Search This Blog

Powered by Blogger.

Blog Archive

Labels

About Me

Showing posts with label ID. Show all posts

Privacy Concerns Rise Over Antivirus Data Collection

 


To maintain the security of their devices from cyberattacks, users rely critically on their operating systems and trusted anti-virus programs, which are among the most widely used internet security solutions. Well-established operating systems and reputable cybersecurity software need to provide users with regular updates.

As a result of these updates, security flaws in your system are fixed and security programs are upgraded, enhancing your system's protection, and preventing cybercriminals from exploiting vulnerabilities to install malicious software such as malware or spyware. Third-party applications, on the other hand, carry a larger security risk, as they may lack rigorous protection measures. In most cases, modern antivirus programs, firewalls, and other security measures will detect and block any potentially harmful programs. 

The security system will usually generate an alert when, as a result of an unauthorized or suspicious application trying to install on the device, users can take precautions to keep their devices safe. In the context of privacy, an individual is referred to as a person who has the right to remain free from unwarranted monitoring, surveillance, or interception. The concept of gathering data is not new; traditionally data was collected by traditional methods based on paper. 

It has also been proven that by making use of technological advancements, data can now be gathered through automated, computer-driven processes, providing vast amounts of information and analytical information for a variety of purposes every minute from millions of individuals in the world. Keeping a person's privacy is a fundamental right that is recognized as essential to their autonomy and their ability to protect their data. 

The need to safeguard this right is becoming increasingly important in the digital age because of the widespread collection and use of personal information, raising significant concerns about privacy and individual liberties. This evaluation included all of PCMag's Editors' Choices for antivirus and security suites, except AVG AntiVirus Free, which has been around for several years. However, since Avast acquired AVG in 2016, both have been using the same antivirus engine for several years now, so it is less necessary for them to be evaluated separately. 

It was determined that each piece of security software was evaluated based on five key factors: Data Collection, Data Sharing, Accessibility, Software & Process Control, and Transparency, of which a great deal of emphasis should be placed on Data Collection and Data Sharing. This assessment was performed by installing each antivirus program on a test system with network monitoring tools, which were then examined for their functionality and what data was transmitted to the company's parent company as a result of the assessment. In addition, the End User License Agreements (EULAs) for each product were carefully reviewed to determine if they disclosed what kind and how much data was collected. 

A comprehensive questionnaire was also sent to security companies to provide further insights into their capabilities beyond the technical analysis and contractual review. There may be discrepancies between the stated policies of a business and the actual details of its network activities, which can adversely affect its overall score. Some vendors declined to answer specific questions because there was a security concern. 

Moreover, the study highlights that while some data collection-such as payment information for licensing purposes-must be collected, reducing the amount of collected data generally results in a higher Data Collection score, a result that the study findings can explain. The collecting of data from individuals can provide valuable insights into their preferences and interests, for example, using information from food delivery apps can reveal a user's favourite dishes and the frequency with which they order food. 

In the same vein, it is common for targeted advertisements to be delivered using data derived from search queries, shopping histories, location tracking, and other digital interactions. Using data such as this helps businesses boost sales, develop products, conduct market analysis, optimize user experiences, and improve various functions within their organizations. It is data-driven analytics that is responsible for bringing us personalized advertisements, biometric authentication of employees, and content recommendations on streaming platforms such as Netflix and Amazon Prime.

Moreover, athletes' performance metrics in the field of sports are monitored and compared to previous records to determine progress and areas for improvement. It is a fact that systematic data collection and analysis are key to the development and advancement of the digital ecosystem. By doing so, businesses and industries can operate more efficiently, while providing their customers with better experiences. 

As part of the evaluation of these companies, it was also necessary to assess their ability to manage the data they collect as well as their ability to make the information they collect available to people. This information has an important role to play in ensuring consumer safety and freedom of choice. As a whole, companies that provide clear, concise language in their End User License Agreements (EULA) and privacy policies will receive higher scores for accessibility. 

Furthermore, if those companies provide a comprehensive FAQ that explains what data is collected and why it's used, they will further increase their marks. About three-quarters of the participants in the survey participating in the survey responded to the survey, constituting a significant share of those who received acknowledgement based on the transparency they demonstrated. The more detailed the answers, the greater the score was. Furthermore, the availability of third-party audits significantly influenced the rating. 

