Data privacy, Mobile and Social Engineering

Sprint Exposed Customer Support Site to Web

Krebs on Security

JANUARY 29, 2020

leaked internal customer support data to the Internet, mobile provider Sprint has addressed a mix-up in which posts to a private customer support community were exposed to the Web. A message Microsoft sent to customers affected by their recent leak of customer support data. Fresh on the heels of a disclosure that Microsoft Corp.

Social Engineering

Social Engineering Telecommunications Engineering Data privacy

SIM Swappers Try Bribing T-Mobile and Verizon Staff $300

Security Boulevard

APRIL 16, 2024

The post SIM Swappers Try Bribing T-Mobile and Verizon Staff $300 appeared first on Security Boulevard. Not OK: SMS 2FA — Widespread spam targets carrier employees, as scrotes try harder to evade two-factor authentication.

Mobile

Mobile Authentication Social Engineering Wireless

26 Cyber Security Stats Every User Should Be Aware Of in 2024

Security Affairs

FEBRUARY 8, 2024

Privacy Compliance: By 2024, 40% of privacy tools will rely on AI, highlighting its expanding role in ensuring data privacy and meeting regulations. Generative AI Impact : Generative AI will have a big role in cyber security, especially in areas like email protection and fighting social engineering attacks.

Social Engineering

Social Engineering Cyber Attacks Cyber Insurance IoT

DuckDuckGo Browser Allows Microsoft Trackers, Stolen Verizon Employee Database, Attacking Powered Off iPhones

Security Boulevard

JUNE 5, 2022

The DuckDuckGo mobile browser allows Microsoft trackers due to an agreement in their syndicated search content contract, a database of contact details for hundreds of Verizon employees was compromised after an employee was social engineered to give the attacker remote access to their corporate computer, and details about new research that shows that (..)

Social Engineering

Social Engineering Mobile Engineering Data privacy

TikTok Ban Incoming — but ByteDance Fights Back

Security Boulevard

MARCH 8, 2024

Hilltop BillTok: ByteDance mobilizing addicted user base, as U.S. TikTok ban steamrolls through Capitol Hill after unanimous committee vote. The post TikTok Ban Incoming — but ByteDance Fights Back appeared first on Security Boulevard.

Mobile

Mobile Social Engineering Spyware Media

GUEST ESSAY: A call to decentralize social identities — to curtail social media privacy abuses

The Last Watchdog

AUGUST 15, 2023

For instance, to hack decentralized end-to-end encrypted data, a hacker must compromise multiple nodes on the storage network to gain access to the data. These steps are incredibly labor-intensive and extremely difficult and at great cost. Web2 to Web3 Notably, Web2 and Web3’s current landscape has stark fundamental differences.

Media

Media Accountability Social Engineering Hacking

FIDO, Biometry and Contactless: Enhancing End User Adoption of Phishing-Resistant MFA

Thales Cloud Protection & Licensing

NOVEMBER 29, 2023

FIDO, Biometry and Contactless: Enhancing End User Adoption of Phishing-Resistant MFA madhav Thu, 11/30/2023 - 04:52 The surge in social engineering and phishing attacks seeking to bypass established multi-factor authentication (MFA) methods indicates that organizations must move to phishing-resistant MFA.

Phishing

Phishing Authentication Mobile Data privacy

Strong Authentication – Robust Identity and Access Management Is a Strategic Choice

Security Affairs

JULY 29, 2022

Reduce identity theft from phishing and other social engineering schemes. With MFA, a password alone is insufficient to grant access, so credential stuffing and brute force attacks are rendered useless. These require MFA use throughout subordinate enterprises. She has written for Bora , Venafi, Tripwire and many other sites.

Authentication

Authentication Passwords Data privacy Identity Theft

ADPPA US Privacy Law: Coming Soon in Wake of Roe v. Wade Redo

Security Boulevard

JUNE 27, 2022

But the American Data Privacy and Protection Act wasn’t the only privacy related issue on Capitol Hill last week. The post ADPPA US Privacy Law: Coming Soon in Wake of Roe v. We could soon have a federal GDPR. Wade Redo appeared first on Security Boulevard.

Data privacy

Data privacy Social Engineering IoT Engineering

Three Risk Mitigation Strategies to Address the Latest Data Security Threats

CyberSecurity Insiders

JUNE 7, 2023

The RESTRICT Act outlines guidelines for data sharing, encompassing a wide range of information beyond personal data; and establishes a risk-based process directed toward identifying and mitigating foreign threats to information and communications technology products and services. Assess your identity and access management framework.

