Recent Posts

London Startup Introduces Cryptocurrency Debit Card

London Startup Introduces Cryptocurrency Debit Card

A London-based startup that offers debit card services which can be used for spending cryptocurrencies was launched last Tuesday.   Helmed by a Credit Suisse veteran, the London Block Exchange announced that it will be launching a sterling-to-cryptocurrency exchange that customers can use to convert Bitcoin, Ethereum, Ripple, Litecoin and Monero to sterling. LBX will also provide customers with a prepaid Visa debit card called “Dragoncard” which they can use to spend their converted cryptocurrencies across the UK. The startup also promises to add more digital currencies in the future. Source: Business Insider UK

Indian Govt. to Get Help from Apple on Anti-Spam App

Indian Govt. to Get Help from Apple on Anti-Spam App

Despite its extended tussle with the country’s telco regulator, Apple has pledged to provide limited assistance to the Indian government for the development of an anti-spam app for iOS. The company had previously refused the idea of an iOS version of the app which the government launched for Android last year. According to Apple, the app, which needs access to call and text logs on the device, would compromise user privacy. In response to the criticisms from TRAI, Apple executives met with several officials last month and agreed to help develop an app which would satisfy the government’s requirements to […]

Swedish Data Protection Authority Launches Investigation into Piracy Settlement Letters

Swedish Data Protection Authority Launches Investigation into Piracy Settlement Letters

Sweden’s Datainspektionen is currently investigating complaints of Swedish internet account holders regarding threat letters from ‘copyright trolls’, or companies which seek to turn a profit by hounding users suspected of piracy. Reports from Swedish Radio revealed that the said companies have contacted a number of Swedes, demanding them to pay up. The Swedish Data Protection Authority will now have to make a determination whether the letters can be considered as a debt collection measure. Njord Law, a firm representing international copyright trolls, has already moved to find identities behind thousands of IP addresses suspected of piracy. However, copyright professor Sanna […]

Cyber-Flaw Disclosure Rules Released by Trump Administration

Cyber-Flaw Disclosure Rules Released by Trump Administration

White House cybersecurity coordinator Rob Joyce recently revealed that the set of rules governing the disclosure of cybersecurity flaws has just been published on Whitehouse.gov. Created under the previous administration, the Vulnerability Equities Process dictated how flaws discovered by intelligence agencies were supposed to be handled. The process is said to balance law enforcement and the government’s intelligence gathering efforts thru device hacking, but security experts have criticized it as being overly secretive and anti-disclosure. Joyce, however, assures that around 90% of the flaws will be disclosed under the revised rules. He also said that it is currently the most […]

Australian IoT Alliance to Introduce Certification Tick

Australian IoT Alliance to Introduce Certification Tick

The Internet of Things Alliance Australia (IoTAA) recently announced that it is currently working on a security framework for the country’s IoT ecosystem. Last Wednesday, IoTAA principal consultant Geof Heydon revealed that they have gotten the support of the Prime Minister’s Industry 4.0 Taskforce for a process that certifies IoT devices, networks, and suppliers. Heydon adds that a certification “tick” would help tell consumers that a particular device can be secure if operated as recommended. He also clarified that the mark is not meant to indicate that a device is completely “secure”, because there is no such thing.  Source: ZDNet

EU Court Adviser: Privacy Activist Cannot File Class Action Against Facebook Ireland

EU Court Adviser: Privacy Activist Cannot File Class Action Against Facebook Ireland

Last Tuesday, EU Advocate General Michal Bobek said that privacy activist Max Schrems cannot file a class action suit against Facebook Ireland in an Austrian court. He is, however, entitled to sue the company in his own country only on his behalf. Bobek added that consumers would just choose the country where the court would most likely be in their favor, if the suit is to continue as a class action. Schrems is alleging that Facebook had violated privacy rules and is demanding $576 in damages for each of the 25,000 signatories in his lawsuit. Source: Reuters

Google Expands Scope of “Extremist” Videos Banned on YouTube

Google Expands Scope of “Extremist” Videos Banned on YouTube

Last Monday, YouTube revealed that in the last few months, Google has quietly been removing “extremist” videos that do not depict hate or violence from the platform. The major policy shift is said to have been prompted by pressure from governments and human rights groups which say that the propaganda being spread by the said videos are radicalizing viewers and may have contributed to recent terror attacks. YouTube says that the new policy will not affect news or educational videos about terrorism. However, experts note that terrorists may attempt to overlay extremist commentary on such videos to get around censorship. […]

Google Cracks Down on Apps That Abuse Accessibility Services

Google Cracks Down on Apps That Abuse Accessibility Services

Google recently warned developers that apps which use accessibility services outside of its intended purpose will be banned from Play Store. In a Reddit post, a developer showed an email from Google which instructed him to explain to users how his app uses the ‘android.permission.BIND_ACCESSIBILITY_SERVICE’ to aid users with disabilities. It also said that apps which fail to comply within 30 days will be removed from Google Play. Accessibility services is an API which makes it easier for users with disabilities to perform tasks on a device such as filling out forms automatically, but it also often exploited by malicious […]

“Engineer Mode” in Oneplus Phones Can Root Device, May Be Used as Backdoor

“Engineer Mode” in Oneplus Phones Can Root Device, May Be Used as Backdoor

A mobile security researcher recently divulged in a tweet that most, if not all, OnePlus mobile phones come with an app called ‘EngineerMode’ which can be used to root the device. The researcher, which goes by the handle “Elliot Alderson” said that the EngineerMode APK had all the features of a diagnosis app that only OnePlus engineers would have access to. Alderson added that given its permissions, the app can potentially be converted into a backdoor by attackers which can lead to catastrophic consequences. OnePlus CEO Carl Pei thanked the researcher via Twitter and assured that the company will be […]

EU Cookie Consent Script Loads In-Browser Crypto-miner

EU Cookie Consent Script Loads In-Browser Crypto-miner

It was reported last Tuesday that the website of one of Netherlands largest supermarket chain loaded an in-browser cryptocurrency miner on its visitor’s computer using a cookie consent popup script. Dutch security researcher Willem de Groot found that the website of Albert Heijn had an infected file named “cookiescript.min.js” that came from cookiescript.info, a website that provides the cookie consent service. He discovered that the block of code generated by the service contained a Monero miner called Crypto-Loot. Although the admins of cookiescript.info have already removed the hidden miner, De Groot says that there are around 243 websites still deploying […]