Even thought a company may handle its personal data with transparency and diligence, any security vulnerabilities introduced by its partners can undermine the company's efforts. As part of this study, researchers also examined the security protocols of the companies' third-party cloud storage services. Companies that have implemented bug bounty programs, which reward users for identifying and reporting security flaws, received a higher score in this category than those that did not. The possibility exists that a security company could be asked to provide data it has gathered on specific users by a government authority. 

Different jurisdictions have their own unique legal frameworks regarding this, so it is imperative to have an understanding of the location of the data. The General Data Protection Regulation (GDPR) in particular enforces a strict set of privacy protections, which are not only applicable to data that is stored within the European Union (EU) but also to data that concerns EU residents, regardless of where it may be stored. 

Nine of the companies that participated in the survey declined to disclose where their server farms are located. Of those that did provide answers, three chose to keep their data only within the EU, five chose to store the data in both the EU and the US, and two maintained their data somewhere within the US and India. Despite this, Kaspersky has stated that it stores data in several different parts of the world, including Europe, Canada, the United States, and Russia. In some cases, government agencies may even instruct security companies to issue a "special" update to a specific user ID to monitor the activities of certain suspects of terrorist activity. 

In response to a question regarding such practices, the Indian company eScan confirmed that they are involved in such activities, as did McAfee and Microsoft. Eleven of the companies that responded affirmed that they do not distribute targeted updates of this nature. Others chose not to respond, raising concerns about transparency in the process. `

1.3 Million Customers Affected: Pandabuy Grapples with Data Breach Fallout

 


A data breach allegedly occurred on Sunday at Pandabuy, an online store that aggregates items from Chinese e-commerce sites. As a result, 1,348,307 accounts were affected. A large amount of information has been leaked, including user IDs, first and last names, phone numbers, emails, login IP addresses, full addresses, and order information. 

Sanggiero and IntelBroker both exploited multiple vulnerabilities to breach the company's systems, allegedly leading to the leakage of the company's data. People throughout the world can use Pandabuy’s marketplace to access products from Chinese online marketplaces, such as JD.com, Tmall, and Taobao. 

Approximately 1.3 million PandaBuy customers' data has been accessed after two threat actors exploited multiple vulnerabilities to gain access to PandaBuy's system, according to PandaBuy's website. In addition to allowing international customers to purchase goods from a variety of Chinese e-commerce platforms, including Tmall, Taobao, and JD.com, PandaBuy is offering international users to purchase products from different e-commerce platforms. 

There was a breach at PandaBuy yesterday claimed by an individual known as 'Sanggiero', allegedly performed by 'IntelBoker' in conjunction with the threat actor 'Sanggiero'. The breach, according to Sanggiero, was possible as a result of exploiting critical API vulnerabilities, which allowed unauthorized access to internal platform services.

It has been found that over 3 million unique user IDs are now available on underground forums. These data include personal information such as names, phone numbers, e-mail addresses, and even more. For interested parties to obtain this information, they will need to pay a nominal fee in cryptocurrency, further aggravated by the breach itself. 

PandaBuy has reported that 1,348,407 PandaBuy accounts are being compromised, according to data breach aggregation service Have I Been Pwned (HIBP), which confirmed the breach. Furthermore, Sanggiero has provided a sample of leaked data containing email addresses, customer names, transaction information, and order details as well as a sample of the leaked data to verify the authenticity of it. 

A password reset request that Troy Hunt, the creator of HIBP, submitted by PandaBuy users confirmed the breach, confirming that at least 1.3 million email addresses were indeed linked to PandaBuy accounts. In any case, the initial claim of three million entries made by the threat actors appears inflated, with some entries being manufactured or duplicates. 

There are several forums where PandaBuy shoppers' information was leaked, and any registered members can obtain it by paying a symbolic payment of cryptocurrency in exchange for the data. The PandaBuy company has not yet acknowledged an incident of this nature, but one of its administrators on the firm's Discord channel pointed out that the incident was a result of old information, which was already dealt with. 

As a precautionary measure, PandaBuy users have been urged to reset their passwords immediately and to be vigilant against scam attempts. Consequently, PandaBuy customers are facing a significant security threat since their customer data was leaked on underground forums. During the test period, threat actors provided a sample dataset containing email addresses, customer names, order details, and payment information as a means of verifying the authenticity of the breach. 

