Category: Tech

The Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten – IMY) has fined two companies with 12.3 million SEK (€1 million/$1.1 million) for using Google Analytics and warned two others about the same practice. In a decision published yesterday, the agency explains that by using Google Analytics to generate web statistics the firms were breaching European Union’s General Data Protection Regulation (GDPR). Specifically, the companies were in violation of the GDPR Article 46(1), which forbids the transfer of personal data to countries or…

Microsoft has denied the claims of the so-called hacktivists “Anonymous Sudan” that they breached the company’s servers and stole credentials for 30 million customer accounts. Anonymous Sudan is known for debilitating distributed denial-of-service (DDoS) attacks against Western entities in recent months. The group has confirmed their affiliation with pro-Russian hacktivists like Killnet. Last month, Microsoft admitted that Anonymous Sudan was responsible for service disruptions and outages at the beginning of June that impacting several of its services, including Azure, Outlook, and…

Sweden’s data protection watchdog has issued a couple of fines in relation to exports of European users’ data via Google Analytics which it found breach the bloc’s privacy rulebook owing to risks posed by US government surveillance. It has also warned other companies against use of Google’s tool. The fines — just over $1.1 million for Swedish telco Tele2 and less than $30k for local online retailer CDON — are notable as they are the first such fines following a…

MOSCOW (Sputnik) – Russian forces have destroyed a Ukrainian Starlink satellite communication station and a drone control center near Artemovsk (Bakhmut), a Russian Defense Ministry spokesperson told Sputnik. “… the artillery of the group [of Russian forces] destroyed a Starlink communication station, a control center for unmanned aerial vehicles together with a Leleka-100 drone, a communication center and a pickup truck with an infantry group,” the spokesperson said. In addition, Russian forces have repelled an attack by a Ukrainian assault…

Petro-Canada gas stations across Canada are impacted by technical problems preventing customers from paying with credit card or rewards points as its parent company, Suncor Energy, discloses they suffered a cyberattack. Suncor Energy is the 48th-largest public company in the world, and one of Canada’s largest synthetic crude producers, having an annual revenue of $31 billion. The company says it has taken measures to mitigate the attack and informed the authorities of the situation. At the same time, it expects…

  The U.S. government has confirmed that multiple federal agencies have fallen victim to cyberattacks exploiting a security vulnerability in a popular file transfer tool. In a statement shared with TechCrunch, CISA confirmed that “several” U.S. government agencies have experienced intrusions related to the exploitation of a vulnerability in MOVEit Transfer, an enterprise file transfer tool developed by Progress Software. The agency also attributed the attacks to the Russia-linked Clop ransomware gang, which this week started posting the names of…

The U.S. government has been hit in a global hacking campaign that exploited a vulnerability in widely used software, the nation’s cyber watchdog agency said on Thursday. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said several federal bodies had experienced intrusions following the discovery of a weakness in the file transfer software MOVEit, Eric Goldstein, the agency’s executive assistant director for cybersecurity, said in a statement. “We are working urgently to understand impacts and ensure timely remediation,” he said….

Reddit CEO Steve Huffman, desperate to show Wall St. that his company can make money, decided to lock away the information on Reddit behind a paywall by turning Reddit’s free API to paid, creating quite a mess. In response, thousands of subreddits went dark on Monday, with a plan for most (though not all) to come back today. But, on Tuesday, Huffman’s internal email to Reddit staff leaked to the Verge, in which Huffman continued with the same dismissive attitude…

  The European Commission has signalled it could be preparing to break up Google’s adtech business. Speaking during a press conference this afternoon, EU EVP Margrethe Vestager, the bloc’s competition chief and head of digital strategy, announced it has sent a formal statement of objections to Google for suspected anti-competitive conduct in its adtech business. If the Commission confirms its suspicions she said it is looking at breaking up Google’s adtech as the only viable solution to resolve what she…

The top US securities regulator sued cryptocurrency platform Coinbase on Tuesday, the second lawsuit in two days against a major crypto exchange, in a dramatic escalation of a crackdown on the industry and one that could dramatically transform a market that has largely operated outside regulation. The US Securities and Exchange Commission (SEC) on Monday took aim at Binance, the world’s largest cryptocurrency exchange. The SEC accuses Binance and its CEO Changpeng Zhao of operating a “web of deception”. If…

Meta has been dragged kicking and screaming into another notable privacy concession in Europe: The German Federal Cartel Office (FCO) has announced a new account center incoming which will see the tech giant provide users of its social networking services with a greater degree of choice over whether they allow it to combine data on their activity across its services or not. It will be the first time Meta has provided such a degree of choice over its cross-site tracking…

A Florida man has pleaded guilty to importing and selling counterfeit Cisco networking equipment to various organizations, including education, government agencies, healthcare, and the military. The 39-year-old resident of Florida, Onur Aksoy, conducted the scheme through 19 companies formed in New Jersey and Florida and in several online storefronts, collectively known as ‘Pro Network Entities,’  Aksoy had a criminal complaint filed against him approximately a year ago, with the Department of Justice accusing him of running the counterfeit scheme between 2014…

We’ve written a lot about AB 2273, California’s Age Appropriate Design Code (AADC) that requires websites with users in California to try to determine the ages of all their visitors, write up dozens of reports on potential harms, and then seek to mitigate those harms. I’ve written about why it’s literally impossible to comply with the law. We’ve had posts on how it conflicts with privacy laws and how it’s a radical experimentation on children (ironically, the drafters of the…

Schwartz was using ChatGPT for legal research for the first time when he put it to work drafting the ten-page brief he hoped would convince Manhattan Federal Judge P. Kevin Castel not to dismiss his case, he told the court in an affidavit on Thursday, explaining that he “therefore was unaware of the possibility that its content could be false.”   When asked, ChatGPT even told Schwartz – a lawyer with 30 years of experience – that the half dozen…

CISA warned of a recently patched zero-day vulnerability exploited last week to hack into Barracuda Email Security Gateway (ESG) appliances. Barracuda says its security solutions are used by more than 200,000 organizations worldwide, including high-profile companies like Samsung, Mitsubishi, Kraft Heinz, and Delta Airlines. The U.S. cybersecurity agency also added the bug (CVE-2023-2868) to its catalog of security flaws exploited in the wild based on this evidence of active exploitation. Federal Civilian Executive Branch Agencies (FCEB) agencies must patch or…

U.S. authorities have seized 13 more domains linked to some of the world’s most popular DDoS-for-hire websites. These websites, also described as “booter” or “stressor” services, are marketed as legitimate security testing tools that allow admins to stress-test websites. In reality, the services are used for launching denial-of-service (DDoS) attacks designed to overwhelm websites and networks and force them offline. The DOJ announced on Monday that the FBI had seized 13 more domains linked to some of the most prolific…