Security
  • Menu
  • All Tips
  • FAQs
  • Categories
  • Guidelines
  • Data Security Support
  • Tools
  • Have I Been Pwned?
  • Pwned Passwords
  • Email Checker
  • Password Generator
  • My IP
  • Privacy
DATA PRIVACY NOTICE AND CONSENT FORM

Cloudstaff is committed to protecting the privacy of its data subjects, and ensuring the safety and security of personal data under its control and custody. This policy provides information on what personal data is gathered by Cloudstaff Security Tips about its current, past, and prospective employees; how it will use and process this; how it will keep this secure; and how it will dispose of it when it is no longer needed. This information is provided in compliance with the Philippine Republic Act No. 10173, also known as, the Data Privacy Act of 2012 (DPA) and its Implementing Rules and Regulations (DPA-IRR). It sets out Cloudstaffs’ data protection practices designed to safeguard the personal data of individuals it deals with, and also to inform such individuals of their rights under the Act.

The personal data obtained from this application is entered and stored within the Cloudstaff system and will only be accessed by the Cloudstaff’s authorized personnel. Cloudstaff have instituted appropriate organizational, technical and cloud security measures (Amazon Web Services Shared Responsibility) to ensure the protection of the users personal data.

Information collected will be automatically deleted after three (3) years inactivity.

Furthermore, the information collected and stored in the application are as follows:
  • Given Name
  • Family Name
  • Avatar [Profile Picture]

USER CONSENT

I have read the Data Privacy Statement and expressed my consent for Cloudstaff to collect, record, organize, update or modify, retrieve, consult, use, consolidate, block, erase or destruct my personal data as part of my information.

I hereby affirm my right to be informed, object to processing, access and rectify, suspend or withdraw my personal data, and be indemnified in case of damages pursuant to the provisions of the Republic Act No. 10173 of the Philippines, Data Privacy Act of 2012 and its corresponding Implementing Rules and Regulations.

If you want to exercise any of your rights, or if you have any questions about how we process your personal data, please contact Cloudstaff’s Data Protection Officer, through the following channel:

Email to privacy@cloudstaff.com

  • Log in Now
Landmark Ruling: NSO Group Ordered to Surrender Pegasus Spyware Code to WhatsApp in Legal Battle

A U.S. judge has mandated that NSO Group relinquish its source code for Pegasus and other remote access trojans to Meta as part of Meta's ongoing legal dispute with the Israeli spyware vendor.

This decision represents a significant legal triumph for Meta, which initiated the lawsuit in October 2019, accusing NSO Group of exploiting its infrastructure to distribute spyware to roughly 1,400 mobile devices between April and May, including targeting two dozen Indian activists and journalists.

These attacks capitalized on a then-zero-day vulnerability in the instant messaging app (CVE-2019-3568, CVSS score: 9.8), exploiting a critical buffer overflow flaw in the voice call feature to deploy Pegasus simply by making a call, even if unanswered. Additionally, the attack methodology involved erasing call information from logs to evade detection.

Recently released court documents reveal that NSO Group has been instructed to provide details on the full functionality of the relevant spyware, covering a period from one year before the alleged attack to one year after (April 29, 2018, to May 10, 2020). However, NSO Group is not obliged to disclose specific server architecture details, as Meta can acquire such information from the spyware's functionality. Notably, NSO Group is not required to disclose the identities of its clients.

Donncha Ó Cearbhaill, head of the Security Lab at Amnesty International, expressed disappointment that NSO Group can keep its clients' identities confidential, despite the court's decision favoring Meta.

NSO Group faced sanctions from the U.S. in 2021 for developing and supplying cyber weapons to foreign governments, which maliciously targeted various individuals, including government officials, journalists, and activists.

Meanwhile, Meta faces criticism from privacy and consumer groups in the European Union over its "pay or okay" subscription model, which they argue forces users into a choice between paying a "privacy fee" or consenting to be tracked by the company, potentially undermining GDPR regulations.

These legal developments coincide with findings from threat intelligence firm Recorded Future, revealing a new multi-tiered delivery infrastructure linked to Predator, a mobile spyware managed by the Intellexa Alliance. This infrastructure network likely serves Predator customers across several countries, including Angola, Armenia, and Saudi Arabia, among others.

Source: https://thehackernews.com/2024/03/us-court-orders-nso-group-to-hand-over.html

Caitlin Joyce (CaitlinG) Galanza | News
Created: March 04 2024 | Updated: on 3/4/24
Comments

  2021 © Mazer

Security Tips v2.0.1 | Crafted with by Saugi