Troy Hunt's validation of the leaked email addresses further corroborated the breach's legitimacy, emphasizing the urgency of corrective action required for it. The PandaBuy users who have been affected by the breach should act immediately to mitigate the risks. Resetting their passwords will help protect their accounts from unauthorized access in the future. 

It is also important to be vigilant against potential scams and to be very sceptical when receiving unsolicited communications. In addition to timely notifications, Have I Been Pwned integrations with data breach aggregation services ensure users can take proactive measures to protect their online security when data exposure occurs? It is essential that companies, particularly those that handle large amounts of consumer data, prioritize the security of their platforms to prevent such incidents. 

Consumers should remain vigilant and adopt best practices in terms of digital security to keep themselves safe, including strong, unique passwords, and be wary of phishing attempts that may try to steal personal information.

Meta's Ambitious Move: Launching a Dedicated App to Challenge Twitter's Dominance

 


There is talk that Meta, the Mark Zuckerberg company, is working on developing a rival for Twitter shortly since it has been announced that it wants public figures to join it, including the Dalai Lama and Oprah Winfrey, who are either planning to use it or will refer to it as a rival for Twitter. 

This standalone application is codenamed Project92, but a report by tech news site The Verge suggests that the official title could be Threads. This is based on its codename.

During an internal meeting on Thursday, Meta's chief product officer, Chris Cox, told employees that the app was Meta's response to Twitter, the social network owned by Facebook and Instagram. 

In addition to allowing users to follow accounts they already follow on Instagram, Meta's image-sharing application may also offer them the opportunity to bring over followers they previously had on decentralized platforms such as Mastodon, if they choose to do so. 

Meta spokesperson says the platform is being developed and released soon. According to Chris Cox, Meta's chief product officer, Meta's platform is currently being coded. There is no specific date for releasing the app though the tech giant intends to do so very soon. Several sources speculate that the launch could happen as early as June, but that is still far from certain. 

In recent weeks, screenshots of the company's upcoming app have surfaced online, providing a glimpse of how it might look shortly. The screenshots were shown internally to senior employees.

This BBC report is based on confirmation made to the BBC by sources within the company that these screenshots are genuine. The new platform layout will likely be familiar to people who use Twitter as a social media platform.

The screenshot shows that Meta will allow users to log in with their Facebook or Instagram ID number. This will save them the hassle of creating their ID number later. There are several options available to users for how to share their thoughts in a Twitter-style prompt, with other users able to like, comment, and re-share (basically retweet) their posts. Further, based on the screenshot, it appears that users may also be able to create a thread as well, which is a tangle of posts placed one after the other in a particular order. 

Moreover, according to The Verge, the app would be integrated with ActivityPub, a technology underpinning Mastodon, a decentralized collection of thousands of web pages that serves as a Twitter rival. This technology will allow social networks to interact with each other more easily. Theoretically speaking, users of the upcoming Meta app can move their accounts and followers over to apps supported by ActivityPub, like Mastodon, the new Meta app. 

The app is expected to be based on Instagram and users will be able to log in with their Instagram username and password, while their followers, user bio, and verification information will also transfer over to the new app as well, according to earlier reports. 

The app aims to give creators a "stable place to build and grow their audience" in addition to providing a safe, easy-to-use, and reliable place to create. 

There is no question that Elon Musk's Twitter will be facing a lot of opposition from the short text-based network P92, which has the potential to surpass both BlueSky and Mastodon in terms of its level of rivalry with Elon Musk's Twitter. The fact that both Mastodon and BlueSky have attracted users who were disillusioned with Twitter is a testament to the fact that building your social network from scratch and reestablishing the community from scratch is not easy.

Meta's Instagram community, however, is enormous, boasting more than a billion users worldwide. This far surpasses Twitter's estimated 300 million users, although Twitter's numbers are no longer verifiable. 

Moreover, the report points out that Meta, which is inspired by Twitter, will be able to populate a user's info via Instagram's account system in much the same way as Twitter does. A Meta spokesperson reportedly told me on the sidelines of the meeting that the company has already been working with prominent personalities such as Oprah Winfrey and the Dalai Lama to attract others to try the "Project 92" web app by joining the platform. 

