Phone

now browsing by tag

 
 

#cyberfraud | #cybercriminals | Twitter Admits User Phone Numbers, Email Data Used For Ads

Source: National Cyber Security – Produced By Gregory Evans

Email addresses and phone numbers might have been misused

No personal data was shared externally by Twitter

No reports on the number of people impacted have come out yet

In a recent incident of a data breach, Twitter has confirmed that user data like email addresses and phone numbers provided by users for security purposes may have been unintentionally used for advertising purposes. 

According to a news report, currently, Twitter is unable to share with certainty the number of people impacted by the breach. However, the US-based company also asserted that no personal data was ever shared externally with their partners or any other third parties.  

In a statement, Twitter highlighted that the personal data, which were provided for safety or security purposes (for example, two-factor authentication) may have been inadvertently used for advertising purposes, specifically in their Tailored Audiences and Partner Audiences advertising system, which helps in creating relevant remarketing campaigns. 

While explaining how the breach occurred, Twitter is a statement said, “When an advertiser uploaded their marketing list, it may have matched people on our platform to that list based on the email or phone number that the user had provided for safety and security purposes.”

As of September 17, Twitter has acknowledged the problem and claimed that it has stopped using numbers or email addresses collected for safety or security purposes, for advertising. 

Although Twitter apologised for this error, it also shared that they have no idea how many people were impacted by this. “We’re very sorry this happened and are taking steps to make sure we don’t make a mistake like this again,” the microblogging site added in the statement. 

Twitter’s average monetisable daily active usage (mDAU) has grown from 122 million in 2018 June quarter to 139 million (29 Mn in the US and 110 Mn from international markets) in 2019 June quarter. Even in the previous quarter, it had a mDAU of 134 million.  

Data Breach On Rise: How Is India Protecting Itself? 

Indian Prime Minister Narendra Modi has touted data as the new oil and new gold and rightly so as it has become very lucrative for hackers to steal and sell the same. Earlier, online food delivery startups Zomato, and FreshMenu, fintech startup EarlySalary, McDonald’s India, Oyo, Ashley Madison, Sony, and many others have been the victims of data breaches.

Social media sites like Instagram and Facebook have also been affected by a data breach by advertisers. Recently, Instagram Ad partner was banned for scraping user data without consent. Even Facebook-linked phone numbers of over 419 Mn users were found on unsecured servers.

Whatsapp, which was planning to introduce its payments feature WhatsApp Payments by the end of this year, is also facing difficulties because of the government’s concerns over the messaging platform’s data localisation compliance. In September, National Payments Corporation of India (NPCI) had asked WhatsApp to make changes in its policy to get the final approval for the launch of payments in India. NPCI had asked the instant messaging app to make changes in its data-compliance framework that prohibits storing payment data outside of India.

In May, India was reported as the second most cyberattacks affected country between the years 2016 to 2018. With the average cost for a data breach in India increased to 7.9% since 2017, the average cost per breached record has mounted to INR 4,552 ($64).

The Reserve Bank of India too recorded a total of 2,059 cases of cyber fraud in 2017-18 as compared to 1,372 cyber fraud cases in 2016-17.

Source link

The post #cyberfraud | #cybercriminals | Twitter Admits User Phone Numbers, Email Data Used For Ads appeared first on National Cyber Security.

View full post on National Cyber Security

Tinder #vulnerability allows #hackers to take over #accounts with just one #phone number

Source: National Cyber Security News

After it was reported last month that online dating app Tinder had a security flaw, which allows strangers to see users’ photos and matches, security firm, Appsecure has now uncovered a new flaw which is potentially more damaging.

Infiltrators who exploit the vulnerability will be able to get access to users’ account with the help of their login phone number. The issue has, however, been fixed after Tinder was alerted by Appsecure.

Appsecure says, the hackers could have taken advantage of two vulnerabilities to attack accounts, with one being Tinder’s own API and the other in Facebook’s Account Kit system which Tinder uses to manage the logins.

In a statement sent to The Verge, a Tinder spokesperson said, “Security is a top priority at Tinder. However, we do not discuss any specific security measures or strategies, so as not to tip off malicious hackers.”

The vulnerability exposed the access tokens of the users. If a hacker is able to obtain a user’s valid access token then he/she can easily take over a user account.

“We quickly addressed this issue and we’re grateful to the researcher who brought it to our attention,” The Verge quoted a Facebook representative as saying.

Read More….

advertisement:

View full post on National Cyber Security Ventures

iPhone #Wi-Fi #bug lets #hackers #hijack your #phone and #secretly install #malicious #apps

Source: National Cyber Security – Produced By Gregory Evans

iPhone #Wi-Fi #bug lets #hackers #hijack your #phone and #secretly install #malicious #apps

The cyber security community is still reeling after the revelation of the KRACK security vulnerability that breaks down Wi-Fi encryption. Now it seems another Wi-Fi-based bug has also been discovered.

