Privacy

April 16, 2021 by Blog – CyberDB

Data Protection: Making Sure that Your Customers’ Information is Secure

Small companies are attractive targets for cybercriminals because they don’t have the resources to combat it like the more prominent companies. Or they’re hoping that they don’t. Has a data breach compromised your company? Consider bringing in a digital forensics investigator that can root out any security issues they find when examining your setup. They’re […]

The post Data Protection: Making Sure that Your Customers’ Information is Secure appeared first on CyberDB.

April 16, 2021 by Amer Owaida

Spring cleaning? Don’t forget about your digital footprint

Here are some quick and easy tips to help you clean up your cyber-clutter and keep your digital footprint tidy
The post Spring cleaning? Don’t forget about your digital footprint appeared first on WeLiveSecurity

April 15, 2021 by Tripwire Guest Authors

A quick round up of privacy highlights for Q1 of 2021

As expected, the start of 2021 has seen unprecedented movement in the U.S. with 22 states introducing comprehensive privacy legislation and even more introducing specific-use legislation. To date, hundreds of privacy bills were introduced across the st…

April 15, 2021 by Paul Ducklin

S3 Ep28: Pwn2Own hacks, dark web hitmen and COVID-19 privacy [Podcast]

New episode – listen now!

April 14, 2021 by Graham Cluley

School janitor says she was fired for not installing smartphone tracking app

A school janitor has lost her job, and she says it’s because she refused to download a smartphone app that would track her location.

April 14, 2021 by Joseph Carson

A Post-Data Privacy World and Data-Rights Management

Joseph Carson, chief security scientist at Thycotic, discusses the death of data privacy and what comes next.

April 13, 2021 by Help Net Security

330 million people across 10 countries were victims of cybercrime in 2020

Over the past year, 65% of people around the world report spending more time online than ever before, likely a result of the COVID-19 pandemic. As we connected to the internet for everything from work and school to entertainment, social connection and …

April 13, 2021 by Graham Cluley

A helpful reminder about just how much Facebook stalks you on the internet

Many Facebook users think they only have to worry about the data that they personally share about themselves on Facebook, by posting messages on the site, connecting with their friends, and liking posts.

But the truth is that Facebook knows much mor…

April 12, 2021 by Help Net Security

Cybersecurity guide for the hospitality industry

A practical cybersecurity guide from the National Institute of Standards and Technology (NIST) can help hotel owners reduce the risks to a highly vulnerable and attractive target for hackers: the hotel property management system (PMS), which stores gue…

April 12, 2021 by Becky Bracken

1.3M Clubhouse Users’ Data Dumped in Hacker Forum for Free

Clubhouse denies it was ‘breached’ and says the data is out there for anyone to grab.

April 12, 2021 by Tara Seals

Man Arrested for AWS Bomb Plot

A man caught in an FBI sting allegedly said he wanted to destroy “70 percent of the internet” by going after the tech giant’s data centers.

April 12, 2021 by Graham Cluley

Upstox warns of serious data breach, resets passwords

Indian stock trading firm Upstox has revealed to users that it has suffered a serious security breach that may have seen unauthorised criminal access to millions of customers’ personal information.

April 12, 2021 by Paul Ducklin

Apple and Google block official UK COVID-19 app update

UK coronavirus app update apparently included “feature creep” that’s explicitly prohibited by Apple’s and Google’s programming rules.

April 12, 2021 by Paul Ducklin

Naked Security Live – How to spot “government” scammers

Latest episode – watch now, and please share with your friends and family!

April 9, 2021 by Amer Owaida

Data from 500 million LinkedIn accounts put up for sale

The treasure trove of data reportedly includes users’ LinkedIn IDs, full names, email addresses, phone numbers and workplace information
The post Data from 500 million LinkedIn accounts put up for sale appeared first on WeLiveSecurity

April 8, 2021 by Tony Anscombe

Does data stolen in a data breach expire?

