State-sponsored cyber spies targeting IoT - a warning from Microsoft

State-sponsored cyber spies targeting IoT - a warning from Microsoft

Back in April, Microsoft security researchers observed the infamous Russian-backed hacking group STRONTIUM (also known as Fancy Bear or APT28) compromising popular IoT devices (a VOIP phone, an office printer, and a video decoder) across multiple customer locations.

Which IoT Companies Do People Most Mistrust? (Hint: Facebook)

Which IoT Companies Do People Most Mistrust? (Hint: Facebook)

But many IoT companies aren't doing enough to secure their devices , leaving users vulnerable to attacks. And last year, a Toluna poll found that Facebook was the least trusted tech company by a significant margin.

Statement: Intention to fine Marriott International, Inc more than £99 million under GDPR for data breach

Statement: Intention to fine Marriott International, Inc more than £99 million under GDPR for data breach

Following an extensive investigation the ICO has issued a notice of its intention to fine Marriott International £99,200,396 for infringements of the General Data Protection Regulation (GDPR).

Again!? The NSA’s Phone Records Program Still Can’t Stay Within the Law

Again!? The NSA’s Phone Records Program Still Can’t Stay Within the Law

The NSA’s telephone record program, conducted under Section 215 of the Patriot Act, allows it to collect metadata of phone calls, including phone numbers, time stamps, and other identifying information.

Cyber security issues in 2018: three most prominent data breaches

Cyber security issues in 2018: three most prominent data breaches

Cambridge Analytica shocked the netizens of the world wide web and gave birth to intense debates on online privacy, cyber security, and accountability of the companies that experienced data breaches.

Why the Internet of Things is becoming scary

Why the Internet of Things is becoming scary

The connection – or lack of one, in this case – is that Google owns Nest, the service comprising various internet-linked devices that let people remotely control thermostats, air conditioning, baby monitors and door locks.

Over 90% of data transactions on IoT devices are unencrypted

Over 90% of data transactions on IoT devices are unencrypted

Deepen Desai, VP of security research and operations at Zscaler, tells CSO that one of the worrying observations was that companies have a large amount of consumer-grade IoT devices on their networks.

Empowering User Privacy and Decentralizing IoT with Mozilla WebThings

Empowering User Privacy and Decentralizing IoT with Mozilla WebThings

Before we look at the design of Mozilla WebThings, let’s talk briefly about how people think about their privacy when they use smart home devices and why we think it’s essential that we empower people to take charge. From our user research, we’ve learned that people are concerned about the privacy of their smart home data.

Here’s how Internet of Things malware is undermining privacy

Here’s how Internet of Things malware is undermining privacy

A more general problem is that once an attacker is inside a home network, whether through vulnerabilities in a router or a camera, for example, it is possible that other IoT devices on it will be open to attack.

Facebook taps lawyer who helped write Patriot Act as new general counsel

Facebook taps lawyer who helped write Patriot Act as new general counsel

In a press release from 2002, Assistant Attorney General Viet Dinh said of Newstead, "Her enhanced leadership duties and her excellent service on a range of issues — including helping craft the new U.S.A. Patriot Act to protect the United States against terror — have earned her this important distinction.

Facebook’s new chief lawyer helped write the Patriot Act

Facebook’s new chief lawyer helped write the Patriot Act

Jennifer Newstead, a Trump appointee who served in the Justice Department under President Bush, will soon be taking over as general counsel of Facebook, the company announced in a press release Monday afternoon.

Why an internet regulator is a bad idea

Why an internet regulator is a bad idea

Like Ofcom, the Lords committee rejects the idea that the internet is different from other media. The Lords committee report suggests that the spread of restrictions on free speech from one medium to another is both inevitable and desirable.

Exploding sneakers are only one reason for passing IoT cyber-security regulations

Exploding sneakers are only one reason for passing IoT cyber-security regulations

Sometimes shipped with factory-set, hardcoded passwords and often unable to be updated or patched, IoT devices can represent a weak point in a network’s security, leaving the rest of the network vulnerable to attack Hacker-created IoT botnets can direct enormous swarms of connected sensors like thermostats or sprinkler controllers to cause damaging and unpredictable spikes in infrastructure use, leading to things like power surges or reduced availability of critical infrastructure on a city or state-wide level.

Marriott letting guests check to see if they were affected by data breach

Marriott letting guests check to see if they were affected by data breach

Marriott promised to reply to form submissions “as soon as reasonably practicable and consistent with applicable law.” Last month, Marriott disclosed that five million unencrypted passport numbers were stolen in the breach of its Starwood hotel reservation system.

How Target Snooped on Shoppers, Changed Prices Based on Location

How Target Snooped on Shoppers, Changed Prices Based on Location

It reads, in part, “We’ve made a number of changes within our app to make it easier to understand pricing and our price match policy.” In essence, the firm has added language to its app that makes clear a price is valid in a store or online — see the screenshot below, provided by Target.

Are You a Woman Traveling Alone? Marriott Might Be Watching You.

Are You a Woman Traveling Alone? Marriott Might Be Watching You.

