James Clapper: Lessons Learned in a Post-Snowden World

LAS VEGAS – The 2013 leaks by Edward Snowden highlight holes in the U.S. government around transparency and proactively dealing with insider threats, former national intelligence director James Clapper acknowledged. The U.S. intelligence community needs to be more transparent with the public, whi...

The vulnerability of the ActUWzd.dll library component of the Mitsubishi MX Component 3 system for data collection and process control in industrial automation systems, allowing a hacker to execute arbitrary code.

The vulnerability of the ActUWzd.dll library component of the Mitsubishi MX Component 3 system used for data collection and process control in Citect SCADA is due to buffer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely using a long string...

ThreatList: Google's Advertising Network Dominates Global Data Collection

When it comes to data collection, Google’s combined arsenal of advertising tools and services continue to help it dominate at a global level. Close behind are AOL Advertising, Moat and AppNexus. Each are singled out by researchers in new report that brings to mind the privacy-busting quote, “If...

Execs Could Face Jail Time For Privacy Violations

A new data privacy bill threatens large tech firms, like Facebook, with tough penalties – including monetary fines and up to 20 years of jail time for executives – if they violate user privacy policies. The “Mind Your Own Business Act,” proposed by Sen. Ron Wyden D-Ore. on Thursday, gives the...

On Chinese "Spy Trains"

The trade war with China has reached a new industry: subway cars. Congress is considering legislation that would prevent the world's largest train maker, the Chinese-owned CRRC Corporation, from competing on new contracts in the United States. Part of the reasoning behind this legislation is...

Google Assistant Audio Privacy Controls Updated After Outcry

Google is unveiling new privacy controls for the Google Assistant virtual assistant, after the company came under fire earlier this year for eavesdropping on users’ personal audio snippets – without their permission. The tech giant on Monday promised more transparency around the audio data that i...

YouTube ordered to cough up $170M settlement over COPPA infraction

Last week, the Federal Trade Commission FTC announced that it has required Google and YouTube to pay a settlement fee totaling $170 million after its video-sharing platform was found violating the Children’s Online Privacy Protection Act COPPA. The complaint was filed by the FTC and the New York...

Mozilla Launches 'Firefox Private Network' VPN Service as a Browser Extension

Mozilla has officially launched a new privacy-focused VPN service, called Firefox Private Network, as a browser extension that aims to encrypt your online activity and limit what websites and advertisers know about you. Firefox Private Network service is currently in beta and available only to...

Google Fined $170 Million For Violating Kids' Privacy On YouTube

Google has finally agreed to pay $170 million fine to settle allegations by the Federal Trade Commission and the New York attorney general that its YouTube service earned millions by illegally harvesting personal information from children without their parents' consent. The settlement requires...

Google Fined $170 Million For Violating Kids' Privacy On YouTube

Google has finally agreed to pay $170 million fine to settle allegations by the Federal Trade Commission and the New York attorney general that its YouTube service earned millions by illegally harvesting personal information from children without their parents' consent. The settlement requires...

Chinese Face-Swapping App ZAO Sparks Privacy Concerns After Going Crazily Viral

What could be more exciting than seeing yourself starring alongside your favorite actor in a movie, music video, or TV program? Yes, that's possible—well, kind of, by using a new AI-based deepfake app that has gone viral in China over this weekend, climbing to the top of the free apps list in the...

Fedora Update for nfdump FEDORA-2019-9013b5e75d

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Use This Privacy Tool to View and Clear Your 'Off-Facebook Activity' Data

Well, here we have great news for Facebook users, which is otherwise terrible for marketers and publishers whose businesses rely on Facebook advertisement for re-targeted conversations. Following the Cambridge Analytica scandal, Facebook has taken several privacy measures in the past one year wit...

Why XDR Is A Big Deal, and Is Different from SIEM and Platforms

In Jon Clay’s post, he does a great job of explaining the evolution from EDR to XDR. In short, he explained that Endpoint Detection and Response EDR is great, but that having sources of information beyond endpoint is better. The ‘X’ in XDR is essentially ‘many’ or whatever we can add to provide a...

Apple Suspends Siri Program After Privacy Backlash

Apple is suspending a program that lets contractors listen in on Siri voice recordings after facing a rain of backlash regarding the privacy implications of the program. The suspension comes after a report in The Guardian last week outlining how contractors regularly listen to intimate voice...

Viral FaceApp Unnecessarily Requests Access to Users' Facebook Friends List

FaceApp—the AI-powered photo-morphing app that recently gone viral for its age filter but hit the headlines for its controversial privacy policy—has been found collecting the list of your Facebook friends for no reason. The Russian-made FaceApp has been around since the spring of 2017 but taken...

Viral FaceApp Unnecessarily Requests Access to Users' Facebook Friends List

FaceApp—the AI-powered photo-morphing app that recently gone viral for its age filter but hit the headlines for its controversial privacy policy—has been found collecting the list of your Facebook friends for no reason. The Russian-made FaceApp has been around since the spring of 2017 but taken...

FaceApp scares point to larger data collection problems

Last week, if you thumbed your way through Facebook, Instagram, and Twitter, you likely saw altered photos of your friends with a few extra decades written onto their faces—wrinkles added, skin sagged, hair bereft of color. Has 2019 really been that long? Not really. The photos are the work of...

Hackers Expose Russian FSB Cyberattack Projects

More nation-state activity in cyberspace, this time from Russia: Per the different reports in Russian media, the files indicate that SyTech had worked since 2009 on a multitude of projects since 2009 for FSB unit 71330 and for fellow contractor Quantum. Projects include: Nautilus -- a project for...

Malicious Package

Several python packages are malicious packages. The malicious libraries attempt to either collect data such as system information of the environment or open a reverse shell on remote workstations...