Some personal information just doesn’t age – here’s what the Facebook data leak may mean for you
The post Does data stolen in a data breach expire? appeared first on WeLiveSecurity

April 8, 2021 by Graham Cluley

Smashing Security podcast #222: Facebook, deepfakes, and April Fools scandals – with Nina Schick

Deepfake expert Nina Schick joins us as we discuss synthetic media, Facebook’s latest data fiasco, and some less-than-brilliant April Fool’s tricks.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” p…

April 7, 2021 by Elizabeth Montalbano

Facebook: Stolen Data Scraped from Platform in 2019

The flaw that caused the leak of personal data of more than 533 million users over the weekend no longer exists; however, the social media giant still faces an investigation by EU regulators.

April 7, 2021 by Graham Cluley

A new headache for ransomware-hit companies. Extortionists emailing your customers

Cybercriminal extortionists have adopted a new tactic to to apply even more pressure on their corporate victims: contacting the victims’ customers, and asking them to demand a ransom is paid to protect their own privacy.

Read more in my article on t…

April 7, 2021 by Bruce Schneier

Signal Adds Cryptocurrency Support

According to Wired, Signal is adding support for the cryptocurrency MobileCoin, “a form of digital cash designed to work efficiently on mobile devices while protecting users’ privacy and even their anonymity.”

Moxie Marlinspike, the creator of Signal and CEO of the nonprofit that runs it, describes the new payments feature as an attempt to extend Signal’s privacy protections to payments with the same seamless experience that Signal has offered for encrypted conversations. “There’s a palpable difference in the feeling of what it’s like to communicate over Signal, knowing you’re not being watched or listened to, versus other communication platforms,” Marlinspike told WIRED in an interview. “I would like to get to a world where not only can you feel that when you talk to your therapist over Signal, but also when you pay your therapist for the session over Signal.”…

April 7, 2021 by Graham Cluley

Facebook isn’t sorry for letting someone steal personal details of half a billion users

Would it have been so hard for Facebook to apologise for allowing 533 million personal records – including users’ phone numbers – to leak onto the internet?

I don’t think so. And yet sorry seems to be the hardest word…

April 6, 2021 by Becky Bracken

Chinese Hackers Selling Intimate Stolen Camera Footage

A massive operation offers access to hacked camera feeds in bedrooms and at hotels.

April 5, 2021 by Tom Spring

533M Facebook Accounts Leaked Online: Check if You Are Exposed

An estimated 32 million, of the half-billion of Facebook account details posted online, were tied to US-based accounts.

April 4, 2021 by Help Net Security

Encryption is either secure or it’s not – there is no middle ground

The principle of end-to-end encryption underpins a system of communication where only the communicating users can read the messages. To this end, it exists to prevent any potential eavesdroppers (telecom providers, internet providers, law enforcement a…

April 4, 2021 by Help Net Security

The impact of the CCPA on companies’ privacy practices

A new DataGrail report examined how millions of California consumers are exercising their privacy rights – to access their data, delete their data, and stop the sale of their data to a third-party – according to the CCPA, which went into ef…

April 1, 2021 by Help Net Security

Death, taxes, and hacks: How to prevent cyberattacks during tax season

Remember how folks did taxes in the olden days? They’d collect large piles of paper documents, fill out endless pages of forms, stuff a bunch of receipts in a shoebox and – after filing to the IRS – cross their fingers hoping they didn’t forget somethi…

April 1, 2021 by Help Net Security

Death, taxes, and hacks: How to prevent cyberattacks during tax season

Remember how folks did taxes in the olden days? They’d collect large piles of paper documents, fill out endless pages of forms, stuff a bunch of receipts in a shoebox and – after filing to the IRS – cross their fingers hoping they didn’t forget somethi…

April 1, 2021 by Help Net Security

Encrypted method that measures encounters could slow down or prevent future pandemics

When you bump into someone in the workplace or at your local coffee shop, you might call that an “encounter.” That’s the scientific term for it, too. As part of urgent efforts to fight COVID-19, a science is rapidly developing for mea…

April 1, 2021 by Paul Ducklin

S3 Ep26: Apple 0-day, crypto vulnerabilities and PHP backdoor [Podcast]

Latest episode – listen now!

March 31, 2021 by Graham Cluley

Smashing Security podcast #221: God bless his hairy palms

FatFace stumps up $2 million to its ransomware extortionists, an IT administrator is caught with his pants down, Mobikwik blames its users for a data breach, and we burgle a house… virtually.

