Cybersecurity News


Online age-verification system could create ‘honeypot’ of personal data and pornography-viewing habits, privacy groups warn

Online age-verification system could create ‘honeypot’ of personal data and pornography-viewing habits, privacy groups warn

As the government develops online safety guidelines, digital rights groups says any approach requiring the use of ID is ‘invasive and risky’

In the wake of the Optus and Medibank data breaches, digital rights groups are urging the federal government to rule out requiring identification documents as part of any online age-verification system, warning it could create a honeypot of people’s personal information and pornography-viewing habits.

The eSafety commissioner, Julie Inman Grant, is developing an online safety “roadmap”, outlining a way to prevent minors from accessing adult content online by ensuring host sites have verified the ages of users.

Sign up for our free morning and afternoon email newsletters from Guardian Australia for your daily news roundup

Continue reading...
30 October 2022

Can a new form of cryptography solve the internet’s privacy problem?

Can a new form of cryptography solve the internet’s privacy problem?

Techniques which allow the sharing of data whilst keeping it secure may revolutionise fields from healthcare to law enforcement

Rachel is a student at a US university who was sexually assaulted on campus. She decided against reporting it (fewer than 10% of survivors do). What she did, however, was register the assault on a website that is using novel ideas from cryptography to help catch serial sexual predators.

The organisation Callisto lets a survivor enter their name in a database, together with identifying details of their assailant, such as social media handle or phone number. These details are encrypted, meaning that the identities of the survivor and the perpetrator are anonymous. If you hacked into the database, there is no way to identify either party.

Continue reading...
29 October 2022

Courts vs. cybercrime – Week in security with Tony Anscombe

A look at a recent string of law enforcement actions directed against (in some cases suspected) perpetrators of various types of cybercrime

The post Courts vs. cybercrime – Week in security with Tony Anscombe appeared first on WeLiveSecurity

28 October 2022

Why your phone is slow – and how to speed it up

You probably don’t have to ditch your phone just yet – try these simple tips and tricks to make any Android device or iPhone run faster

The post Why your phone is slow – and how to speed it up appeared first on WeLiveSecurity

27 October 2022

Parcel delivery scams are on the rise: Do you know what to watch out for?

As package delivery scams that spoof DHL, USPS and other delivery companies soar, here’s how to stay safe not just this shopping season

The post Parcel delivery scams are on the rise: Do you know what to watch out for? appeared first on WeLiveSecurity

26 October 2022

I am a Medibank customer. Am I affected by the cyber-attack? What can I do to protect myself?

I am a Medibank customer. Am I affected by the cyber-attack? What can I do to protect myself?

Experts suggest using multifactor authentication and telling your bank to put extra security checks in place

Millions of Medibank’s current and former customers have had their personal information, including health claims, exposed in a hack of the company’s customer database.

Here’s what we know so far, and what you can do.

Name

Address

Date of birth

Gender

Email address

Medicare card number (in some cases)

Health claims made with Medibank

Financial support for customers who “are in a uniquely vulnerable position” as a result of the hack, who will be supported on an individual basis.

Access to Medibank’s health and wellbeing support line.

Specialist ID protection services from IDCARE.

Identity monitoring services for customers who have had their primary ID compromised.

Reimbursement of fees for reissue of ID documents that were “fully compromised” in the hack.

Continue reading...
26 October 2022

Paving the Way: Inspiring Women in Payments - A Q&A featuring Stephanie Schiwinger

 

Stephanie Schiwinger believes that the key to attracting more women into technology professions is by having more female representation as role models. In her 22-year journey at Enterprise Holdings, Stephanie has seen strong female leadership styles that have inspired her to try to replicate for her own team. In this edition of our blog, Stephanie discusses why mentorship and authenticity are two important ingredients to navigating a career in technology.

25 October 2022

5 reasons to keep your software and devices up to date

Next time you're tempted to hold off on installing software updates, remember why these updates are necessary in the first place

The post 5 reasons to keep your software and devices up to date appeared first on WeLiveSecurity

24 October 2022

Outsourcer Interserve fined £4.4m for failing to stop cyber-attack

Outsourcer Interserve fined £4.4m for failing to stop cyber-attack

Watchdog says phishing email enabled hackers to steal personal information of 113,000 employees

Britain’s data watchdog has fined the construction group Interserve £4.4m after a cyber-attack that enabled hackers to steal the personal and financial information of up to 113,000 employees.

