ads. The director noted that free and open Web is a vital resource for individuals and businesses around the…