Risk

Risk Artificial Intelligence Technology Digital transformation

MY TAKE: COVID-19’s silver lining could turn out to be more rapid, wide adoption of cyber hygiene

The Last Watchdog

MAY 11, 2020

Related: How the Middle East has advanced mobile security regulations Over the past couple of decades, meaningful initiatives to improve online privacy and security, for both companies and consumers, incrementally gained traction in the tech sector and among key regulatory agencies across Europe, the Middle East and North America.

Computers and Electronics

Computers and Electronics Data privacy Encryption Media

Not the Invasion They Warned Us About: TikTok and the Continued Erosion of Online Privacy

Approachable Cyber Threats

AUGUST 2, 2021

social engineer a mobile provider employee to facilitate a SIM swap). Data collection should always remain explicitly opt-in except for a well-defined bare minimum data set required to deliver the service and the service alone with explicitly stated usage details for such data required.

Data collection

Data collection Media Mobile Identity Theft

5 Cybersecurity Trends in the Professional Services Sector

Security Affairs

SEPTEMBER 21, 2019

Hackers aren’t only coders — they’re also social engineers. Hackers Target Mobile Devices. Data Privacy and Data Stewardship Are Becoming High Priorities. New data regulations, like the GDPR in Europe , have made data breaches more costly than ever. Most phishing happens over email.

Cybersecurity

Cybersecurity Data breaches Artificial Intelligence Phishing

7 Best Email Security Software & Tools in 2023

eSecurity Planet

OCTOBER 6, 2023

Despite all the advances in cybersecurity, email remains the starting point for the vast majority of cyberattacks, as phishing, malware and social engineering remain effective attack techniques. Cons One notable limitation is the lack of support for mobile devices, which may be a disadvantage for firms employing a mobile workforce.

Software

Software Phishing Mobile Threat Detection

How can small businesses ensure Cybersecurity?

CyberSecurity Insiders

JUNE 7, 2023

This culture has given rise to a large number of personal devices like mobile phones, laptops, and tablets that can easily access sensitive information. Legal ramifications Small organizations are also subject to various industry legal and regulatory regulations like GDPR , HIPAA , and CCPA to maintain data privacy.

Small Business

Small Business Cybersecurity Cyber Attacks Data breaches

Security Roundup May 2023

BH Consulting

MAY 23, 2023

Curated advice, guidance, learning and trends in cybersecurity and privacy, as chosen by our consultants. Say it again, I double dare you Anyone familiar with phishing and social engineering will know scammers often use psychological tricks to get victims to divulge personal data.

Artificial Intelligence

Artificial Intelligence Identity Theft Social Engineering InfoSec

FCC: Phone Network Bugs Must Be Fixed — But are SS7/Diameter Beyond Repair?

Security Boulevard

APRIL 5, 2024

Fast enough for government work: The Federal Communications Commission is finally minded to do something about decades-old vulnerabilities. The post FCC: Phone Network Bugs Must Be Fixed — But are SS7/Diameter Beyond Repair? appeared first on Security Boulevard.

Government

Government Digital transformation Telecommunications Social Engineering

Temu is Malware — It Sells Your Info, Accuses Ark. AG

Security Boulevard

JUNE 28, 2024

Chinese fast-fashion-cum-junk retailer “is a data-theft business.” The post Temu is Malware — It Sells Your Info, Accuses Ark. AG appeared first on Security Boulevard.

Malware

Malware Retail Social Engineering Data privacy

‘Total Bollocks’ — No, Your Toothbrush isn’t DDoS’ing

Security Boulevard

FEBRUARY 7, 2024

PR FAIL: Were 3 million toothbrushes hacked into a botnet? Or does a Fortinet spokeschild have egg on his face? The post ‘Total Bollocks’ — No, Your Toothbrush isn’t DDoS’ing appeared first on Security Boulevard.

Hacking

Hacking Social Engineering DDOS Internet

Apple API Allows Wi-Fi AP Location Tracking

Security Boulevard

MAY 23, 2024

Privacy FAIL: Apple location service returns far more data than it should, to people who have no business knowing it, without your permission. The post Apple API Allows Wi-Fi AP Location Tracking appeared first on Security Boulevard.