All this and much much more is discussed in the latest …

March 31, 2021 by Tom Spring

Apple, Google Both Track Mobile Telemetry Data, Despite Users Opting Out

Google’s Pixel and Apple’s iPhone both in privacy hot seat for siphoning mobile device data without consent.

March 31, 2021 by Elias Chachak

What Do You Need to Know About Cyber Security Management?

Modern technology is becoming one of the best ways to make businesses operate more efficiently. The demand for cyber security management has skyrocketed and that is a concept that a lot of people are not even familiar with. This guide is going to take an in-depth look at cyber security management and help you to […]

The post What Do You Need to Know About Cyber Security Management? appeared first on CyberDB.

March 30, 2021 by Help Net Security

3 steps to meeting data privacy regulation compliance through identity programs

Cybersecurity is undeniably a business-critical function. That’s only been reinforced over the past few months by the SolarWinds and Exchange attacks. Consequently, a recent PWC report found that 55% of enterprise executives plan to increase their cybe…

March 30, 2021 by Elizabeth Montalbano

Intel Sued Under Wiretapping Laws for Tracking User Activity on its Website

A class-action suit in Florida accuses the tech giant of unlawfully intercepting communications by using session-replay software to capture the interaction of people visiting the corporate homepage Intel.com.

March 29, 2021 by Help Net Security

93% of consumers concerned about data security when filling out online forms

Source Defense provides in-depth analysis of the client-side threat landscape and specific attacks like formjacking, Magecart and web browser threats. The research offers a rare window on web security sentiments for a population relying almost exclusiv…

March 28, 2021 by Graham Cluley

Alex Salmond’s Alba party website leaks data in IDOR foul-up

It’s just two days since former SNP leader Alex Salmond launched a brand new political party to campaign for an independent Scotland.

And already it has suffered a data breach.

March 26, 2021 by Howard Solomon

Sections of proposed CPPA worse than existing privacy law, says privacy commissioner

In a recent speech, the federal privacy commissioner details flaws in the proposed Consumer Privacy Protection Act
The post Sections of proposed CPPA worse than existing privacy law, says privacy commissioner first appeared on IT World Canada.

March 26, 2021 by Howard Solomon

Parts of proposed privacy legislation worse PIPEDA, says commissioner

In a recent speech, the federal privacy commissioner details flaws in the proposed Consumer Privacy Protection Act

The post Parts of proposed privacy legislation worse PIPEDA, says commissioner first appeared on IT World Canada.

March 25, 2021 by Industry News

How to get affordable DV certificates for onion sites

The Tor Project, the nonprofit developers of the Tor network and Tor Browser, have announced two exciting developments for onion services: affordable DV certificates for v3 onion sites from HARICA, and new, easy onion site setup guides. About Tor Milli…

March 25, 2021 by Graham Cluley

Smashing Security podcast #220: Ransoms, scandals, and glitter bombs

PC manufacturer Acer might have received a $50 million ransom demand, a warning spreads on Facebook about a trick being used by hackers, and why are the City of London’s police not happy about Sci Hub?

All this and much much more is discussed in the…

March 24, 2021 by Becky Bracken

ProtonVPN CEO Blasts Apple for ‘Aiding Tyrants’ in Myanmar

CEO says Apple rejected a security update needed to protect human-rights abuse evidence.

March 23, 2021 by Help Net Security

What businesses need to know to evaluate partner cyber resilience

Many recent high-profile breaches have underscored two important cybersecurity lessons: the need for increased scrutiny in evaluating access and controls of partners handling valuable customer data, and the imperativeness of assessing a third party’s (…

March 23, 2021 by Becky Bracken

Security Analysis Clears TikTok of Censorship, Privacy Accusations

TikTok’s source code is in line with industry standards, security researchers say.

March 23, 2021 by Tara Seals

Hobby Lobby Exposes Customer Data in Cloud Misconfiguration

The arts-and-crafts retailer left 138GB of sensitive information open to the public internet.

March 22, 2021 by Paul Ducklin

Instagram scams and how to avoid them

Don’t get taken for a sucker on social media! Here are our top tips to protect you from Instagram scams…

March 21, 2021 by Blog – CyberDB

Cybersecurity Tips for Students at Home and in School 2021

According to recent reports, cyberattacks are occurring every 39 seconds in the US. Sounds impressive, doesn’t it? What’s more, one attack can harm millions of people. For example, when Atlanta was attacked using ransomware called SamSam, the city was offline for five days, which halted several significant citywide operations. As a result, the amount of […]

The post Cybersecurity Tips for Students at Home and in School 2021 appeared first on CyberDB.

