Private Internet Access Android App is ioXt-Certified

Private Internet Access Android App is ioXt-Certified

As part of our efforts to increase the level of security and transparency in our apps and service, Private Internet Access partnered with the ioXt Alliance to test and certify our Android mobile VPN application.

Strategic autonomy in danger: European Tech companies warn of lowering data protection levels in the EU.

Strategic autonomy in danger: European Tech companies warn of lowering data protection levels in the EU.

In the course of the initiative "Fighting child sexual abuse: detection, removal, and reporting of illegal content", the European Union plans to abolish the digital privacy of correspondence.

Over 100 million IoT devices and servers are vulnerable because of 20-year-old TCP/IP stacks

Over 100 million IoT devices and servers are vulnerable because of 20-year-old TCP/IP stacks

In context: Security researchers at Forescout and JSOF have uncovered a set of nine vulnerabilities within four commonly used TCP/IP stacks.However, Forescout created an open-source script to help administrators track down vulnerable IoT devices and servers on the network.

Clubhouse Replied: No Hack Involved, Personal Data is Publicly Available

Clubhouse Replied: No Hack Involved, Personal Data is Publicly Available

While the risks are still valid and not fixed, the personal data of 1.3 million Clubhouse users has been posted online on a popular hacker forum, according to a Saturday report from Cyber News.

The FBI might have gone ahead and fixed your Microsoft email server

The FBI might have gone ahead and fixed your Microsoft email server

The FBI has begun quietly accessing hundreds of American computers hacked through Microsoft’s Exchange email program, removing malicious code that the hackers left behind.

The FBI is remotely hacking hundreds of computers to protect them from Hafnium

The FBI is remotely hacking hundreds of computers to protect them from Hafnium

The hack, which affected tens of thousands of Microsoft Exchange Server customers around the world and triggered a “whole of government response” from the White House, reportedly left a number of backdoors that could let any number of hackers right into those systems again.

ParkMobile Breach Exposes License Plate Data, Mobile Numbers of 21M Users

ParkMobile Breach Exposes License Plate Data, Mobile Numbers of 21M Users

Asked for clarification on what the attackers did access, ParkMobile confirmed it included basic account information – license plate numbers, and if provided, email addresses and/or phone numbers, and vehicle nickname.

Secure Comms: Cracking the Encrypted Messages of Balkan Crime Gangs

Secure Comms: Cracking the Encrypted Messages of Balkan Crime Gangs

Law enforcement authorities in the United States and Europe, however, say it was created with the sole purpose of facilitating drug trafficking and had become the messaging app of choice for transnational crime organisations.

Facebook Says It’s Your Fault That Hackers Got Half a Billion User Phone Numbers

Facebook Says It’s Your Fault That Hackers Got Half a Billion User Phone Numbers

A blog post titled “The Facts on News Reports About Facebook Data,” published Tuesday evening, is designed to silence the growing criticism the company is facing for failing to protect the phone numbers and other personal information of 533 million users after a database containing that information was shared for free in low level hacking forums over the weekend, as first reported by Business Insider.

How a 30-year-old technology – WiFi – will turn into our next big privacy problem

How a 30-year-old technology – WiFi – will turn into our next big privacy problem

Even if viable approaches could be developed, which is by no means clear, it’s easy to imagine that the default state for WiFi stations supporting the new 802.11bf will be for the privacy algorithms to be turned off.

Leaked phone number of Mark Zuckerberg reveals he is on Signal

Leaked phone number of Mark Zuckerberg reveals he is on Signal

A security researcher revealed that Zuckerberg uses Signal by posting his leaked phone number which confirmed the Facebook CEO uses Signal app, "In another turn of events, Mark Zuckerberg also respects his own privacy, by using a chat app that has end-to-end encryption and isn't owned by @facebook.

Encryption Has Never Been More Essential—or Threatened

Encryption Has Never Been More Essential—or Threatened

Five years ago today, WhatsApp completed our roll out of end-to-end encryption, which provides people all over the world with the ability to communicate privately and securely.

Hackers Are Stealing Sex Vids From Home Security Systems and Selling Them

Hackers Are Stealing Sex Vids From Home Security Systems and Selling Them

Hackers in China are tapping into unsuspecting victims’ home security cameras, recording them having sex, and selling the videos online.READ MORE: Hackers are stealing videos from private security cameras and selling them as home video tapes [South China Morning Post].

533M Facebook users' data leaked

533M Facebook users' data leaked

The database has been online since last June .Alon Gal, co-founder of Israeli cybercrime intelligence firm Hudson Rock, said on Saturday the database appears to be the same set of Facebook-linked telephone numbers that have been circulating in hacker circles since January and whose existence was first reported by tech publication Motherboard.“If you have a Facebook account, it is extremely likely the phone number used for the account was leaked,” Gal tweeted.

The Consumer Authentication Strength Maturity Model (CASMM) v5

The Consumer Authentication Strength Maturity Model (CASMM) v5

If you know anything about internet security then you likely spend a lot of your time helping people improve their password hygiene.Visual maturity models can sometimes help people with their desire to improve.

