More stories

  • in

    This Windows 11 security feature makes your PC 'very unattractive' to password hackers

    Image: Getty Images/Maskot Microsoft has introduced a new default to shield Windows 11 machines against password attacks which ought to make them “a very unattractive target” for hackers trying to steal credentials. The latest preview of Windows 11 ships with the SMB server authentication rate limiter on by default, making it much more time-consuming for […] More

  • in

    Programming languages: It's time to stop using C and C++ for new projects, says Microsoft Azure CTO

    Image: Deagreez/GETTY Mark Russinovich, the chief technology office (CTO) of Microsoft Azure, says developers should avoid using C or C++ programming languages in new projects and instead use Rust because of security and reliability concerns. Rust, which hit version 1.0 in 2020 and was born at Mozilla, is now being used within the Android Open […] More

  • in

    Optus security breach compromises customers' passport details

    Optus has suffered a security breach that it says may have compromised various customer data, including dates of birth, email addresses, and passport numbers. Information belonging to both current and former customers of the Australian mobile operator are impacted in the security incident. Optus said Thursday it was looking into “possible unauthorised access” of customer data following a cyber attack, but did not reveal details of what systems were affected, when the breach was discovered, or how many customers mights be impacted. Its CEO Kelly Bayer Rosmarin, though, said: “We have been subject to a cyberattack that has resulted in the disclosure of our customers’ personal information to someone who shouldn’t see it. As soon as we knew, we took action to block the attack and began an immediate investigation.”Rosmarin noted that while not all customers might be affected, investigations still were ongoing. According to Optus, the security breach could have compromised various customer data, including dates of birth, phone numbers, and email addresses, as well as additional information such as addresses and identification document details that included driver’s licence and passport numbers for a specific group of customers. Financial details and account passwords were not affected by the breach, the Australian operator said. However, it said major financial institutions were notified about the breach. It also urged customers to keep watch on unusual or potential fraudulent activities.Optus said it had notified the relevant authorities, including the Australian Federal Police, and was working with the Australian Cyber Security Centre on the incident. A wholly-owned subsidiary of Singtel, Optus is Australia’s second-largest telco. In 2019, it had some 10.2 million mobile subscribers. The carrier was involved in previous data privacy incidents, including a 2013 breach in which the operator accidentally published the names, addresses, and mobile phone numbers of 122,000 customers without their consent. In a 2008 incident, Optus left open the management ports of Netgear and Cisco Systems modems to facilitate remote access, leaving customers who did not change the default administrative passwords on the appliances vulnerable to potential hacks. RELATED COVERAGE More

  • in

    Windows 11 22H2: These are the big new security features

    MoMo Productions/Getty Windows 11 22H2 is now arriving, and as well as new features, Microsoft’s latest operating system update also brings security upgrades. With ransomware, sophisticated hacking attacks, and phishing threats showing no sign of abating, Microsoft has rethought security in Windows 11 with the aim of blocking more threats by default.  Windows 10 had […] More

  • in

    China-US rift will intensify decoupling in tech, financial systems

    Persistent geopolitical tensions likely will lead to greater decoupling, including in crucial technologies as the rift between China and the US continues to deepen. Efforts from the two economic giants to diversity their respective core technologies and supply chains will result in different branches of key technologies, such as artificial intelligence (AI) and 5G communications.As globalisation softens, there will be less cost efficiency, less technology transfer, and less innovation. Ultimately, this will lead to less productivity growth, according to Ravi Menon, managing director of Monetary Authority of Singapore (MAS). The head of Singapore’s central bank was during his keynote Tuesday at SuperReturn Asia Conference, where he discussed key uncertainties in the global economy today. Menon pointed to two major geopolitical tensions today between Europe and Russia as well as the US and China that were likely to persist over the medium term and lead to economic fragmentation. Specifically, he noted that the “strategic rivalry” between China and the US was deepening across multiple fronts, he said, leading to increased decoupling in technology, finance, and trade. The Sino-US trade conflict had dampened global trade, where tariffs implemented by both countries on each other had contributed to supply chain frictions and price pressures, he said. As both countries looked to reduce their reliance on each other, he cautioned of an increasing risk critical technologies would be fragmented.Menon said: “As the two countries diversify their respective technology bases and supply chains, the development of important technologies such as semiconductors, AI, and 5G telecommunications will increasingly bifurcate.”He also highlighted the US government’s restrictions on the export of advanced chips to China, which were widely used to power AI, and the blocking of cross-border mergers and acquisitions between tech companies on both sides over anti-monopoly and national security issues. Frictions between the two nations also had impacted both markets’ financial systems, where increased scrutiny of Chinese listings in the US had led to some Chinese companies considering a move to delist from US markets. In addition, China–along with other countries–were looking to reduce their dependence on the US dollar and payment system. Over time, Menon noted, these developments could result in a more fragmented global financial systems. “The growing decoupling between the US and China in trade, technology, and finance are likely to have far-reaching economic consequences,” he said. “At the broad macro level, this decoupling cannot be good for global economic growth. At the micro level, there will be adjustments in supply chains, trading relationships, technology procurements, and financial arrangements that will have differentiated implications across countries and sectors.”RELATED COVERAGE More