Presented at the global Pwn2Own hacking contest in Tokyo, a team of researchers demonstrated how a separate Wi-Fi bug could be exploited to gain entry to iPhones and install malicious apps on them without the owners knowledge.

The details of the threat haven’t been made public yet as Apple hasn’t had time to patch the flaw. It’s discovery was enough to net the Tencent Keen Security Lab the top prize of $110,000.

The hacking contest is set up and run by the Zero Day Initiative, which seeks to find vulnerabilities in popular products and services and alert the manufacturers in time.

According to the official event page , the Tencent Keen Security Lab team used “code exectution through a WiFi bug” to escalate “privileges to persist through a reboot.” Effectively breaking through an iPhone’s lock screen through a Wi-Fi network.

The flaw will be relayed to Apple which could offer a software patch to close the gap.

“Once we verify the research presented is a true 0-day exploit, we immediately disclose the vulnerability to the vendor, who then has 90 days to release a fix,” explains the Zero Day Institute.

“Representatives from Apple, Google, and Huawei are all here and able to ask questions of the researchers if needed.

“At the end of the disclosure deadline, if a vendor is unresponsive or unable to provide a reasonable statement as to why the vulnerability is not fixed, the ZDI will publish a limited advisory including mitigation in an effort to enable the defensive community to protect users.”

As ever, from a security standpoint it is always advisable to make sure your phone is running the latest OS version and you closely vet the permissions you give to certain apps.

The post iPhone #Wi-Fi #bug lets #hackers #hijack your #phone and #secretly install #malicious #apps appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

All That’s Needed To Hack Gmail And Rob Bitcoin: A Name And A Phone Number

All That’s Needed To Hack Gmail And Rob Bitcoin: A Name And A Phone NumberSource: National Cyber Security – Produced By Gregory Evans Hackers have proven just how urgently a gaping flaw in the global telecoms network, affecting what’s known as Signalling System No. 7 (SS7), needs to be fixed. In a video demonstration, shown to Forbes ahead of publication today, benevolent hackers from Positive Technologies were able to […] View full post on AmIHackerProof.com | Can You Be Hacked?

Hackers can steal data off your Android phone via Bluetooth

Hackers can steal data off your Android phone via BluetoothAs always with new security issues affecting mobile devices, it’s Android users who have to worry about the newly discovered Bluetooth hack. Windows and iOS phones are protected against it but only if you’ve installed the September 12th security patch on Windows or run iOS 9.3.5 or laters. A security… View full post on National […] View full post on AmIHackerProof.com | Can You Be Hacked?

Instagram Hackers Selling 6 Million Victims’ Phone Numbers

Source: National Cyber Security – Produced By Gregory Evans

The size of the Instagram hack reached over 6 million users, as hackers are doing a brisk business charging $10 per individual for contact information on a searchable data base. There are numerous hackers on the dark web that advertise they will guess passwords to access social media accounts for…

The post Instagram Hackers Selling 6 Million Victims’ Phone Numbers appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

AFP calls in phone hacking experts

Source: National Cyber Security – Produced By Gregory Evans

The Australian Federal Police is trying to buy cutting-edge technology to hack into the smartphones of suspected criminals and terrorists. In the face of the rising use of encryption technology, the AFP has gone to the market this week offering contracts to experts who can “bypass user locks”, such as…

The post AFP calls in phone hacking experts appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hackers exploited an Instagram bug to get celebrity phone numbers and email addresses

Source: National Cyber Security – Produced By Gregory Evans

An Instagram bug allowed hackers to access contact phone numbers and email addresses for high-profile users, the company said today. The bug was discovered recently in Instagram’s application programming interface, or API, which the service uses to communicate with other apps. Instagram declined to specify which users had been targeted,…

The post Hackers exploited an Instagram bug to get celebrity phone numbers and email addresses appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Lewiston Police warn of detective impersonator phone scam

To Purchase This Product/Services, Go To The Store Link Above Or Go To http://www.become007.com/store/ LEWISTON, Idaho – The Lewiston Police Department warns the public of a new phone scam where a man claiming to be a detective for the department is asking for money. Lewiston …

The post Lewiston Police warn of detective impersonator phone scam appeared first on Become007.com.

View full post on Become007.com

British Hacker Pleads Guilty to Hacking US Military Satellite Phone And Messaging System

Source: National Cyber Security – Produced By Gregory Evans

British Hacker Pleads Guilty to Hacking US Military Satellite Phone And Messaging System

A 25-year-old broke into a DoD satellite communication system and doxed around 800 Department of Defense employees. A British man has pleaded guilty to hacking into a US Department of Defense system stealing data from around 30,000 satellite phones, UK authorities announced on Thursday. Sean Caffrey, a 25-year-old from the…

The post British Hacker Pleads Guilty to Hacking US Military Satellite Phone And Messaging System appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures