December 12, 2024 at 04:35PM EagleMeSpy, a surveillance tool developed by a Chinese company for law enforcement, has been scraping sensitive data from Android devices since 2017. It requires physical access to install and is not available in app stores. Researchers indicate potential iOS versions exist, and the spyware is continuously developed to avoid detection. … Read more
December 6, 2024 at 04:10PM Microsoft has expanded its Windows Recall feature to Copilot+ PCs with AMD and Intel chipsets, following an initial rollout for Snapdragon devices. The AI-powered tool allows users to revisit recorded activities, raising privacy concerns. Microsoft has enhanced security measures and delayed the launch to address these issues before the limited … Read more
December 4, 2024 at 09:06AM Microsoft identified that some Windows Insiders could not save snapshots using the Recall preview due to a problematic non-security update (KB5046740). Users are advised against installing this update before joining the Dev Channel, as it could lead to potential issues requiring Windows reinstallation. Recall faces criticism for privacy concerns. ### … Read more
November 15, 2024 at 05:09PM Israeli firm NSO Group allegedly exploited WhatsApp vulnerabilities to deploy its Pegasus spyware, even after legal actions were initiated. Using various zero-day exploits like “Erised” and “Eden,” NSO’s clients could remotely infiltrate devices. Despite being sanctioned by the U.S., NSO claims limited responsibility for clients’ surveillance actions. Here are the … Read more
November 13, 2024 at 04:45PM Data for 122 million individuals was stolen from DemandScience and leaked by a hacker known as ‘KryptonZambie’ in February 2024. Although the company initially denied a breach, investigations later revealed the leaked information came from a decommissioned system, now added to Have I Been Pwned for notifications. **Meeting Takeaways:** 1. … Read more
November 8, 2024 at 08:04AM Recent updates to the Google mobile app for Android have caused shared links to be prepended with a “search.app” domain, raising user concerns about potential malware. This domain, similar to other link redirectors, allows Google to gather analytics and block unsafe content, though its lack of documentation remains puzzling. **Meeting … Read more
November 1, 2024 at 04:28PM OpenAI’s “ChatGPT search” Chrome extension redirects address bar searches to ChatGPT, akin to a typical search hijacker. While it promises real-time answers, cybersecurity experts view it as lacking value, as users can create search shortcuts without the extension. Caution is advised regarding potential future privacy concerns. ### Meeting Takeaways: OpenAI’s … Read more
October 28, 2024 at 05:08PM A cybersecurity researcher, Alexander Hagenah, has released a tool that bypasses Google’s App-Bound encryption, enabling the extraction of saved credentials from Chrome. While it reflects a method similar to existing infostealer malware, its public availability increases risks for users storing sensitive data in the browser. Google is aware of the … Read more
October 25, 2024 at 12:06AM UnitedHealth reported that over 100 million individuals had their personal and healthcare data compromised in a ransomware attack on Change Healthcare in February. This incident, attributed to the BlackCat gang, is the largest healthcare data breach in recent years, causing significant disruptions and estimated losses of $2.45 billion. ### Meeting … Read more
October 9, 2024 at 06:22PM Smart TVs are increasingly monitoring viewers and exploiting their data for targeted advertising, mirroring existing online privacy concerns. A report by the Center for Digital Democracy highlights widespread commercial surveillance practices that undermine consumer privacy and calls for regulatory intervention amid growing corporate lobbying against privacy legislation. **Meeting Takeaways: Smart … Read more