The ones who brought you Let's Encrypt, bring you: Tools for gathering anonymized app usage metrics from netizens

The ones who brought you Let's Encrypt, bring you: Tools for gathering anonymized app usage metrics from netizens

The Internet Security Research Group (ISRG) has a plan to allow companies to collect information about how people are using their products while protecting the privacy of those generating the data.

Exclusive: WhiteHat Jr Bug Had Exposed Personal Data of 2.8 Lakh Students

Exclusive: WhiteHat Jr Bug Had Exposed Personal Data of 2.8 Lakh Students

The security researcher who discovered the vulnerability and made multiple responsible disclosures to the company between 6 October and 20 November wished not to be named.He has confirmed to The Quint that access to the company’s AWS servers have now been restricted by the company as of 21 November.

'Smart' doorbells for sale on Amazon, eBay came stocked with security vulnerabilities

'Smart' doorbells for sale on Amazon, eBay came stocked with security vulnerabilities

In this case, researchers bought another device from Amazon and eBay that was vulnerable to KRACK, a three-year-old bug that attackers could use to eavesdrop on wireless networks.

How Development Teams Buy SaaS

How Development Teams Buy SaaS

In the future, every company will become a software company.” Additionally, you often hear expressions like, “In the application economy, software developers reign supreme.” And yet, there is a persistent stereotype that executive management holds all of the power in how organizations evaluate and purchase technology.

Exam surveillance software sparks global student revolt

Exam surveillance software sparks global student revolt

Khan began to suspect that it was his dark skin tone that rattled Examplify, a test proctoring platform adopted by New York state's law exams board during the COVID-19 pandemic.

Brave browser first to nix CNAME deception, the sneaky DNS trick used by marketers to duck privacy controls

Brave browser first to nix CNAME deception, the sneaky DNS trick used by marketers to duck privacy controls

Many of the online privacy abuses over the years have come from third-party resources like scripts and cookies, which is why third-party cookies are now blocked by default in Brave, Firefox, Safari, and Tor Browser.

Quest 2 has allegedly been jailbroken, bypassing Facebook login requirement

Quest 2 has allegedly been jailbroken, bypassing Facebook login requirement

While root access is generally thought of as a way to flash ROMs or modify the operating system in the Android smartphone world, root access on a Quest 2 means folks would be able to bypass the requirement to log into a Facebook account before being able to use their Oculus Quest 2.

3 Questions: The price of privacy in ride-sharing app performance

3 Questions: The price of privacy in ride-sharing app performance

The study compares different methods for masking data and different levels of location data anonymization, and provides useful insights into the trade-off between user privacy and the performance of mobility-sharing applications.

Cianan Brennan: How data becomes money - the price we pay for keeping web content free

Cianan Brennan: How data becomes money - the price we pay for keeping web content free

In auctioning off advertising space on their apps and websites, publishers likewise share personal data via permissions — phone numbers, device IDs, browsing history — with Google and hundreds of other companies like it.

A self-erasing chip for security and anti-counterfeit tech

A self-erasing chip for security and anti-counterfeit tech

Che-Hsuan Cheng, a doctoral student in material science and engineering in Deotare’s group and the first author on the study in Advanced Optical Materials, is most interested in its application as self-erasing invisible ink for sending secret messages.

Smartphone Data Can Predict Depression and Anxiety

Smartphone Data Can Predict Depression and Anxiety

For the study, the researchers analyzed passively-collected cell phone data on social activity, screen time, location, physical exercise, and sleep patterns from volunteer participants.The researchers then matched the phone data against the fMRI results to predict higher or lower connectivity between the ventromedial prefrontal cortex and the amygdala.

Report: 97% of Cybersecurity Companies Have Leaked Data on the Dark Web

Report: 97% of Cybersecurity Companies Have Leaked Data on the Dark Web

97% of companies have data leaks and other security incidents exposed on the Dark Web. 631,512 verified security incidents were found with over 25% (or 160,529) of those classed as a high or critical risk level+ containing highly sensitive information such as plaintext credentials or PII, including financial or similar data.

Cyber Deception Reduces Data Breach Costs by Over 51% and SOC Inefficiencies by 32%

Cyber Deception Reduces Data Breach Costs by Over 51% and SOC Inefficiencies by 32%

FREMONT, Calif.--(BUSINESS WIRE)--Attivo Networks®, an award-winning leader in cyber deception and attacker lateral movement threat detection, today announced the results of a new research report conducted with Kevin Fiscus of Deceptive Defense, Inc., “Cyber Deception Reduces Breach Costs & Increases SOC Efficiency.” The paper identifies the direct and measurable financial and productivity benefits of deception technology for organizations of all types and sizes.

QakBot Banking Trojan Returned With New Sneaky Tricks to Steal Your Money

QakBot Banking Trojan Returned With New Sneaky Tricks to Steal Your Money

In an analysis released by Check Point Research today, the latest wave of Qbot activity appears to have dovetailed with the return of Emotet — another email-based malware behind several botnet-driven spam campaigns and ransomware attacks — last month, with the new sample capable of covertly gathering all email threads from a victim's Outlook client and using them for later malspam campaigns.

Mozilla study reaffirms that internet history can be used for “reidentification”

Mozilla study reaffirms that internet history can be used for “reidentification”

Using data from 52,000 consenting Firefox users, the researchers were able to identify 48,919 distinct browsing profiles which had 99% uniqueness.This type of “history based profiling” is undoubtedly being used to build ad profiles on internet users around the world.

