3 Mobile UK hacked and suffered from Data Breach
3 (three) mobile has been victim of massive data breach that exposed 6 million customers’ details. Hackers have gained access to the phone upgrade databases using employee login to enter into the database. The stolen data includes customer name, address, phone numbers, and date of birth. The details can be used to upgrade handset, place a new order for phone, intercepting arrived parcel. The investigation is going on and there were three men arrested for a data breach.
WhatsApp has enabled 2-Factor Authentication
WhatsApp has added two-factor authentication to fix a loophole in its security feature. Hackers earlier could hack the victim’s account with just his/her phone number and with technical skills. Besides, two-factor authentication, hackers will now need OTP, 6-digit 2SV passcode along with a phone number to reconfigure the WhatsApp account. To enable two-factor authentication, users have to sign in to WhatsApp Beta version and follow the path like WhatsApp settings>> Account>> Two-step verification. When a user reconfigures the WhatsApp account or adds a new number, he/she should enter a 6-digit passcode.
iCloud stores User’s log information
Elcomsoft has revealed that Apple’s online synchronizing service iCloud silently stores log of user’s private information. Online iCloud sends the user’s call history to the company’s server in case iCloud is enabled. The iCloud allows storing the data for four months. To stop this synch service, they should completely disable the cloud sync feature. If you have an iPhone or iPad, the device collects and transfers private information to iCloud. Even the iPhone sends information that is collected from third-party applications.
NIST Published Cyber Security Guideline for Small Businesses
NIST has published cyber security guidelines for small businesses that more prone to hacking. The guideline provides basic cyber security recommendations with a risk management process. The guideline shows business owners how they can protect their business against cyber threat. It includes four steps like Identify, Protect, Detect, Response, and Recover reveals about the understanding about risk management. Few points NIST guideline covers are limitation on employee access to data, employee training about information security, information security policy, data encryption.
Russia Banned LinkedIn for violation of Protection Law
Russia is likely to ban LinkedIn because of violation of protection law of country. Moscow court has banned LinkedIn social network. LinkedIn did not follow guidelines of Russian data protection law stipulating about sharing data to third parties. The law was for making Russian users safe from surveillance activities. Russia’s Federal service (for Telecom and Information technologies and Mass communications) also threatening other social giants.
The US Government released IoT security guidance
The US government released guidance on IoT security that aims at manufacturer, service providers, developers, business consumers. The DHS (Department of Homeland Security) has stated four principles at design level, promotion level, security practice and continuous connectivity. Many IoT products are released without considering dangers and cyber threats. The US government believes that DHS guideline will provide a base for IoT manufacturers and developers.