#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
State of SaaS

data privacy | Breaking Cybersecurity News | The Hacker News

Category — data privacy
Telegram Agrees to Share User Data With Authorities for Criminal Investigations

Telegram Agrees to Share User Data With Authorities for Criminal Investigations

Sep 24, 2024 Data Privacy / Cybercrime
In a major policy reversal, the popular messaging app Telegram has announced it will give users' IP addresses and phone numbers to authorities in response to valid legal requests in an attempt to rein in criminal activity on the platform. "We've made it clear that the IP addresses and phone numbers of those who violate our rules can be disclosed to relevant authorities in response to valid legal requests," Telegram CEO Pavel Durov said in a post. To that end, the company now explicitly states - "If Telegram receives a valid order from the relevant judicial authorities that confirms you're a suspect in a case involving criminal activities that violate the Telegram Terms of Service, we will perform a legal analysis of the request and may disclose your IP address and phone number to the relevant authorities." Such data disclosures, it said, will be included in its periodic transparency reports . It further noted that the service may collect metadata...
Meta to Train AI Models Using Public U.K. Facebook and Instagram Posts

Meta to Train AI Models Using Public U.K. Facebook and Instagram Posts

Sep 17, 2024 Artificial Intelligence / Regulatory Compliance
Meta has announced that it will begin training its artificial intelligence (AI) systems using public content shared by adult users across Facebook and Instagram in the U.K. in the coming months. "This means that our generative AI models will reflect British culture, history, and idiom, and that U.K. companies and institutions will be able to utilize the latest technology," the social media behemoth said . As part of the process, users aged 18 and above are expected to receive in-app notifications starting this week on both Facebook and Instagram, explaining its modus operandi and how they can readily access an objection form to deny their data being used to train the company's generative AI models. The company said it will honor users' choices and that it won't contact users who have already objected to their data being used for their purpose. It also noted that it will not include private messages with friends and family, as well as information from accounts...
Product Walkthrough: How Reco Discovers Shadow AI in SaaS

Future-Ready Trust: Learn How to Manage Certificates Like Never Before

WebinarTrust Management / SSL Certificate
Managing digital trust shouldn't feel impossible. Join us to discover how DigiCert ONE transforms certificate management—streamlining trust operations, ensuring compliance, and future-proofing your digital strategy.
Apple Vision Pro Vulnerability Exposed Virtual Keyboard Inputs to Attackers

Apple Vision Pro Vulnerability Exposed Virtual Keyboard Inputs to Attackers

Sep 13, 2024 Virtual Reality / Vulnerability
Details have emerged about a now-patched security flaw impacting Apple's Vision Pro mixed reality headset that, if successfully exploited, could allow malicious attackers to infer data entered on the device's virtual keyboard. The attack, dubbed GAZEploit , has been assigned the CVE identifier CVE-2024-40865. "A novel attack that can infer eye-related biometrics from the avatar image to reconstruct text entered via gaze-controlled typing," a group of academics from the University of Florida, CertiK Skyfall Team, and Texas Tech University  said . "The GAZEploit attack leverages the vulnerability inherent in gaze-controlled text entry when users share a virtual avatar." Following responsible disclosure, Apple addressed the issue in visionOS 1.3 released on July 29, 2024. It described the vulnerability as impacting a component called Presence. "Inputs to the virtual keyboard may be inferred from Persona," it said in a security advisory, addin...
cyber security

Secure Your Azure: Proactive Tips for Cloud Protection

websiteWizCloud Security
Discover how to boost your Azure cloud security with practical steps to help you maintain control and visibility.
New Android Malware 'Ajina.Banker' Steals Financial Data and Bypasses 2FA via Telegram

New Android Malware 'Ajina.Banker' Steals Financial Data and Bypasses 2FA via Telegram

