Search
Content type: Examples
In December 2019, a Brazilian public security programme, called the Integrated Border Operations Center (CIOF) was presented. The CIOF aims to combat transnational organised crime in the region of Foz do Iguaçu and the Triple Border Area1, shared by Argentina, Brazil, and Paraguy, and integrate different public security agents through a centralised system.
It has been reported that CIOF is part of a wider digital security apparatus being deployed in the Triple Border Area, that there is…
Content type: Examples
A vulnerability in the Bono Familiar Universal, the platform used to distribute the financial subsidy provided to households in precarious economic situation by the Peruvian government in response to the Covid-19 pandemic, enabled the subsidy to be accessed by malicious individuals.
The vulnerability was reported by Deep Security, and it was resolved but an undetermined number of malicious individuals were able to pose as beneficiaries to access the platform and collect the subsidy themselves…
Content type: Examples
A study of 17 Android mobile contact tracing apps from 17 different countries found that most government-sponsored contact tracing apps are insecure and risk exposing users’ privacy and data. The researchers used the presence or absence of six basic hardening techniques: name obfuscation (just one app of the 17), string encryption (29%), asset/resource encryption (6%), class encryption (6%), root detection (41%), and emulator detection (18%) as indicators of the overall level of in-app security…
Content type: Examples
A detailed analysis of Pakistan’s app, which was developed by the Ministry of IT and Telecom and the National Information Technology Board and which offers dashboards for each province and state, self-assessment tools, and popup hygiene reminders, finds a number of security issues. Among them: the app uses hard-coded credentials, which it sends insecurely, to communicate with the government server, and it downloads the exact coordinates of infected people in order to provide a map of their…
Content type: Examples
Excluded groups such as sex workers and asylum seekers are being left behind in the UK’s COVID-19 response as control measures amplify existing health inequalities and put life-saving advice and care further out of reach.
The closure of services and some GP registrations, a lack of access to technology, distrust and fear of authorities, unsuitable or insecure accommodation, and reduced income are among the many challenges facing people in vulnerable circumstances in England.
Doctors of…
Content type: Examples
As part of its planning for the 2020 Olympic Games, due to be held in Tokyo, Japan approved a law that would allow the government to conduct a survey to identify vulnerable Internet of Things devices. The National Institute of Information and Communications Technology staff who carry out the survey, who will be supervised by the Ministry of Internal Affairs and Communications, are required to follow strict rules in attempting to hack into these devices: they are only allowed to use default…
Content type: Examples
In May 2018, UK-based security researcher Robert Wiggins discovered that the mobile app TeenSafe, marketed as a secure app for iOS and Android, was storing data it collected on servers hosted on Amazon's cloud without a password and openly accessible. The app lets parents monitor their children's text messages, location, browsing history, and apps, as well as who they called and when, and does not require parents to obtain their children's consent. The insecurely stored 10,200 records included…
Content type: Examples
At the 2016 Usenix Workshop on Offensive Technologies, researchers from the University of Michigan presented the results of tests that showed that industrial vehicles - a 2006 semi-trailer and a 2001 school bus - were subject to the same security flaws as had already been found in domestic cars. Via digital signals sent within a big truck's internal network, the researchers were able to change the truck's instrument panel readout, trigger unintended acceleration, and even disable part of the…
Content type: Examples
In March 2016, a hacker group identifying itself as Anonymous Philippines defaced the website of the Philippine Commission on the Elections (Comelec), leaving a message that accused Comelec of not doing enough to secure the voting machines due to be used in the general election the following month. That same day, LulzSec Piliphinas, a different but related hacker group, posted online a link to a 338GB database it claimed was the entire electoral register of 54.36 million Filipinos. Trend Micro…
Content type: Examples
Facebook has come under fire after leaked documents revealed the social media site has been targeting potentially vulnerable children.
The allegations suggest the company is gathering information on young people who “need a confidence boost” to facilitate predatory advertising practices.
Confidential documents obtained by The Australian reportedly show how Facebook can exploit the moods and insecurities of teenagers using the platform for the benefit of advertisers.…