Developers accuse Apple of anti-competitive behavior with its privacy changes in iOS 13

Developers accuse Apple of anti-competitive behavior with its privacy changes in iOS 13

In a report by The Information, the developers were said to have accused Apple of anti-competitive behavior when it comes to how apps can access user location data.

Microchipping your employees will always be dehumanizing — and pointless

Microchipping your employees will always be dehumanizing — and pointless

But it’s absurd to think that the “human-embedded option,” which is basically a code (private key) embedded in an RFID chip, the same one you use to access your gym, is the wave of the future.

We talked to the professor who fought Cambridge Analytica to get his data back in Netflix's 'The Great Hack' about why privacy rights in the US are lagging behind the rest of the world

We talked to the professor who fought Cambridge Analytica to get his data back in Netflix's 'The Great Hack' about why privacy rights in the US are lagging behind the rest of the world

It's been well over a year since it was revealed that Cambridge Analytica improperly accessed the data of 87 million Facebook users to target advertising for President Donald Trump's 2016 campaign.

BioStar 2 Leak Exposes 23GB Data, 1M Fingerprints

BioStar 2 Leak Exposes 23GB Data, 1M Fingerprints

Thousands of organizations, including banks, governments, and the UK Metropolitan Police, use the biometric security tool to authenticate users. Researchers with VPNMentor have discovered a massive leak in biometric security platform BioStar 2, which uses facial recognition and fingerprint scanning as part of its means to identify users.

Why DuckDuckGo isn’t as bad as some people make it seem.

Why DuckDuckGo isn’t as bad as some people make it seem.

According to DuckDuckGo’s privacy policy: DuckDuckGo does not collect or share personal information. So they use the tracking pixel data to improve their product. TL;DR: They collect anonymous data to measure engagement of specific events, to make it a more user friendly experience for everybody.

Major breach found in biometrics system used by banks, UK police and defence firms

Major breach found in biometrics system used by banks, UK police and defence firms

The fingerprints of over 1 million people, as well as facial recognition information, unencrypted usernames and passwords, and personal information of employees, was discovered on a publicly accessible database for a company used by the likes of the UK Metropolitan police, defence contractors and banks.

ACCC targets Google and Facebook with five investigations underway

ACCC targets Google and Facebook with five investigations underway

Australian Competition and Consumer Commission (ACCC) chair Rod Sims has used his speech at the Melbourne Press Club to reignite discussions on the market dominance of digital platforms such as Facebook and Google, and at what cost that comes to a consumer's privacy.

State-sponsored cyber spies targeting IoT - a warning from Microsoft

State-sponsored cyber spies targeting IoT - a warning from Microsoft

Back in April, Microsoft security researchers observed the infamous Russian-backed hacking group STRONTIUM (also known as Fancy Bear or APT28) compromising popular IoT devices (a VOIP phone, an office printer, and a video decoder) across multiple customer locations.

Hundreds of exposed Amazon cloud backups found leaking sensitive data

Hundreds of exposed Amazon cloud backups found leaking sensitive data

He said that all too often cloud admins don’t choose the correct configuration settings, leaving EBS snapshots inadvertently public and unencrypted. Morris found dozens of snapshots exposed publicly in one region alone, he said, including application keys, critical user or administrative credentials, source code and more.

Skype, Slack, other Electron-based apps can be easily backdoored

Skype, Slack, other Electron-based apps can be easily backdoored

The problem lies in the fact that Electron ASAR files themselves are not encrypted or signed, allowing them to be modified without changing the signature of the affected applications.

I’m a security expert and this is how robocall-blocking apps violate your privacy

I’m a security expert and this is how robocall-blocking apps violate your privacy

Spam-blocking apps have been touted as a way to protect consumers. Apple requires that each privacy policy must have a clause that provides a way for a user to “revoke consent and/or request deletion” of a user’s data.

'We’re closer to the knife’s edge': Confrontation looming on encryption 'backdoors' as Goodale looks for balance

'We’re closer to the knife’s edge': Confrontation looming on encryption 'backdoors' as Goodale looks for balance

Public Safety Minister Ralph Goodale says Canada has to find a balance between internet privacy and the needs of law enforcement in the midst of a long-simmering dispute among Five Eyes countries and tech companies about encryption “backdoors.”.

Apple plans to restrict how messaging apps access background iOS data

Apple plans to restrict how messaging apps access background iOS data

Apple plans to restrict how apps implement internet voice call functionality, which currently could allow mobile software to collect data while running in the background, according to a new report from The Information.

Monzo urges 480,000 customers to change their pin numbers

Monzo urges 480,000 customers to change their pin numbers

The digital bank Monzo has urged nearly 480,000 customers to change their pins after it left banking information exposed to unauthorised staff for six months.

Think your metadata is only visible to national security agencies? Think again

Think your metadata is only visible to national security agencies? Think again

But there is no information regarding the use of metadata by government bodies that are not officially enforcement agencies within the meaning of the data retention laws.