Sep 12, 2024 Mobile Security / Financial Fraud
Bank customers in the Central Asia region have been targeted by a new strain of Android malware codenamed Ajina.Banker since at least November 2023 with the goal of harvesting financial information and intercepting two-factor authentication (2FA) messages. Singapore-headquartered Group-IB, which discovered the threat in May 2024, said the malware is propagated via a network of Telegram channels set up by the threat actors under the guise of legitimate applications related to banking, payment systems, and government services, or everyday utilities. "The attacker has a network of affiliates motivated by financial gain, spreading Android banker malware that targets ordinary users," security researchers Boris Martynyuk, Pavel Naumov, and Anvar Anarkulov said . Targets of the ongoing campaign include countries such as Armenia, Azerbaijan, Iceland, Kazakhstan, Kyrgyzstan, Pakistan, Russia, Tajikistan, Ukraine, and Uzbekistan. There is evidence to suggest that some aspects of...
Ireland's Watchdog Launches Inquiry into Google's AI Data Practices in Europe

Ireland's Watchdog Launches Inquiry into Google's AI Data Practices in Europe

Sep 12, 2024 Regulatory Compliance / Data Protection
The Irish Data Protection Commission (DPC) has announced that it has commenced a "Cross-Border statutory inquiry" into Google's foundational artificial intelligence (AI) model to determine whether the tech giant has adhered to data protection regulations in the region when processing the personal data of European users. "The statutory inquiry concerns the question of whether Google has complied with any obligations that it may have had to undertake an assessment, pursuant to Article 35[2] of the General Data Protection Regulation (Data Protection Impact Assessment), prior to engaging in the processing of the personal data of E.U./E.E.A. data subjects associated with the development of its foundational AI model, Pathways Language Model 2 (PaLM 2)," the DPC said . PaLM 2 is Google's state-of-the-art language model with improved multilingual, reasoning, and coding capabilities. It was unveiled by the company in May 2023. With Google's European headqu...
Singapore Police Arrest Six Hackers Linked to Global Cybercrime Syndicate

Singapore Police Arrest Six Hackers Linked to Global Cybercrime Syndicate

Sep 11, 2024 Cyber Crime / Hacking
The Singapore Police Force (SPF) has announced the arrest of five Chinese nationals and one Singaporean man for their alleged involvement in illicit cyber activities in the country. The development comes after a group of about 160 law enforcement officials conducted a series of raids on September 9, 2024, simultaneously at several locations. The six men, aged between 32 and 42, are suspected of being linked to a "global syndicate" that conducts malicious cyber activities. Pursuant to the operation, electronic devices and cash were seized. Among those apprehended includes a 42-year-old Chinese national from Bidadari Park Drive, who was found to be in possession of a laptop that contained credentials to access web servers used by known hacker groups. The identities of the threat actors were not disclosed. In addition, five laptops, six mobile phones, cash totaling more than S$24,000 (USD$18,400), and cryptocurrency worth approximately USD$850,000 were confiscated from th...
Shining a Light on Shadow Apps: The Invisible Gateway to SaaS Data Breaches

Shining a Light on Shadow Apps: The Invisible Gateway to SaaS Data Breaches

Sep 10, 2024 SaaS Security / Risk Management
Shadow apps, a segment of Shadow IT, are SaaS applications purchased without the knowledge of the security team. While these applications may be legitimate, they operate within the blind spots of the corporate security team and expose the company to attackers.  Shadow apps may include instances of software that the company is already using. For example, a dev team may onboard their own instance of GitHub to keep their work separate from other developers. They might justify the purchase by noting that GitHub is an approved application, as it is already in use by other teams. However, since the new instance is used outside of the security team's view, it lacks governance. It may store sensitive corporate data and not have essential protections like MFA enabled, SSO enforced, or it could suffer from weak access controls. These misconfigurations can easily lead to risks like stolen source code and other issues. Types of Shadow Apps  Shadow apps can be categorized based on thei...
Webinar: How to Protect Your Company from GenAI Data Leakage Without Losing It’s Productivity Benefits

Webinar: How to Protect Your Company from GenAI Data Leakage Without Losing It's Productivity Benefits

