More stories

  • in

    Your biggest cyber-crime threat has almost nothing to do with technology

    Image: Getty/Shannon Fagan You’re asked about the biggest cybersecurity threats faced by business – which ones spring to mind first? Maybe it’s relentless ransomware attacks, with cyber criminals encrypting networks and demanding vast sums for a decryption key – even from hospitals. Or maybe it’s a sneaky malware attack, which lets hackers hide inside the network for […] More

  • in

    Here are the top phone security threats in 2022 and how to avoid them

    Oscar Wong / Getty Our mobile devices are now the keys to our communication, finances, and social lives — and because of this, they are lucrative targets for cybercriminals.  Whether or not you use a Google Android or Apple iOS smartphone, threat actors are constantly evolving their tactics to break into them.  This includes everything […] More

  • in

    Scalahosting deal: Get an extra 10% off website and VPS hosting

    Shutterstock Hosting and managing your website can be tricky business. Scalahosting is here to help your website flourish with managed VPS hosting so you can host your website and but worry less about maintenance such as software installations, technical issue resolutions, and more. Right now, if you’re in the market for a new VPS hosting or […] More

  • in

    The biggest cyber-crime threat is also the one that nobody wants to talk about

    Image: Getty The most lucrative form of cyber crime might not be the one you first expect.   While ransomware gets global attention when it takes down vital services and cyber criminals get away with multi-million dollar ransom payments, there’s another big cybersecurity issue that’s costing the world more money, but remains an embarrassing secret […] More

  • in

    Google Chrome security update fixes 'high risk' flaws

    Image: Shutterstock Google has released security updates for Google Chrome browser for Windows, Mac and Linux, addressing vulnerabilities that could allow a remote attacker to take control of systems.  There are 11 fixes in total, including five that are classed as high-severity. As a result, CISA has issued an alert encouraging IT administrators and regular […] More

  • in

    Windows 11 is getting a new security setting to block ransomware attacks

    Microsoft is rolling out a new security default for Windows 11 that will go a long way to preventing ransomware attacks that begin with password-guessing attacks and compromised credentials.  The new account security default on account credentials should help thwart ransomware attacks that are initiated after using compromised credentials or brute-force password attacks to access […] More

  • in

    Didi slapped with $1.1B fine for breaching China data security laws

    Didi Global has been fined 8 billion yuan ($1.18 billion) for breaching China’s cybersecurity and data security laws. The Chinese ride-sharing operator is accused of 16 illegal practices involving the collection of passenger data. Cyberspace Administration of China (CAC) said Thursday Didi had violated the country’s cybersecurity and data security laws. The industry regulator pointed to the Cybersecurity Law, Data Security Law, and Personal Information Protection Law (PIPL), reported state-run media agency China Daily.CAC said Didi had illegally collected its users’ personal data, including 107 million pieces of passengers’ facial recognition details as well as their photos and short messages. In addition, the company’s CEO Cheng Wei and president Liu Qing were each fined 1 million yuan ($148,070), in accordance with the respective regulations. Didi posted a statement Thursday on Chinese microblogging platform Weibo acknowledging the government’s decision. It said it would comply with the fine order. The Beijing-based company added that it would conduct an internal assessment and cooperate with CAC to beef up its cybersecurity, data security, and personal data security measures.Thursday’s announcement comes a year into CAC’s probe of Didi’s cybersecurity practices, which had kicked just days after the company made its debut on the New York Stock Exchange. Didi in July 2021 was instructed to remove its app from local appstores, after CAC said it had breached regulations governing the collection and use of personal data. The regulator had put the company under a cybersecurity review to “prevent national data security risks” and safeguard public interest. Didi delisted from the New York Stock Exchange in June 2022. Hackers earlier this month claimed to have access to personal data of 1 billion residents in China, after putting the information on sale via an online forum. They allegedly retrieved the data from the Shanghai National Police, though, the Chinese government had yet to publicly acknowledge the leak. Reports emerged last week that Alibaba had been called in by Shanghai authorities over the breach. According to the Wall Street Journal, which cited unnamed sources, the affected database’s administrative dashboard was left open without a password for more than a year. The data was hosted on Alibaba Cloud. CAC in January this year released draft laws that would require, amongst others, mobile apps to be licensed if they provided news and to go through a security assessment if they influenced public opinion. They also must adhere to cybersecurity guidelines and not endanger national security. The proposed legislation would further regulate services provided via mobile apps and ensure these operated alongside the country’s other laws, including the PIPL and Data Security Law, CAC then said. RELATED COVERAGE More