Security News
Gould also told Parliament's Human Rights Committee that data harvested from Britons through NHSX's COVID-19 contact tracing app would be "Pseudonymised" - and appeared to leave the door open for that data to be sold on for "Research". Key to those is a big green button that the user presses to send 28 days' worth of contact data to the NHS. Written by tech arm NHSX, Britain's contact-tracing app breaks with international convention by opting for a centralised model of data collection: all the contact-tracing data is kept under one roof in one central government database.
A new study from research organization CyberNews.com found that malware is becoming increasingly easy to buy and deploy, even for those without technical backgrounds. CyberNews researchers looked at 10 so-called DarkNet marketplaces and found that buying malware is easy and fast, with cheap or even free programs allowing people to own malware.
Cisco has conducted a research project on bypassing fingerprint authentication systems and it achieved a success rate of roughly 80 percent, but the company's experts were unsuccessful against Windows devices. In the case of mobile phones, the researchers bypassed fingerprint authentication on a majority of devices.
Acronis, a global leader in cyber protection, announced the appointment of Candid Wüest as Vice President of Cyber Protection Research at Acronis. Wüest will lead accelerated research into the latest trends in the threat landscape and new protection methods designed to continuously enhance the world's most innovative cyber protection solutions.
RepRisk upgrades its ESG Risk Platform allowing users to conduct in-depth risk research on companies
RepRisk, a pioneer and leader in ESG data science announces the launch of its upgraded ESG Risk Platform - the world's largest and most comprehensive due diligence database on ESG and business conduct risks. "RepRisk has been on the cutting edge of ESG data science for over a decade, becoming the first firm to leverage big data techniques to better understand ESG risks in 2006" said Philipp Aeby, CEO of RepRisk.
Microsoft Edge is one of the least private web browsers - even more so than other popular browsers like Google Chrome and Mozilla Firefox - according to academic researchers. According to the analysis, from Douglas Leith with the School of Computer Science and Statistics at Trinity College in Ireland, Edge sends privacy-invasive telemetry to Microsoft's back-end servers - including "Persistent" device identifiers and URLs typed into browsing pages.
TRR is short for Target Row Refresh, a high-level term used to describe a series of hardware protections that the makers of memory chips have been using in recent years to protect against rowhammering. Incidentally, reading out a row essentially wipes its value by discharging it, so immediately after any read, the row is refreshed by saving the extracted data back into it, where it's ready to be accessed again.
Quantifying risk is a significant challenge in cybersecurity. Wade Baker of Cyentia Institute discusses recent research projects.
File this one under "Well, duh." Consumer mag Which? today published research estimating that over a billion Android devices are vulnerable to hackers and malware as they are not receiving security updates. The most current version of Android is version 10, while Android 9.0 Pie and Android 8.0 Oreo continue to receive updates.
Data stolen from Tesco clubcards could be resold for just £2.70 a pop, reckons a price-comparison website that appears to have strayed into the dark web. "Our internal systems picked this up quickly and we immediately took steps to protect our customers and restrict access to their accounts. At no point was any customer's financial data accessed," Tesco said.