Google’s new web standard could disable your ad-blocker

Google’s new web standard could disable your ad-blocker

According to Snyder, Web Bundles would allow malicious actors to evade privacy and security measures via a number of different avenues, including concealing dangerous URLs within the .wbn file and randomizing URLs for unwanted resources.

Web browsing histories are private personal data - now what

Web browsing histories are private personal data - now what

In 2009-2011 we did some research work motivated with a positive aim of educating web users about certain risks of browsing history leaks.The authors replicated also the theoretical potential for third-party resource providers (i.e. trackers) to reidentify users based on web browsing history fingerprints.

Almost 235 Million YouTube, TikTok and Instagram Profiles Exposed Online by Unsecured Database

Almost 235 Million YouTube, TikTok and Instagram Profiles Exposed Online by Unsecured Database

Many users keep their profiles open, allowing companies such as Deep Social to collect that data and compile it further.While the database belonged to Social Data, the evidence point toward Deep Social, another company used to scrape data from online sources and has since dissolved.

Instagram kept deleted photos and messages on its servers for more than a year

Instagram kept deleted photos and messages on its servers for more than a year

But when security researcher Saugat Pokharel requested a copy of photos and direct messages from the photo-sharing app, he was sent data he’d deleted more than a year ago, showing that the information had never been entirely removed from Instagram’s servers.

Contact tracing: why some people are giving false contact details to bars and restaurants

Contact tracing: why some people are giving false contact details to bars and restaurants

While many bars, pubs and restaurants didn’t have to worry too much about data scandals before, reports of staff using people’s personal details to try and hook up with customers is potentially highly damaging – not just for those businesses, but for the whole hospitality sector.

Achilles: Small chip, big peril.

Achilles: Small chip, big peril.

In this research dubbed “ Achilles ” we performed an extensive security review of a DSP chip from one of the leading manufacturers: Qualcomm Technologies.Check Point Research decided not to publish the full technical details of these vulnerabilities until mobile vendors have a comprehensive solution to mitigate the possible risks described.

No, going Incognito doesn’t hide your web activity from your boss or school

No, going Incognito doesn’t hide your web activity from your boss or school

Although some browsers, including Safari and Firefox, offer some additional protection against web trackers, private browsing mode does not guarantee that your web activities cannot be linked back to you or your device.

Inside America’s Secretive $2 Billion Research Hub Collecting Fingerprints From Facebook, Hacking Smartwatches And Fighting Covid-19

Inside America’s Secretive $2 Billion Research Hub Collecting Fingerprints From Facebook, Hacking Smartwatches And Fighting Covid-19

Among the government’s wilder Mitre orders: a prototype tool that can hack into smartwatches, fitness trackers and home thermometers for the purposes of homeland security; software to collect human fingerprints from social media websites like Facebook, Instagram and Twitter for the FBI; support in building what the FBI calls the biggest database of human anatomy and criminal history in the world; and a study to determine whether someone’s body odor can show they’re lying.

The value of Tor and anonymous contributions to Wikipedia

The value of Tor and anonymous contributions to Wikipedia

This research tells a different story: that people use Tor to make meaningful contributions to Wikipedia, and Tor may allow some users to add their voice to conversations in which they may not otherwise be safely able to participate.

New records show Google, Microsoft, and Amazon have thousands of previously unreported military and law enforcement contracts

New records show Google, Microsoft, and Amazon have thousands of previously unreported military and law enforcement contracts

New research shows that Silicon Valley companies have thousands of previously-unreported subcontracts with the US military and federal law enforcement including ICE and the FBI.The subcontracts were surfaced through open records requests filed by Jack Paulson, a former Google researcher who previously joined coworkers to pressure the company not to work with the Pentagon.

This tech makes your online photograph difficult for Facial Recognition Software to recognize

This tech makes your online photograph difficult for Facial Recognition Software to recognize

Researchers develop a new technique that will keep your online photos safe from facial recognition algorithms.The research, which has been ongoing for more than six months, is targeted at countering the facial-recognition algorithms of big tech firms such as Facebook and Google.

Using this WhatsApp feature will land your phone number in Google search results

Using this WhatsApp feature will land your phone number in Google search results

Users of WhatsApp’s Click to Chat feature could see their personal phone numbers exposed via public Google search results, according to a new discovery made by a security researcher.

Privacy News Online | Weekly Review: May 29th, 2020

Privacy News Online | Weekly Review: May 29th, 2020

OpenSAFELY is a secure analytics platform that allows health information for COVID-19 analysis that allows the health information of millions of patients be shared without violating their privacy.Google Chrome version 83 includes new privacy and security updates as well as features delayed from version 82.

OpenSAFELY: more proof that tackling the coronavirus pandemic does not require privacy to be compromised

OpenSAFELY: more proof that tackling the coronavirus pandemic does not require privacy to be compromised

For example, Vint Cerf, widely recognized as one of the creators of the Internet, has recently written an article for the Indian site Medianama entitled “Internet Lessons from COVID19“, in which he warns: Variations of the European Union’s General Data Protection Regulation (GDPR) are propagating around the world with good intent although implementation has shown some unintended consequences, not least of which may be the ability to share health information that would assist in finding a vaccine against SARS-COV-2.

Do we really need employee monitoring?

Do we really need employee monitoring?

Employee monitoring software can be useful, but it can also very easily be a crutch that poisons our working relationships, leading to lower productivity and worse health for businesses and people.