Taking too long? Close loading screen.
Connect with us

Tech

Pardon the Intrusion #29: Ransomware gang turns Robin Hood

Published

on

Subscribe to this bi-weekly newsletter here!

Welcome to the latest edition of Pardon The Intrusion, TNW’s bi-weekly newsletter in which we explore the wild world of security.

Mobile network operators have a wide leeway when it comes to what kinds of data they can collect when you use their service.

Despite this, Indian carrier Airtel kicked up a storm last week after it emerged that its privacy policy allowed it to collect users’ sensitive personal information, such as sexual orientation, genetic information, and political opinion, and share all of this with third-parties.

This is what was mentioned in the privacy policy:

Now here’s the problem: Most people don’t bother reading privacy policies and terms of service agreements. They are often long, complicated, and mired in obtuse legalese, as if deliberately designed to confuse users.

So by clicking “agree,” you’re consenting for your data to be traded for a service, without really understanding what exactly you’re signing up for. This also means the company has the right to collect, store, and process your data as quid pro quo for the service it offers.

Plus, it doesn’t help that India doesn’t have a comprehensive data protection law like GDPR, thereby making it easy for private companies to overstep their bounds with regards to data collection.

In response to the complaint, Airtel characterized the incident as a “clerical error”, but not before revising its privacy policy to state that it doesn’t hoover personal information relating to genetic data, religious or political beliefs, health, or sexual orientation. For now.

“The generic content of the definitions of what constitutes personal data as laid down by the IT Act are expansive, which had been inadvertently put on to our website,” the company said in a statement.

Privacy policies need to be simplified, and Apple is taking a big step to address this with its privacy label approach for third-party apps. But it’s still in its infancy and is limited to the iOS ecosystem.

Until then, make sure you take the time to read those privacy policies and terms of service agreements. Trust me, it’s worth all the hassle.

What’s trending in security?

The US, UK, Canada, Australia, New Zealand, India, and Japan make renewed calls for encryption backdoors, Microsoft and an alliance of cybersecurity companies took down TrickBot malware infratsructure, and Zoom officially gains support for end-to-end encryption in video calls.

  • Vietnamese state-sponsored hackers, aka “OceanLotus,” have been linked to a cyberespionage campaign that involved spying on dissidents for years. [BR24]
  • The US, UK, Canada, Australia, New Zealand, India, and Japan make fresh call for encryption backdoors citing “challenges to public safety, including to highly vulnerable members of our societies like sexually exploited children.” [US Department of Justice]
  • The operators of “Darkside” ransomware, who have extorted millions of dollars from victims, donated $20,000 in Bitcoin to charities to “make the world a better place.” [BBC]
  • Microsoft and an alliance of cybersecurity companies disrupt 94% of TrickBot’s infrastructure, a week after orchestrating a global take down of the notorious malware. [Microsoft]
  • A Russian-speaking hacking group called “MontysThree” has been tied to a series of highly-targeted attacks directed against governmental entities, diplomats, and telecom operators for industrial espionage. [Kaspersky]
  • Zoom is officially beginning to roll out end-to-end encryption in video calls. But you will have turn it on manually. [TNW]
  • In July, French authorities took down Encrochat, an encrypted phone network used almost exclusively by criminals, by deploying malware on thousands of devices and eavesdropping on the messages exchanged between criminal suspects. But the hack is now facing a new legal challenge, including whether the messages gathered using the malware is in fact admissible as evidence. [Motherboard]
  • Google said it delivered over 33,000 alerts to its users during the first three quarters of 2020 to warn them of state-sponsored phishing attacks targeting their accounts. [Google]
  • Norway blamed Russia for carrying out a cyberattack against the Norwegian parliament in August in which attackers stole data from lawmakers’ email accounts. [Government.no]
  • Brandon Azad, a security engineer working for Google’s Project Zero hacking team who has been instrumental in uncovering a number of zero-day flaws in iOS, has joined Apple. [Motherboard]
  • The FBI and Cybersecurity and Infrastructure Security Agency (CISA) warned that cyberbaddies are chaining multiple security vulnerabilities to compromise IT networks and applications. [CISA]
  • The US government charged 6 Russian military intelligence officers for carrying out some of the “most disruptive and destructive series of computer attacks ever attributed to a single group.” [The Hacker News]
  • The last fortnight in data breaches, leaks and ransomware: Barnes & Noble, Crytek, Docsketch, Dr Lal PathLabs, and Software AG.

