121 matches found
Meta sued over forcing users to pay to stop tracking
Meta is required to get users’ consent in Europe in order to show them targeted ads. For this reason, Meta has to provide European users with a way to opt out of behavioral advertising or face fines totalling $100,000 a day. Behavioral advertising are ads tailored to someone’s browsing habits and...
CVE-2023-48300 Embed Privacy missing escaping for show_all attribute in opt-out shortcode
The Embed Privacy plugin for WordPress that prevents the loading of embedded external content is vulnerable to Stored Cross-Site Scripting via embedprivacyoptout shortcode in versions up to, and including, 1.8.0 due to insufficient input sanitization and output escaping on user supplied attribute...
Chrome's "Enhanced Ad Privacy": What you need to know
Users of Google's Chrome web browser may wish to dig into their privacy settings as a new feature regarding advertising privacy slowly rolls out to the masses. Googles "Enhanced Ad Privacy" feature may soon appear in your browser, tied to choices regarding a new Chrome feature named Topics. This ...
How to keep your ChatGPT conversations out of its training data
Last week, OpenAI announced it had given ChatGPT users the option to turn off their chat history. ChatGPT is a "generative AI", a machine learning algorithm that can understand language and generate written responses. Users can interact with it by asking questions, and the conversations users hav...
A week in security (April 3 - 9)
Last week on Malwarebytes Labs: TikTok: Whats going on and should I be worried? Super FabriXss: an RCE vulnerability in Azure Service Fabric Explorer Big changes to Twitter verification: How to spot a verified account New macOS malware steals sensitive info, including a user's entire Keychain...
CVE-2023-25712
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WP-Buddy Google Analytics Opt-Out plugin = 2.3.4 versions...
CVE-2023-25712
CVE-2023-25712 affects the WordPress plugin Opt-Out for Google Analytics (WP-Opt-Out) versions
New tool allows you to opt out of Facebook's targeted advertising
After Meta Facebook and Instagram switched the legal basis for targeting advertising from automatic consent to opt-out, privacy watchdog noyb has built a tool for users to opt out of targeted advertising and various other claims made by Meta in an easy and legally sound way. After losing several...
Snapchat gives Californians more power over their personal data
There's a new toggle switch in Snapchat that, once enabled, limits the use of sensitive personal information. TechCrunch reports that the switch is a new privacy feature Snapchat will be rolling out to comply with the California Privacy Rights Act CPRA, also known as Proposition 24. The act, whic...
CVE-2022-41839
Broken Access Control vulnerability in WordPress LoginPress plugin = 1.6.2 on WordPress leading to unauth. changing of Opt-In or Opt-Out tracking settings...
Improper access control
Broken Access Control vulnerability in WordPress LoginPress plugin = 1.6.2 on WordPress leading to unauth. changing of Opt-In or Opt-Out tracking settings...
CVE-2022-41839 WordPress LoginPress plugin <= 1.6.2 - Broken Access Control vulnerability
Broken Access Control vulnerability in WordPress LoginPress plugin = 1.6.2 on WordPress leading to unauth. changing of Opt-In or Opt-Out tracking settings...
CVE-2022-41839
CVE-2022-41839 affects the WordPress LoginPress plugin (versions ≤ 1.6.2). The issue is a Broken Access Control that allows unauthorized changes to Opt-In/Opt-Out tracking settings. The published sources consistently describe unauthenticated modification of tracking preferences as the impact. Rem...
openSUSE: Security Advisory for git (SUSE-SU-2022:2535-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE-SU-2022:2537-1 Security update for git
This update for git fixes the following issues: - CVE-2022-29187: Incomplete fix for CVE-2022-24765: potential command injection via git worktree bsc1201431. - Allow to opt-out from the check added in the security fix for CVE-2022-24765 bsc1200119...
SUSE-SU-2022:2535-1 Security update for git
This update for git fixes the following issues: - CVE-2022-29187: Incomplete fix for CVE-2022-24765: potential command injection via git worktree bsc1201431. - Allow to opt-out from the check added in the security fix for CVE-2022-24765 bsc1200119...
Clearview AI banned from selling facial recognition data in the US
Clearview AI, a facial recognition software and surveillance company, is permanently banned from selling its faceprint database within the United States. The company also cannot sell its database to state and law enforcement entities in Illinois for five years. This is a historic win for the...
Apple accidentally kept some Siri recordings from iPhones, even for opted-out users
Apple’s release of iOS 15.4 beta 2 completes the fix for a bug that may have recorded interactions with Siri without permission on some devices. Apple has fixed this bug that was introduced in iOS 15 and accidentally kept some recordings, regardless of whether you opted out or not. The bug was...
How to Opt Out of Verizon’s Custom Experience Tracking
Unless you manually opt out of the program, Verizon will store personal information and create user interest profiles...
How to Turn Off Amazon Sidewalk
The company is enlisting your Echo and Ring devices into an internet-sharing mesh network starting Monday. It’s not too late to opt out...