Facebook Had Years to Fix the Flaw That Leaked 500M Users’ Data

Facebook Had Years to Fix the Flaw That Leaked 500M Users’ Data

That incident differs from the more recent Facebook controversy, in which attackers were able to "scrape” Facebook by enumerating batches of possible phone numbers from more than 100 countries, submitting them to the contact import tool, and manipulating it to return the names, Facebook IDs, and other data users had posted on their profiles.

Facebook’s CEO Mark Zuckerberg Phone Number Leaked; Uses Signal App

Facebook’s CEO Mark Zuckerberg Phone Number Leaked; Uses Signal App

A security researcher, allegedly with access to leaked data reveals, Mark Zuckerberg uses the Signal app.Users switched to Signal app over privacy concerns with the Whatsapp policy that is stated to come into effect from May 2021.The database of private information and stolen phone numbers of 533M Facebook users was posted to the Hackers forum and is publically accessible.

Google collects 20 times more telemetry from Android devices than Apple from iOS

Google collects 20 times more telemetry from Android devices than Apple from iOS

Leith from Trinity College at the University of Dublin, analyzed traffic originating from iOS and Android devices heading to Apple and Google servers at various stages of a phone’s operation, such as data shared: on first startup following a factory reset;when a SIM is inserted/removed;when a handset lies idle;when the settings screen is viewed;when location is enabled/disabled;when the user logs in to the pre-installed app store.

Thousands of Android and iOS Apps Leak Data From the Cloud

Thousands of Android and iOS Apps Leak Data From the Cloud

Zimperium ran automated analysis on more than 1.3 million Android and iOS apps to detect common cloud misconfigurations that exposed data.

How Apple's locked down security gives extra protection to the best hackers

How Apple's locked down security gives extra protection to the best hackers

But the 1% of top hackers are going to find a way in and, once they’re inside, the impenetrable fortress of the iPhone protects them.”Bill Marczak, Citizen Lab. Despite these difficulties, Stortz says, modern computers are converging on the lockdown philosophy—and he thinks the trade-off is worth it.

Browser ‘Favicons’ Can Be Used as Undeletable ‘Supercookies’ to Track You Online

Browser ‘Favicons’ Can Be Used as Undeletable ‘Supercookies’ to Track You Online

According to a researcher, though, these icons can also be a security vulnerability that could let websites track your movement and bypass VPNs, incognito browsing status, and other traditional methods of cloaking your movement online.

Telegram feature exposes your precise address to hackers

Telegram feature exposes your precise address to hackers

Advertisement A proof-of-concept video the researcher sent to Telegram showed how he could discern the address of a People Nearby user when he used a free GPS spoofing app to make his phone report just three different locations.

The company that processes payments for Amazon and Swiggy has reported a data leak of over 100 million debit and credit cardholders

The company that processes payments for Amazon and Swiggy has reported a data leak of over 100 million debit and credit cardholders

In what could be a major data breach, information of over 100 million debit and credit card users from payments processor Juspay has leaked on the dark web.

Where next for ethical data and data privacy? (Includes interview)

Where next for ethical data and data privacy? (Includes interview)

Kingston begins his analysis by focusing on the importance of data privacy and its continuing trajectory, noting: “Driven by the number of data breaches and the continued systematic misuse of personal data from large corporations, consumer data privacy and its control will be a major focus in 2021.

Menstruation apps store excessive information, privacy charity says

Menstruation apps store excessive information, privacy charity says

Eva Blum-Dumontet, a senior researcher at Privacy International, who used five apps and then asked what information was held about her using a data subject access request, said reading the findings was “chilling” and “it makes us realise just how much data those apps actually collect, store and sometimes share with others.”.

Google told its scientists to 'strike a positive tone' in AI research - documents

Google told its scientists to 'strike a positive tone' in AI research - documents

A senior Google manager reviewing a study on content recommendation technology shortly before publication this summer told authors to “take great care to strike a positive tone,” according to internal correspondence read to Reuters.

Alibaba facial recognition tech specifically picks out Uighur minority: Report

Alibaba facial recognition tech specifically picks out Uighur minority: Report

Advertisement Advertisement An archived record of the technology shows it can perform such tasks as "glasses inspection", "smile detection", whether the subject is "ethnic" and, specifically, "Is it Uighur".Consequently, if a Uighur livestreams a video on a website signed up to Cloud Shield, the software can detect that the user is Uighur and flag the video for review or removal, IPVM researcher Charles Rollet told Reuters.

IPhone zero-click Wi-Fi exploit is one of the most breathtaking hacks ever

IPhone zero-click Wi-Fi exploit is one of the most breathtaking hacks ever

Earlier this year, Apple patched one of the most breathtaking iPhone vulnerabilities ever: a memory corruption bug in the iOS kernel that gave attackers remote access to the entire device—over Wi-Fi, with no user interaction required at all.

Exclusive: WhiteHat Jr Bug Had Exposed Personal Data of 2.8 Lakh Students

Exclusive: WhiteHat Jr Bug Had Exposed Personal Data of 2.8 Lakh Students

The security researcher who discovered the vulnerability and made multiple responsible disclosures to the company between 6 October and 20 November wished not to be named.He has confirmed to The Quint that access to the company’s AWS servers have now been restricted by the company as of 21 November.

Exam surveillance software sparks global student revolt

Exam surveillance software sparks global student revolt

Khan began to suspect that it was his dark skin tone that rattled Examplify, a test proctoring platform adopted by New York state's law exams board during the COVID-19 pandemic.

