Category: Tech
Latitude Financial hit by malicious cyberattack
Latitude Financial has revealed it has been hit by a sophisticated and malicious cyberattack that has compromised a total of 328,000 separate pieces of data that it had sourced from its customers. The loans, credit card and insurance provider said it had detected unusual activity on its systems over the last few days that was believed to have originated from a major vendor used by Latitude.
The company said the attacker appeared to have used employee login credentials to steal personal information that was being held by two other of Latitude’s service providers. In a statement to the ASX on Thursday morning, Latitude said approximately 103,000 identifications documents – 97% of which were drivers’ licences – were stolen from the first service provider, while 225,000 customer records were stolen from a second service provider.
OneTrust board changes ready it for ‘last phase as a private company’
Privacy technology company OneTrust announced a series of changes to its board of directors and governance structure Wednesday, which it says positions the company for future growth.
Under the revised governance arrangement, CEO Kabir Barday, CIPP/E, CIPP/US, CIPM, CIPT, FIP, will be joined by Coatue Management’s Thomas Laffont and Insight Partners’ Richard Wells. Current board members Alan Dabbiere, David Dabbiere and John Marshall will depart from the board, which now seeks “four new independent board members resulting in a majority-independent board of seven people,” according to the company’s press release.
“Today, we have a clear path forward, strong investor demand, and the capital to support this last phase as a private company,” Barday said in comments provided to The Privacy Advisor.
The Emotet botnet returns and is sending a slew of malicious emails
The notorious Emotet botnet, considered one of the biggest threats to internet security, has resurfaced after a prolonged hiatus, armed with new tactics. The botnet’s trademark strategy of sending spam messages that appear to be from a known contact, addressing recipients by name and purporting to respond to existing email threads, was observed again last week after a four-month break.
Previous resumptions of activity have seen Emotet deploy fresh techniques to avoid endpoint security products and deceive users into clicking on links or enabling dangerous macros in Microsoft Office attachments.
China identifies roots of US crackdown on TikTok
The White House Office of Management and Budget issued guidance on Monday giving all federal agencies 30 days to wipe TikTok from employees’ devices. Mandated by Congress, the move follows similar guidance by the Pentagon, Department of Homeland Security, and the State Department, all of which cited alleged data harvesting by the Chinese-developed app. “How unsure of itself can the world’s top superpower be to fear a favorite app of young people like that?” Chinese Foreign Ministry spokeswoman Mao Ning told a press briefing on Tuesday.
New DOJ/Commerce ‘Disruptive Technology Strike Force’
The strike force’s goal is to “…protect U.S. national security by preventing …sensitive technologies from being used for malign purposes” by “nation-state adversaries” such as China, Iran, Russia, and North Korea. The “sensitive technologies” at issue include supercomputing and “exascale” computing, quantum computing, biosciences, and, of course, artificial intelligence.
This development reflects the Administration’s continuing focus on using export control policy and enforcement to advance its national security priorities—of which economic security has become a key subset. The Administration has used the Foreign Direct Product Rule and coordinated its use, particularly regarding advanced semiconductor technology and related tooling, among its allies and partners outside of the traditional multilateral frameworks. This is yet another example of how the Administration has scaled-up its use of export controls to generate desired outcomes in the areas of technology security and economic competitiveness – both national security priorities – vis-à-vis, in particular, China. The creation of the Disruptive Technologies Strike Force is the latest step by the Administration toward institutionalizing a “whole of government” approach to its novel use of export control policy and enforcement to counter this geopolitical rival.