Top 10 Stories

A slew of Disney-branded mobile applications, including some Star Wars, Moana and Disney Princess apps, are allegedly spying on children across the United States. A class-action suit filed in California claims that The Walt Disney Co is commercially exploiting minors, including kids under the age of 13, by secretly tracking them using high-end behavioral analytics code. The apps use sophisticated SDKs to allegedly collect personal data without consent before going on to “exfiltrate that information...

The US court appearance of British WannaCry hero on charges of writing and distributing malware has been postponed. US authorities have postponed the court appearance of Briton Marcus Hutchins, who is under charges of helping to develop and maintain the password-stealing malware Kronos between July 2014 and July 2015. View Full Story  ORIGINAL SOURCE: Computer Weekly

The computer networks of Ukrposhta, the national postal service in Ukraine, have reportedly been disrupted by a two-day distributed-denial-of-service (DDoS) cyberattack. According to the Interfax news agency, the computer systems targeted by the unknown hackers are linked to the tracking of customer parcels. It is believed that the attack started on the morning of Monday 7 August and, despite a brief period of respite, continued into the next day. View Full Story ORIGINAL SOURCE: IB...

EirGrid, an electricity provider that manages power across Ireland and Northern Ireland, was allegedly compromised by 'state-sponsored' hackers in April 2017. The culprits hacked the state-owned operator after infiltrating a Vodafone network used by the company. They installed malicious software to intercept all unencrypted communications flowing through its web routers in Wales and Northern Ireland, Independent.ie reported. View Full Story  ORIGINAL SOURCE: IB Times

The Federal Trade Commission must investigate claims made against VPN provider Hotspot Shield for allegedly deceptive trade practices, according to a new filing by a prominent privacy group. Among the chief allegations in the 14-page filing, the Washington DC-based Center for Democracy & Technology (CDT) said the VPN provider violates its "anonymous browsing" promise by intercepting and redirecting web traffic to partner websites, including advertising companies. View Full Story  ORIGINAL SOURCE: ZDNet

Firms could face fines of up to £17m or 4% of global turnover if they fail to protect themselves from cyber-attacks, the government has warned. The crackdown is aimed at making sure essential services such as water, energy, transport and health firms are safeguarded against hacking attempts. Firms will also be required to show they have a strategy to cover power failures and environmental disasters. Digital Minister Matt Hancock said any fines would be a...

The massive data breach that hit the Australian Red Cross Blood Service last year was caused by a "one-off human error", the Office of the Australian Information Commissioner said on Monday (7 August). Regulators concluded their investigation into the data breach that affected over half a million blood donors in Australia saying it was caused by a "one-off human error" by a third-party provider. In September 2016, a backup copy of a database from the...

A Dutch researcher says he found a way to cause mischief on power grids by exploiting software bugs in solar power systems. Specifically, Willem Westerhof, a cybersecurity researcher at ITsec, said he uncovered worrying flaws within power inverters – the electrical gear turns direct current from solar panels into alternating current that can be fed into national grids. Read Full Story  ORIGINAL SOURCE: The Register

Woolworths has apologised to customers on Monday following reports that some experienced a second batch of payments withdrawn from their bank accounts. A Woolworths spokesperson told ZDNet it received confirmation from Cuscal, one of its payment processors that services financial institutions, that due to an error at its datacentre, Woolworths customers may have received incorrect transactions on accounts processed by Cuscal. "We are working closely with Cuscal and can confirm any payment errors will be...

Hackers can exploit trivial flaws in network-connected Siemens' medical scanners to run arbitrary malicious code on the equipment. These remotely accessible vulnerabilities lurk in all of Siemens' positron emission tomography and computed tomography (PET-CT) scanners running Microsoft Windows 7. These are the molecular imaging gizmos used to detect tumors, look for signs of brain disease, and so on, in people. They pick up gamma rays from radioactive tracers injected into patients, and perform X-ray scans...