Britain's Information Commissioner’s Office is sounding the alarm on some of the most recent but privacy-intrusive techniques used by retailers to track their customers.
After participating in a meeting of the International Working Group on Data Protection and Telecommunications, ICO's staff decided it was time to inform users of modern-day tracking habits and also urge retailers to take the proper measures needed to safeguard user privacy. For quite some time now, it has been known that Wi-Fi signals from modern smart devices allow a third-party to track the gadgets' movements. Tracking shoppers via their smartphones is not a theory anymore.
Read moreA protocol designed and promoted by the British government for encrypting voice calls has a by-design weakness built into it that could allow for mass surveillance, according to a University College London researcher.
Steven Murdoch analyzed a protocol developed by CESG, which is part of the spy agency GCHQ. The protocol calls for a master decryption key to be held by a service provider. "The existence of a master private key that can decrypt all calls past and present without detection, on a computer permanently available, creates a huge security risk, and an irresistible target for attackers," Murdoch wrote.
Read moreAttackers behind the Dridex Trojan have narrowed their sights on banks based in the United Kingdom frequented by high-value business accounts, researchers claim. When a new version of the Trojan was released two weeks ago, it was promptly followed by a series of infection campaigns that focused on UK users.
Limor Kessem, a cybersecurity evangelist at IBM’s X-Force, who published a blog entry about the Trojan’s latest whereabouts, claims the latest chain of infections is leveraging the Andromeda botnet. The Trojan’s operators targeted two banks in the U.K. to start, but within a few days, was targeting 13 banks.
Read moreGCHQ has admitted for the first time in court that it engages in computer hacking. The admission came after internet companies and privacy campaigners brought complaints about the agency’s “extremely intrusive” activities to the Investigatory Powers Tribunal.
The case has been brought by seven internet service providers and Privacy International, a charity, against the Government Communications Headquarters and the Foreign Office for hacking in the UK and abroad. GCHQ had refused to confirm or deny whether it had Computer and Network Exploitation capabilities — the ability to carry out computer hacking.
Read moreMost of today's top mobile payment apps are not protected enough to handle the amount of scrutiny and effort cyber-criminals are normally willing to put into compromising payment systems.
The company studied ten of the most popular mobile payment apps, ranging from mobile wallet apps to one-click payment merchants, and from peer-to-peer payment apps to regular apps that link themselves to banking accounts. According to Bluebox, three big issues were identified. The first is related to improperly protected communication channels that would allow attackers to redirect payments to an attacker's desired location.
Read moreDon't hang up on your call just yet but some Samsung Galaxy Phones have a demonstrated vulnerability that connects them to fake cellular base stations.
Own a Samsung Galaxy S6, S6 Edge or Note 4? A hacker could intercept your voice calls to listen in or even record conversations. A pair of researchers demonstrated exactly that scenario at the Mobile Pwn2Own competition in Tokyo. The issue appears to be with Samsung's baseband chip in the handsets, which allow for this type of exploit. Don't hang up just yet on your phone calls if you have one these Galaxy devices though; it's not likely that anyone is tuned in and Samsung has been made aware of the issue.
Read moreNew surveillance powers given to internet companies as part of the government’s Investigatory Powers Bill could have “very dire consequences,” the chief executive of tech giant Apple has warned.
Tim Cook told the new legal obligation for companies to help security services bypass encryption would hurt “the good people,” rather than stopping those with nefarious intentions. He added that communications companies need to have secure encryption services to protect their customers. “You can just look around and see all the data breaches that are going on. These things are becoming more frequent,” Cook told the paper.
Read moreNew spying powers to be granted to intelligence agencies are intended to keep the internet from being used for crime – but could fundamentally change the life of normal people using technology too.
Theresa May has just outlined sweeping new powers that are intended to combat paedophiles and terrorists online. But those powers include a requirement that internet companies keep information on their customers. Here are five ways that the new legislation will affect you. Authorities will have access to everything your phone or computer does. Theresa May has said that this information is really just “the modern equivalent of an itemised phone bill”.
Read morePolice are to get the power to view the web browsing history of everyone in the country. Home Secretary Theresa May will announce the plans when she introduces the Government's new surveillance bill in the House of Commons.
The new powers for the police will form part of the new bill. It would make it a legal requirement for communications companies to retain all the web browsing history of customers for 12 months in case the spy agencies or police need to access them. Police would be able to access specific web addresses visited by customers.
Read moreUK phone and broadband provider TalkTalk may have once again left its customers exposed to hackers. TalkTalk warned its customers that attackers could have gained access to their names, addresses, credit card and bank details, dates of birth, phone numbers, email addresses and TalkTalk account information.
"Not all of the data was encrypted," the company acknowledged, meaning there would be no trouble reading it. However, the company is not certain any data was actually accessed from the attack, TalkTalk said. TalkTalk doesn't yet know who perpetrated the hack but has received a ransom demand from a group purporting to be behind it.
Read moreAxarhöfði 14,
110 Reykjavik, Iceland