Leaked NHS Docs Reveal Roadmap, Concerns Around Contact-Tracing App

A COVID-19 contact-tracing app to be rolled out by the UK’s National Health Service NHS has been thrust into the spotlight thanks to sensitive documents being leaked via a public Google Drive link. Contact tracing has emerged as a top idea for dealing with the coronavirus pandemic and is consider...

Change This Browser Setting to Stop Xiaomi from Spying On Your Incognito Activities

If you own a Xiaomi smartphone or have installed the Mi browser app on any of your other brand Android device, you should enable a newly introduced privacy setting immediately to prevent the company from spying on your online activities. The smartphone maker has begun rolling out an update to its...

Change This Browser Setting to Stop Xiaomi from Spying On Your Incognito Activities

If you own a Xiaomi smartphone or have installed the Mi browser app on any of your other brand Android device, you should enable a newly introduced privacy setting immediately to prevent the company from spying on your online activities. The smartphone maker has begun rolling out an update to its...

Introducing Malwarebytes Privacy

Here at Malwarebytes, we’re no strangers to using virtual private networks VPNs to protect our privacy while browsing online. Regular readers of our blog will remember that we’ve advised on VPN usage on many occasions, whether for mobile device users looking for anonymity or business owners wanti...

Secure the software development lifecycle with machine learning

Every day, software developers stare down a long list of features and bugs that need to be addressed. Security professionals try to help by using automated tools to prioritize security bugs, but too often, engineers waste time on false positives or miss a critical security vulnerability that has...

Fuji Electric V-Server Lite

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Fuji Electric Equipment: V-Server Lite Vulnerability: Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to gain elevated...

Zoom Caught in Cybersecurity Debate — Here's Everything You Need To Know

Over the past few weeks, the use of Zoom video conferencing software has exploded ever since it emerged the platform of choice to host everything from cabinet meetings to yoga classes amidst the ongoing coronavirus outbreak and work from home became the new normal. The app has skyrocketed to 200...

Security and Privacy Implications of Zoom

Over the past few weeks, Zoom's use has exploded since it became the video conferencing platform of choice in today's COVID-19 world. My own university, Harvard, uses it for all of its classes. Boris Johnson had a cabinet meeting over Zoom. Over that same period, the company has been exposed for...

Awspx - A Graph-Based Tool For Visualizing Effective Access And Resource Relationships In AWS Environments

auspex ˈau̯s.pɛks noun : An augur of ancient Rome, especially one who interpreted omens derived from the observation of birds. awspx is a graph-based tool for visualizing effective access and resource relationships within AWS. It resolves policy information to determine what actions affect which...

Zoom Kills iOS App’s Data-Sharing Facebook Feature

Zoom has removed a feature in its iOS web conferencing app that was sharing analytics data with Facebook, after a report revealing the practice sparked outrage. According to the Motherboard report last week that originally disclosed the privacy issue, the transferred information included data on...

Covid-19 Spurs Facial Recognition Tracking, Privacy Fears

In the midst of the ongoing coronavirus pandemic, facial recognition technology is being adopted globally as a way to track the virus’ spread. But privacy experts worry that, in the rush to implement COVID-19 tracking capabilities, important and deep rooted issues around data collection and...

Covid-19 Spurs Facial Recognition Tracking, Privacy Fears

In the midst of the ongoing coronavirus pandemic, facial recognition technology is being adopted globally as a way to track the virus’ spread. But privacy experts worry that, in the rush to implement COVID-19 tracking capabilities, important and deep rooted issues around data collection and...

Emergency Surveillance During COVID-19 Crisis

Israel is using emergency surveillance powers to track people who may have COVID-19, joining China and Iran in using mass surveillance in this way. I believe pressure will increase to leverage existing corporate surveillance infrastructure for these purposes in the US and other countries. With th...

ONAP DCAE Access Control Error Vulnerability

The ONAP DCAE is a data collection, analysis, and event subsystem within the ONAP Project's suite of ONAP network management platforms. An Access Control Error vulnerability exists in ONAP DCAE Dublin and prior versions that stems from an access control error in the program. An attacker could...

Mitsubishi Electric MELQIC IU1 TCP Function Access Control Error Vulnerability

The Mitsubishi Electric MELQIC IU1 is an IU1 series data collection analyzer from Mitsubishi Electric Mitsubishi, Japan. An access control error vulnerability exists in the TCP function in the Mitsubishi Electric MELQIC IU1 IU1-1M20-D using firmware version 1.0.7 and earlier. The vulnerability...

Facebook's Download-Your-Data Tool Is Incomplete

Privacy International has the details: Key facts: Despite Facebook claim, "Download Your Information" doesn't provide users with a list of all advertisers who uploaded a list with their personal data. As a user this means you can't exercise your rights under GDPR because you don't know which...

Lawsuit Claims Google Collects Minors’ Locations, Browsing History

Google was slapped with a lawsuit this week that alleges that it has been covertly collecting data of students via its G Suite for Education program, which offers its productivity services to students for free. Google’s G Suite for Education program formerly known as Google Education offers free...

Privacy Experts Skeptical of Proposed Data Protection Agency

A new federal bureaucracy, the Data Protection Agency DPA, has been proposed to completely revamp how the U.S. government regulates data collection and misuse by big tech companies. However, while privacy experts call the agency a “good first step,” they remain skeptical about how effective it...

[SECURITY] Fedora 31 Update: sysstat-12.3.1-1.fc31

The sysstat package contains the sar, sadf, mpstat, iostat, tapestat, pidstat, cifsiostat and sa tools for Linux. The sar command collects and reports system activity information. The information collected by sar can be saved in a file in a binary format for future inspection. The statistics...

Facebook to Pay $550M to Settle Class Action Case Over Facial Recognition

Facebook has agreed to pay $550 million to Illinois users to settle a class action lawsuit filed over the use of its face-tagging technology to collect facial-recognition data on its social media platform. The company unveiled the settlement on a quarterly financial call Wednesday, in which it...