March 19, 2021 by Cameron Camp

Trust your surveillance? Why hacked cameras are very bad

When a breach captures a part of us that is unchangeable, does it mean that we have allowed technology to pry too deeply into our lives?
The post Trust your surveillance? Why hacked cameras are very bad appeared first on WeLiveSecurity

March 19, 2021 by Pierluigi Paganini

Millions of People Can Lose Sensitive Data through Travel Apps, Privacysavvy reports

According to a report published by researchers at PrivacySavvy, many travel companies expose users’ data through their booking apps. In a report published on the 16th of March by PrivacySavvy, many travel companies expose users’ data through their booking apps. PrivacySavvy is a digital security company on a mission to educate internet users on issues […]

The post Millions of People Can Lose Sensitive Data through Travel Apps, Privacysavvy reports appeared first on Security Affairs.

March 18, 2021 by Elias Chachak

Why cybersecurity is one of the things your business cannot afford to take lightly

There has been more than enough to worry about for the small business owner in the last 12 months. The checklist of things that have changed overnight probably covers every aspect of their business, foremost amongst them possibly that their entire workforce could now be working remotely. While getting a company through the last 12 […]

The post Why cybersecurity is one of the things your business cannot afford to take lightly appeared first on CyberDB.

March 18, 2021 by Graham Cluley

Smashing Security podcast #219: Cheerleaders, dating apps, and crisis PR

How are cheerleaders being creeped out by deepfakes? What might Tinder tell potential dates about your murky past? And how should companies respond to the press when a security breach occurs?

All this and much more is discussed in the latest edition…

March 16, 2021 by Becky Bracken

Mom & Daughter Duo Hack Homecoming Crown

A Florida high-school student faces jail time for rigging her school’s Homecoming Queen election.

March 15, 2021 by Help Net Security

Risk management in the digital world: How different is it?

Managing risk arising from remote work has largely been reactive, and risk managers have had to adapt to new digital threats that weren’t necessarily as prevalent when work was done from a physical office. Risk managers need to think proactively about …

March 15, 2021 by Bruce Schneier

Security Analysis of Apple’s “Find My…” Protocol

Interesting research: “Who Can Find My Devices? Security and Privacy of Apple’s Crowd-Sourced Bluetooth Location Tracking System“:

Abstract: Overnight, Apple has turned its hundreds-of-million-device ecosystem into the world’s largest crowd-sourced location tracking network called offline finding (OF). OF leverages online finder devices to detect the presence of missing offline devices using Bluetooth and report an approximate location back to the owner via the Internet. While OF is not the first system of its kind, it is the first to commit to strong privacy goals. In particular, OF aims to ensure finder anonymity, untrackability of owner devices, and confidentiality of location reports. This paper presents the first comprehensive security and privacy analysis of OF. To this end, we recover the specifications of the closed-source OF protocols by means of reverse engineering. We experimentally show that unauthorized access to the location reports allows for accurate device tracking and retrieving a user’s top locations with an error in the order of 10 meters in urban areas. While we find that OF’s design achieves its privacy goals, we discover two distinct design and implementation flaws that can lead to a location correlation attack and unauthorized access to the location history of the past seven days, which could deanonymize users. Apple has partially addressed the issues following our responsible disclosure. Finally, we make our research artifacts publicly available…

March 14, 2021 by Help Net Security

Why data privacy will be the catalyst for digital identity adoption

Most of us probably don’t think of buying a bottle of wine as a security risk. However, we inadvertently give away our address, surname, nationality and signature – unnecessarily – every time we buy alcohol. In proving our age, which only requires our …

March 13, 2021 by Graham Cluley

Police raid apartment of alleged Verkada hacker, as questions asked about employees’ access to customer video feeds

Following news that the video streams of 150,000 webcams managed by Verkada had been breached, police in Switzerland have raided the alleged hacker’s apartment.

March 12, 2021 by Becky Bracken

Europol Credits Sweeping Arrests to Cracked Sky ECC Comms

Sky ECC claims that cops cracked a fake version of the app being passed off by disgruntled reseller.

