Data Privacy

Cortana Exploit Used to Bypass Windows 10 Security

Cortana Exploit Used to Bypass Windows 10 Security

Kzen Networks security researchers Amichai Shulman and Tal Be’ery, with Israel Institute of Technology’s Ron Marcovich and Yuval Ron, revealed this week a vulnerability in Microsoft’s Cortana which can allow attackers to bypass the security of a locked Windows 10 computer. The bug, CVE-2018-8140, allows attackers to use a limited range of vocal commands to Cortana even when the keyboard is locked. However, activating the voice assistant unlocks the keyboard, allowing the attacker to launch local commands without the need for authentication or user validation.   The researchers said that using this method, it was possible to retrieve data from […]

Australia Appoints Interim National Data Commissioner

Australia Appoints Interim National Data Commissioner

The Australian government has appointed this week Deborah Anton as its interim National Data Commissioner who will be in charge of overseeing the country’s public data system, and implement its new data sharing and release framework. Anton, who has already had a 20 year career in the Australian Public Service, will be working closely with the privacy commissioner to help strengthen safeguards around the integrity, management, and use of government-held data. The National Data Commissioner will be provided with technical assistance by the Australian Bureau of Statistics (ABS), while a new National Data Advisory Council will advise the commissioner on […]

Employees Complain Against “Always On” Alibaba Office App

Employees Complain Against “Always On” Alibaba Office App

Alibaba’s workplace messaging software, DingTalk, was recently criticized by Chinese employees for allegedly fueling an unhealthy work culture. DingTalk allows senders see if recipients have read messages like in WhatsApp, however, it also has a “ding” feature that can bombard the user with repeat notifications, text messages and phone-call reminders. The app also includes an automatic expense claims, a clock-in system to monitor the whereabouts of employees, and even a “daily report” function that requires workers to list completed tasks. Such features have been called “inhumane” and destroys trust according to Chinese office workers who vented their frustrations online.   […]

Google to Warn Organizations Against State-Sponsored Hacking

Google to Warn Organizations Against State-Sponsored Hacking

Google announced this week that it has added a new feature to G Suite that will alert organizations if their accounts are being targeted by government-backed hackers. The feature, which is off by default, can warn the user via email if Google believes a government-backed attacker has attempted to gain access to the user’s account or computer via methods like phishing or malware. However, Google adds that it does not necessarily mean that the account has been compromised or that there is a widespread attack. Google also warned that these attackers have been known to send malicious PDF files, Office […]

Reddit Hacked, Refuses to Disclose Scale of Breach

Reddit Hacked, Refuses to Disclose Scale of Breach

Popular social media site Reddit recently admitted to being breached last June by hackers who reportedly used compromised employee accounts to access databases and logs. The site, where users can post controversial content and comments, thrives on the anonymity of users. However, Reddit said that hackers were able to obtain usernames and corresponding email addresses – information that can be used to link activity on the site to real identities. The site, which assured that they will be notifying the users via their inboxes on the site, has been criticized by experts such as Troy Hunt for its decision not […]

Facebook’s Security Chief Leaves for Stanford University

Facebook’s Security Chief Leaves for Stanford University

Facebook’s Chief Security Officer, Alex Stamos, has officially resigned from his position this week, a move that was expected by many after it was revealed in March that the social network will be reorganizing its security division. Stamos has been with Facebook since 2015, but will be leaving later this month to become a fellow at Stanford University where he will be part of a new working group that will focus on information warfare, designed to inform politicians and the media about new threats. Facebook’s chief operating officer Sheryl Sandberg said Stamos played a critical role at the company. However, […]

Microsoft Moves to Eliminate Passwords with Edge WebAuthn Logins

Microsoft Moves to Eliminate Passwords with Edge WebAuthn Logins

Microsoft revealed this week that it will be including a new and exclusive Windows Hello authentication feature in its Edge browser in the latest Windows 10 Redstone 5 Fast Ring preview. WebAuthn, a W3C specification that allows users to sign in to websites using just a security key similar to Yubikey, is expected to give Edge users a faster and easier sign in experience to their frequently visited sites. Microsoft says that Hello will allows users to authenticate on any Windows 10 device, using biometrics instead of passwords. Users can also login to sites that support Web Authentication in seconds, […]

Facebook Shuts Down Accounts Aimed at US Election Interference

Facebook Shuts Down Accounts Aimed at US Election Interference

Facebook revealed this week that is has identified and shut down accounts which may be used in a campaign that seeks to disrupt the mid-term US elections which will be held this November. Facebook said that they found 17 suspicious Facebook profiles which had published around 9500 posts, and 7 Instagram accounts, one of which posted only only a single piece of content. Some of the popular ones that got banned were Aztlan Warriors, Black Elevation, Mindful Being, and Resisters. The social network, however, said that they could not ascertain who was responsible for the pages as the bad actors […]

US Senator Ask Tech Giants to Disclose Worth of User Data

US Senator Ask Tech Giants to Disclose Worth of User Data

In a policy paper revealed this week, US Senator Mark Warner suggested that in order to improve transparency, tech giants may want to disclose to their customers how much their information is worth to the platform. The white paper, which focused on data privacy and regulation, also included typical issues such as disinformation, data transparency and adopting a framework similar to Europe’s GDPR regulation. Warner’s paper is expected to put additional pressure on tech giants and massive data collectors like Google and Facebook who are already burdened by the GDPR.   Source: ZDNet  

Facebook Sued After Shareholders Lose Billions

Facebook Sued After Shareholders Lose Billions

Facebook is reportedly being sued by a shareholder who says that the company and its Chief Financial Officer David Wehner made inaccurate and incomplete statements about slowing revenue growth, falling operating margins, and declines in active users. Shareholder James Kacouris, who says that said the 19% plunge in Facebook’s shares was caused by federal securities law violations by the defendants. It is said that Kacouris’ lawsuit, which was filed in a Manhattan federal court, could just be one of many after the social media company had $120 billion of shareholder wealth wiped last week. Source: Reuters

Read more about the Data Privacy practice at Disini & Disini Law Office