• BURN MEDIA
    • Motorburn
      Because cars are gadgets
    • Gearburn
      Incisive reviews for the gadget obsessed
    • Ventureburn
      Startup news for emerging markets
    • Jobsburn
      Digital industry jobs for the anti 9 to 5!

Security

  • Watch out for the latest OTP scam plaguing MTN’s network

    If excessive spam calls weren't enough, South Africans will now need need to guard against a new MTN scam plaguing the network. Using OTPs, or one-time PIN numbers, scammers can gain access to a users' MTN account, purchase airtime and data, and then transfer said purchases to another number. According to MTN, fraudsters gain the OTP from users directly, asking them to provide it during spam calls. "Unfortunately, fraudsters are everywhere and we want to be sure all our customers are protected at all times, across our entire business," explained Jacqui O'Sullivan, the company's corporate affairs executive. "Our systems are designed to safeguard...

  • 4 lessons for businesses on South Africa’s biggest data breach

    While massive data breaches are associated with international companies such as Ashley Madison or LinkedIn, South Africa is no stranger to customer data being released into the public domain by cybercriminals. In fact, it was in October 2017 when security expert Troy Hunt stumbled across the largest data breach in South African history. The personal data of millions of South Africans was compromised when a database backup file titled "masterdeeds.sql" was leaked publicly online. The data contained millions upon millions of ID numbers, as well as contact details, addresses and income of certain individuals. It's rumoured that even President Jacob Zuma's...

  • ‘Skygofree’ spyware can steal your Android’s WhatsApp data

    Gone are the days when the scariest digital security vulnerabilities were found on Microsoft Windows. This week, Kaspersky has alerted the world to an Android spyware with "previously unseen" capabilities. Scarier still is that the spyware, dubbed Skygofree, has been active for more than three years. "Skygofree is a sophisticated, multi-stage spyware that gives attackers full remote control of an infected device," the company alerted in a press release. "It has undergone continuous development since the first version was created at the end of 2014 and it now includes the ability to eavesdrop on surrounding conversations and noise when an infected device...

  • Grey Saturday: the safest shopping day of the Black Friday weekend

    What is the safest day to shop online during the sales season? That's a question many a budget hunter should be asking over the Black Friday weekend. Cybersecurity company Kaspersky believes that it has the answer. Between Black Friday and Cyber Monday, there's a lesser known shopping day dubbed Grey Saturday. And yes, it's name isn't quite as catchy. It does however hold one particular distinction. According to Kaspersky's data, Grey Saturday is the safest day to shop online during the Black Friday weekend. The company recorded a dip in reported phishing attacks through 2015 and 2016 when compared to the likes of...

  • Kaspersky: manufacturing industry sees most cyber attacks in H1 2017

    Cybersecurity has been at the forefront of conversation for companies and individuals this year, especially in the wake of the Equifax hack, the Deloitte breach, and Yahoo's big revelation yesterday. But which industries are the most attacked? Kaspersky today issued its Threat Landscape for Industrial Automation Systems in H1 2017 report that revealed some notable worldwide internet security trends. Based on the company's findings, March was the most active month for cyber attacks so far. Kaspersky also claims its products blocked around 37.6% of attack attempts on ICS computers in the first half of 2017. "This figure was almost unchanged compared to the previous...

  • ‘All Yahoo user accounts’ were affected by 2013 hack

    When Yahoo announced that a billion users were affected by its 2013 hack, the internet weathered a collective cold sweat. But the story isn't quite done yet. The internet company's parent firm Oath today released "new intelligence" regarding the breach. "Subsequent to Yahoo's acquisition by Verizon, and during integration, the company recently obtained new intelligence and now believes, following an investigation with the assistance of outside forensic experts, that all Yahoo user accounts were affected by the August 2013 theft," Oath, also a subsidiary of Verizon, confirmed in a press release. That's three-billion users. While Oath confirmed that the orchestrators of the hack...

  • 3 ways employees can risk your firm’s cybersecurity (and what to do about it)

    Employees have been called the weakest link in a business's cybersecurity – a particularly notable problem in a time where high-profile hacks and ransomware attacks are on the rise. A favourite target of hackers is small-to-medium business – as they often have higher cash pools than individuals, but lack the cybersecurity of major institutions. But even if your cybersecurity is up to scratch, an employee who is unfamiliar with digital threats can cost you dearly. Here are three ways your employees can put your business cybersecurity at risk: Opening emails with malicious software While many people have wised up to the typical scams that...