Private Internet Access users can now resolve internet names with the Handshake Naming System (HNS)

Private Internet Access users can now resolve internet names with the Handshake Naming System (HNS)

Starting since version 1.30 , the Mac, Linux, and Windows Private Internet Access (PIA) desktop clients have come with the ability to change the selected Name Server from PIA’s Domain Name System (DNS) servers to using one of PIA’s Handshake Name System (HNS) servers.

Clothing marketplace Poshmark confirms data breach

Clothing marketplace Poshmark confirms data breach

The company said in a brief blog post that user profile information, including names and usernames, gender and city data was taken by an “unauthorized third party.” Email addresses, size preferences and scrambled passwords were also taken.

Cops Are Giving Amazon's Ring Your Real-Time 911 Caller Data

Cops Are Giving Amazon's Ring Your Real-Time 911 Caller Data

According to some internal documents, police CAD data is received by Ring’s “Neighbors News team” and is then reformatted before being posted on Neighbors in the form of an “alert” to users in the vicinity of the alleged incident.

UK, US, Australia, Canada and New Zealand meet to discuss the “ghost protocol” aka built in encryption backdoors

UK, US, Australia, Canada and New Zealand meet to discuss the “ghost protocol” aka built in encryption backdoors

Representatives from the UK, US, Australia, Canada, and New Zealand recently finished a two day meeting in London where the countries renewed their commitment to seeking encryption backdoors from technology companies around the world. Private Internet Access continues to protest against government encroachment on tech companies and will never built in any encryption backdoors or ghost protocols.

Facebook's Ex-Security Chief Details His 'Observatory' for Internet Abuse

Facebook's Ex-Security Chief Details His 'Observatory' for Internet Abuse

It aspires to be a central outlet for the study of all manner of internet abuse, assembling for visiting researchers the necessary machine learning tools, big data analysts, and perhaps most importantly, access to major tech platforms' user data—a key to the project that may hinge on which tech firms cooperate, and to what degree.

Netflix Android App Requests Access to Physical Activity. But Why?

Netflix Android App Requests Access to Physical Activity. But Why?

Users recently reported that they noticed that the Netflix Android application requested access to physical activity data. The permission that requests access to the device’s physical activity sensors includes motion detection and movement information, generated by sensors on Android devices.

'Five Eyes' security alliance calls for access to encrypted material

'Five Eyes' security alliance calls for access to encrypted material

“The Five Eyes are united that tech firms should not develop their systems and services, including end-to-end encryption, in ways that empower criminals or put vulnerable people at risk,” said British Home Secretary Priti Patel.

British spies want 'backdoor' access to encrypted Facebook and WhatsApp messages

British spies want 'backdoor' access to encrypted Facebook and WhatsApp messages

New Home Secretary Priti Patel, pictured last week in London, is having discussions with Britain's Five Eyes intelligence allies about combating cyber threats and having better access to encrypted messages.

Commentary: LinkedIn Learning policy violates library patrons' privacy

Commentary: LinkedIn Learning policy violates library patrons' privacy

Under the new LinkedIn Learning policy, library users would be required to create a personal, publicly searchable, profile and agree to LinkedIn’s user agreement and privacy policy before being able to use LinkedIn Learning.

Cybersecurity Lessons from Working with the Ecuadorian Government

Cybersecurity Lessons from Working with the Ecuadorian Government

But I wanted to share an earlier experience of working with the Ecuadorian government to ensure the cyber and data security of my home nation. We restructured the security backbone of all Registration Institutions and National Public Data Recording Address (DINARDAP Spanish acronym), by implementing endpoint, perimetral, database security amongst others.

Tide Foundation

Tide Foundation

Decentralized blockchains with specific protocols such like Tide help organizations to encrypt their sensitive data and provide a strict framework for accessing it, protecting against security breaches and helping meet privacy regulation.

An exposed password let a hacker access internal Comodo files

An exposed password let a hacker access internal Comodo files

A hacker gained access to internal files and documents owned by security company and SSL certificate issuer Comodo by using an email address and password mistakenly exposed on the internet.

The Great Hack: How a subject access request exposed Cambridge Analytica

The Great Hack: How a subject access request exposed Cambridge Analytica

But how did a lone subject access request , one of the eight rights under the General Data Protection Regulation (GDPR), expose Cambridge Analytica?

Don’t Put Your Work Email on Your Personal Phone

Don’t Put Your Work Email on Your Personal Phone

When you add a work email address to your phone, you’ll likely be asked to install something called a Mobile Device Management (MDM) profile. MDM profiles, paired with device management tools, allow companies to track employee phones in a single dashboard.

Is someone watching me? — Webcam Security

Is someone watching me? — Webcam Security

People worldwide are encountering cyberattacks like getting their computers infected by malware and letting others access their webcams or microphones. With a malicious code a hacker can easily control your computer and perform many different actions like access your webcam.

More