Meta is bringing its 3D avatars to Instagram and is also rolling out updated avatars to Facebook and Messenger, the company announced on Monday. Users in the United States, Canada and Mexico can now show up as their virtual selves in stickers, feed posts, Facebook profile pictures and more. Today’s update adds Cochlear implants and
Month: January 2022
A regional court in the German city of Munich has ordered a website operator to pay €100 in damages for transferring a user’s personal data — i.e., IP address — to Google via the search giant’s Fonts library without the individual’s consent. The unauthorized disclosure of the plaintiff’s IP address by the unnamed website to
by Paul Ducklin Just under two weeks ago, we wrote about an Apple Safari bug that could allow rogue website operators to track you even if they gave every impression of not doing so, and even if you had strict privacy protection turned on. In fact, that vulnerability, now known as CVE-2022-22594, showed up in
To buy a share in Amazon, you’d have to fork out almost $3,000. It’s a luxury very few can afford and despite the prospects of the trillion-dollar company or returns from its share price, it’ll take some contemplating to pay that full price for those who can afford to pay. But with fractional investing, pioneered
The United States Environmental Protection Agency (EPA) has drawn up a 100-day game plan to help protect the nation’s water systems from cyber-attacks. The Industrial Control Systems Cybersecurity Initiative – Water and Wastewater Sector Action Plan focuses on high-impact acts that can be performed within 100 days to improve cybersecurity across the water sector. Strategies detailed in
Welcome to my new weekly fintech-focused column. It’s an incredible time to be a financial technology journalist. Besides the fact that over 20% of all venture dollars last year went into fintech startups, I am particularly excited about the many ways that this technology is helping boost inclusion all over the world. While this pandemic
The notorious Lazarus Group actor has been observed mounting a new campaign that makes use of the Windows Update service to execute its malicious payload, expanding the arsenal of living-off-the-land (LotL) techniques leveraged by the APT group to further its objectives. The Lazarus Group, also known as APT38, Hidden Cobra, Whois Hacking Team, and Zinc,
by Paul Ducklin You’ve probably had 42 emails already this week to tell you this… …but we’re going to say it anyway: “Happy Data Privacy Day!” Don’t panic. We’re not going to assail you with an academic argument about asserting your privacy, or provoke you with a polemic positing that privacy and a private life
Welcome to Startups Weekly, a fresh human-first take on this week’s startup news and trends. To get this in your inbox, subscribe here. The market is down. The party is over. And Peloton of X startups aren’t too happy right now. As tech stocks take a hit, the big question on my mind is how
APIs are the core of modern application architecture and provide access to an organization’s data and resources. This makes them an attractive target for hackers. API weaknesses and vulnerabilities can lead to unauthorized access, data manipulation and loss, and malware installation and can even negatively affect other applications and organizations using those APIs. Protecting APIs
New research from managed detection and response (MDR) provider Expel found that most ransomware attacks in 2021 were self-installed. The finding was included in the company’s inaugural annual report on cybersecurity trends and predictions, Great eXpeltations, published on Thursday. Researchers found eight out of ten ransomware infections occurred after victims unwittingly opened a zipped file containing malicious
Spotify’s Joe Rogan headache is about to get a lot worse. Earlier this week, musician Neil Young announced that he would pull his music from the streaming service to protest Spotify’s relationship with Joe Rogan, who the company brought under its wing in an exclusive $100 million deal two years ago. In a post to
2021 was a year peppered by cyberattacks, with numerous data breaches happening. Not only that, but ransomware has also become a prominent player in the hackers’ world. Now, more than ever, it’s important for enterprises to step up cybersecurity measures. They can do this through several pieces of technology, such as an open-source security platform
by Paul Ducklin A Naked Security reader in the UK alerted us to a scam they received this afternoon in a text message. The message claimed to come from the NHS, Britain’s National Health Service, which administers coronavirus vaccinations and provides free testing throughout the country: As you probably know, PCR tests, which currently require
As a company grows, the amount of important information employees need to keep track of inevitably grows right along with it. And, as your tech stack gets more complicated, that information ends up split up across more places — buried in Slack threads, tucked into Jira tickets, pushed as files on Dropbox, etc. Dashworks is
The Federal Bureau of Investigation (FBI) has issued a Private Industry Notice on protecting against malicious activity by Iranian cyber company Emennet Pasargad (formerly known as Eeleyanet Gostar). Two Iranian nationals employed by the company were indicted on October 20 2021 by a grand jury in the US District Court for the Southern District of New York
He Huang Contributor He Huang is a partner at Northern Light Venture Capital supporting early-stage enterprise companies. It’s been a tumultuous few years, but China’s manufacturing industry is now on the rebound. Once an industry characterized by low-end manufacturing and intensive labor, it has transformed into a high-end manufacturing hub aided by technology. Automation and
The trade-off between using a free service and giving up our personal data becomes much less palatable when we think about the wider ramifications of the collection and use of our personal data The doorbell rings, you answer, and a representative of a large company is on the doorstep offering to allow you to use
Microsoft has disclosed details of a large-scale, multi-phase phishing campaign that uses stolen credentials to register devices on a victim’s network to further propagate spam emails and widen the infection pool. The tech giant said the attacks manifested through accounts that were not secured using multi-factor authentication (MFA), thereby making it possible for the adversary
by Paul Ducklin LISTEN NOW Click-and-drag on the soundwaves below to skip to any point. You can also listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher and anywhere that good podcasts are found.
