Tag: data privacy

Citing Facebook, Mobile Devices, FTC Updates Online Protections for Kids

The U.S. Federal Trade Commission issued updated rules on Wednesday that will ban online advertisers from tracking the online behavior of children without explicit consent from their parents. In a press conference in Washington D.C, FTC Chairman Jon Leibowitz announced new guidelines for implementing the Children’s Online Privacy Protection Act (COPPA). Among other things, the changes expand the list of information that cannot be collected from children without parental consent to include photographs, videos and audio recordings of children and geo-location information. “Unless you get parental consent, you may not track children and use their information to build massive profiles of online behavior,” said FTC Chairman Leibowitz. The new rules are a major revision to the COPPA rule, which was first passed in 1998. The law is a kind of privacy Bill of Rights and applies to children 13 years old and younger. Speaking at a press conference on Wednesday afternoon, […]

Tantalizing Clues in Dexter Malware Lead to Mystery Man…and Zeus

The Dexter malware is getting some media attention this week – and not just because the malware shares its name with Showtime’s popular drama about a serial killer by the same name. (Not that those of us tasked to write catchy headlines don’t love stuff like that – ’cause we do.) No, the Dexter virus caught the attention of malware analysts because it infects point of sale (POS) systems like electronic cash registers, kiosks and automatic teller machines (ATMs), rather than run of the mill laptops and desktops. It has also generated some interest because it uses a form of memory dump parsing to steal sensitive data from infected POS terminals, and because its POS malware that is part of a botnet – communicating back to a command and control system and receiving commands – that’s quite unusual and, while its kind of insider baseball for malware geeks, it makes […]

Report Warns of Growing ‘Dark Side’ of Cyberspace

The head of a prominent human rights groups has warned that increased state involvement in cyberspace, including surveillance, censorship, propaganda campaigns and offensive cyber operations threatens the future of the Internet as much as endemic problems like cyber crime – part of a growing “dark side” to cyberspace. Writing in the Penn State Journal of Law and International Affairs,  Ronald Deibert, Director of Citizen Lab and Canada Centre for Global Security Studies said that threats to human rights and individual liberties come from a variety of states – from authoritarian regimes, to Latin American narco-states to liberal democracies in the West, as governments increasingly leverage the power of the Internet to monitor citizens’ behavior and impose limits on free expression. Citizen Lab, part of the Munk School of Global Affairs at the University of Toronto, has played a key role in high-profile investigations of cyber espionage including the now-infamous Ghost Net attacks on […]

Web Attacks Target Foreign Exchange, Payment Processing Sites

A currency trading web site was compromised and used to serve malicious java applications to unwitting visitors, according to researchers at the security firm Websense- part of what might be a larger trend. Websense said in a blog post on Wednesday that the site tradingforex.com, which is used by foreign currency traders, was infected with a malicious Java applet that, when installed, key logging and screen capture software. Tradingforex.com (@Tradingforexxx) is a Cyprus-based online trading web site. It allows individuals to trade on the global foreign exchange market (or Forex). Users can trade everything from foreign currencies to precious metals, commodities and other financial instruments. According to an investigation by Websense researcher Gianluca Giuliani, the site was pushing a back door program to visitors using a malicious Java plugin to exploit known Java vulnerabilities on the victims’ computers. Further investigation by Websense and Giuliani revealed that the malware being pushed […]

Adobe Acknowledges Hack of User Forum For Connect Service

Software giant Adobe on Wednesday confirmed claims by a self-proclaimed “Egyptian” hacker to have compromised a user support forum frequented by customers of its Connect web conferencing technology, stealing user account information and posting some of it online. Adobe’s Director of Connect, Guillaume Privat, acknowledged in a blog post on Wednesday that the compromise of the Connectusers.com forum by an “unauthorized third-party” was for real and that the company has disabled the forum while it investigates the incident. The breach was first disclosed on Tuesday when a hacker calling himself “ViruS_HimA” posted what appeared to be account e-mail and password information online through web sites like pastebin.com and sendspace.com. The hacker claimed to have compromised a database server used to maintain the Connnectusers.com forum and downloaded information on 150,000 account holders, including the users names, login IDs, hashed password values, employer and e-mail address. The motive for the hack was […]