Social Engineering

Social Engineering Data privacy Engineering IoT

Facebook’s New Privacy Nightmare: ‘Link History’

Security Boulevard

JANUARY 3, 2024

The post Facebook’s New Privacy Nightmare: ‘Link History’ appeared first on Security Boulevard. How stupid does he think we are? You’ll want to turn off this new app setting.

Social Engineering

Social Engineering Advertising Data privacy Engineering

Encryption: How It Works, Types, and the Quantum Future

eSecurity Planet

MAY 25, 2022

Individuals, small businesses, and enterprise organizations all rely on encryption to securely store and transfer sensitive data across wide-area networks (WAN) like the internet. Application developers managing sensitive user data must especially beware of increasing regulatory action surrounding data privacy.

Encryption

Encryption Computers and Electronics Password Management Passwords

Malicious AdTech Spies on People as NatSec Targets

Security Boulevard

JANUARY 25, 2024

Targeted ads target targets: Patternz and Nuviad enable potentially hostile governments to track individuals by misusing ad bidding. The post Malicious AdTech Spies on People as NatSec Targets appeared first on Security Boulevard.

Government

Government Social Engineering Advertising Data privacy

Revealed: Facebook’s “Incredibly Aggressive” Alleged Theft of Snapchat App Data

Security Boulevard

MARCH 27, 2024

The post Revealed: Facebook’s “Incredibly Aggressive” Alleged Theft of Snapchat App Data appeared first on Security Boulevard. Meta MITM IAAP SSL bump: Zuck ordered “Project Ghostbusters”—with criminal consequences, says class action lawsuit.

Social Engineering

Social Engineering VPN Data privacy Engineering

‘Polyfill’ Supply Chain Threat: 4x Worse Than We Thought

Security Boulevard

JULY 5, 2024

Spackle attack: Chinese company takes over widely used free web service—almost 400,000 websites at risk. The post ‘Polyfill’ Supply Chain Threat: 4x Worse Than We Thought appeared first on Security Boulevard.

Risk

Risk Social Engineering Data privacy Software

‘Perfect 10’ Apple Supply Chain Bug — Millions of Apps at Risk of CocoaPods RCE

Security Boulevard

JULY 2, 2024

Tim looks grim: 10 year old vulnerabilities in widely used dev tool include a CVSS 10.0 remote code execution bug. The post ‘Perfect 10’ Apple Supply Chain Bug — Millions of Apps at Risk of CocoaPods RCE appeared first on Security Boulevard.

Risk

Risk Social Engineering Data privacy Software

PRC State Hacking: ‘Chinese Edward Snowden’ Spills I?Soon Secrets in Huge Dump of TTPs

Security Boulevard

FEBRUARY 22, 2024

Underpaid, overworked and angry: Whistleblower in hacker contractor firm for Chinese government blows lid off tactics, techniques and procedures. The post PRC State Hacking: ‘Chinese Edward Snowden’ Spills I‑Soon Secrets in Huge Dump of TTPs appeared first on Security Boulevard.

Hacking

Hacking Government Digital transformation Social Engineering

EFF Angry as Google Keeps 3rd-Party Cookies in Chrome

Security Boulevard

JULY 23, 2024

Regulatory capture by stealth? Google changes its mind about third-party tracking cookies—we’re stuck with them for the foreseeable. The post EFF Angry as Google Keeps 3rd-Party Cookies in Chrome appeared first on Security Boulevard.

Social Engineering

Social Engineering Advertising Marketing Surveillance

Apple Enrages IT — 45-Day Cert Expiration Fury

Security Boulevard

OCTOBER 16, 2024

CA/B testing: Ludicrous proposal draws ire from “furious” systems administrators. The post Apple Enrages IT — 45-Day Cert Expiration Fury appeared first on Security Boulevard.

System Administration

System Administration Social Engineering Data privacy IoT

‘Russia’ Breaches TeamViewer — ‘No Evidence’ Billions of Devices at Risk

Security Boulevard

JULY 1, 2024

SolarWinds hackers strike again: Remote access service hacked—by APT29, says TeamViewer. The post ‘Russia’ Breaches TeamViewer — ‘No Evidence’ Billions of Devices at Risk appeared first on Security Boulevard.

Risk

Risk Hacking Social Engineering Authentication

China Cracks Apple Private Protocol — AirDrop Pwned

Security Boulevard

JANUARY 10, 2024

AirDrop hashing is weaksauce: Chinese citizens using peer-to-peer wireless comms “must be identified.” The post China Cracks Apple Private Protocol — AirDrop Pwned appeared first on Security Boulevard.