Data Point

As data breaches continue to become the norm, Verizon’s 2020 Data Breach Report summarized 3,950 confirmed incidents spanning across 81 countries. It found 45% of the breaches involved hacking, while errors and social engineering attacks made up 22% of the attacks. What’s more, 70% of the breaches were perpetrated by external actors, with organized crime groups behind 55% of the attacks. Troublingly, 30% involved internal actors.

That’s it. See you all in two weeks. Stay safe!

Ravie x TNW (ravie[at]thenextweb[dot]com)

Source

Continue Reading
Advertisement
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Tech

Conquer Your Pup’s Dander and Fur With $700 Off a Cobalt or Charcoal Bobsweep PetHair Plus Robot Vacuum

Published

on

Best Home DealsBest Home DealsThe best home, kitchen, smart home, and automotive deals from around the web, updated daily.

Bobsweep PetHair Plus Robot Vacuum & Mop (Cobalt) | $200 | Best Buy

Bobsweep PetHair Plus Robot Vacuum & Mop (Charcoal) | $200 | Best Buy

Allergies can be bad enough as the seasons change. Don’t let pet hair and dander add to that by vacuuming it up early and often. That chore is easier said than done— unless you have a robot vacuum to do the work for you. This lovely bright cobalt Bobsweep PetHair Plus robot vacuum and mop, only $200 today at Best Buy seems like an ideal option. That’s a whopping $700 off, by the way.

Advertisement

You can get the same deal for the charcoal version of the robot vac, too. This model is not only specially made for picking up pet hair, it self docks and charges when it’s finished with the work.

It also comes with a mop attachment, so it can take care of those kitchen floors for you as well. Grab it while it’s still available for this fantastic price!

Advertisement


Source

Continue Reading

Tech

Apple will replace AirPods Pro for free with faulty noise cancellation, static or crackling

Published

on

Today, exactly one year after Apple first launched the AirPods Pro — and thus the same day the very first AirPods Pro owners will see their one-year warranties expire — Apple has launched a repair program that offers free repairs or replacements for another whole year if your AirPods Pro experience issues with noise cancellation or static.

Specifically, Apple will fix:

Crackling or static sounds that increase in loud environments, with exercise or while talking on the phone

Active Noise Cancellation not working as expected, such as a loss of bass sound, or an increase in background sounds, such as street or airplane noise

Apple says only a “small percentage of AirPods Pro” are affected by the issues, but it apparently wasn’t just an early batch — Apple says affected units were manufactured “before October 2020,” meaning every AirPods Pro ever made might be eligible. That’s quite a recall if so. Apple says it will repair faulty AirPods Pro for two years after you first buy them.

We’ve heard complaints about degraded noise cancellation before, and at least one Verge editor has replaced their AirPods Pro under warranty. It’s nice to hear that Apple isn’t just cutting buyers off as soon as that warranty expires.

Source

Continue Reading

Tech

This 55″ 4K TCL Smart TV Hangs on Your Wall for $200

Published

on

Best Tech DealsBest Tech DealsThe best tech deals from around the web, updated daily.

TCL 55″ S434 4K Smart TV | $200 | Best Buy

Best Buy has an insane deal going for a brand new 55″ 4K TCL smart TV. It’s the S434, which is pretty baseline for TCL’s lineup, but at just $200, there’s little to complain about. TCL’s panels are plenty sharp and accurate, and with this set, you’ll get HDR10 compliance for enhanced color and brightness in supported games and video content. This model has Android TV onboard for all your app needs, and with an included voice remote, all your favorite content is just a shout away with the help of Google Assistant.

Advertisement


Source

Continue Reading

Trending