Jump to content

Search the Community

Showing results for tags 'firms'.

More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...

Found 3 results

  1. Councils are sharing information about users of their websites – including when they seek help with a benefit claim, or with a disability or alcoholism – with dozens of private companies. More than 400 local authorities allowed at least one third-party company to track individuals who visit their sites, an investigation has revealed. Some councils were found to be letting companies track use of sensitive sections of their sites, such as when people were seeking financial help or support for substance abuse. Data obtained from cookies tracking where users go online can be sold by data brokers for profit. Critics have argued that council websites serve a public purpose and should not let outside firms monitor their users’ activity, especially given the sensitive nature of some visits. Council user data Wolfie Christl, a technologist and researcher who has been investigating the ad-tech industry, said: “Public sector websites and apps should not use invasive third-party tracking at all.” Johnny Ryan, the chief policy officer at the anonymous web browser Brave, who analysed council websites and shared the findings with the Guardian, said: “Private companies embedded on council websites learn about you. This happens even on the most sensitive occasions, when you might be seeking help from your council.” Brave used open-source tools to see what companies were present on certain webpages. They found 409 council websites in the UK allowed private companies to receive data about their visitors. The investigation has found: Twenty-three councils let data brokers – businesses that collect personal information about consumers and sell that information to other organisations – learn when someone visited their site. On Enfield borough council’s site, a page for people who need financial support for accommodation and food allowed 21 companies, including Google, to see who was visiting. A page on Sheffield city council’s website for people seeking help for substance abuse shared data about visitors with at least 20 companies, including seven data brokers. Ealing’s special educational needs and disability page allowed at least 21 firms to access data about visitors. Almost 7 million people are served by councils that allow one data broker, LiveRamp, to track people on their sites. The company used to be part of Acxiom, a group that sold electoral profiles to Cambridge Analytica. Companies track online activity through cookies, pixels and other trackers. When embedded in a browser, these bits of code can let users be traced around the web. While they don’t identify personal details such as name or address, they identify a user’s viewing habits – such as which page was loaded at a specific time. While many websites including the Guardian use cookies, Ravi Naik, a data lawyer at AWO, suggested that their use on council websites was problematic because of the nature of the details being shared. He said: “We have most of our conversations with the state through local authorities and because of that involve more sensitive and personal information.” It is now prohibited for companies to share data on protected categories without explicit consent. This means before information on health, sexual orientation, race and political opinions is collected, the user must agree to the specific sharing of their “special category” data. Companies say they have consent via people accepting cookies. However, Brave’s report found that while some websites may have stated they used cookies, no users clicked on any buttons to accept or opt out of this process. The law states consent must be informed and based on an explicit affirmative action. The Information Commissioner’s Office (ICO) said: “To be valid, consent must be freely given, specific and informed. It must involve some form of unambiguous positive action – for example, ticking a box or clicking a link – and the person must fully understand that they are giving you consent.” Ryan said: “We used an automatic system to load each council’s webpage. All it does is load the site. It is not able to click buttons. All of the tracking revealed in our research happened without consent.” Mark Gannon, the director of business change and information solutions at Sheffield city council, said cookies were used on its website, “and we require the consent of all customers to store or retrieve any data on a computer, laptop, smartphone or tablet”. The report states that when the Sheffield council website was loaded, companies could track someone without clicking on anything. Sheffield council said it used an Internet Advertising Bureau (IAB) transparency and consent framework tool provided by the Council Advertising Network. The network said: “No cookies whatsoever are installed for data brokerage purposes – this suggests that data collected from the website is being sold on, and it is not.” Ealing council said it believed its approach was “compliant with the requirements of GDPR”. However, it noted: “This is a complex and ever-evolving area which needs to be kept under review.” Enfield borough council in north London did not provide a comment. LiveRamp said it was no longer a part of Acxiom and it had never “sold UK electoral profile information to Cambridge Analytica”. It said it operated in compliance with jurisdictional laws and worked “diligently to detect and prevent the misuse of data”. A further 198 councils use real-time bidding (RTB) – when a web user loads a page, thousands of potential advertisers bid to serve them an advert in the blink of an eye. It means people’s data is being broadcast all over the internet to hundreds of companies. The ICO has been investigating the practice. Naik said there were two main issues. “The micro issue is: are councils really informing people about what is going on? The macro thing is the real-time bidding ad industry. There is an ongoing complaint to the Information Commissioner’s Office about this practice. They have already said they consider the practice unlawful.” Naik said it was hard to tell whether councils were making money from it. “But I imagine to councils it seems like a win-win situation.” A Google spokesperson said it did not build advertising profiles “from sensitive interest categories, including from sites offering help to address personal hardships, and we have strict policies preventing advertisers from using such data to target ads”. They told the Guardian that third-party cookies could be used to better enable basic site functions or to serve and measure advertising. Source