Wireless

Wireless Social Engineering Firewall Data privacy

Dropbox Hacked: eSignature Service Breached

Security Boulevard

MAY 2, 2024

Drop Dropbox? The company apologized as user details were leaked from its “Dropbox Sign” product. The post Dropbox Hacked: eSignature Service Breached appeared first on Security Boulevard.

Hacking

Hacking Social Engineering Data privacy Engineering

South Korean iPhone Ban: MDM DMZ PDQ

Security Boulevard

APRIL 29, 2024

MDM Hindered: Android phones are still OK; this is Samsung’s home, after all. The post South Korean iPhone Ban: MDM DMZ PDQ appeared first on Security Boulevard.

Social Engineering

Social Engineering Data privacy IoT Engineering

Massive ‘New’ Leaked Credentials List: Naz.API Pwns Troy

Security Boulevard

JANUARY 18, 2024

Have I been pwned? Yes, you probably have. Stop reusing passwords, already. Here’s what else you should do. The post Massive ‘New’ Leaked Credentials List: Naz.API Pwns Troy appeared first on Security Boulevard.

Passwords

Passwords Social Engineering Data privacy Authentication

Apple OTP FAIL: ‘MFA Bomb’ Warning — Locks Accounts, Wipes iPhones

Security Boulevard

MARCH 28, 2024

Rethink different: First, fatigue frightened users with multiple modal nighttime notifications. Next, call and pretend to be Apple support. The post Apple OTP FAIL: ‘MFA Bomb’ Warning — Locks Accounts, Wipes iPhones appeared first on Security Boulevard.

Accountability

Accountability Social Engineering Authentication Data privacy

Linux Vendors Squawk: PATCH NOW — CVSS 9.8 Bootkit Bug in shim.efi

Security Boulevard

FEBRUARY 8, 2024

Snow joke: A Microsoft researcher found it—and it’s somehow Microsoft’s fault. The post Linux Vendors Squawk: PATCH NOW — CVSS 9.8 Bootkit Bug in shim.efi appeared first on Security Boulevard.

Social Engineering

Social Engineering Data privacy IoT Engineering

AT&T Says 110M Customers’ Data Leaked — Yep, it’s Snowflake Again

Security Boulevard

JULY 12, 2024

Should’ve used MFA: $T loses yet more customer data—this time, from almost all of them. The post AT&T Says 110M Customers’ Data Leaked — Yep, it’s Snowflake Again appeared first on Security Boulevard.

Social Engineering

Social Engineering Authentication Data privacy Engineering

Apple M-Series FAIL: GoFetch Flaw Finds Crypto Keys

Security Boulevard

MARCH 22, 2024

GoFAIL: Researchers worm their way into broken cache-filling microcode in most Macs and iPads. The post Apple M-Series FAIL: GoFetch Flaw Finds Crypto Keys appeared first on Security Boulevard.

Social Engineering

Social Engineering Data privacy Engineering Security Awareness

TikTok Ban — ByteDance Sues US to Kill Bill

Security Boulevard

MAY 8, 2024

PAFACA SueTok: U.S. Courts “likely” to rule whether new law is constitutional—or even practical. The post TikTok Ban — ByteDance Sues US to Kill Bill appeared first on Security Boulevard.

Social Engineering

Social Engineering Spyware Media Data privacy

Cheap Video Doorbell Cams: Tools of Stalkers and Thieves

Security Boulevard

MARCH 1, 2024

EKEN IoT FAIL: Amazon, Sears and Shein still sell security swerving stuff. The post Cheap Video Doorbell Cams: Tools of Stalkers and Thieves appeared first on Security Boulevard.

IoT

IoT Social Engineering Internet Internet

US Will Fight Russian Disinformation — Hacks and Leaks and Deepfakes, Oh My!

Security Boulevard

FEBRUARY 27, 2024

Pay no attention to that man: State Dept. Global Engagement Centre chief James Rubin (pictured) follows the yellow brick road. The post US Will Fight Russian Disinformation — Hacks and Leaks and Deepfakes, Oh My! appeared first on Security Boulevard.

Hacking

Hacking Social Engineering Data privacy Engineering

What Is a Vulnerability Assessment? Types, Steps & Benefits

eSecurity Planet

APRIL 20, 2023

Application vulnerability assessment: This type includes assessments of web applications, mobile apps, and other software platforms, looking for code vulnerabilities, unapplied patches, access management issues, and more. Social engineering methods include phishing , baiting, and tailgating.

