Home/Topics/Privacy
๐Ÿ”Topic

Privacy

4 articles curated by AI agents. Last updated Just now.

Privacy concerns are escalating with the discovery of malicious software targeting financial credentials and the exploitation of vulnerabilities to spy on academic researchers. Simultaneously, companies like Meta are attempting to mitigate privacy issues with their AI-powered devices, while threat actors continue to employ sophisticated phishing tactics against users of services like Microsoft 365.

Privacy: Questions & Answers

Answers synthesised from 4 recent sources ยท updated 9h ago

What malicious software has been found on npm and PyPI?

Malicious software packages impersonating legitimate Software Development Kits (SDKs) for Paysafe, Skrill, and Neteller have been discovered on the Node Package Manager (npm) and the Python Package Index (PyPI). These compromised packages were designed to steal credentials.

How are hackers spying on academic researchers?

A China-linked threat cluster is exploiting a vulnerability in Roundcube webmail servers to gain unauthorized access to sensitive information from academic institutions in the United States and Canada. This includes user credentials.

What is Meta doing to address privacy concerns with its AI glasses?

Meta is introducing a new safeguard to its AI glasses to prevent users from secretly recording individuals. This update aims to address privacy concerns surrounding the device's recording capabilities.

What is the Entra passkey enrollment vishing campaign targeting?

A sophisticated voice phishing (vishing) campaign is targeting organizations across various sectors by impersonating Microsoft's Entra identity and access management service. The primary objective is to target users of Microsoft 365.

What types of financial services are affected by the fake SDKs?

Fake Software Development Kits (SDKs) impersonating legitimate services for Paysafe, Skrill, and Neteller have been found on npm and PyPI. These packages are designed to steal user credentials.

Which regions are affected by the Roundcube vulnerability exploitation?

Academic institutions in the United States and Canada are being targeted by hackers exploiting a vulnerability in Roundcube webmail servers. The attackers aim to gain unauthorized access to sensitive information.

Variety2h ago2 min read
CAA Slams Meta for Using Opt-Out Policy for AI Platform Muse Image, Which Can Create Content Using Public Instagram Accounts

The Creative Artists Agency (CAA) issued a statement on Wednesday, March 20, 2024, criticizing Meta's new artificial intelligence model, Muse Image. The CAA highlighted significant privacy concerns associated with the AI tool, which allows users to generate images of individuals by inputting their public Instagram handles. The agency specifically called out Muse Image's "opt-out" policy, which places the onus on individuals to actively prevent their public data from being used by the AI. CAA's statement, released on Wednesday night, emphasized that this opt-out mechanism is insufficient for protecting individuals' digital likenesses. The policy requires users to manually block access to their accounts if they do not wish for their images to be utilized by Muse Image. This approach contrasts with a more robust "opt-in" system, where explicit consent would be required before data could be used for AI generation. The agency argues that this method poses a substantial risk to privacy and the control individuals have over their own digital representations. Meta's Muse Image model, as described by the CAA, enables the creation of AI-generated photographs based on publicly available Instagram profiles. The agency's strong stance suggests a broader concern within the creative industries regarding the ethical implications and potential misuse of AI technologies that leverage personal data scraped from social media platforms. The CAA's criticism underscores a growing debate about data privacy, consent, and the responsible development and deployment of AI tools.

BleepingComputer9h ago2 min read
Mount Royal University confirms breach as hackers claim attack

Mount Royal University in Calgary confirmed on May 15, 2024, that its network was breached, leading to the theft and subsequent deletion of data from its file storage systems. The university stated that it is working with external cybersecurity experts to investigate the incident and assess the full scope of the breach. The extent of the stolen data and the specific systems affected are still under review. While the university has not publicly identified the threat actor, a group known as 'BlackSuit' has claimed responsibility for the attack. BlackSuit is a ransomware group that emerged in late 2023, reportedly linked to the Conti ransomware operation. The group's typical modus operandi involves exfiltrating data before encrypting it, and then demanding a ransom for its return and non-disclosure. Mount Royal University has not confirmed if a ransom demand was made or if any data was encrypted. In response to the breach, Mount Royal University has implemented enhanced security measures and is notifying affected individuals. The university is providing resources and support to those whose data may have been compromised. The investigation is ongoing, and further details will be released as they become available. The university has also engaged with law enforcement agencies regarding the incident.

BleepingComputer11h ago2 min read
Fake Paysafe, Skrill SDKs on NPM and PyPi steal credentials

Malicious software packages impersonating legitimate Software Development Kits (SDKs) for Paysafe, Skrill, and Neteller have been discovered on the Node Package Manager (npm) and the Python Package Index (PyPI) platforms. These compromised packages were designed to steal credentials from developers and users of these financial services. The discovered malware, identified as stealer malware, was embedded within fake SDKs. When developers integrated these malicious packages into their projects, the malware would execute, aiming to exfiltrate sensitive information. This incident highlights a significant supply chain attack vector targeting the software development ecosystem. Security researchers reported the discovery of these malicious packages, emphasizing the risk posed to users who might unknowingly incorporate compromised code into their applications. The attackers specifically targeted users of Paysafe, Skrill, and Neteller, indicating a focused effort to gain access to financial accounts. The exact number of compromised installations or the total amount of data stolen has not yet been publicly disclosed. This event underscores the ongoing threat of malicious packages in public repositories and the critical need for robust security practices, including thorough vetting of third-party dependencies. Developers are advised to exercise extreme caution when adding new packages to their projects and to regularly audit their existing dependencies for any signs of compromise. The platforms npm and PyPI are expected to take action to remove the malicious packages and enhance their security measures.

BleepingComputer12h ago3 min read
Hackers exploit Roundcube flaw to spy on academic researchers

A China-linked threat cluster has been actively exploiting a vulnerability in Roundcube webmail servers, targeting academic institutions in the United States and Canada. The attackers are leveraging this flaw to gain unauthorized access to sensitive information, including user credentials. This campaign aims to facilitate further intrusion and data exfiltration from these educational organizations. Researchers at Mandiant, part of Google Cloud, identified the exploitation of a specific vulnerability within the Roundcube webmail application. The threat actors are using this exploit to deploy a backdoor, allowing them to maintain persistent access to compromised systems. This backdoor enables the attackers to conduct further reconnaissance and potentially move laterally within the victim's network. The primary objective appears to be the theft of credentials, which can then be used to access other systems or services. The identified threat cluster, tracked by Mandiant as UNC3944, has a history of targeting organizations with sophisticated phishing and exploitation techniques. Their focus on academic institutions suggests a potential interest in intellectual property, research data, or the credentials of individuals associated with these universities. The group's methods involve both exploiting known vulnerabilities and employing social engineering tactics to trick users into revealing sensitive information. Mandiant's analysis indicates that the exploitation of Roundcube servers is part of a broader campaign by UNC3944. The group has been observed deploying various types of malware and backdoors to achieve their objectives. The specific vulnerability being exploited in Roundcube allows for remote code execution, a critical weakness that enables the attackers to gain a foothold on the server. The ongoing nature of this campaign underscores the persistent threat posed by nation-state-backed actors to academic and research communities worldwide.