Brave browser first to nix CNAME deception, the sneaky DNS trick used by marketers to duck privacy controls

Brave browser first to nix CNAME deception, the sneaky DNS trick used by marketers to duck privacy controls

Many of the online privacy abuses over the years have come from third-party resources like scripts and cookies, which is why third-party cookies are now blocked by default in Brave, Firefox, Safari, and Tor Browser.

Smartphone Data Can Predict Depression and Anxiety

Smartphone Data Can Predict Depression and Anxiety

For the study, the researchers analyzed passively-collected cell phone data on social activity, screen time, location, physical exercise, and sleep patterns from volunteer participants.The researchers then matched the phone data against the fMRI results to predict higher or lower connectivity between the ventromedial prefrontal cortex and the amygdala.

Google’s new web standard could disable your ad-blocker

Google’s new web standard could disable your ad-blocker

According to Snyder, Web Bundles would allow malicious actors to evade privacy and security measures via a number of different avenues, including concealing dangerous URLs within the .wbn file and randomizing URLs for unwanted resources.

Almost 235 Million YouTube, TikTok and Instagram Profiles Exposed Online by Unsecured Database

Almost 235 Million YouTube, TikTok and Instagram Profiles Exposed Online by Unsecured Database

Many users keep their profiles open, allowing companies such as Deep Social to collect that data and compile it further.While the database belonged to Social Data, the evidence point toward Deep Social, another company used to scrape data from online sources and has since dissolved.

Instagram kept deleted photos and messages on its servers for more than a year

Instagram kept deleted photos and messages on its servers for more than a year

But when security researcher Saugat Pokharel requested a copy of photos and direct messages from the photo-sharing app, he was sent data he’d deleted more than a year ago, showing that the information had never been entirely removed from Instagram’s servers.

New records show Google, Microsoft, and Amazon have thousands of previously unreported military and law enforcement contracts

New records show Google, Microsoft, and Amazon have thousands of previously unreported military and law enforcement contracts

New research shows that Silicon Valley companies have thousands of previously-unreported subcontracts with the US military and federal law enforcement including ICE and the FBI.The subcontracts were surfaced through open records requests filed by Jack Paulson, a former Google researcher who previously joined coworkers to pressure the company not to work with the Pentagon.

Using this WhatsApp feature will land your phone number in Google search results

Using this WhatsApp feature will land your phone number in Google search results

Users of WhatsApp’s Click to Chat feature could see their personal phone numbers exposed via public Google search results, according to a new discovery made by a security researcher.

Privacy News Online | Weekly Review: May 29th, 2020

Privacy News Online | Weekly Review: May 29th, 2020

OpenSAFELY is a secure analytics platform that allows health information for COVID-19 analysis that allows the health information of millions of patients be shared without violating their privacy.Google Chrome version 83 includes new privacy and security updates as well as features delayed from version 82.

Hacker buys old Tesla parts on eBay, finds them full of user data

Hacker buys old Tesla parts on eBay, finds them full of user data

The moral of these stories is that it’s up to individuals to perform factory resets when selling a car, returning a rental vehicle, or having an infotainment system serviced.

Xiaomi Devices Found Tracking And Recording Browsing Data Of Millions

Xiaomi Devices Found Tracking And Recording Browsing Data Of Millions

Xiaomi has been tracking and recording an insane amount of private data, from user’s phone habits to queries in the Xiaomi’s default browsers.When the information tracked in browsers is compiled with phone’s “metadata” collected by Xiaomi, Cirlig says the company can easily identify a single person.

Exclusive: Warning Over Chinese Mobile Giant Xiaomi Recording Millions Of People’s ‘Private’ Web And Phone Use

Exclusive: Warning Over Chinese Mobile Giant Xiaomi Recording Millions Of People’s ‘Private’ Web And Phone Use

When Forbes provided Xiaomi with a video made by Cirlig showing how his Google search for “porn” and a visit to the site PornHub were sent to remote servers, even when in incognito mode, the company spokesperson continued to deny that the information was being recorded.

Snowden Warns Governments Are Using Coronavirus to Build 'the Architecture of Oppression'

Snowden Warns Governments Are Using Coronavirus to Build 'the Architecture of Oppression'

“Every academic, every researcher who's looked at this knew this was coming,” says famed whistleblower Edward Snowden in an exclusive interview with VICE co-founder Shane Smith.

Facebook asks users about coronavirus symptoms, releases friendship data to researchers

Facebook asks users about coronavirus symptoms, releases friendship data to researchers

SAN FRANCISCO (Reuters) - Facebook Inc said on Monday it would start surveying some U.S. users about their health as part of a Carnegie Mellon University research project aimed at generating “heat maps” of self-reported coronavirus infections.

Warning: Zoom Sends Encryption Keys To China (Sometimes)

Warning: Zoom Sends Encryption Keys To China (Sometimes)

When Citizen Lab looked at where their U.S.- and Canada-based Zoom conversations were being routed, the researchers discovered encryption keys were sometimes sent to Beijing, though would be handled by servers in other countries, too.

Revealed: Saudis suspected of phone spying campaign in US

Revealed: Saudis suspected of phone spying campaign in US

Saudi Arabia appears to be exploiting weaknesses in the global mobile telecoms network to track its citizens as they travel around the US, according to a whistleblower who has shown the Guardian millions of alleged secret tracking requests.