Amazon’s Ring has settled with the Federal Trade Commission (FTC) over charges that the company allowed employees and contractors to access customers’ private videos, and failed to implement security protections which enabled hackers to take control of customers’ accounts, cameras, and videos.
The FTC is now sending refunds totaling more than $5.6 million to US consumers as a result of the settlement. Ring LLC, which was purchased by Amazon in February 2018, sells internet-connected, home security cameras and video doorbells.
Read more…
Source: Malwarebytes Labs
Related:
- Conti ransomware gives HSE Ireland free decryptor, still selling data
May 20, 2021
The Conti ransomware gang has released a free decryptor for Ireland’s health service, the HSE, but warns that they will still sell or release the stolen data. Ireland’s HSE, the country’s publicly funded healthcare system, and the Department of Health were attacked by the Conti ransomware gang last Friday. Read more… Source: Bleeping Computer
- Android apps exposed data of millions of users through cloud authentication failures
May 20, 2021
Researchers analyzing Android apps have discovered serious cloud misconfigurations leading to the potential exposure of data belonging to over 100 million users. In a report published on Thursday by Check Point Research, the cybersecurity firm said no less than 23 popular mobile apps contained a variety of “misconfigurations of third party cloud services.” Cloud services are widely ...
- How Myanmar’s military moved in on the telecoms sector to spy on citizens
May 19, 2021
In the months before the Myanmar military’s Feb. 1 coup, the country’s telecom and internet service providers were ordered to install intercept spyware that would allow the army to eavesdrop on the communications of citizens, sources with direct knowledge of the plan told Reuters. The technology gives the military the power to listen in on calls, ...
- Ireland: ‘Wizard Spider’ cybercrime gang claim Health Service Executive attack
May 18, 2021
Hackers known as Wizard Spider are spinning a web of chaos since it launched a ransomware attack on the Health Service Executive last week. The Russian hackers have claimed responsibility for the most serious ever cyberattack on Ireland’s critical infrastructure. The group, who are seeking ransom of up to €20 million in cryptocurrency, are not motivated by ...
- Cross-browser tracking vulnerability tracks you via installed apps
May 14, 2021
Researchers have developed a way to track a user across different browsers on the same machine by querying the installed applications on the device. Certain applications, when installed, will create custom URL schemes that the browser can use to launch a URL in a specific application. Read more… Source: Bleeping Computer
- Experian API Leaks Most Americans’ Credit Scores
April 29, 2021
A researcher is claiming that the credit scores of almost every American were exposed through an API tool used by the Experian credit bureau, that he said was left open on a lender site without even basic security protections. Experian, for its part, refuted concerns from the security community that the issue could be systemic. The tool, ...