Clubhouse chatroom app closes down site rebroadcasting content

Incident prompts fears for latest Silicon Valley craze’s ability to guarantee users’ security and privacy

Clubhouse, the audio-chatroom app that has emerged as the latest craze to consume Silicon Valley, has shut down a site that was rebroadcasting the platform’s content, renewing concerns over the service’s ability to provide security and privacy for its users.

The app, currently available only on iPhones, allows users to quickly and easily set up and discover panel-style discussions, with a small group of speakers and potentially thousands of listeners in each room. It has been strictly limited since its launch in April, with users requiring an invitation before they can create an account. It initially gained popularity in the tech and venture capitalist community of the San Francisco Bay area.

Continue reading…

from Data and computer security | The Guardian https://ift.tt/2NAwGmq
via IFTTT

Fears over DNA privacy as 23andMe goes public in deal with Richard Branson

Genetic testing company with 10 million customers’ data has ‘huge cybersecurity implications’

The genetic testing company 23andMe will go public through a partnership with a firm backed by the billionaire Richard Branson, in a deal that has raised fresh privacy questions about the information of millions of customers.

Launched in 2006, 23andMe sells tests to determine consumers’ genetic ancestry and risk of developing certain illnesses, using saliva samples sent in by mail.

Related: Your DNA is a valuable asset, so why give it to ancestry websites for free? | Laura Spinney

Continue reading…

from Data and computer security | The Guardian https://ift.tt/3tGKuw7
via IFTTT

Insurers ‘funding organised crime’ by paying ransomware claims

Exclusive: former cybersecurity chief calls for law change and warns situation is ‘close to getting out of control’

Insurers are inadvertently funding organised crime by paying out claims from companies who have paid ransoms to regain access to data and systems after a hacking attack, Britain’s former top cybersecurity official has warned.

Ciaran Martin, who ran the National Cyber Security Centre until last August, said he feared that so-called ransomware was “close to getting out of control” and that there was a risk that NHS systems could be hit during the pandemic.

Continue reading…

from Data and computer security | The Guardian https://ift.tt/3pgTd5r
via IFTTT

Malware reportedly found on laptops given to children in England

Investigation launched after teachers warn of worm on devices handed out by government for home schooling

An investigation has been launched into reports that some of the laptops handed out to vulnerable children for homeschooling in England are infected with malware.

According to an online forum, teachers from a school in Bradford noticed the issue and believe it contacts Russian servers.

Continue reading…

from Data and computer security | The Guardian https://ift.tt/39TEqY4
via IFTTT

Global cyber-espionage campaign linked to Russian spying tools

Kaspersky investigators uncover evidence that may support US claims Moscow was behind attack

A Moscow-based cybersecurity company has reported that some of the malicious code employed against the US government in a cyber-attack last month overlaps with code previously used by suspected Russian hackers.

The findings by Kaspersky investigators may provide the first public evidence to support accusations from Washington that Moscow was behind the biggest cyber-raid against the government in years, affecting 18,000 users of software produced by SolarWinds, including US government agencies.

Related: What you need to know about the biggest hack of the US government in years

Continue reading…

from Data and computer security | The Guardian https://ift.tt/3q9T9V6
via IFTTT

Data breach hits 30,000 signed up to workplace pensions provider

Fraud worries as UK company Now:Pensions says ‘third-party contractor’ posted personal details of clients to online public forum

About 30,000 customers of Now:Pensions face an anxious Christmas after a serious data breach at the pensions provider led to their sensitive personal details being posted on the internet.

In an email sent to affected customers, the workplace pensions firm warned that names, postal and email addresses, birth dates and National Insurance numbers all appeared in a public forum online.

Continue reading…

from Data and computer security | The Guardian https://ift.tt/34EkLJS
via IFTTT

iPhones vulnerable to hacking tool for months, researchers say

Analysis: NSO Group’s Pegasus spyware could allegedly track locations and access passwords

For almost a year, spyware sold by Israel’s NSO Group was allegedly armed with a computer security super-weapon: a zero-footprint, zero-click, zero-day exploit that used a vulnerability in iMessage to seize control of an iPhone at the push of a button.

That means it would have left no visible trace of being placed on target’s phones, could be installed by simply sending a message that the victim didn’t even need to click on, and worked even on phones that were running the then-latest version of iOS, the operating system for iPhones.

Continue reading…

from Data and computer security | The Guardian https://ift.tt/34yI1ce
via IFTTT

Outing of FSB hit squad highlights Russia’s data security problem

Analysis: trade in stolen data is a boon for investigators and a headache for Kremlin

In early 2019, the journalist Andrey Zakharov managed to buy his own phone records and banking records in a groundbreaking investigation into Russia’s thriving markets in stolen personal data, in which law enforcement and telecoms employees can be contracted anonymously to dip into their systems and pull out sensitive details on anyone.

A year and a half later, investigators from Bellingcat and the Insider used some of the same tools and clever analysis to out a secret FSB team that had been tasked with killing Alexei Navalny using a novichok nerve agent.

Related: Russian FSB hit squad poisoned Alexei Navalny, report says

Related: ‘We got really lucky’: how novichok suspects’ identities were revealed

Continue reading…

from Data and computer security | The Guardian https://ift.tt/3mq7LgW
via IFTTT

‘Antiquated process’: data regulator on obtaining Cambridge Analytica warrant

UK information commissioner calls for international approach to emerging threat

The information commissioner has criticised the “antiquated process” that led to Facebook getting hold of Cambridge Analytica’s servers before the UK regulator itself, and renewed calls for an international approach to data privacy to tackle the emerging threat of data havens.

Elizabeth Denham, the information commissioner, spoke to Damian Collins MP, the former chair of the digital, culture, media and sport committee, who led the parliamentary enquiry into disinformation, on his podcast Infotagion. She described discovering that Facebook was inside the offices of defunct electioneering consultancy Cambridge Analytica while in the middle of an interview with Channel 4’s Jon Snow.

Continue reading…

from Data and computer security | The Guardian https://ift.tt/3kZkMgT
via IFTTT

Twitter hires veteran hacker Mudge as head of security

Peiter Zatko’s appointment follows mass attack on social media platform in July

Twitter has appointed one of the world’s most respected hackers as its new head of security in the wake of a humiliating mass attack in July.

The company has placed Peiter Zatko in charge of protecting its platform from threats of all varieties, poaching him from the payments startup Stripe. Zatko is better known as Mudge, his handle for more than 20 years of operation on both sides of the information security arena.

Related: Why are public thinkers flocking to Substack? | Sean Monahan

Continue reading…

from Data and computer security | The Guardian https://ift.tt/2UAZE5K
via IFTTT