Privacy News, Articles and Updates

State surveillance tool uses ISP to deliver malware to privacy seekers

Unnamed major internet providers are reported to be the distribution route for the spread of a new variant of government spyware FinFisher (also known as FinSpy) in two countries, targeting people seeking privacy.

Cloud providers must protect personally identifiable information

Protecting this data goes beyond your internal data governance processes says Jim Kaskade, it tests how well the business governs customer data beyond the firewall.

Report: Without safeguards, Internet & IoT may create surveillance states

A catastrophic worldwide cyber-attack, the emergence of an IoT-enabled surveillance state, and the weakening of encryption were among the chief security and privacy fears expressed by experts.

Protecting your network hive: 4 security trends you need to know about

In our connected society, securing the network "hive" is very much a team effort. Only by assessing and defining the landscape in the first instance can a successful security strategy be put in place says Russell Crampin

Apple iOS 11 makes it harder for law enforcement to access data

Apple is doubling down on its privacy beliefs with the latest iOS 11 which will reportedly add at least two new features designed to safeguard its owners' privacy.

Update: Free translation service denies report that it had a breach

It has been reported that a free online translation tool Translate.com which uses machine translation service Microsoft Translator, has suffered a major data breach, but the company has denied that it is a breach.

EU says prior permission required to monitor staff electronic communications

Organisations will have to ask permission first before being allowed to conduct electronic monitoring of staff.

21 EU members not complying with court ordered privacy rules: report

21 European Union members continue to retain personal data despite going against both their own and EU legal mandates.

Instagram hack victims identified, details now for sale on darkweb

The 500 A-list celebrities whose Instagram accounts have been hacked, and whose contact details are for sale on the dark web, have now been identified.

Instagram API hacked, targeting verified celeb accounts for nude pix

Just two days after Selena Gomez's Instagram account was hacked to post leaked nude photos of Justin Bieber, the social media company confirmed it was hit by a cyber-attack targeting several high profile celebrities.

CeX data breach - up to 2 million hit - and at risk of future scams

Today second hand games and electronics store CeX reported that it had been the victim of a massive data breach, issuing a statement to customers saying, "We have recently been subject to an online security breach."

Hackers leak more celeb nude pics - Dakota Johnson joins Miley Cyrus

Hackers leak more celeb nude pics - Dakota Johnson joins former sports couple Tiger Woods and Lindsey Vonn, actress Kristen Stewart, performers Miley Cyrus and Katharine McPhee, and model Stella Maxwell.

If you visited anti-Trump site, the US Justice wants your details

The US Justice Department has pressed DreamHost to hand over what amounts to more than 1.3 million IP addresses associated with visitors to disruptj20.org, the group that organised protests against Donald Trump on Inauguration Day 2017.

Amazon suspends sales of Blu Android phones amid spyware allegations

Kryptowire researchers reasserted their claims that certain Android phones manufactured by Blu sent sensitive information to third parties in China, claims which Blu denies.

Rudd reaps tech industry backlash for proposal to undermine encryption

UK home secretary Amber Rudd faced a barrage of criticism after she warned social media and tech companies that the Government may introduce laws to clamp down on extremist content if companies do not take action themselves.

Researchers pwn Alexa, turning Amazon Echo into covert snooping device

Older versions of Amazon Echo are vulnerable, and though physical access to the device is needed, this is more achievable with second hand devices.

Human rights organisations declare EU-US privacy shield invalid

US surveillance practices render EU-US Privacy Shield ineffective according to a recent letter from Amnesty International and Human Rights Watch.

Interview: Abeer Khedr, InfoSec director at National Bank of Egypt

Abeer Khedr has been the Information Security Director at National Bank of Egypt (NBE) since 2010. Since its birth in 1898 with a capital of £1 million, NBE is regarded as one of the oldest and most respected commercial banks in Egypt. SC's Ali Taherian caught up with Khedr to talk about some of the specific problems and solutions she deals with day to day.

Lords EU committee: no "clean break" when it comes to data protection

A new report from the House of Lords maps the data protection landscape post Brexit, and offers several warnings.

Jahoodists misspell to cloak interactions from state surveillance

A new report has revealed the tricks IS sympathisers use to avoid automated law enforcement surveillance software.

ICO sets out international vision and route to GDPR compliance

The ICO has released its international strategy, plotting its plans for Brexit and GDPR compliance.

As SME games company is fined 60k, ICO promises that none will be spared

A Northamptonshire games company has been fined, as an example that any, big or small, who break the rules will be dealt with accordingly says ICO.

Encryption-dodging hacking powers expanded for German law enforcement

German law enforcement have been granted new powers to hack criminal suspects

New EU digital commissioner fails to clarify position on encryption

In a two-and-a-half hour long confirmation hearing into the role, incoming digital commissioner, Mariya Gabriel, failed to share specifics of her position on encryption.

ICO fines grocers Morrisons for sending unwanted emails to customers

The Information Commissioner's Office (ICO) has run an investigation and concluded that Morrisons intentionally sent thousands of marketing emails to its card members.

Regs slam electoral office after data theft of ALL Hong Kong voters

The Hong Kong electoral commision has been criticised by privacy regulators after two laptops were stolen containing the information of all of Hong Kong's voters.

Russian hackers breached electoral systems of 39 US states

Russian hackers reportedly breached the electoral systems of at least 39 states during the summer and fall of 2016 accessing software designed to be used by poll workers on Election Day.

InfoSec 2017: Can you purchase your way to GDPR compliance?

In a room full of people selling boxes to help with GDPR compliance, SC was told there is no box that can make you GDPR compliant.

Sharp rise in ICO fines and enforcement notices as GDPR races closer

The UK data protection regulator doubled the total value of fines it issued in 2016 while enforcement notices grew by 155 percent.

UK Government to ask for anti-encryption powers post-Manchester attack

The UK government is expected to ask for encryption defeating powers in the wake of last week's deadly terrorist attack in Manchester.