Bayanay - Python Wardriving Tool

WarDriving is the act of navigating, on foot or by car, to discover wireless networks in the surrounding area. Features Wardriving is done by combining the SSID information obtained with scapy using the HTML5 geolocation feature. Usage I cannot be held responsible for the malicious use of the...

Differences in App Security/Privacy Based on Country

Depending on where you are when you download your Android apps, it might collect more or less data about you. The apps we downloaded from Google Play also showed differences based on country in their security and privacy capabilities. One hundred twenty-seven apps varied in what the apps were...

Facebook users sue Meta for allegedly building "secret workaround" to Apple privacy safeguards

Last week, two Facebook users filed a class-action complaint against Meta in San Francisco's federal court, alleging the company built a "secret workaround" to Apple's safeguards that protect iPhone users from tracking. Facebook circumvents Apple's privacy rules by opening in-app browsers within...

How to Advocate for Data Privacy and Users' Rights

Want to speak up against Big Tech, unjust data collection, and surveillance? Here's how to be an activist in your community and beyond...

Security Bulletin: Vulnerability in IBM SPSS Data Collection due to issues in Eclipse Help System (CVE-2013-0464, CVE-2013-0467)

Abstract The version of IBM Eclipse Help System that is shipped with IBM SPSS Data Collection versions 6.0, 6.0.1 "Data Collection" and 7.0 has multiple security vulnerabilities. These vulnerabilities allow attackers to perform cross-site scripting and source code disclosure attacks. Content...

The art and science behind Microsoft threat hunting: Part 1

At Microsoft, we define threat hunting as the practice of actively looking for cyberthreats that have covertly or not so covertly penetrated an environment. This involves looking beyond the known alerts or malicious threats to discover new potential threats and vulnerabilities. Why do incident...

Important: Red Hat Security Advisory: Service Telemetry Framework 1.4 security update

An update is now available for Service Telemetry Framework 1.4 for RHEL 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

All the Data Amazon's Ring Cameras Collect About You

The popular security devices are tracking and sharing more than you might think...

Gimme! Gimme! Gimme! (More Data): What Security Pros Are Saying

Eight in 10 organizations collect, process, and analyze security operations data from more than 10 sources, ESG identified in a new ebook SOC Modernization and the Role of XDR, sponsored by Rapid7. Security professionals believe that the most important sources are endpoint security data 24%, thre...

TikTok is “unacceptable security risk” and should be removed from app stores, says FCC

Brendan Carr, the commissioner of the FCC Federal Communications Commission, called on the CEOs of Apple and Google to remove TikTok from their app stores. In a letter dated June 24, 2022, Carr told Tim Cook and Sundar Pichai that "TikTok poses an unacceptable national security risk due to its...

My Body, My Data Act would lock down reproductive and sexual health data

A new bill entered into both the House of Representatives and the Senate proposes the strongest Federal data privacy protections yet for an increasingly scrutinized form of data in the United States—reproductive and sexual health data. The “My Body, My Data Act of 2022” was announced in early Jun...

systemtap bug fix and enhancement update

An update is available for systemtap. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list SystemTap is an instrumentation system for systems running the Linux kernel...

Splunk Resource Permission Assignment Error Vulnerability

Splunk is a suite of data collection and analysis software from Splunk, Inc. The software is primarily used to collect, index, and analyze the data it generates, including data generated by all IT systems and infrastructure physical, virtual machines, and cloud.A resource privilege assignment err...

Splunk Command Injection Vulnerability

Splunk is a suite of data collection and analysis software from Splunk, Inc. The software is primarily used to collect, index, and analyze the data it generates, including data generated by all IT systems and infrastructures physical, virtual machines, and cloud. A command injection vulnerability...

New Privacy Framework for IoT Devices Gives Users Control Over Data Sharing

A newly designed privacy-sensitive architecture aims to enable developers to create smart home apps in a manner that addresses data sharing concerns and puts users in control over their personal information. Dubbed Peekaboo by researchers from Carnegie Mellon University, the system "leverages an...

Coffee app in hot water for constant tracking of user location

A mobile app violated Canadas privacy laws via some pretty significant overreach with its tracking of device owners. The violation will apparently not bring the app owners, Tim Hortons, any form of punishment. However, the fallout from this incident may hopefully serve as a warning to others with...

Period-Tracking and Fertility Apps Can Put Women Seeking Abortions at Risk

Apps collect sensitive data that could be subpoenaed by law enforcement or sold by data brokers...

Your Tim Hortons Coffee App Knew Where You Were at All Times

The Canada-based company illegally collected “vast amounts of location data,” such as every time a person entered or left their home, workplace, or another coffee shop...

ExpressVPN Removes VPN Servers in India Rejecting Data Collection Law

By Deeba Ahmed The new law requires service providers to store users web usage patterns, designated IP addresses, etc. for the… This is a post from HackRead.com Read the original post: ExpressVPN Removes VPN Servers in India Rejecting Data Collection Law...

The Race to Hide Your Voice

Voice recognition—and data collection—have boomed in recent years. Researchers are figuring out how to protect your privacy...