May 6, 2024 at 06:33AM Multiple security vulnerabilities have been reported in various applications and system components within Xiaomi devices running Android. The flaws include access to system privileges, theft of files, and disclosure of sensitive data. Notable issues impact apps like Gallery, Settings, and Mi Video. Xiaomi has been notified, and users are urged … Read more
May 3, 2024 at 05:07PM Mullvad VPN user discovered that Android devices leak DNS queries despite enabling “Always-on VPN” and “Block connections without VPN” option. This bug, affecting Android 14, leaks DNS traffic when using specific apps or when VPN configurations change. Mullvad suggests workarounds and urges OS fixes to protect all Android users’ privacy. … Read more
May 2, 2024 at 11:27AM Israeli AI security startup Apex emerged from stealth mode with $7 million in seed funding. The funding round was led by Sequoia Capital and Index Ventures, with participation from angel investors, including Sam Altman. Founded in 2023, Apex aims to address security issues introduced by the increasing use of generative-AI … Read more
May 1, 2024 at 07:43PM Private internet search technology like queryable encryption and generative AI with secure enclaves offer promising solutions for balancing speed and security. Companies like MongoDB, Fortanix, and Duality are developing advanced search capabilities, allowing encrypted queries and secure retrieval of data, addressing the critical need for data privacy in today’s regulatory … Read more
May 1, 2024 at 07:21PM UnitedHealth’s Change Healthcare subsidiary paid $22 million ransom to attackers who breached its systems in February. The breach’s scope may be larger than known, as CEO Andrew Witty testified before Congress. The breach revealed poor security practices, impacting data security for PII and PHI. The long-term impact and next steps … Read more
May 1, 2024 at 06:24PM Hackers breached Dropbox Sign’s production systems, accessing authentication tokens, MFA keys, hashed passwords, and customer data. The company detected unauthorized access on April 24 and found that threat actors gained access to an automated system configuration tool, allowing them to access the customer database. Dropbox reset all users’ passwords and … Read more
May 1, 2024 at 04:36PM Qantas is investigating a privacy breach allowing customers to view others’ boarding passes and flight details on its app, potentially canceling flights. The airline attributes the issue to a technology problem rather than a cyber security incident. Qantas resolved the problem in roughly three hours and advises affected customers to … Read more
May 1, 2024 at 08:41AM In the 20 years since Mark Zuckerberg launched Facebook, there has been a significant impact on privacy and security in the digital age. Facebook’s missteps have influenced discussions and regulations surrounding data privacy, including the creation of legal frameworks like GDPR and CCPA. The platform’s impact on online privacy and … Read more
April 30, 2024 at 08:22AM Gartner reports that 55% of organizations are using or testing Generative AI, with Microsoft 365’s Copilot being a popular choice due to its seamless integration and data protection. However, the US Congress has banned its usage, and Gartner advises caution due to potential data security flaws and AI amplifying existing … Read more
April 29, 2024 at 03:41PM The FCC has fined major U.S. wireless carriers around $200 million for sharing customers’ real-time location data without consent. AT&T, Sprint, T-Mobile, and Verizon faced fines for unauthorized disclosure of location information. Carriers sold data to third parties without obtaining valid customer consent, failing to safeguard it as required by … Read more