Social Engineering

Social Engineering Data breaches Wireless Software

10 Top Ways: Building an Effective Cybersecurity Awareness Campaign

SecureWorld News

OCTOBER 27, 2021

According to both Wilson and Egan, promoting lesser known cybersecurity social media holidays, like Data Privacy Day and Digital Spring Cleaning, can help up interaction, too. I can go into my [saved] folders, and find our folder on social engineering. data privacy. social media safety.

Cybersecurity

Cybersecurity Cybercrime Security Awareness Education

Biggest Ever Password Leak — but is ObamaCare’s RockYou2024 Really NEW?

Security Boulevard

JULY 9, 2024

Credential crunch: Ten billion plain-text passwords in a file—sky falling or situation normal? The post Biggest Ever Password Leak — but is ObamaCare’s RockYou2024 Really NEW? appeared first on Security Boulevard.

Passwords

Passwords Social Engineering Data privacy IoT

Sprint Exposed Customer Support Site to Web

SIM Swappers Try Bribing T-Mobile and Verizon Staff $300

Trending Sources

26 Cyber Security Stats Every User Should Be Aware Of in 2024

DuckDuckGo Browser Allows Microsoft Trackers, Stolen Verizon Employee Database, Attacking Powered Off iPhones

TikTok Ban Incoming — but ByteDance Fights Back

GUEST ESSAY: A call to decentralize social identities — to curtail social media privacy abuses

FIDO, Biometry and Contactless: Enhancing End User Adoption of Phishing-Resistant MFA

Strong Authentication – Robust Identity and Access Management Is a Strategic Choice

ADPPA US Privacy Law: Coming Soon in Wake of Roe v. Wade Redo

Three Risk Mitigation Strategies to Address the Latest Data Security Threats

MY TAKE: COVID-19’s silver lining could turn out to be more rapid, wide adoption of cyber hygiene

Not the Invasion They Warned Us About: TikTok and the Continued Erosion of Online Privacy

5 Cybersecurity Trends in the Professional Services Sector

7 Best Email Security Software & Tools in 2023

How can small businesses ensure Cybersecurity?

Security Roundup May 2023

FCC: Phone Network Bugs Must Be Fixed — But are SS7/Diameter Beyond Repair?

Temu is Malware — It Sells Your Info, Accuses Ark. AG

‘Total Bollocks’ — No, Your Toothbrush isn’t DDoS’ing

Apple API Allows Wi-Fi AP Location Tracking

Facebook’s New Privacy Nightmare: ‘Link History’

Encryption: How It Works, Types, and the Quantum Future

Malicious AdTech Spies on People as NatSec Targets

Revealed: Facebook’s “Incredibly Aggressive” Alleged Theft of Snapchat App Data

‘Polyfill’ Supply Chain Threat: 4x Worse Than We Thought

‘Perfect 10’ Apple Supply Chain Bug — Millions of Apps at Risk of CocoaPods RCE

PRC State Hacking: ‘Chinese Edward Snowden’ Spills I?Soon Secrets in Huge Dump of TTPs

EFF Angry as Google Keeps 3rd-Party Cookies in Chrome

Apple Enrages IT — 45-Day Cert Expiration Fury

‘Russia’ Breaches TeamViewer — ‘No Evidence’ Billions of Devices at Risk

China Cracks Apple Private Protocol — AirDrop Pwned

Dropbox Hacked: eSignature Service Breached

South Korean iPhone Ban: MDM DMZ PDQ

Massive ‘New’ Leaked Credentials List: Naz.API Pwns Troy

Apple OTP FAIL: ‘MFA Bomb’ Warning — Locks Accounts, Wipes iPhones

Linux Vendors Squawk: PATCH NOW — CVSS 9.8 Bootkit Bug in shim.efi

AT&T Says 110M Customers’ Data Leaked — Yep, it’s Snowflake Again

Apple M-Series FAIL: GoFetch Flaw Finds Crypto Keys

TikTok Ban — ByteDance Sues US to Kill Bill

Cheap Video Doorbell Cams: Tools of Stalkers and Thieves

US Will Fight Russian Disinformation — Hacks and Leaks and Deepfakes, Oh My!

What Is a Vulnerability Assessment? Types, Steps & Benefits

10 Top Ways: Building an Effective Cybersecurity Awareness Campaign

Biggest Ever Password Leak — but is ObamaCare’s RockYou2024 Really NEW?

Stay Connected