InfoSec News Nuggets 11/29/2022

Gangs of cybercriminals are expanding across Africa, investigators say Police and investigators fear organised gangs of fraudsters are expanding across sub-Saharan Africa, exploiting new opportunities as a result of the Covid-19 pandemic and the global economic crisis to make huge sums with little risk of being caught. The growth will have a direct impact on the rest of the world, where many victims of “hugely lucrative” fraud live, senior police officials have said. Experts attribute…
Read More

InfoSec News Nuggets 11/22/2022

India To Ease Up On Cross-Border Data Transfers India has relaxed its planned restrictions on cross-border data flows, with a revision to its planned data protection laws. The new Digital Personal Data Protection Bill 2022 will allow the transfer of personal data to certain other nations and proposes GDPR-style restrictions on the ways in which companies use that data. There are penalties of up to around $31 million for failing to prevent a data breach,…
Read More

InfoSec News Nuggets 11/18/2022

Hive Ransomware Attackers Extorted $100 Million from Over 1,300 Companies Worldwide The threat actors behind the Hive ransomware-as-a-service (RaaS) scheme have launched attacks against over 1,300 companies across the world, netting the gang $100 million in illicit payments as of November 2022. "Hive ransomware has targeted a wide range of businesses and critical infrastructure sectors, including government facilities, communications, critical manufacturing, information technology, and — especially — Healthcare and Public Health (HPH)," U.S. cybersecurity and…
Read More

InfoSec News Nuggets 10/07/2022

TikTok's "secret operation" tracks you even if you don't use it  Consumer Reports (CR), a US-based nonprofit consumer organization, has revealed that TikTok gathers data on people who don't even use the app itself. If this sounds familiar, it's because it's happened before. Meta's near-omnipresence wherever you are online enabled it to gather data on users, even those who don't have Facebook accounts—thanks, in part, to the Facebook "Like" button, a piece of code embedded on most websites. According…
Read More

InfoSec News Nuggets 09/23/2022

Denmark latest to conclude Google Analytics is unlawful The Danish Data Protection Agency (DPA), Datatilsynet, has become the fourth national regulator to conclude that the manner in which companies are currently using Google Analytics breaches European Union regulations that demand stricter safeguards for personal data moved outside the bloc. In a judgement published on Wednesday, the regulator said that the use of Google's popular tool is illegal because it enables companies to move users' data outside the…
Read More

InfoSec News Nuggets 08/25/2022

University can’t scan students’ rooms during remote tests, judge rules An Ohio judge has ruled that a Cleveland State University’s virtual scan of a student’s room prior to an online test was unconstitutional. The ruling marks a victory for digital privacy advocates around the country, who have spoken loudly against the practices of online test proctoring for many years. Chemistry student Aaron Ogletree sat for an online test in the spring 2021 semester. Ogletree was…
Read More

InfoSec News Nuggets 01/25/2022

Russian Authorities Arrest Head of International Cybercrime Group Four individuals believed to be members of the international cyber theft ring known as the “Infraud Organization” were arrested in Russia, news agency TASS reports. Allegedly created in 2010 by Svyatoslav Bondarenko, of Ukraine, the cybercrime group was involved in the theft, sale, and dissemination of personally identifiable information (PII), credit card data, and malware, among others. In 2018, the United States Department of Justice (DoJ) announced charges…
Read More

InfoSec News Nuggets 01/18/2022

Meta faces billion-pound class-action case Up to 44 million UK Facebook users could share £2.3bn in damages, according to a competition expert intending to sue parent company Meta. Dr Liza Lovdahl Gormsen alleges Meta "abused its market dominance" to set an "unfair price" for free use of Facebook - UK users' personal data. She intends to bring the case to the Competition Appeal Tribunal. A Meta representative said users had "meaningful control" of what information…
Read More

InfoSec News Nuggets 11/04/2021

Toronto subways hit by ransomware as US lawmakers slam 'burdensome' cybersecurity rules The Toronto Transit Commission (TTC) -- which runs the city's public transportation system -- reported a ransomware attack this weekend that forced conductors to use radio, crippled the organization's email system and made schedule information on platforms and apps unavailable. In a statement on Friday, the TTC said it confirmed it was the victim of a ransomware attack after its IT staff "detected unusual network activity…
Read More

InfoSec News Nuggets 10/29/2021

In the middle of a crisis, Facebook Inc. renames itself Meta Facebook Inc. is now called Meta Platforms Inc., or Meta for short, to reflect what CEO Mark Zuckerberg said Thursday is its commitment to developing the new surround-yourself technology known as the “ metaverse.” But the social network itself will still be called Facebook. Also unchanged, at least for now, are its chief executive and senior leadership, its corporate structure and the crisis that has…
Read More