The attack occurred when Interserve ran an outsourcing business and was designated a “strategic supplier to the government with clients including the Ministry of Defence”. Bank account details, national insurance numbers, ethnic origin, sexual orientation and religion were among the personal information compromised.

Continue reading...
23 October 2022

Australian companies to face fines of $50m for data breaches

Australian companies to face fines of $50m for data breaches

In wake of Optus and Medicare leaks, serious or repeated breaches of customer information will attract heavy penalties under new legislation

Companies that fail to adequately protect people’s data could face fines of $50m or more under new legislation to be introduced next week.

After Optus and Medibank reported significant breaches of customer data, including sensitive health information, the Albanese government was now moving to increase penalties for serious or repeated breaches of customer data.

Sign up for our free morning newsletter and afternoon email to get your daily news roundup

Continue reading...
21 October 2022

APT‑C‑50 updates FurBall Android malware – Week in security with Tony Anscombe

ESET Research spots a new version of Android malware known as FurBall that APT-C-50 is using in its wider Domestic Kitten campaign

The post APT‑C‑50 updates FurBall Android malware – Week in security with Tony Anscombe appeared first on WeLiveSecurity

21 October 2022

EnergyAustralia latest to be hit by cyber-attack as details of hundreds of customers exposed

EnergyAustralia latest to be hit by cyber-attack as details of hundreds of customers exposed

Electricity company says attack accessed information on 323 customers but ‘no evidence’ data was transferred elsewhere

EnergyAustralia has become the latest company to be targeted by a cyber-attack, with hundreds of customers’ details exposed.

In a statement released late on Friday, the electricity company said 323 residential and small business customers were affected by unauthorised access to their online platform, My Account.

Sign up for our free morning newsletter and afternoon email to get your daily news roundup

Continue reading...
21 October 2022

Battle with Bots Prompts Mass Purge of Amazon, Apple Employee Accounts on LinkedIn

On October 10, 2022, there were 576,562 LinkedIn accounts that listed their current employer as Apple Inc. The next day, half of those profiles no longer existed. A similarly dramatic drop in the number of LinkedIn profiles claiming employment at Amazon comes as LinkedIn is struggling to combat a significant uptick in the creation of fake employee accounts that pair AI-generated profile photos with text lifted from legitimate users.
20 October 2022

Dispatch from the Europe Community Meeting


Today was the final day of the 2022 Europe Community Meeting. Alicia Malone, Senior Manager of Public Relations sits down to provide a recap of the event. Highlights from the conversation include:

20 October 2022

Domestic Kitten campaign spying on Iranian citizens with new FurBall malware

APT-C-50’s Domestic Kitten campaign continues, targeting Iranian citizens with a new version of the FurBall malware masquerading as an Android translation app

The post Domestic Kitten campaign spying on Iranian citizens with new FurBall malware appeared first on WeLiveSecurity

20 October 2022

Don’t get scammed when buying tickets online

With hot-ticket events firmly back on the agenda, scammers selling fake tickets online have also come out in force

The post Don’t get scammed when buying tickets online appeared first on WeLiveSecurity

19 October 2022

How Card Skimming Disproportionally Affects Those Most In Need

When people banking in the United States lose money because their payment card got skimmed at an ATM, gas pump or grocery store checkout terminal, they may face hassles or delays in recovering any lost funds, but they are almost always made whole by their financial institution. Yet, one class of Americans -- those receiving food assistance benefits via state-issued prepaid debit cards -- are particularly exposed to losses from skimming scams, and usually have little recourse to do anything about it.
18 October 2022

5 steps to protect your school from cyberattacks

What can schools, which all too often make easy prey for cybercriminals, do to bolster their defenses and keep threats at bay?

The post 5 steps to protect your school from cyberattacks appeared first on WeLiveSecurity

17 October 2022

Anti-Money Laundering Service AMLBot Cleans House

AMLBot, a service that helps businesses avoid transacting with cryptocurrency wallets that have been sanctioned for cybercrime activity, said an investigation published by KrebsOnSecurity last year helped it shut down three dark web services that secretly resold its technology to help cybercrooks avoid detection by anti-money laundering systems.
15 October 2022

ESET research into POLONIUM’s arsenal – Week in security with Tony Anscombe

More than a dozen organizations operating in various verticals were attacked by the threat actor

The post ESET research into POLONIUM’s arsenal – Week in security with Tony Anscombe appeared first on WeLiveSecurity

14 October 2022