  • in

    Indonesia finally passes personal data protection law

    Indonesia finally has passed its personal data protection law that has been in discussions since 2016. The government believes the new Bill will be critical amidst a spate of data security breaches in the country. Indonesia’s House of Representatives earlier this month approved the Personal Data Protection (PDP) Bill, paving the way for its ratification on Tuesday. The country now joins other jurisdictions in Southeast Asia that have dedicated personal data protection laws, including Singapore and Thailand. Communications and Informatics Minister Johnny G. Plate had hailed the approval as a milestone and key to driving connectivity and advancements for the local digital sector. Plate said laws to safeguard personal data would help boost and facilitate the management of data security breaches, according to statutory board and state-owned news agency, Antara.Indonesian President Joko Widodo last week underscored the urgent need for relevant ministries to coordinate and investigate alleged breaches of personal data. The National Cyber and Encryption Agency on September 13 said it was investigating claims made by hackers, dubbed “Bjorka”, that they had access to the data of several government websites, presidential letters, and confidential documents from the intelligence agency. The same hackers in August said they obtained information from SIM card users, including their national identification number and contact details.That same month, personal details of 17 million customers of state-run electricity provider PT PLN (Persero) were leaked as were the data of 26 million customers of Telkom Indonesia’s internet and digital TV service IndiHome.The security breaches highlighted the urgent need for the data protection bill to maintain public trust, especially as personal information was required for public services and processed digitally, said Antara. Identity card numbers (NIKs), for example, often were used for registration of online apps and to process the purchase of train tickets.Citing stats from Surfshark, Antara said Indonesia ranked third as the country most affected by data breaches in the third quarter of 2022, with 12.7 million local accounts compromised.House of Representatives Speaker Puan Maharani said Monday: “This PDP Bill will provide legal assurance that every citizen, without exception, [has full control] over their personal data. Thus, there will be no more tears from the people due to online loans that they don’t ask for, or doxxing that makes people uncomfortable.” Maharani said derivative rules, including the establishment of a supervisory agency tasked to protect the public’s personal data, could be formed immediately after the Bill was ratified. She added that it would serve as a guide for ministries, agencies, and policy makers to main a robust national digital security environment.The Bill also is expected to bring together all existing and additional regulations into one. Indonesia currently has 32 laws governing the protection of personal data. Modelled on European Union’s General Data Protection Regulation (GDPR), Indonesia’s PDP Bill comprises various global components that are not included in its local regulations, such as sensitive personal data and data protection officer. The Bill will regulate all forms of data processing, including acquisition and collection, storing, updating and correcting, as well as deleting, according to Andre Rahadian, a partner and founding member of law firm Hanafiah Ponggawa & Partners (Dentons HPRP). Under the PDP Bill, for instance, personal data controllers will be required to update and correct errors in personal data within 24 hours after receiving the request to do so. The Bill also specifies underlying documents or circumstances under which personal data may be transmitted outside Indonesia, such as pre-obtained approval of the personal data owner and bilateral international agreements. It includes corporate penalties of up to 2% of an organisation’s annual revenue and up to six years jail terms for those deemed to have breached the law. Indonesia has an estimated 220 million internet users. The country also was projected to account for 40% of Southeast Asia’s 2021 e-commerce gross merchandise value (GMV), at $70 billion, according to the 2021 e-Conomy Southeast Asia report, which covers six regional markets: Singapore, Malaysia, Vietnam, Indonesia, Thailand, and the Philippines. The study also revealed that 80% in Indonesia had made at least one purchase online.RELATED COVERAGE More