March 11, 2021 by Help Net Security

Can private data be recovered from “sanitized” images?

Machine learning systems are becoming pervasive not only in technologies affecting our day-to-day lives, but also in those observing them, including face expression recognition systems. Companies that make and use such widely deployed services rely on …

March 11, 2021 by Kaylin Trychon

#ShareTheMicInCyber: Brooke Pearson

Posted by Parisa Tabriz, Head of Chrome Product, Engineering and UX In an effort to showcase the breadth and depth of Black+ contributions to security and privacy fields, we’ve launched a profile series that aims to elevate and celebrate the Black…

March 11, 2021 by Graham Cluley

150,000 security cameras are hacked exposing jails, hospitals, and well-known firms

A hacking group has gained access to the feeds of 150,000 surveillance cameras used inside businesses, schools, police departments, hospitals, and well-known companies.

Read more in my article on the Bitdefender BOX blog.

March 11, 2021 by Graham Cluley

Criminals arrested after trusting encrypted chat app cracked by the police

Police in the Netherlands and Belgium have made hundreds of raids, and arrested at least 80 people, after cracking into an encrypted phone network used by organised criminals.

Read more in my article on the Tripwire State of Security blog.

March 11, 2021 by Paul Ducklin

S3 Ep23: Hafnium happenings, I see you, and Pythonic poison [Podcast]

New episode – listen now! (And find out what HAFNIUM really stands for.)

March 11, 2021 by Graham Cluley

Smashing Security podcast #218: Microsoft, McAfee, and mayhem

Is it the end of the road for John McAfee? Is PornHub more legitimate than Facebook? And do you know as much as you think you do about the Microsoft Exchange Server mega-hack?

All this and much much more is discussed in the latest edition of the “Sm…

March 10, 2021 by Pierluigi Paganini

White hat hackers gained access more than 150,000 surveillance cameras

A group of hackers claimed to have compromised more than 150,000 surveillance cameras at banks, jails, schools, and prominent companies like Tesla and Equinox. A group of US hackers claimed to have gained access to footage from 150,000 security cameras at banks, jails, schools, healthcare clinics, and prominent organizations. The news was first reported by […]

The post White hat hackers gained access more than 150,000 surveillance cameras appeared first on Security Affairs.

March 10, 2021 by Cameron Camp

Online health security – when ‘opt out’ isn’t an option

What happens when you try to opt out of e-health to avoid issues in the event of a breach?
The post Online health security – when ‘opt out’ isn’t an option appeared first on WeLiveSecurity

March 9, 2021 by Elizabeth Montalbano

Apple’s Device Location-Tracking System Could Expose User Identities

Researchers have identified two vulnerabilities in the company’s crowd-sourced Offline Finding technology that could jeopardize its promise of privacy.

March 9, 2021 by Becky Bracken

Dark Web Markets for Stolen Data See Banner Sales

Despite an explosion in the sheer amount of stolen data available on the Dark Web, the value of personal information is holding steady, according to the 2021 Dark Web price index from Privacy Affairs. That leaves these thriving dirty data dealers in a …

March 9, 2021 by Tara Seals

Google Play Harbors Malware-Laced Apps Delivering Spy Trojans

A never-before-seen malware-dropper, Clast82, fetches the AlienBot and MRAT malware in a savvy Google Play campaign aimed at Android users.

March 8, 2021 by Paul Ducklin

Naked Security Live – ICU: How much do your home-working photos give away?

I see you/And what you do – So be aware/Before you share – And if in doubt/Don’t give it out!

March 5, 2021 by Elizabeth Montalbano

Critics Blast Google’s Aim to Replace Browser Cookie with ‘FLoC’

EFF worries that the Google’s ‘privacy-first” vision for the future may pose new privacy risks.

March 4, 2021 by Help Net Security

Credential exposure trends: You need a better password

SpyCloud researchers recovered more than 4.6 billion pieces of personally identifiable information and nearly 1.5 billion stolen account credentials from 854 breach sources in 2020, the company announced in its 2021 Credential Exposure Report. Credenti…

March 4, 2021 by Elizabeth Montalbano

National Surveillance Camera Rollout Roils Privacy Activists

TALON, a network of smart, connected security cameras developed by the Atlanta-based startup and installed by law enforcement around the country, raises surveillance-related privacy concerns.

