LATEST NEWS


What's going on...

 


Tuesday 19th August 2014.

Employers Will Continue to Monitor Social Media

According to recent research, 1/3 of young people don’t mind if their employers have access to their social media profiles in return for job security. The same report claims that the practice of employers monitoring personal data will become more commonplace.

Employees using social media

This report was based on a survey of 10,000 workers all over the world and 500 HR experts, who suggested that personal information from Facebook, Twitter and other social media services could be used by employers to find out what motivates their staff, reasons why people might want to change jobs and to improve employee well being.

The online monitoring by employers is expected to rise over the next ten years. By then, people who are now 18-32 will form 50% of the worldwide workforce, having different attitudes to technology and personal information. Apparently, younger people more willingly share their personal data with their employers, and more than a third of them say that they would be happy to do so.

On the other hand, companies could make use of their employees’ personal data to measure and anticipate performance and retention issues, just like advertisers and retailers using it to tailor customers’ shopping experience. The researchers also point out that this kind of information profiling could even extend to real-time monitoring of people’ health, providing health guidance to help cut sick leave. The companies can be able to acquire this data by providing measurable benefits for people who hand over their information and building trust via clear rules about how information is acquired, used and shared.

There are also critics of this theory. For instance, the distinguished professor of organizational psychology and health at Lancaster University believes that it features obvious pitfalls. Firstly, people are less likely to believe that if they trade off their privacy rights, an employer can ever guarantee job security. Moreover, he doesn’t understand how the employer’s access to an employee’s social media could possibly result in greater motivation or well being of the staff. He thinks that this initiative is a plain case of trying to figure out what the personnel is doing and thinking, which is nothing else but an intrusion into their private life.

 


Friday 22nd August 2014.

Google Will Introduce Child-Friendly Services

The company seems to be developing versions of video streaming and e-mail services suitable for children under 13. The tech giant was reported to be developing a new version of its products designed specifically for children. Part of the move is creating a child-friendly YouTube and Gmail which would for the first time allow children under 13 to sign up.

 
 


Google seems to be very sensitive to the fact that many people don’t allow their children on YouTube. Apparently, parents are afraid that their children will watch X-rated pop videos or read expletive-laden comments. The company revealed that a new child-friendly version could feature a Google dashboard to provide parents greater control over what their kids are doing on the Internet.

At the moment, Google made no official statement about its developments. In the meantime, the US advocacy group Centre for Digital Democracy believes that such children-friendly services could invade the privacy of millions of children unless designed properly.

For example, in the United Kingdom, the acting director of Big Brother Watch admitted that it was only a matter of time that tech companies started to target their products at younger population. Everyone knows that children are immensely susceptible to advertising and therefore represent a huge untapped source of revenue for the tech giants.

It was also said that it should be imperative that Google or any other company, which directly targets products at younger users, ensures that privacy safeguards are automatically enforced in order to make sure that both parents and children understand what information will be collected, analyzed and used. Otherwise, the companies will run a risk to lose both the parents and children as future users of their service – this is a nightmare for any company in the modern world.

 


Sunday 25th August 2014.

MICROSOFT PHONE SCAM

A senior security researcher from Malwarebytes has played along with a Microsoft technical support scammer, documenting the whole episode in a video, to showcase the social engineering that takes place.

   

The scammers trick people into paying “support” charges by running a fake site that offers antivirus downloads intentionally failing on installation and telling the user to call the scammers. The fake “tech support” convince victims that their machines have a virus infection, install the software and charge annual fees. This kind of scam has already cost victims millions dollars around the world.

Fake error scam


The security company Malwarebytes discovered the new version of the scam. The experts have reported several websites and informed LogMeIn, a legitimate remote support tool used by the scammers, of the codes used so they can be blocked.

Indeed, there are too many fraudulent companies today, which are overly aggressive in reaching out to people by any means. In this business environment, the companies that have started an honest business can realize how easy it is to earn millions using deceptive practices. This can’t be good news for people who are looking for support.

Most of the scammers work from Kolkata in India and use phone directories to cold-call people and convince them they are “from Microsoft” and that their computer has been reported as transmitting viruses. The victims are told they have errors in the system but can solve the problem for up to hundreds of dollars. They use remote support tool to obtain remote access to the system, and help people to “fix” the nonexistent problem.

4 years ago it was exposed how such “support scams” were being run from India. The UK newspaper the Guardian obtained details of 3 people from India and Canada, who allegedly were the leaders of the scam. They were believed to use an online payment company for routing their payments from victims. The newspaper passed all information it collected to police. Two years later, the FTC froze the American bank accounts and assets of some scammers in India under the allegation that thousands of Americans have been tricked into paying for the fake support.

Apparently, this move was not enough to stop gangs in India from scamming victims. As you understand, older people normally are unaware that Microsoft doesn’t make such calls. While the authorities do know that there are many scammers in India and the United States, it is hard to get an exact picture of interconnections between them. Part of the problem is that these groups use multiple identities, sites and phone numbers. As for the abovementioned antivirus scam, it was located in India, but the callers spoke perfect English language, in fact sounding like British. The investigators had to pick upon tiny details which could help to identify various accents and put people involved in the scam on a map – the hint was that accents vary per region in India.

Taking into account that an average support call center receives 3,000 calls a day, and the price for support services is $200-400, these operations turn into a multimillion dollar industry that is being exploited by the scammers every single day.

 


Monday 1st September 2014.

Apple Will Launch New iPhone 6 on September 9

The tech industry expects that Apple’s next iPhone with a larger screen will be unveiled in two weeks. The company confirmed the date of its highly anticipated iPhone 6 launch event by sending out invitations featuring a close-up image of the top of the Apple logo saying “Wish we could say more”.

Apple iPhone 6 release



The event will take place in the Flint Centre in Cupertino. The company is expected to reveal a new larger smartphone at the event, with a 4.7in screen. The new device is expected to compete with larger phones manufactured by Apple’s rivals Samsung, LG, HTC, Sony and even Microsoft. The rumors are that the company will also announce the launch of another new iPhone with a larger 5.5in screen and wearable.

In addition, the industry expects that the new Apple’s smartphone will have a harder, more scratch-resistant sapphire screen. However, the recent indications from the supply chain suggest that the tech giant may struggle to meet demand for the new screen.

Traditionally, the fall event will also mark the launch of the new iPhone and iPad software, iOS 8. The updated system will include lots of new features focused around flexibility and interaction with Apple’s desktop and laptop machines.

Finally, the company’s new Health application is supposed to capitalize on the increasingly popular “quantified self”, collecting information from various fitness trackers and medical devices into a single application. In this connection, many industry observers expect iPhone 6 to also include expanded fitness tracking and health monitoring capabilities.

In the meantime, the market researches suggest that the iPhone 6 may become the biggest launch in Apple’s history. The matter is that the current demand for the new larger smartphone is expected to be extremely high, with iPhone users upgrading to the larger form factor popularized by Android and Windows Phones.

iPhone is what most of Apple customers are waiting for, but the tech giant is also expected to launch a smartwatch later in 2014. This device is expected to compete with the new raft of Google smartwatches from LG, Samsung, Motorola and others. However, it is unknown for sure whether Apple is going to reveal it during the September event.

 


Wednesday 17th September 2014.

75% of Mobile Apps are Vulnerable

According to Gartner report, 3/4 of the tested mobile apps fail the most basic security tests, which poses threats for both individuals and corporations, because enterprise employees use applications downloaded somewhere from the Internet while also using them to access business networks. Such applications can violate enterprise policies and expose enterprises to threats.

 
Most mobile apps are vunerable
 



Gartner experts claimed that enterprises embracing mobile computing and “bring your own device” (also known as BYOD) strategies are mostly vulnerable to security breaches. The only way to protect is believed to be adoption of methods and technologies for mobile app security testing and risk assurance.