Google to restrict Android apps from viewing other apps installed on the same device

Google to restrict Android apps from viewing other apps installed on the same device

After that date, Android app developers won’t be able to upload new apps on the Play Store that target Android 11 (API level 30) or later and which use the “ QUERY_ALL_PACKAGES ” function.

Wi-Fi devices set to become object sensors by 2024 under planned 802.11bf standard

Wi-Fi devices set to become object sensors by 2024 under planned 802.11bf standard

SENS is envisioned as a way for devices capable of sending and receiving wireless data to use Wi-Fi signal interference differences to measure the range, velocity, direction, motion, presence, and proximity of people and objects.

Whistleblower: Ubiquiti Breach “Catastrophic” — Krebs on Security

Whistleblower: Ubiquiti Breach “Catastrophic” — Krebs on Security

[NYSE:UI] — a major vendor of cloud-enabled Internet of Things (IoT) devices such as routers, network video recorders and security cameras — disclosed that a breach involving a third-party cloud provider had exposed customer account credentials.

Ex-policeman says Synesis did help to identify Belarus protesters

Ex-policeman says Synesis did help to identify Belarus protesters

The Synesis-made Kipod software was used by law enforcement agencies to identify participants of peaceful protests in Belarusian cities, according to a former employee with the Organized Crime and Corruption Task Force (GUBOPIK) Stanislau Lupanosau .

Best Practices for preventing IoT Security Camera Hacks

Best Practices for preventing IoT Security Camera Hacks

Botnets can include PCs with viruses or IoT (internet of things) devices like smart thermostats or security cameras that have malware or have such easy access to their administration accounts, that they can be collectively controlled by remote code execution.

New 5G protocol vulnerabilities allow location tracking

New 5G protocol vulnerabilities allow location tracking

Security researchers have identified new vulnerabilities in the 5G protocol that could be abused to crash network segments and extract user data, such as location information.

Slouching towards dystopia: the rise of surveillance capitalism and the death of privacy

Slouching towards dystopia: the rise of surveillance capitalism and the death of privacy

It’s more a story about human nature, about how capitalism has mutated to exploit digital technology, about the liberal democratic state and the social contract, and about governments that have been asleep at the wheel for several decades.

Privacy Talks: Interview with Micah Lee from The Intercept

Privacy Talks: Interview with Micah Lee from The Intercept

Timestamp Links & Questions: [0:50] – Could you tell us a little bit about what you do in your position as Director of Information Security at First Look Media, the organization behind The Intercept?

Thousands of taxpayers' personal details potentially exposed online through councils' debt-chasing texts

Thousands of taxpayers' personal details potentially exposed online through councils' debt-chasing texts

Text messages sent by Telsolutions Ltd on behalf of a dozen local authorities contained shortlinks to webpages urging council tax defaulters to pay up – and in a dozen cases seen by The Register there was little or no authentication protecting personal data from prying eyes.

Chinese hackers targeted Uyghurs living in US, Facebook security team finds

Chinese hackers targeted Uyghurs living in US, Facebook security team finds

"They targeted activists, journalists and dissidents among Uyghurs and other Muslim minorities from Xinjiang in China primarily living abroad in Turkey, Kazakhstan, the United States and other countries," Facebook said in a post Wednesday detailing its findings about the cyber espionage campaign.

Hobby Lobby Exposes Customer Data in Cloud Misconfiguration

Hobby Lobby Exposes Customer Data in Cloud Misconfiguration

Arts-and-crafts retailer Hobby Lobby has suffered a cloud-bucket misconfiguration, exposing a raft of customer information, according to a report.“The Hobby Lobby incident is the latest example of why we need to take public cloud threat vectors so seriously,” said Douglas Murray, CEO at Valtix, told Threatpost.

Backblaze Appoints Chief Information Security Officer

Backblaze Appoints Chief Information Security Officer

Backblaze provides businesses and consumers with cloud services to store and use their data in an easy and affordable manner, serving as a foundation for developers, IT professionals, and individuals to back up & archive data, host content, manage media, build their applications, and more.

China cracks down on use of Tesla vehicles, citing privacy concerns

China cracks down on use of Tesla vehicles, citing privacy concerns

China is prohibiting its military and government personnel from using Tesla vehicles, citing a potential security risk posed by the electric automaker’s data collection, The Wall Street Journal reports.

DuckDuckGo Privacy Essentials vulnerabilities: Insecure communication and Universal XSS

DuckDuckGo Privacy Essentials vulnerabilities: Insecure communication and Universal XSS

This doesn’t stop extensions from trying of course, simply because this API is so convenient compared to secure extension APIs. In case of DuckDuckGo Privacy Essentials, the content script.While this communication is intended for the content script loaded in a frame, the web page there can see it as well.

EU nations’ attempt to water down privacy protections could increase tension with US over personal data flows across the Atlantic

EU nations’ attempt to water down privacy protections could increase tension with US over personal data flows across the Atlantic

On 6 October 2020, the EU’s highest court, the Court of Justice of the European Union (CJEU), issued its judgments for three related cases: the Court of Justice of the European Union ruled that mass data retention and collection practices for national security purposes undertaken by member states, must comply with EU law, and therefore have to be subjected to its privacy safeguards.