Marriott employees all over the world are being trained to help spot sex trafficking at our hotels." The brief Twitter exchange, which occurred in January, revealed some of the hidden presumptions behind Marriott's efforts to stop sexual exploitation.

Japanese government plans to hack into citizens' IoT devices

Japanese government plans to hack into citizens' IoT devices

The plan is to compile a list of insecure devices that use default and easy-to-guess passwords and pass it on to authorities and the relevant internet service providers, so they can take measures to alert consumers and secure the devices.

Wrest control from a snooping smart speaker with this teachable ‘parasite’

Wrest control from a snooping smart speaker with this teachable ‘parasite’

Inside the shell a bright LED lights up as soon as the assistant has been activated, as well on the app to give immediate feedback.” While an IoT privacy shield is the immediate use-case for Alias, Karmann also envisages users being able to use the device to create other vocal shortcuts — and establish a more collegiate and cosy relationship with the underlying tech.

Marriott Concedes 5 Million Passport Numbers Lost to Hackers Were Not Encrypted

Marriott Concedes 5 Million Passport Numbers Lost to Hackers Were Not Encrypted

Marriott said for the first time that 5.25 million passport numbers were kept in the Starwood system in plain, unencrypted data files — meaning they were easily read by anyone inside the reservation system.

Marriott says millions of passport numbers were involved in breach

Marriott says millions of passport numbers were involved in breach

The hotel chain said in late November that there was a breach of its reservation database for its Starwood properties that may have exposed the personal information of up to 500 million people.

The 2018 Matrix Holiday Special!

The 2018 Matrix Holiday Special!

This ended up consuming a lot of time over the summer as we updated Synapse and the various matrix-*-sdks (and thus Riot) to only calculate and send details to the clients about members who are currently talking in a room, whereas previously we sent the entire state of the room to the client (even including users who had left).

Americans overwhelmingly want Congress to restrict sharing of personal data, poll finds

Americans overwhelmingly want Congress to restrict sharing of personal data, poll finds

The Hill.TV/American Barometer poll asked registered voters to choose from several provisions enacted earlier this year in the European Union's sweeping privacy law – the General Data Protection Regulation (GDPR).

Marriott’s breach response is so bad, security experts are filling in the gaps — at their own expense

Marriott’s breach response is so bad, security experts are filling in the gaps — at their own expense

In fact, there’s no easy way to check that the domain is real, except a buried note on Marriott’s data breach notification site that confirms the domain as legitimate. “Hopefully this is one less site used to confuse victims.” Had Marriott just sent the email from its own domain, it wouldn’t be an issue.

Quora, the Q. and A. Site, Says Data Breach Affected 100 Million Users

Quora, the Q. and A. Site, Says Data Breach Affected 100 Million Users

The social platform said late Monday that the account information and private messages of around 100 million users may have been exposed when its computer systems were compromised by “a malicious third party.” Quora discovered the data breach on Friday, the company’s chief executive, Adam D’Angelo, wrote in a blog post, and it is still investigating how it happened.

Senators Call for Jail, Fines After Marriott Data Breach

Senators Call for Jail, Fines After Marriott Data Breach

“Clearly the current status quo isn’t working—the Federal Trade Commission needs real powers with strong teeth in order to punish companies that lose or misuse Americans’ private information,” said Wyden, adding: “Until companies like Marriott feel the threat of multi-billion dollar fines, and jail-time for their senior executives, these companies won’t take privacy seriously.”

Marriott Says Up To 500 Million Customers' Data Stolen In Breach

Marriott Says Up To 500 Million Customers' Data Stolen In Breach

In one of the largest cybersecurity breaches in history, Marriott International said Friday that information on up to about 500 million of its customers worldwide was exposed in a breach of its Starwood guest reservation database dating as far back as 2014.

Marriott hack hits 500 million guests

Marriott hack hits 500 million guests

The records of 500 million customers of the hotel group Marriott International have been involved in a data breach. In a statement, the UK's Information Commissioner's Office said: "We have received a data breach report from Marriott involving its Starwood Hotels and will be making enquiries.

Alarm over talks to implant UK employees with microchips

Alarm over talks to implant UK employees with microchips

Britain’s biggest employer organisation and main trade union body have sounded the alarm over the prospect of British companies implanting staff with microchips to improve security.

5 Reasons Privacy and IoT Are Incompatible

5 Reasons Privacy and IoT Are Incompatible

It’s in the wake of this heightened awareness of data privacy issues that we look at some of the IoT-based privacy violations of recent times. Data auditing can also offer the potential for abusive behavior tracking, however, auditing also has privacy implications.

“Human Trafficking” Bill Allows More Government Spying on Americans

“Human Trafficking” Bill Allows More Government Spying on Americans

“H.R. 6729 [the Empowering Financial Institutions to Fight Human Trafficking Act of 2018] is a disguised effort to expand the Patriot Act,” U.S. Representative Justin Amash (R-Mich.) said on Saturday, asserting that the bill is really intended to “conceal the bill’s true purpose: to give the government more power to unconstitutionally spy on law-abiding Americans without a warrant.”

More