Indeed, nowadays far too many enterprises are inexperienced in mobile app security. Moreover, in most cases when application security testing is undertaken, it is done casually by developers who care about not the security of the apps, but about their functionality.

Gartner pointed out that the developers who supply static and dynamic application testing are able to prevent problems on the enterprise. In addition, the security experts explained that a new test called behavioral analysis is now becoming popular for mobile applications. At the moment, over 90% of enterprises today use 3rd-party commercial apps for their mobile BYOD strategies. Apparently, this is where current major app security testing efforts should be applied.

It is not a secret that there are a lot of applications in app stores that prove their advertised usefulness. However, both companies and individuals should use them only considering their security. Security specialists recommend downloading and using only those apps that have successfully passed security tests. In most cases, the biggest problem is misconfiguring devices, for instance by misusing personal cloud service via apps on smartphones or tablets.

 


Wednesday 29th October 2014.

UK Is Seriously Worried about Cybercrime

Many UK citizens have become victims of cybercrime, including identity theft, hacking or abuse on social media. The losses of the country from online fraud exceeded £670 million per year (this is given that many cases go unreported), with the true cost likely to be much higher.

  Should the UK be worried about Cybercrime?  

 

According to the recent research, where over 2,000 people were surveyed, more than 50% of them said they had been a victim of online crime. This category included online-based fraud, ID theft, hacking and Internet abuse. Of those, a half also said they felt violated by their ordeal.

In the meantime, the same research shows that only less than 1/3 of the cybercrime victims had reported the incident. Almost 50% of those affected had no idea who to report an online crime to. However, the experts say this figure is expected to fall as a result of the ongoing work of the national fraud reporting centre. The good thing is that UK citizens who had suffered cybercrime admitted that such experience had shocked them into changing their behavior for the better. For example, almost 50% of them immediately changed their passwords for stronger ones and 42% said they became more vigilant when shopping online.

The statistics showed that for the United Kingdom as a whole, over £670 million was lost to the ten most common online frauds within the last 12 months. These figures show how serious a toll cybercrime can take. This has been no more apparent than in the last weeks, when large-scale personal photo leaks of celebrities happened. Unfortunately, as out lives move to the online world, this is becoming more common.

The security experts explain that people can all take simple steps to protect themselves by such simple ways as putting a password on computers or mobile devices, forgetting about clicking on a link received from an unknown sender and always logging off from an account or website.

As for people who still do not know who to report cybercrime to, the UK authorities remind that if you think you have been a victim of online economic fraud (if you have lost money), you can report it to the organization called Action Fraud – online or by phone. Victims of online abuse or harassment can report it to their local police force. It is also recommended to read general advice on how to stay safe online at getsafeonline.org.

 


Wednesday 4th March 2015.

SIM-Card Database Was Hacked by Government Surveillance Agencies

According to documents newly released by Edward Snowden, US and UK spies hacked into the world’s largest SIM-card manufacturer. This gave them unfettered access to billions of cellphones all over the world. Apparently, this news can spark another international row into overreach by surveillance agencies.

  Has your SIM card been hacked?  

 

It turned out that the National Security Agency (NSA) and its UK peer GCHQ hacked into Gemalto, a Netherlands SIM-card manufacturer, by stealing encryption keys – this allowed the agencies to secretly monitor voice calls and data. In other words, this hack enabled the agencies to monitor a large portion of the world’s cellular communications. This, of course, violates international laws.

The Electronic Frontier Foundation (EFF) claimed there was no doubt that NSA and GCHQ had violated Dutch law and are likely to violate laws in many other countries where they used the hacked keys. The consumer privacy outfits also point out that the scale of the hack and its international reach will once again reopen wounds in the diplomatic community. As you know, the US government faced intense criticism from Germany, Brazil, other nations and its own citizens over information disclosed by Snowden.