Sep 09, 2024 Data Security / GenAI Security
GenAI has become a table stakes tool for employees, due to the productivity gains and innovative capabilities it offers. Developers use it to write code, finance teams use it to analyze reports, and sales teams create customer emails and assets. Yet, these capabilities are exactly the ones that introduce serious security risks. Register to our upcoming webinar to learn how to prevent GenAI data leakage When employees input data into GenAI tools like ChatGPT, they often do not differentiate between sensitive and non-sensitive data. Research by LayerX indicates that one in three employees who use GenAI tools, also share sensitive information. This could include source code, internal financial numbers, business plans, IP, PII, customer data, and more. Security teams have been trying to address this data exfiltration risk ever since ChatGPT tumultuously entered our lives in November 2022. Yet, so far the common approach has been to either "allow all" or "block all", i.e allow the use ...
New Android SpyAgent Malware Uses OCR to Steal Crypto Wallet Recovery Keys

New Android SpyAgent Malware Uses OCR to Steal Crypto Wallet Recovery Keys

Sep 09, 2024 Mobile Security / Cryptocurrency
Android device users in South Korea have emerged as a target of a new mobile malware campaign that delivers a new type of threat dubbed SpyAgent . The malware "targets mnemonic keys by scanning for images on your device that might contain them," McAfee Labs researcher SangRyol Ryu said in an analysis, adding the targeting footprint has broadened in scope to include the U.K. The campaign makes use of bogus Android apps that are disguised as seemingly legitimate banking, government facilities, streaming, and utility apps in an attempt to trick users into installing them. As many as 280 fake applications have been detected since the start of the year. It all starts with SMS messages bearing booby-trapped links that urge users to download the apps in question in the form of APK files hosted on deceptive sites. Once installed, they are designed to request intrusive permissions to collect data from the devices. This includes contacts, SMS messages, photos, and other device i...
Clearview AI Faces €30.5M Fine for Building Illegal Facial Recognition Database

Clearview AI Faces €30.5M Fine for Building Illegal Facial Recognition Database

Sep 04, 2024 GDPR / Privacy
The Dutch Data Protection Authority (Dutch DPA) has imposed a fine of €30.5 million ($33.7 million) against facial recognition firm Clearview AI for violating the General Data Protection Regulation (GDPR) in the European Union (E.U.) by building an "illegal database with billions of photos of faces," including those of Dutch citizens. "Facial recognition is a highly intrusive technology that you cannot simply unleash on anyone in the world," Dutch DPA chairman Aleid Wolfsen said in a press statement. "If there is a photo of you on the Internet – and doesn't that apply to all of us? – then you can end up in the database of Clearview and be tracked. This is not a doom scenario from a scary film. Nor is it something that could only be done in China." Clearview AI has been in regulatory hot water across several countries, such as the U.K., Australia, France, and Italy, over its practice of scraping publicly available information on the internet to ...
New Flaws in Microsoft macOS Apps Could Allow Hackers to Gain Unrestricted Access

New Flaws in Microsoft macOS Apps Could Allow Hackers to Gain Unrestricted Access

Sep 03, 2024 Endpoint Security / Cyber Threat
Eight vulnerabilities have been uncovered in Microsoft applications for macOS that an adversary could exploit to gain elevated privileges or access sensitive data by circumventing the operating system's permissions-based model, which revolves around the Transparency, Consent, and Control ( TCC ) framework. "If successful, the adversary could gain any privileges already granted to the affected Microsoft applications," Cisco Talos said . "For example, the attacker could send emails from the user account without the user noticing, record audio clips, take pictures, or record videos without any user interaction." The shortcomings span various applications such as Outlook, Teams, Word, Excel PowerPoint, and OneNote. The cybersecurity company said malicious libraries could be injected into these applications and gain their entitlements and user-granted permissions, which could then be weaponized for extracting sensitive information depending on the access granted ...
How to Automate the Hardest Parts of Employee Offboarding

How to Automate the Hardest Parts of Employee Offboarding

Aug 19, 2024 SaaS Account Management
According to recent research on  employee offboarding , 70% of IT professionals say they've experienced the negative effects of incomplete IT offboarding, whether in the form of a security incident tied to an account that wasn't deprovisioned, a surprise bill for resources that aren't in use anymore, or a missed handoff of a critical resource or account. This is despite an average of five hours spent per departing employee on activities like finding and deprovisioning SaaS accounts. As the SaaS footprint within most organizations continues to expand, it is becoming exponentially more difficult (and time-consuming) to ensure all access is deprovisioned or transferred when an employee leaves the organization.  How Nudge Security can help Nudge Security is a  SaaS management platform  for modern IT governance and security. It discovers every cloud and SaaS account ever created by anyone in your organization, including generative AI apps, giving you a single source of...
Researchers Uncover Vulnerabilities in AI-Powered Azure Health Bot Service

