by Paul Ducklin The facial recognition company that everyone – or at least a large chunk of everyone – loves to hate, Clearview AI, is to get yet another day, and perhaps very much longer than that, in a Chicago courtroom. The American Civil Liberties Union (ACLU), together with four community organisations based in the
Acorns, which helps millions of people invest their spare change in the stock market, has laid off between 50 to 70 people, TechCrunch has learned from multiple sources. The Irvine, Calif.-based company would not confirm the total number of people laid off, but did confirm that there were cuts at the company as a result
And most people don’t change their password even after hearing about a breach, a survey finds While nearly all respondents in a recent survey were aware of the risks associated with poor password hygiene, most people don’t do anywhere near enough to keep attackers at bay, the third installment of the LastPass Psychology of Passwords
Box CEO Aaron Levie has been working to change the software world for 15 years, but the pandemic has accelerated the move to cloud services much faster than anyone imagined. As he pointed out yesterday in an Extra Crunch Live interview, who would have thought three months ago that businesses like yoga and cooking classes
Microsoft has warned of a new type of data stealing Java-based ransomware, dubbed PonyFinal. PonyFinal is what Microsoft describes as “human-operated ransomware” — to distinguish it from commoditized variants that are distributed in an automated way by hackers. The tech giant’s Security Intelligence group revealed in a series of tweets this week that the first
Last week, application security company ImmuniWeb released a new free tool to monitor and measure an organization’s exposure on the Dark Web. To improve the decision-making process for cybersecurity professionals, the free tool crawls Dark Web marketplaces, hacking forums, and Surface Web resources such as Pastebin or GitHub to provide you with a classified schema of
by Paul Ducklin If you’re a Naked Security Podcast listener, you’ll have heard Sophos’s own Peter Mackenzie telling some fairly wild ransomware stories. Peter works in the Managed Threat Response (MTR) part of our business – in his own words, if your network’s on fire, he’s one of the people who will rush in to
Belvo, a Latin American fintech startup which launched just 12 months ago, has already snagged funding from two of the biggest names in North and South American venture capital. The company is aiming to expand the reach of its service that connects mobile applications in Mexico and Colombia to a customer’s banking information and now
Turla has updated its ComRAT backdoor and now uses the Gmail web interface for Command and Control ESET researchers have found a new version of one of the oldest malware families run by the Turla group, ComRAT. Turla, also known as Snake, is an infamous espionage group that has been active for more than ten
How did yesterday’s launch of HBO Max go? We don’t have official numbers from WarnerMedia, but app store intelligence firm Sensor Tower says HBO Max was downloaded by nearly 87,000 new users across Apple’s App Store and Google Play. That number might seem pretty low compared to other streaming launches — like the 4 million
Ransomware operators had another standout year in 2019, with attacks and ransom demands soaring according to new data from Group-IB. The Singapore-based security vendor claimed that, after a relatively quiet 2018, ransomware was back with a vengeance last year, as attack volumes climbed by 40%. As large enterprises became an increasing focus for attacks, ransom
Chinese security firm Qihoo 360 Netlab said it partnered with tech giant Baidu to disrupt a malware botnet infecting over hundreds of thousands of systems. The botnet was traced back to a group it calls ShuangQiang (also called Double Gun), which has been behind several attacks since 2017 aimed at compromising Windows computers with MBR
by Paul Ducklin Apple has just blasted out 11 email advisories detailing its most recent raft of security fixes. Confusingly, some of these updates have been available for several days already – the most recent version of iOS is 13.5, and it was officially announced on Apple’s main Security update page on 20 May 2020.