It became known, for example, that Angela Merkel, the German chancellor, was the target of an NSA spying campaign, and this soured US-German relations. Brazil’s president Dilma Rousseff has also accused the US agency of violating international law.

As for the SIM-card manufacture hack, the attacks could still be ongoing. The Netherlands company produces 2bn SIM-cards each year for major clients: AT&T, Sprint, T-Mobile and Verizon. Gemalto operates in 85 countries and provides SIM-cards to about 450 wireless network providers all over the world.

Encryption keys stolen by NSA and GCHQ would allow them to monitor mobile communications without the consent or knowledge of telecom companies or foreign governments. As you know, calls made on 3G and 4G mobile networks are encrypted, but with the encryption keys any communication made on a device can be accessed (unless you use an extra layer of encryption).

The recent news means that it is difficult for anyone to trust the security of a cellphone, and the situation is unlikely to change anytime soon. Apparently, there is no reason for people to trust their network providers at this point, because their systems remain insecure. So, the stolen keys would allow the spy agencies to target whoever they wanted, even in countries where the government will not cooperate.

As for Gemalto, the company was totally oblivious to the penetration of its systems and promised to do its best to ensure that it doesn’t happen again. It turned out that the company was targeted by the Mobile Handset Exploitation Team (MHET), a unit formed by the surveillance agencies 5 years ago to target vulnerabilities in cell phones. The encryption keys were stolen in a clandestine operation targeting the email and Facebook accounts of Gemalto employees.

 


Thursday 5th March 2015.

YouTube Will Offer Advert-Free Subscription Service

Google, YouTube’s parent company, is going to launch a YouTube subscription service for those users who are tired of advertisements they have to see before viewing the video. According to YouTube’s head of content and business operations, the streaming service is currently “fine-tuning the experience”. YouTube also said that a subscription offering was very important to the service, because too many viewers are being annoyed by having to sit through adverts.

  Has your SIM card been hacked?  

 

Indeed, the online video service has been exploring its paid, advert-free version for a while now: for example, a pilot program was introduced back in 2013. It allowed individual content providers to charge viewers a subscription fee for obtaining access to a particular video channel.

Google also launched its YouTube Music Key service a few months ago. It still works in an invite-only beta form and allows viewers to watch music videos without ads. However, the users are shown advertisements on other types of videos.

This novelty would allow the most popular streaming service to compete with such companies as Netflix. YouTube admits that this move would represent a significant change for the service, whose free ad-supported videos are viewed by over a billion users per month.

Within the 2013 pilot project, 29 channels went live. The list of YouTube partners in the project included Sesame Street, UFC, National Geographic, PGA and Magnolia Pictures. They charged a fee starting from $0.99 per month for paid channels that would sit alongside their free videos on the service. However, some of partners had to admit that their paid channels had got off to a slow start. National Geographic was one of the companies who had to admit that they failed to set the world on fire with the new strategy.

YouTube’s head of content and business operations also pointed out that YouTube’s growth had accelerated despite competition from other services. This is why Google is eager to encourage its best content creators via such schemes as Google Preferred. The latter was launched in 2014 and packages together the most popular YouTube channels and sells advertisements across them up front – just like the traditional TV commercials are sold.

 


Tuesday 21st April 2015.

UK Holidaymakers Lost Millions in Online Scams in 2014

The recent report from the National Fraud Intelligence Bureau showed that fraudsters managed to extort up to £2.2 million from the holidaymakers of the United Kingdom over 2014 in online scams. For example, cyber criminals, who wanted to extort cash from unsuspecting customers, targeted online booking companies. In this case, people discovered they have been cheated only upon arrival at their accommodation, when they were surprised to find out that no booking has been made for them.

  Has your SIM card been hacked?  

 

A number of industry players, including a travel association, the police and the government-backed Get Safe Online service, warned the public to be cautious when booking a holiday online.

According to the report, one member of the public lost as much as £62,000 in a fraud connected with a bogus timeshare scheme. The most alarming fact is that losses were not only financial, as 1/3 of victims said that the fraud severely affected their health and financial wellbeing. More than 150 victims also claimed that they had to receive medical treatment in result of the crime.

