A breach at UK car insurance company, the AA, has exposed information on more than 100,000 customers, including names, email addresses and partial credit card details, according to security researchers.
The company said a ‘server misconfiguration’ was responsible for the information being openly available on the web for a few days in April of this year.
The AA have been criticized for its handling of the incident: After claiming no sensitive information was included in the exposed cache, the company was called to task when security researcher Troy Hunt said he found 117,000 unique email addresses, names and partial credit card info among the details.
The company never notified its affected customers, he added.
Source: Cyber Safe Warwickshire – AA Data Breach Exposes Details Of Over 100,000 Customers
You have probably heard the word botnet in recent months, with the Mirai botnet putting the term firmly on the map at the end of 2016.
However, while the word may be familiar, it is possible you are not familiar with what a botnet actually is. You also may not know that they are a far from new innovation on the part of cyber criminals, with botnets being used in various nefarious activities for many years.
The two most common uses of botnets are probably to carry out spam email campaigns, and to conduct distributed denial of service (DDoS) attacks.
Bots can also be used to send out email malware. Different types of malware can have different goals, including harvesting information from infected computers. This could include passwords, credit card information, and any other information that can be sold on the black market. If computers on a corporate network are turned into bots then sensitive corporate information could also be at risk of being stolen.
Bots are also commonly used for click fraud — visiting websites to create false traffic and generate money for those behind the bots. They have also been used in bitcoin mining.
Source: Web of woe: What you need to know about botnets – Threat Intel – Medium
Cyber security experts are warning that consumers can also be targeted by the ransomware that has affected huge organisations around the world.
A new variant of known malware Petya is believed to be behind the chaos, which initially hit Ukraine, before spreading to companies in a number of other countries, including the UK.
However, it’s not just big businesses that are under threat. Consumers are also at risk and should be wary if they are running operating systems that are vulnerable to the exploit, in other words if you have not patched,” Raj Samani, chief scientist & fellow at McAfee, told the Independent.
Childnet Education Officer Tom offers some top tips for parents to help young people stay safe on Roblox.
“In Childnet education sessions, young people and parents often mention Roblox, the popular gaming site. Young people regularly tell us how much they enjoy the different games and levels within it. This blog explains a bit about Roblox, what to be aware of as a parent and offers our top tips on how to ensure your child stays safe. This is will include:
- Communication: how Roblox can be used to communicate with other users
- Content: what content is available on Roblox that might not be suitable for children
- Costs: what ways children might accidentally run up costs while using Roblox
Plus we will share our top tips for staying engaged with your children’s use of Roblox and making the most of the safety features available on the service.”
Source: Roblox – a guide for parents | Safer Internet Centre
Mac users are being warned about new variants of malware that have been created specifically to target Apple computers. One is ransomware that encrypts data and demands payment before files are released. The other is spyware that watches what users do and scoops up valuable information.
Experts said they represented a threat because their creators were letting anyone use them for free. The two programs were uncovered by the security firms Fortinet and AlienVault, which found a portal on the Tor “dark web” network that acted as a shopfront for both.
The wide availability of Wi-Fi networks can make it difficult to unplug and disconnect on vacation, but if consumers take that extra step and unplug they can experience a more secure trip.
Despite the benefits experienced from unplugging, most individuals still prefer to stay connected when on vacation. But when individuals put convenience over security, by using unsecured Wi-Fi access points that are easily hackable for example, they leave themselves open to the possibility of having their personal information compromised.
Source: How to stay secure while staying connected on vacation – Help Net Security
Talking to kids about online safety is a difficult undertaking for many adults, and making the lessons stick is even harder. To that end, Google has launched a new program called Be Internet Awesome, which includes:
- An online video game called Interland
- A classroom curriculum
- A YouTube video series
The game and learning materials are aimed at children that are between 8 and 11. Interland can be played on any of the major browsers. It leads the player through several floating islands where the challenges and puzzles they should complete will teach them about several aspects of online safety: how to choose which information to share with whom, how to choose good passwords, how to deal with online bullies, how to spot scams.
Source: Google game teaches kids about online safety – Help Net Security
Just how much money can a scammy iPhone app make in the iOS App Store? You may be surprised. After all, how does $80,000 per month sound to you? The “Mobile protection :Clean & Security VPN” app is estimated to be have earnt its developer $80,000 per month, after tricking users into signing up for an eye-watering $99.99 per week subscription through a careless thumb press.
Source: Watch out! Scammers are making a fortune in the iOS App Store – HOTforSecurity
If something you’ve ordered hasn’t arrived, you should contact the seller to find out where it is.
It’s the seller’s legal responsibility to make sure the item is delivered to you. They should chase the delivery company and let you know what’s happened to your item.
If your item wasn’t delivered to the location you agreed (eg it was left with your neighbour without your consent), it’s the seller’s legal responsibility to sort out the issue.
If the item doesn’t turn up, you’re legally entitled to a replacement or refund.
Source: If something you ordered hasn’t arrived – Citizens Advice