African cities, particularly sub-Saharan ones, have the fastest global urban growth rate. But with challenges around overcrowding, congestion, infrastructure, power and poor governance, these cities are maxed out in what they can provide to the average African living in urban environments. Some experts think charter cities offer a solution. They are granted a special jurisdiction
Florida is seeking to outlaw the malicious distribution of sexually explicit images without the subject’s consent. New legislation advanced in the Florida Senate Criminal Justice Committee on Tuesday aims to curb the unauthorized digital trafficking of real and deepfake lewd content and establish new regulations around revenge porn. Senate Bill 1798, introduced by senator Lauren Book, would prohibit someone from knowingly, willfully
Researchers at Johns Hopkins this week issued a report noting that their Smart Tissue Autonomous Robot (STAR) system has completed laparoscopic surgery on a pig tissue without human guidance. The surgery, which involves the connecting of two instestinal ends, was performed successfully on animals, with a “significantly better” result than those performed by humans, per
Should you beware of wearables? Here’s what you should know about the potential security and privacy risks of your smartwatch or fitness tracker. Smartwatches, fitness trackers and other wearables are fast becoming almost as familiar to us as our mobile phones and tablets. These connected gadgets do much more than tell the time. They track
Researchers from the Bitdefender Mobile Threats team said they have intercepted more than 100,000 malicious SMS messages attempting to distribute Flubot malware since the beginning of December. “Findings indicate attackers are modifying their subject lines and using older yet proven scams to entice users to click,” the Romanian cybersecurity firm detailed in a report published
by Paul Ducklin Researchers at Qualys have revealed a now-patched security hole in a very widely used Linux security toolkit that’s included in almost every Linux distro out there. The bug is officially known as CVE-2021-4034, but Qualys has given it a funky name, a logo and a web page of its own, dubbing it
Gaming has been one of the most popular entertainment categories in the last two years of pandemic living. Now, a gaming startup that’s building a new kind of platform that it thinks will be a — wait for it — game changer in the category is announcing some funding as to ride that wave of
Data centers are on the front line of the growing battle to control and prevent ransomware attacks. Attacks on data centers have evolved into triple extortion threats — which involve accessing data, encrypting it and threatening to release vulnerable IP — because they have specific vulnerabilities that individual PCs do not. In the past, ransomware
The National Security Agency has announced the winning entry to its ninth annual Best Cybersecurity Research Paper Competition. The winning paper was written by Yanyi Liu from Cornell University and Rafael Pass, professor of Computer Science at Cornell Tech. It expounded a theorem that relates the existence of one-way functions (OWFs) to a measurement of the complexity of a string of
Hong Kong pro-democracy radio station website compromised to serve a Safari exploit that installed cyberespionage malware on site visitors’ Macs On November 11th, Google TAG published a blogpost about watering-hole attacks leading to exploits for the Safari web browser running on macOS. ESET researchers had been investigating this campaign the week before that publication, uncovering
- 1
- 2
- 3
- …
- 7
- Next Page »