  2. A little over 21 million login credentials stolen from Fortune 500 companies have been found in various places on the dark web, many of them already cracked and available in plaintext form. The information was compiled by crawling multiple resources, like markets in the Tor network, web forums, Pastebin, IRC channels, social networks, and messenger chats. Cracked passwords ahead 21,040,296 is the exact number of credentials belonging to companies ranking in the first 500 that security researchers found on the web. Most of them were from tech companies, closely followed by organizations in the financial industry. Entities in the healthcare, energy, telecommunications, retail, industrial, transport, aerospace and defense sectors are also on the list. Not all of them are fresh, though. ImmuniWeb says in a report published today that 16,055,871 of the credentials they found were compromised in the past 12 months. However, the researchers reveal a worrying statistic: "95% of the credentials contained unencrypted, or brute-forced and cracked by the attackers, plaintext passwords." Using machine learning technology, the researchers were able to determine the accuracy and reliability of the data set by cleaning it of fake leaks, duplicates and default passwords set automatically. Hilariously weak popular passwords Despite finding as many as 21 million login records, the report notes that only 4.9 million of them were unique, "suggesting that many users are using identical or similar passwords." Of course the most insecure password and variations of it are present in the data set; and they were found in data sets for companies in almost all verticals, except the financial one, where users relied on other, equally weak logins. Although it was not the most popular in all cases, "password" and its variants exist in the top five most used passwords. A simple glance at the passwords below makes it clear that companies still haven't learned how to protect access to their assets and that recommendation for using a strong password flew right past them. Even an uncomplicated phrase that does not use special symbols, numbers or upper case letters is better than any of them. According to the report, the weakest logins were from the retail industry, where almost half of the passwords were less than eight characters long and could be found in common dictionaries. However, companies in other industries are not far behind in this. Most industries in the top ten with the weakest passwords from ImmuniWeb's report have a third or more logins that could be cracked in seconds. The researchers note that about 11% of the passwords from a data breach are identical. This could be explained by the use of default passwords, bots creating accounts. A reset procedure that defined the same password for a large number of accounts is another possibility, ImmuniWeb says. Additionally, there may be a connection between the number of subdomains with a poor web security grade (C or F) and the exposed credentials as they are proportional. Ilia Kolochenko, CEO and Founder of ImmuniWeb says that cybercriminals focus on the shortest, least resistant path to get what they want. Given the login data in the report, they have no trouble getting their prize. Source
  3. Businesses are becoming exasperated at the lack of progress in Brexit talks and are pausing or cancelling investment in the UK. Nicole Sykes, head of EU negotiations at the CBI Businesses are becoming exasperated at the lack of progress in Brexit talks and are pausing or cancelling investment in the UK. A week that many had hoped would bring progress in the talks has now come and gone without a breakthrough. Employers group the CBI says 80% of surveyed members feel Brexit uncertainty has already had a negative impact on investment decisions. On Friday, Theresa May held a conference call with 150 top bosses. She wanted to reassure them that she was still confident of striking a deal and that she recognised their concerns. The chief executive of one company on the call told the BBC the PM had "done a good job and had a reassuring tone" while another said there had been "nothing new in her message". Of the members surveyed by the CBI, 39% said they would trigger additional contingency plans if there was no further clarity by November, while a further 19% said it was already too late. Nicole Sykes, the CBI's head of EU negotiations, says the situation is urgent, pointing to concrete examples of cancelled projects: "We heard from a fashion house that wanted to set up a new factory in the UK. £50m of investment, cancelled. "But we're also talking about some small things. We heard from a Northern Ireland farmer who wanted to build a new machine to make their operations more efficient, grow competitive. Again, that's been cancelled. So we really are talking about real economic consequences." Despite the PM's attempts to calm nerves, many businesses are in the process of stepping up their preparations for leaving the EU without a deal at the end of March next year. Transportation worries Supermarket executives told the BBC they were weighing up the viability of flying in fresh food from outside the EU to avoid potential log jams at the ports like Dover. Different companies reached different conclusions. One said: "We haven't started chartering aircraft yet but we are looking at it. We are very worried about Dover so we are also looking at alternative ports like Felixstowe as an alternative." Another major supermarket executive said that air freight isn't the answer: "There simply isn't the capacity at a moment when every other industry will be trying to do the same thing." However, they felt that the problem is potentially so severe that they do not believe it will come to that. "There is no way the UK or EU would allow the UK to run out of food, but we are looking at alternative ways to transport fresh food, as stockpiling is not an option." The car industry is also very sensitive to supply chain hold-ups. Industry body the SMMT described the lack of progress in talks as hugely disappointing and said it had "grave concerns". Car makers are looking at alternative ports, increased warehousing and moving the supply of some parts outside the UK. BMW has already brought forward an annual shutdown of Mini production to coincide with the UK's departure from the EU, while Jaguar Land Rover has warned of the potential loss of tens of thousands of UK jobs. It's not just business which is pessimistic about a deal being struck in time. International Trade Secretary Liam Fox this week reiterated his prediction that a no deal scenario was more likely than not. "I've said that the chance of a no deal is 60% and I'm not changing that view," he said. He also told a gathering of business leaders this week that great opportunities in international trade await the UK outside the EU. Most of the audience that night will hope he got the first bit wrong. Source
  • Create New...