  • Deloitte hit by cyber attack, emails possibly compromised

    According to a report by The Guardian, accounting and consulting giant Deloitte is today the latest global firm to succumb to a cyber attack. The firm had reportedly known about the breach since March 2017, but hackers may have been able to access data on Deloitte's systems since October 2016. By compromising an administrator account that lacked a two-factor authentication system, the attackers theoretically had "access to all areas", The Guardian notes. Along with emails from the company employees, the attackers may have been able to access usernames, passwords, IP addresses and other sensitive information stored as attachments. An administrator account lacking two-factor...

  • CCleaner came bundled with malware for a month and nobody noticed

    CCleaner -- a program usually used to clean Windows, Android and MacOS of errant software and data -- has itself been infected by a trojan. A new report by Talos suggests that for nearly a month the program's installer didn't just install Piriform's file cleaner, but rather additional malware. "For a period of time, the legitimate signed version of CCleaner 5.33 being distributed by Avast also contained a multi-stage malware payload that rode on top of the installation of CCleaner," the Talos team explains in a blog post. This malware was reportedly bundled with the program's install files located within Piriform's legitimate...

  • 143m Americans’ credit, personal data compromised due to Equifax breach

    Equifax, one of the US's largest consumer credit reporting agencies, today announced a breach of its digital security measures that could affect as many as 143-million Americans. That's close to half the country's population. The hack was first discovered by the company on 29 July, but took place between mid-May and July. "Criminals exploited a U.S. website application vulnerability to gain access to certain files," the company explains in a notice. "Based on the company’s investigation, the unauthorized access occurred from mid-May through July 2017. The company has found no evidence of unauthorized activity on Equifax’s core consumer or commercial credit reporting databases." The...

  • How to protect your child’s identity in an online world

    There are indications that identity theft syndicates are now targeting children. Common-sense practices, backed up by proper education, will save endless trouble down the line. In the online world, identity theft has become big business. People are remarkably careless about divulging personal information online, or storing it on unencrypted mobile or other digital devices. Criminals can use this information to open bank and store accounts and access state and other benefits unlawfully. Personal information like full names, birth date and parents’ names can be used to create an alias that stands up to most scrutiny. Worryingly, there are signs that identity thieves...

  • 4 tips for keeping your identity safe on the internet

    Over the course of the past decade, the brick-and-mortar institutions of yesteryear have rapidly been replaced by online counterparts, with South Africans now turning to the Internet to perform banking transactions, book flights and even shop for groceries. While this rapid surge in connectivity has undoubtedly made the world a more convenient place, it’s also made many South Africans vulnerable to the threat of online fraud and identity theft. According to recently released statistics from the South African Fraud Prevention Services (SAFPS), identity theft has increased by over 200% in the past six years, with an estimated 8.8-million South Africans affected...

  • PhishNet sends mock-phishing emails to employees for the greater good

    Telecommunications company Internet Solutions (IS) has debuted a new service that allows security teams in companies to launch authentic phishing attacks on their colleagues, scaring them stiff and teaching them valuable lessons about cyber security. Dubbed PhishNet, the service aims to educate staffers about the nature, mechanics and calling cards of a phishing attack while providing the companies with data on their security practices and infrastructure. PhishNet's debut comes at a time when cyber security is paramount in media and mainstream conversation, following the recent WannaCry and Petya ransomware attacks. WannaCry in particular -- which infected more than 250 000 computers...

  • Amazon, WhatsApp score poorly in EFF’s annual privacy report

    When you sign up for the world's biggest services/apps, you're giving loads of information to these firms. But who can be trusted with your data? The Electronic Frontier Foundation (EFF) has released its annual "Who Has Your Back" report to answer this very question. The report grades some of the biggest companies in five categories, namely whether they follow best practices, tell users about government data requests, have a pro-user public policy, stand up to gag orders and promise not to sell out users. The worst offenders? US networks AT&T, Comcast, T-Mobile and Verizon all scored one star out of five -- a...

  • SA’s Dept of Education website hacked with ‘I love Islamic State’ message

    If you're trying to access South Africa's Department of Basic Education's website at present, you can't. It's down. And there's a very good reason why. The Department took to Twitter to announce that its site has been "hacked". Our website has been hacked👇🏿 pic.twitter.com/ROK4cQChLd — Dep. Basic Education (@DBE_SA) June 28, 2017 "A short while ago we discovered that the Department's website has been hacked," begins an attached press release, published around 9pm Wednesday. Things then get gruesome. "The people who breached the website have since posted gory pictures of decapitated corpses, some of whom are children." The presser didn't go into specifics, but it did...