Left unpatched, the vulnerability could expose almost all Android users to the risk of having their personal data intercepted by attackers Researchers have found a critical flaw that affects nearly all devices running Android 9.0 or older, which implies that over 90% of Android users could be vulnerable. If exploited, the security hole allows hackers
Vaya Africa, a ride-hail mobility venture founded by Zimbabwean mogul Strive Masiyiwa, has launched an electric taxi service and charging network in Zimbabwe with plans to expand across the continent. The South Africa headquartered company has acquired a fleet of Nissan Leaf EVs and developed its own solar powered charging stations. The program goes live
In a closely-watched decision today, the Supreme Court of British Columbia published a key decision in the extradition case of Meng Wanzhou, the CFO of Huawei Technologies, China’s largest telecommunications company and a frequent target of U.S. policymakers. In its ruling, the court said that the case met the standard for “double criminality,” and thus
A hack-and-extort campaign takes aim at poorly secured databases replete with customer information that can be exploited for further attacks A number of e-commerce websites from multiple continents have had their customer databases stolen, with an unknown seller offering at least 1.62 million rows of personal records for sale on a public website. The online
Donald Trump has decided to pick a fight with Twitter after one of his posts on the upcoming election was labelled misleading by the social media platform. The original tweet claimed that Mail-In (postal) ballots during the November Presidential election would be “substantially fraudulent.” The issue has become a partisan one of late, as Democrats
Remember Strandhogg? A security vulnerability affecting Android that malicious apps can exploit to masquerade as any other app installed on a targeted device to display fake interfaces to the users, tricking them into giving away sensitive information. Late last year, at the time of its public disclosure, researchers also confirmed that some attackers were already
by Paul Ducklin Apple’s latest iOS versions have only been out for a week. The updates are new enough that Apple’s own Security updates page still lists [2020-05-26T14:00Z] the security holes that were fixed in iOS 13.5 and iOS 12.4.7 as “details available soon”. But there’s a jailbreak available already for iOS 13.5, released by
Ola Electric, the EV business that spun out of the ride-hailing giant Ola last year, has acquired an Amsterdam-based electric scooter startup as the Indian firm looks to locally produce and launch its own line of two wheelers as soon as this year. The Indian firm said Wednesday it had acquired Etergo, a Dutch firm
Sony has taken aim at the suddenly enormous market of people who want to self-produce high-quality video with a minimum of setup. Its ZV-1 mutates the versatile RX100 series into a selfie video machine, and it could be the all-in-one solution many a vlogger has been searching for. The new camera is very much based
Has the landmark law helped build a culture of privacy in organizations and have consumers become more wary of sharing their personal data? “Relying on the government to protect your privacy is like asking a peeping Tom to install your window blinds” – John Perry Barlow, EFF (July 1992). Any individual who has the slightest
The personal details of over 29 million Indian jobseekers have been posted to a dark web site, free for anyone to access. Cybersecurity firm Cyble, which discovered the trove on an unnamed hacking forum, has in turn added the compromised information to its breach notification site AmIBreached. It claimed to have found the posting during
The Ukrainian police have arrested a hacker who made headlines in January last year by posting a massive database containing some 773 million stolen email addresses and 21 million unique plaintext passwords for sale on various underground hacking forums. In an official statement released on Tuesday, the Security Service of Ukraine (SBU) said it identified
by Paul Ducklin You can’t read much about cybercrime these days without hearing mention of “the dark web”. Often, the term is used with the metaphorical meaning of dark, to describe those parts of the internet that are evil, being dedicated to odious and often very serious criminal offences. We’re not just talking about stories
Meituan’s shares hit a record high on Tuesday, bringing its valuation to over $100 billion. The Hong Kong-listed giant, which focuses on food delivery with smaller segments in travel and transportation, is the third Chinese firm to reach the landmark valuation. Tencent and Alibaba respectively topped the number back in 2013 and 2014. Tencent-backed Meituan
Medwing, a German startup with an ambition to tackle Europe’s shortage of healthcare workers, said on Tuesday that it has secured €28 million ($30 million) in a Series B financing round. Global venture capital firm Cathay Innovation led the round, marking its first investment in a German company. Other participating investors include Northzone, Cherry Ventures
This week could be the biggest week to date for private spaceflight, with landmark launch attempts coming from both Virgin Orbit and SpaceX . Virgin Orbit is looking to join the elite club of private launch companies that have actually made it to space, with a full flight test of its combined Cosmic Girl and
Cyber-criminals could be poised to trigger a wave of attacks on businesses when workers return to offices and reconnect to corporate networks, Redscan has warned. As many countries such as the UK prepare to ease COVID-19 lockdown restrictions and allow more people to return to physical workplaces, the cybersecurity firm said organizations need to take action