As Musk has said, Twitter under his leadership has been experiencing a difficult time, although he has insisted Twitter's users have not declined since the Tesla boss purchased the platform back in October. Musk claimed several weeks after purchasing Twitter that a peak of more than 250 million daily active users had been achieved. This was a record high then. Because Twitter is based almost entirely on advertising revenue, it is experiencing financial difficulties. 

Several concerns were responsible for the current advertiser boycott, including the degradation of the platform's moderation standards and the botched re-launch of Twitter's subscription service. This led to several verified impersonator accounts that started appearing on the platform. 

There is no doubt Meta has made a bold and ambitious move in entering the social media landscape with its announcement that it will launch a dedicated app to compete with Twitter's dominance in its space. By reshaping how people engage in real-time conversations in real-time, Meta has the potential to disrupt the status quo and disrupt people's social norms. 

The battle for microblogging supremacy intensifies as users eagerly await the release of this new app. It promises to be an exciting and transformational time in online communication as the world becomes more integrated.

Uncovered: Clop Ransomware's Lengthy Zero-Day Testing on the MOVEit Platform

 


Security experts have uncovered shocking evidence that the notorious Clop ransomware group has been spending extensive amounts of time testing zero-day vulnerabilities on the popular MOVEit platform since 2021, according to recent reports. This study has raised a lot of concerns about cybersecurity systems' vulnerability. For this reason, affected organizations and security agencies have taken urgent action to prevent these vulnerabilities. In light of this discovery, it only highlights the fact that ransomware attacks are becoming increasingly sophisticated. The need for robust defense measures to mitigate various types of cyber threats is critical. 

There is now close work collaboration between authorities and the parties affected by the breach to investigate this incident and develop appropriate countermeasures. 

A recent Clop data theft attack aimed at weak MOVEit Transfer instances was examined, and it was discovered that the technique employed by the group to deploy the recently revealed LemurLoot web shell can be matched with the technique used by the gang to target weak MOVEit Transfer instances. Using logs from some affected clients' networks, they determined which clients were affected. 

As a result of a joint advisory issued by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) regarding the active exploitation of a recently discovered critical vulnerability in Progress Software's MOVEit Transfer application, ransomware is now being dropped on the internet. 

Kroll researchers performed a forensic review of the exploit carried out by the Clop cybergang in July 2021. They determined that they may have experimented with the now-patched file transfer vulnerability (CVE-2023-34362) that month. 

BBC, British Airways, Boots, a UK drugstore chain and the Halifax provincial government are some of the organizations that have reported that their data was exfiltrated by the group at the end of last month as well as payroll company Zellis. There was a breach of employee data by three organizations, Vodafone, BBC, and Boots, which used Zellis' services to store employee data. 

The Russian-backed Clop organization, also known as Lace Tempest, TA505, and FIN11, has claimed responsibility for attacks that exploited Fortra’s GoAnywhere Managed File Transfer solution by exploiting a zero-day vulnerability. Over 130 organizations have been targeted and over one million patients' data has been compromised as a result. 

It has been reported that the MOVEit Transfer SQL injection vulnerability exploit on Wednesday was similar to a 2020-21 campaign in which the group installed a DEWMODE web shell on Accellion FTA servers in a joint advisory issued by the Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency. 

It has also been discovered that threat actors were testing methods for gathering and extracting sensitive data from compromised MOVEit Transfer servers as far back as April of 2022. These methods were probably using automated tools and these methods may have been used to gain access to servers. 

It is possible that actors tested access to organizations using automated means and pulled back information from MOVEit Transfer servers. This was in the weeks leading up to last month's attacks. This is in addition to the 2022 activity. They also did this to determine which organizations they were accessing using information obtained from the MOVEit Transfer servers. 

During the malicious activity, it appeared that specific MOVEit Transfer users' Organization IDs ("Org IDs") were being exfiltrated, which in turn would have allowed Clop to determine which organizations to access. 

It has been reported on Clop's website that it has claimed responsibility for the MOVEit attacks and that victims are invited to contact it until July 14 if they do not wish that their names be posted on the site. Because a ransom deal would not guarantee that the stolen data would remain secure, the company has offered examples of data that has been exfiltrated and data that has been publicly published as part of an unresolvable ransom deal. 

In a LinkedIn post, Charles Carmakal, CEO of Mandiant Consulting, expressed surprise at the number of victims MOVEit has provided. Carmakal characterized MOVEit as "overwhelming.".