Cyber Bites

Following San Francisco, Boston is now the second-largest city in the world to ban the use of facial recognition technology by police and city agencies, as well as the procurement of facial surveillance from a third party. This was determined on Wednesday, with a veto-proof majority and is with Mayor Martin J. Walsh who will review it. In support of this ban, Councilor Ricardo Arroyo cited the 2018 MIT study which found an error rate...

South Korean multinational LG Electronics have supposedly had their website breached and locked by Maze ransomware operators. No details about this attack have been released as of yet, but the cyber criminals claim to have stolen proprietary information for projects involving big US companies. If their ransom demands are not met, or contact with the breached entity halts, these operators publish the information they have. Source: Bleeping Computer

Sony today announced the launch of a public PlayStation bug bounty program to pay security researchers and gamers for security vulnerabilities found in PlayStation 4 devices, the PlayStation Network domains. According to the company's new PlayStation bug bounty program (aka Vulnerability Disclosure Program) hosted on HackerOne, Sony wants the research community to report any issues found in the PlayStation 4 system, operating system, accessories, and the PlayStation Network. Sony explains that only "submissions on the current released or...

Google is changing its default settings to automatically delete some of the data it collects about users. Web and app activity, including a log of website searches and pages visited, as well as location data, will now be wiped after 18 months. YouTube histories - including which clips were watched and for how long - will be erased after 36 months. The changes apply to new accounts only but existing users will soon be shown...

The US Federal Bureau of Investigation sent out on Tuesday a security alert to K12 schools about the increase in ransomware attacks during the coronavirus (COVID-19) pandemic, and especially about ransomware gangs that abuse RDP connections to break into school systems. The alert, called a Private Industry Notification, or PIN, tells schools that "cyber actors are likely to increase targeting of K-12 schools during the COVID-19 pandemic because they represent an opportunistic target as more...

Business consulting firm Frost & Sullivan Inc. has suffered a data breach and data stolen from the firm appeared for sale on a hacker forum. The Mountain View, California-based company has a global presence with 40 offices across six continents. It offers services such as market research, analysis, growth strategy consulting and corporate training. The data hack came to light after a hacking group known as “KelvinSecurity Team” offered data stolen from the company on a...

The National Cyber Security Centre (NCSC) has received the millionth submission to its Suspicious Email Reporting Service, just two months after it first launched in the face of a surge in spam and phishing attacks at the height of the first wave of the UK’s Covid-19 coronavirus outbreak. The NCSC said that besides Covid-19-related lures, more than 10,000 of the malicious URLs blocked and removed as a result of the public’s reports related to cryptocurrency investment scams, promising...

Less than one in three Americans are concerned about their data security while working from home despite a 400% rise in cyber attacks during the pandemic, according to a new report from Unisys. Mathew Newfield, the chief information security officer of Unisys, said the Unisys Security Index Report found for the first time since 2010, internet security was not a top concern for Americans. "A lot of these people are now working from home, and they...

Researchers from CSIRO’s Data61 have developed a new technique to protect consumers from voice spoofing attacks. Fraudsters can record a person’s voice for voice assistants like Amazon Alexa or Google Assistant and replay it to impersonate that individual. They can also stitch samples together to mimic a person’s voice in order to spoof, or trick third parties. The new solution, called Void (Voice liveness detection), can be embedded in a smartphone or voice assistant software and works...

An American police procedural comedy television show has topped the list of most dangerous TV titles for US citizens to watch online. New research published today by global security software company McAfee revealed the web-based entertainment options most commonly targeted with malware by cyber-criminals. McAfee analyzed more than 100 of the most popular TV and movie titles available on US streaming sites as defined by “best of” articles that appeared in a range of US publications. Researchers then hunted...