March 4, 2021 by harrietstone

Using TikTok? Check out these six security tips

Practical advice on how to maximize your security and privacy on TikTok.

March 3, 2021 by Becky Bracken

Malaysia Air Downplays Frequent-Flyer Program Data Breach

A third-party IT provider exposed valuable airline data that experts say could be a goldmine for cybercriminals.

March 3, 2021 by Elizabeth Montalbano

Home-Office Photos: A Ripe Cyberattack Vector

Threat actors can use personal information gleaned from images to craft targeted scams, putting personal and corporate data at risk.

March 3, 2021 by harrietstone

I see you: your home-working photos reveal more than you think!

Beware of sensitive data lurking in the background of your video calls and social pictures.

March 1, 2021 by Help Net Security

Alexa Skills: Security gaps and data protection problems

With the voice commands “Alexa Skills,” users can load numerous extra functions onto their Amazon voice assistant. Amazon screens special voice assistant functions for security. However, scammers can circumvent this check. These Skills can often have s…

March 1, 2021 by Help Net Security

Customers willing to share personal data in exchange for personalized services

There is ample opportunity for financial institutions to harness the power of AI to build more meaningful connections and experiences with customers — vastly improving both retention and acquisition, according to research findings released by NTT DATA….

March 1, 2021 by Kaylin Trychon

#ShareTheMicInCyber: Rob Duhart

Posted by Matt Levine, Director, Risk Management In an effort to showcase the breadth and depth of Black+ contributions to security and privacy fields, we’ve launched a series in support of #ShareTheMicInCyber that aims to elevate and celebrate th…

March 1, 2021 by Amer Owaida

Popular password manager in the spotlight over web trackers

While the trackers in LastPass’ Android app don’t collect any personal data, the news may not sit well with some privacy-minded users
The post Popular password manager in the spotlight over web trackers appeared first on WeLiveSecurity

March 1, 2021 by Paul Ducklin

Naked Security Live – Beware copyright scams

Here’s the latest Naked Security Live talk – watch now!

March 1, 2021 by Graham Cluley

Gizmodo gives poor password advice

On Friday, popular tech news site Gizmodo published an article with the title: “Go Update Your Passwords Right Now”.

The problem is, it’s just not good advice…

March 1, 2021 by Pierluigi Paganini

ByteDance agreed to pay $92M in US privacy Settlement for TikTok data collection

ByteDance, the company behind TikTok, agreed to pay $92 million in a settlement to U.S. users for illegal data collection. ByteDance, the company behind TikTok, agreed to pay $92 million in a settlement to U.S. users. The settlement has yet to be approved by a federal judge. The Chinese firm was accused to have failed […]

The post ByteDance agreed to pay $92M in US privacy Settlement for TikTok data collection appeared first on Security Affairs.

February 28, 2021 by Help Net Security

Data is most at risk on email, with 83% of organizations experiencing email data breaches

95% of IT leaders say that client and company data is at risk on email, an Egress report reveals. Additionally, an overwhelming 83% of organizations have suffered data breaches via this channel in the last 12 months. Human error was at the root of near…

February 26, 2021 by Lindsey O'Donnell

Amazon Dismisses Claims Alexa ‘Skills’ Can Bypass Security Vetting Process

Researchers found a number of privacy and security issues in Amazon’s Alexa skill vetting process, which could lead to attackers stealing data or launching phishing attacks.

February 26, 2021 by Bruce Schneier

The Problem with Treating Data as a Commodity

Excellent Brookings paper: “Why data ownership is the wrong approach to protecting privacy.”

