Subterms
JLStock/Shutterstock ZDNET Recommends My day started rough. It was 7 a.m., and I was just partially through my first cup of coffee, when I noticed a new message in my email inbox. It was from PayPal and the subject line said, “You’ve got a money request.” And so began my first look at this three-pronged […] More
Google’s decision to use Rust for new code in Android in order to reduce memory-related flaws appears to be paying off. Memory safety vulnerabilities in Android have been more than halved — a milestone that coincides with Google’s switch from C and C++ to the memory-safe programming language, Rust. This is the first year that […] More
Illustration: Maria Diaz | ZDNET – Photo: MaryAnnShmueli via Getty Images Eufy’s claims to keep “privacy in your own hands” have been rendered null, after a researcher caught the security camera company uploading local-only footage to the cloud without user authorization or knowledge. To top it all off, users have also been made aware that […] More
SARINYAPINNGAM/Getty Images/iStockphoto Bitwarden is one of many password managers on the market, most of which include a bevy of features. As more and more people start using a password manager in their daily life, the creators of the tools add extra features to make them more appealing. ZDNET Recommends One such feature you might find […] More
StackCommerce In this day and age, if you’re not using a password manager, chances are pretty good you might be using passwords that are weak enough to be cracked by any hacker. And given how rampant password-based attacks and data breaches are, you should consider making use of a password manager. ZDNET Recommends Why? Because […] More
Image: Getty ZIP and RAR files have overtaken Office documents as the file most commonly used by cyber criminals to deliver malware, according to an analysis of real-world cyber attacks and data collected from millions of PCs. The research, based on customer data by HP Wolf Security, found in the period between July and September […] More
Hackers who breached Medibank’s systems have dumped another batch of data on the dark web, along with claims the files contain all of the data they took in a heist that impacted 9.7 million customers. The Australian insurance group confirms six zipped files of data have been released, while government officials reiterate the overdue need to overhaul the country’s cyber strategy. Medibank on Thursday said it was analysing the data, which was released overnight on the dark web, but added that the files appeared to comprise customer information compromised in the breach. First announced in October, the security incident affected 9.7 million current and former customers as well as some of their authorised representatives. Amongst those impacted were 1.8 million international customers. Before the latest data dump, hackers involved in the theft had released the files in batches along with demands for ransom. Medibank had said it would not pay any ransom.In its statement Thursday, the insurance company said there was no indication financial or banking details had been compromised and the stolen data alone was insufficient to facilitate identity or financial fraud. It further noted that the raw data, so far, had been determined to be incomplete and difficult to understand. This remained so for the latest six zipped files, which were released in a folder tagged “full”, Medibank said, adding that the health data released was not matched up with customer and contact details. Australia’s Attorney-General Mark Dreyfus said the government was aware of the latest data dump and confirmed “agencies” were looking into it. A review of the country’s Privacy Act also was slated to be completed by year-end, Dreyfus said when asked about how legislation should be further updated, following the recent increase in penalties for data breaches. Speaking in an interview with ABC Radio Melbourne, he said: “This is a really outdated piece of legislation. We need to have a wholesale reform of it.”Dreyfus added that he would be working on a “complete revision” of the Privacy Act next year. Until then, he noted that the significant increase in financial penalties should serve as an incentive for local organisations that stored personal information of Australian residents to ensure they took better care of the data and adopted better security measures. The government last month passed a legislation to push up maximum financial penalties for serious or repeated data breaches to AU$50 million ($32.34 million), from its previous AU$2.22 million, or three times the value of any benefit obtained through the data misuse, or 30% of the company’s adjusted turnover in the relevant period, whichever is greater. RELATED COVERAGE More
Image: Getty Images Google on Wednesday shared the details of newly exposed exploitation frameworks capable of deploying spyware to targeted devices. Dubbed the “Heliconia” exploits, they appear to have ties to the Spanish company Variston IT, according to Google Threat Analysis Group (TAG). Heliconia targets n-day vulnerabilities, meaning that there are already patches available for […] More