Researchers Uncover Vulnerabilities in AI-Powered Azure Health Bot Service

Aug 13, 2024 Healthcare / Vulnerability
Cybersecurity researchers have discovered two security flaws in Microsoft's Azure Health Bot Service that, if exploited, could permit a malicious actor to achieve lateral movement within customer environments and access sensitive patient data. The critical issues, now patched by Microsoft, could have allowed access to cross-tenant resources within the service, Tenable said in a new report shared with The Hacker News. The Azure AI Health Bot Service is a cloud platform that enables developers in healthcare organizations to build and deploy AI-powered virtual health assistants and create copilots to manage administrative workloads and engage with their patients. This includes bots created by insurance service providers to allow customers to look up the status of a claim and ask questions about benefits and services, as well as bots managed by healthcare entities to help patients find appropriate care or look up nearby doctors. Tenable's research specifically focuses on on...
New Android Spyware LianSpy Evades Detection Using Yandex Cloud

New Android Spyware LianSpy Evades Detection Using Yandex Cloud

Aug 06, 2024 Android / Malware
Users in Russia have been the target of a previously undocumented Android post-compromise spyware called LianSpy since at least 2021. Cybersecurity vendor Kaspersky, which discovered the malware in March 2024, noted its use of Yandex Cloud, a Russian cloud service, for command-and-control (C2) communications as a way to avoid having a dedicated infrastructure and evade detection. "This threat is equipped to capture screencasts, exfiltrate user files, and harvest call logs and app lists," security researcher Dmitry Kalinin said in a new technical report published Monday. It's currently not clear how the spyware is distributed, but the Russian company said it's likely deployed through either an unknown security flaw or direct physical access to the target phone. The malware-laced apps are disguised as Alipay or an Android system service. LianSpy, once activated, determines if it's running as a system app to operate in the background using administrator privi...
The Loper Bright Decision: How it Impacts Cybersecurity Law

The Loper Bright Decision: How it Impacts Cybersecurity Law

Aug 05, 2024 Cybersecurity Law / Data Privacy
The Loper Bright decision has yielded impactful results: the Supreme Court has overturned forty years of administrative law, leading to potential litigation over the interpretation of ambiguous laws previously decided by federal agencies. This article explores key questions for cybersecurity professionals and leaders as we enter a more contentious period of cybersecurity law. Background What is the Loper Bright Decision? The Loper Bright decision by the U.S. Supreme Court overruled the Chevron deference , stating that courts, not agencies, will decide all relevant questions of law arising on review of agency action. The Court held that because the Administrative Procedure Act (APA)'s text is clear, agency interpretations of statutes are not entitled to deference. The ruling emphasized that courts must exercise independent judgment in deciding whether an agency has acted within its statutory authority. This decision shifts the power of statutory interpretation from federal agencies ...
New Android Trojan "BlankBot" Targets Turkish Users' Financial Data

New Android Trojan "BlankBot" Targets Turkish Users' Financial Data

Aug 05, 2024 Mobile Security / Financial Security
Cybersecurity researchers have discovered a new Android banking trojan called BlankBot targeting Turkish users with an aim to steal financial information. "BlankBot features a range of malicious capabilities, which include customer injections, keylogging, screen recording and it communicates with a control server over a WebSocket connection," Intel 471 said in an analysis published last week. Discovered on July 24, 2024, BlankBot is said to be undergoing active development, with the malware abusing Android's accessibility services permissions to obtain full control over the infected devices. The names of some of the malicious APK files containing BlankBot are listed below - app-release.apk (com.abcdefg.w568b) app-release.apk (com.abcdef.w568b) app-release-signed (14).apk (com.whatsapp.chma14) app.apk (com.whatsapp.chma14p) app.apk (com.whatsapp.w568bp) showcuu.apk (com.whatsapp.w568b) Like the recently resurfaced Mandrake Android trojan, BlankBot implement...
Expert Insights / Articles Videos
Cybersecurity Resources