From the introduction:

Treating data like it is property fails to recognize either the value that varieties of personal information serve or the abiding interest that individuals have in their personal information even if they choose to “sell” it. Data is not a commodity. It is information. Any system of information rights — whether patents, copyrights, and other intellectual property, or privacy rights — presents some tension with strong interest in the free flow of information that is reflected by the First Amendment. Our personal information is in demand precisely because it has value to others and to society across a myriad of uses…

February 25, 2021 by Help Net Security

Closing the data divide: How to create harmony among data scientists and privacy advocates

Balancing data privacy within an organization is no easy task, particularly for data scientists who need quick access to data, and security and governance teams whose job it is to protect it. Too many of our customers have told us they are being inunda…

February 25, 2021 by Kaylin Trychon

Celebrating the influence and contributions of Black+ Security & Privacy Googlers

Posted by Royal Hansen, Vice President, SecurityBlack History Month may be coming to a close, but our work to build sustainable equity for Google’s Black+ community, and externally is ongoing. Currently, Black Americans make up less than 12% of informa…

February 25, 2021 by Elias Chachak

Top 5 Reasons to Invest in Penetration Testing Today

The security breaches in cyber-security have been dominating the world for a long time. As cyber-attacks are growing rapidly, the chances of failing in this trap have been increasing. Having the necessary security measures in place still does not indicate that the IT infrastructure is free from risks. To ensure a better working environment and […]

The post Top 5 Reasons to Invest in Penetration Testing Today appeared first on CyberDB.

February 25, 2021 by Paul Ducklin

S3 Ep21: Cryptomining clampdown, the 100-ton man, and ScamClub ads [Podcast]

Latest episode – listen now!

February 24, 2021 by Help Net Security

Five factors driving investment in IDV

For billions of individuals around the world, digital identity became critical in 2020. As a result, the global identity verification market, which was already growing rapidly to support the digitization of a whole host of industries, is now booming. W…

February 24, 2021 by Help Net Security

Users largely unaware of the privacy implications of location tracking

How much personal information can our phone apps gather through location tracking? To answer this question, two researchers – Mirco Musolesi (University of Bologna, Italy) and Benjamin Baron (University College London, UK) – carried out a f…

February 24, 2021 by Lindsey O'Donnell

Mozilla Patches Bugs in Firefox, Now Blocks Cross-Site Cookie Tracking

Mozilla said its Total Cookie Protection feature in Firefox 86 prevents invasive, cross-site cookie tracking.

February 24, 2021 by Zeljka Zorz

CNAME-based tracking increasingly used to bypass browsers’ anti-tracking defenses

As browser-makers move to defang third-party (tracking) cookies, marketers are increasingly switching to alternative tracking techniques. One of these is CNAME cloaking, which not only evades anti-tracking measures on most widely-used browsers but, acc…

February 23, 2021 by Help Net Security

Researchers propose more secure and private mobile contact tracing

For public health officials, contact tracing remains critical to managing the spread of the coronavirus — particularly as it appears that variants of the virus could be more transmissible. The need for widespread contact tracing at the start of t…

February 23, 2021 by Tara Seals

Daycare Webcam Service Exposes 12,000 User Accounts

NurseryCam suspends service across 40 daycare centers until a security fix is in place.

February 23, 2021 by Graham Cluley

NurseryCam suffers data breach after security concerns raised

A CCTV service designed to let parents remotely watch their children playing at nursery has suffered a data breach after it disputed concerns about its security.

February 22, 2021 by Zeljka Zorz

Chief Legal Officers face mounting compliance, privacy and cybersecurity obligations

After earning his master’s degree in computer science and working on the IT side of the business at a number of large financial services organizations, Bobby Balanchdran observed one interesting thing: the legal department in these organizations had be…

February 22, 2021 by Becky Bracken

Assume ClubHouse Conversations Are Being Recorded, Researchers Warn

At nearly a year old, the invitation-only, audio-based social-media platform ClubHouse is grappling with security issues on multiple fronts, but the consensus among researchers is coming into focus: Assume your ClubHouse conversations are being recorde…

February 22, 2021 by Amer Owaida

Brave browser’s Tor mode exposed users’ dark web activity

A bug in the ad blocking component of Brave’s Tor feature caused the browser to leak users’ DNS queries
The post Brave browser’s Tor mode exposed users’ dark web activity appeared first on WeLiveSecurity

February 22, 2021 by Pierluigi Paganini

An attacker was able to siphon audio feeds from multiple Clubhouse rooms

An attacker demonstrated this week that Clubhouse chats are not secure, he was able to siphon audio feeds from “multiple rooms” into its own website While the popularity of the audio chatroom app Clubhouse continues to increase experts are questioning the security and privacy level it offers to its users. Recently the company announced it […]

The post An attacker was able to siphon audio feeds from multiple Clubhouse rooms appeared first on Security Affairs.