Your Tech Story

Data Privacy

Nuix

Nuix – An Australian Company Founded With The Goal To Extract knowledge From Unstructured Data.

Nuix is a publicly-traded company that was founded in 2000. The company’s main goal is to collect vast quantities of unstructured data to extract useful information from it. Every organization, big or small, needs to study data to understand every aspect of the business from the consumer market to market regulations. So, the solutions of this company are very useful especially to big corporations that have millions of customers across the world meaning more unstructured data. Some of the biggest clients of Nuix are Airbus, Amazon, American Express, Barclays, AIG, etc. Nuix currently serves more than 2,000 customers in 79 countries.

About Nuix

Nuix is a software development company with its headquarters based in Sydney, Australia. The company develops innovative software to harness the power of unstructured data to its full potential. Nuix’s technology is used for various purposes in the digital world including data privacy, data governance, financial crimes, digital forensics, regulatory compliance, etc. Nuix has been the recipient of several prestigious awards because of its innovative technology. The company currently has around 400 employees and the numbers didn’t change much since 2006. Apart from Australia, the company has headquarters in Asia, the Middle East, North America, and Europe.

Truth be told, though organizations keep records of every employee, every customer in an organized way, the amount of unstructured data exceeds the structured data. The data received from social media, online communications, etc are messy but they are important. And, Nuix’s technology helps in visualizing and analyzing this chaotic data into something more meaningful that businesses could use to increase their growth. The six primary products of the company are Nuix Adaptive Security, Nuix Automation, Nuix Discover, Nuix Investigate, Nuix Enterprise Collection Center, and Nuix Workstation.

Nuix
Image source: marcustoday.com

David Sitsky – Brain Behind the Technology

David Sitsky is the main brain behind founding Nuix. He had immense knowledge in complex operating systems and large-scale parallel computing. He dedicated his career to developing algorithms that could search through search and analyze through the unstructured and messy data from emails and any social platforms. He understood that his idea has good potential when one of the largest employers in Canberra used his algorithm to find some inappropriate image that was attached to an email. After the attempt was successful, it became the first evidence that Sistky’s algorithm is very powerful and it could find things with forensic accuracy. Even today people of the company believe that Sitsky was able to build software like this because he was able to imagine the amount of unstructured data that will generate in the future.

History of Nuix

Nuix has grown beautifully over the last twenty years. From a one-man operation, today fifty software developers and ninety software engineers work in America in sync with employers in Sydney. America is a huge market for Nuix’s technology especially for the tech giants that are dominating the digital market across the world. For the unique and impactful work done by the company, Nuix was offered a contract by the Securities and Exchange Commission in 2010.

In 2012, the company bagged the Australian Export Awards for the Information and Communication Technology category and also won the Premier’s NSW Exporter of the Year Award in 2015. Nuix was also made an Industry Partner of the International Multilateral Partnership Against Cyber Threats. It was only in 2020 that Company decided to go public and filed its IPO. It is currently listed on the Australian Securities Exchange and the largest shareholder of the company is Macquarie Group.

Jonathan Rubinsztein – CEO of Nuix

Jonathan Rubinsztein is the new CEO of Nuix who was appointed in December 2021. Before that, he was the CEO and Managing Director of Informedia Ltd. He is also an entrepreneur who founded DXC Red Rock and served as its CEO for more than sixteen years. Rubinsztein is also the founder of RockSolid SQL, a company that developed a database management product. After his post-graduation, his career started with Accenture where he joined as a consultant.

bumble

Bumble and OkCupid Have a Flaw Putting User Data of Millions at Risk

Data security has been gaining prominence in recent years thanks to data activists and experts. As more and more people have started asking questions regarding their user data, companies have also started to become more stringent. User data becomes quite sensitive, especially when used to find suitable matches on popular dating websites and apps. A recent allegation regarding a significant flaw in apps such as OkCupid, Bumble, and Grindr have left millions worried about their personal data. Here’s a quick look at what the flaw is, how it can impact people, and what the experts are doing about it.

Bumble Putting User Data of Millions at Risk

Apps such as OkCupid, Grindr, Bumble, Yango Pro, PowerDirector, and several others are vulnerable to a flaw in the Play Core library. This defect puts the user data of millions of people at risk as per a report by Check Point. The research firm believes that though Google patched this flaw in April, app developers are yet to make the required changes. For the fix to work, the developers have to install the new Play Core library to neutralize the threat. However, all the apps mentioned above still make use of the old library, putting them at risk. Apps such as Booking and Viber were some of the few that updated their Play Core library and mitigated the risk.

bumble
Image Source: pcmag.com

What is the flaw?

The security experts at Check Point noted that Bumble, Grindr, and OkCupid are vulnerable to the CVE-2020-8913. While Google released a new patch in April, for the flaw rooted in the widely used Play Core library, failure to update the library leaves these apps at risk. The Play Core library is responsible for notifying users of in-app updates and feature modules for their phones. The CVE-2020-8913 allows threat actors to siphon off user data through these vulnerable apps. As a result, the flaw could lead to millions of people losing their private information. The leaked data will include critical information, including financial details, email passwords, and login credentials. The CVE-2020-8913 flaw allows hackers to add their executable modules to apps that use the Play Core library. Hence, arbitrary codes can be compromised to execute with malicious intent

Google’s Response

Google acknowledged that the bug was serious and gave it a severity rating of 8.8 out of 10. They responded quickly by releasing a patch that remedied the problem, way back in April. However, app developers have not been careful enough, and are yet to install the new update putting millions at risk of a data breach. Experts at Check Point note that over 13% of all Google Play apps they analyzed in September leveraged the Google Play Core library. Unfortunately, over 8% of these apps still used the vulnerable version, with only a few making the switch to the safer version. Even ones like Viber and Booking only updated after the experts at Check Point brought the matter to their attention.

Potential Danger

Aviran Hazum, who serves as the Manager of Research on Mobiles at Check Point, believes that hundreds of millions of users now face a security risk. Since CVE-2020-8913 is highly dangerous, the developers not installing the new patch is highly risky. In case any malicious application finds its way into this vulnerability, it can compromise several popular applications and gain the same access as the app. For instance, the vulnerability allows for the stealing of the two-factor authentication codes or even that of banking application credentials.

A threat actor could also manipulate social media apps to spy on others and grab messages from people, leading to a large number of attack possibilities. Hence, all users who have such apps on their phones are putting their data at risk. Experts are therefore recommending users to uninstall these apps until developers install the new patch and mitigate the risk of a breach. Since the security firm has notified the apps regarding the vulnerability, an update is expected son from their side. Following such an update, users can reinstall the apps and continue to use them as they did before.