In most cases, there are spikes of reported fraud during the summer months and before Christmas, bringing a lot of disappointed holidaymakers. People aged 30-50 are most commonly targeted. Most of the victims paid via bank transfer or cash, which means that there was no way to get their money back. Just a small percentage paid by bank card, where some form of redress is available.

The statistics show that over 1,500 cases of holiday booking fraud were reported to the police within a year. These are usually cases of fake plane tickets, hacking accounts, posting bogus advertisements on the Internet and running dodgy sites. The report revealed that sports and religious trips were an attractive target because of limited availability and higher prices. For example, the Commonwealth Games in Glasgow and World Cup in Brazil were targeted last year, where lots of people have paid for non-existent accommodation or tickets.

One case especially stands out: a family traveled for 5 hours to spend a week-long break in Cornwall, for which they paid £1,500, and there they found out that the website had been hacked and the bank details altered. As a result, they could not use the accommodation or get their money back. Then, an expensive trip of 3 generations of the same family to Istanbul was ruined when their £2,500 booking was taken by a fake travel agent.

 


Friday 23rd October 2015, 08:37

ISP TALKTALK HAS BEEN HACKED AGAIN!

 

talktalkhacked
 

 

ISP TalkTalk has been hacked with the possibility of millions of customer bank account details compromised.

The company, which currently has about four million customers, said it was "too early to say" how many were affected.

TalkTalk have said: "Identifying the extent of information accessed is part of the investigation that’s underway, the website was now secure again and it has contacted major banks to monitor for any suspicious activity on customers' accounts."

TalkTalk have contacted customers: "We are very sorry to tell you that on Thursday 22nd October a criminal investigation was launched by the Metropolitan Police Cyber Crime Unit following a significant and sustained cyberattack on our website on Wednesday 21st October."

In a statement TalkTalk said: "We would like to reassure you that we take any threat to the security of our customers’ data very seriously. We constantly review and update our systems to make sure they are as secure as possible and we’re taking all the necessary steps to understand this incident and to protect as best we can against similar attacks in future. Unfortunately cyber criminals are becoming increasingly sophisticated and attacks against companies which do business online are becoming more frequent."

I's not the first time TalkTalk have been comprimised, in February TalkTalk customers were warned about scammers who managed to steal account numbers and names from the company's computers. TalkTalk then said it had sent the email to every customer although only a few thousand account numbers went astray.

In the latest incident, TalkTalk said in a message to customers: "We are contacting all our customers straight away to let them know what has happened and we will keep you up to date as we learn more."

"We have taken all necessary measures to secure our website following the attack. Together with cybercrime experts, the security services and the police, we’re continuing to complete a thorough investigation. We’ve contacted the major banks, and they will be monitoring for any suspicious activity on our customers’ accounts. We have also contacted the Information Commissioner’s Office."

TalkTalk advised customers to keep an eye on their bank accounts & credit cards over the next few months and anything unusual should be reported to banks and Action Fraud as soon as possible.

Action Fraud is the UK’s national fraud and internet crime reporting centre, and they can be reached on 0300 123 2040 or via www.actionfraud.police.uk.

TalkTalk said: "If you are contacted by anyone asking you for personal data or passwords (such as for your bank account), please take all steps to check the true identity of the organisation. Check your credit report with the three main credit agencies: Call Credit, Experian and Equifax - TalkTalk have vowed to offer all customers, one years free credit protection monitoring service.

Given today's online crimnal activity and the breaches TalkTalk and other organisations have suffered by hackers, Dido Harding, chief executive of #TalkTalk revealed: "'I can't confirm that the data has been encrypted", you have to ask yourself why, TalkTalk has not implemented encryption on their servers to protect their customers.

A hacking group called 'TalkTalk hackers' have claimed responsibilty, they appear to be cyber-jihadist group based in Russia.

 

Back to Top