Cyber Bites

Yes, ransomware is plaguing businesses and government organizations, but impersonators inserting themselves into financial workflows - most often via e-mail - continue to enable big paydays. Source: Dark Reading

For the last 18 months some of Facebook’s developers have had access to private user information contained within some of the social media site’s groups. Source: SC Magazine

The Android version of the popular virtual keyboard app ai.type has attempted to make over 14 million unauthorized transactions that could have cost the users US$18 million in unwanted charges, reads a report from mobile technology firm Upstream. Source: We Live Security

Facebook has quietly revealed another privacy breach involving approximately 100 developers. On Tuesday, Konstantinos Papamiltiadis, Facebook's Director of Platform Partnerships said in a blog post that the names and profile pictures of users connected to Groups and the system's API were accessible.

Security researchers today published technical details about malware used by a new threat actor that matches a signature in a scanner likely built by the U.S. National Security Agency and leaked more than two years ago. The new threat received the name DarkUniverse and was active for at least eight years, between 2009 and 2017. It was identified last year, but the NSA knew about it long before.

Even after Brexit, the UK and Europe need to work together very closely with cybersecurity a key area, according to Michel Barnier, the chief negotiator on Brexit at the European Commission. Any new agreement between the EU and UK will be based both on trade and on ensuring mutual security, Barnier said, noting that the UK and Europe will need to cooperate against new threats -- cybersecurity in particular. "Our new partnership should include the...

According to the Office of the Privacy Commissioner of Canada’s report, around 680 security breach reports, which is six times the volume received during the same period one year earlier, were received since November 01, 2018. It’s said that the number of Canadians affected by a data breach is more than 28 million, in which 58 percent of reported breaches involved unauthorized access.

In the last 12 months, the personal information of approximately 28 million Canadians was affected by corporate hacks or mismanagement, according to the Office of the Privacy Commissioner of Canada (OPC). The assessment was issued last week after the first full year’s worth of data supplied by private sector firms that had to report breaches of security controls was analyzed. Until new regulations to the Personal Information Protection and Privacy Act (PIPEDA) came into effect...

India-based educational technology firm Vedantu has suffered a data breach, exposing “extensive personal information” on 687,000 users. Affected personal details include email and IP addresses, names, phone numbers, website activity and genders. Passwords were also exposed but were stored as bcrypt hashes, which means they were not visible in plaintext. Vedantu, headquartered in Bengaluru, provides interactive online tutoring for children age 11 to 18. Source: Verdict

A team of cybersecurity researchers has discovered a clever technique to remotely inject inaudible and invisible commands into voice-controlled devices — all just by shining a laser at the targeted device instead of using spoken words. Dubbed 'Light Commands,' the hack relies on a vulnerability in MEMS microphones embedded in widely-used popular voice-controllable systems that unintentionally respond to light as if it were sound. According to experiments done by a team of researchers from Japanese...