Menu

Blog

Archive for the ‘cybercrime/malcode’ category: Page 9

May 11, 2024

Are You Ready for Tech That Connects to Your Brain?

Posted by in categories: business, cybercrime/malcode, education, neuroscience

Imagine having telepathic conversations with loved ones, instantaneously accessing superhuman computational power, playing back memories and dreams, or immersing yourself and every sense you possess into a virtual entertainment experience. In the distant future, if brain-computer interfaces (BCIs) are successful at reading and writing information to the brain, and if humans adapt to the technology, we could experience some pretty amazing scenarios. But, there are many outstanding questions for how we could ensure a bright future: Who will own the data generated by our brains? Will brain data be bought and sold by data brokers like other personal information today? Will people be forced to use certain BCIs that surveil their brain activity (for example, to make sure you’re paying attention at work and school)? Will BCIs put peoples’ brains at risk of being hacked? As with all new technology, more of these philosophical questions will need to be investigated and answered before there is widespread adoption and use of BCIs in the future.

Page-utils class= article-utils—vertical hide-for-print data-js-target= page-utils data-id= tag: blogs.harvardbusiness.org, 2007/03/31:999.274997 data-title= Are You Ready for Tech That Connects to Your Brain? data-url=/2020/09/are-you-ready-for-tech-that-connects-to-your-brain data-topic= Technology and analytics data-authors= Lauren Golembiewski data-content-type= Digital Article data-content-image=/resources/images/article_assets/2020/09/Sep20_28_3191098-383x215.jpg data-summary=

Who owns that data?

May 11, 2024

JPMorgan Chase Suffers Data Breach Affecting Personal Information of 451,809 Customers

Posted by in categories: cybercrime/malcode, finance

JPMorgan Chase says it has discovered a data breach affecting the personal information of nearly half a million customers.

New filings with the Office of the Maine Attorney General show the banking giant recently found a software issue that’s been active since August 26th, 2021.

The bug allowed unauthorized access to retirement plan records of 451,809 customers, which contain names, addresses, Social Security numbers and bank account numbers.

May 11, 2024

Google Cloud accidentally deletes UniSuper’s online account due to ‘unprecedented misconfiguration’

Posted by in category: cybercrime/malcode

The UniSuper CEO, Peter Chun, wrote to the fund’s 620,000 members on Wednesday night, explaining the outage was not the result of a cyber-attack, and no personal data had been exposed as a result of the outage. Chun pinpointed Google’s cloud service as the issue.

In an extraordinary joint statement from Chun and the global CEO for Google Cloud, Thomas Kurian, the pair apologised to members for the outage, and said it had been “extremely frustrating and disappointing”

They said the outage was caused by a misconfiguration that resulted in UniSuper’s cloud account being deleted, something that had never happened to Google Cloud before.

May 10, 2024

Dell Confirms Database Hacked—Hacker Says 49 Million Customers Hit

Posted by in category: cybercrime/malcode

Computer hardware giant Dell is sending emails alerting customers to a data breach that, according to a Dark Web hacker forum sales post, impacts 49 million users.

May 6, 2024

New ‘Cuckoo’ Persistent macOS Spyware Targeting Intel and Arm Macs

Posted by in category: cybercrime/malcode

A new malware called “Cuckoo” is on the loose, targeting both Intel and ARM-based Macs.

May 6, 2024

Hackers Increasingly Abusing Microsoft Graph API for Stealthy Malware Communications

Posted by in category: cybercrime/malcode

Nation-state hackers have a new trick — turning Microsoft’s own cloud services into secret command centers to launch attacks undetected.

May 3, 2024

Malicious Android Backdoor Lets Hackers Steal Your Phone’s Content

Posted by in categories: cybercrime/malcode, mobile phones

Don’t let this dangerous malware onto your phone.

May 3, 2024

Android malware posing as a fake Chrome update is stealing banking app logins

Posted by in categories: cybercrime/malcode, finance, mobile phones

Some online scams are more conspicuous than others, but the most insidious can be especially tricky to spot. For instance, last week, cybersecurity firm ThreatFabric uncovered a new Android malware family that cleverly disguises itself as a Google Chrome update. Before you click a link claiming to provide updates for Chrome, be sure that it isn’t fake.

ThreatFabric analysts found the malware — which they dubbed Brokewell — on a fake browser update page designed to fool people into downloading a malicious app. If the page manages to fool you, you’ll end up downloading seriously dangerous malware.

May 1, 2024

Collection agency data breach affects millions of users

Posted by in categories: business, cybercrime/malcode, finance

An American debt collection agency suffered a data breach in late February, losing sensitive data belonging to almost two million people.

Earlier this week, Financial Business and Consumer Solutions (FBCS) sent a data breach notification letter to affected customers, explaining that unauthorized third parties accessed its systems on February 14, 2024, and remained there until being spotted, and ousted, on February 26.

Apr 29, 2024

Account compromise of “unprecedented scale” uses everyday home devices

Posted by in category: cybercrime/malcode

Authentication service Okta is warning about the “unprecedented scale” of an ongoing campaign that routes fraudulent login requests through the mobile devices and browsers of everyday users in an attempt to conceal the malicious behavior.

The attack, Okta said, uses other means to camouflage the login attempts as well, including the TOR network and so-called proxy services from providers such as NSOCKS, Luminati, and DataImpulse, which can also harness users’ devices without their knowledge. In some cases, the affected mobile devices are running malicious apps. In other cases, users have enrolled their devices in proxy services in exchange for various incentives.

Unidentified adversaries then use these devices in credential-stuffing attacks, which use large lists of login credentials obtained from previous data breaches in an attempt to access online accounts. Because the requests come from IP addresses and devices with good reputations, network security devices don’t give them the same level of scrutiny as logins from virtual private servers (VPS) that come from hosting services threat actors have used for years.

Page 9 of 212First678910111213Last