October 8, 2024 at 08:36AM Malicious browser extensions are evading Google’s latest Chrome Web Store security, posing significant risks to individuals and organizations. Researchers showcased the ability to steal data and manipulate permissions. While Google aims to enhance privacy and security with Manifest V3, vulnerabilities still exist. Companies are advised to review and restrict browser … Read more
October 7, 2024 at 03:53PM US police use facial recognition technology without disclosure to suspects, lawyers. Washington Post’s investigation shows limited data sharing, misidentifications, and procedural violations. Miami Police conducted 2,500 searches, resulting in over 50 convictions. Local governments enact bans, but law enforcement bypasses them. Clearview AI’s tool is widely used, despite restrictions on … Read more
October 4, 2024 at 04:11PM Apple has released updates for iOS and iPadOS (18.0.1) to address two privacy-centric bugs. The first bug, affecting VoiceOver accessibility, could read passwords aloud. The second issue involved voice messages recording users before their awareness. Users are advised to update their devices to mitigate these vulnerabilities. However, these issues do … Read more
October 4, 2024 at 08:05AM Apple has addressed two security bugs in iOS 18.0.1 and iPadOS 18.0.1. One bug may read users’ saved passwords aloud, posing a risk to the visually impaired. Another bug affects iPhone 16’s audio capture in iMessage, capturing audio before indicating recording. Apple urges users to apply the latest update for … Read more
September 20, 2024 at 12:33PM Dell is investigating claims of a data breach following a threat actor’s leak of data for over 10,000 employees. This has been confirmed by the company to BleepingComputer. Based on the meeting notes, it appears that Dell is investigating claims of a data breach, specifically related to leaked data for … Read more
September 20, 2024 at 05:31AM High-end British department store, Harvey Nichols, notifies customers of a recent cyberattack exposing their name, company, phone number, email, and home addresses. The breach, identified on September 16, did not involve passwords or financial information. With limited details provided, customers are cautioned of potential phishing attacks and advised to report … Read more
September 3, 2024 at 01:17PM The Dutch Data Protection Authority fined Clearview AI €30.5 million for illegal facial recognition data collection of Dutch citizens. The company’s technology compiles a vast database of faces from public internet sources without consent, prompting privacy and ethical concerns. Clearview AI disputes the fine, claiming lack of EU jurisdiction. Additional … Read more
August 21, 2024 at 04:15PM Microsoft has announced the rollout of its AI-powered Windows Recall feature to Insiders with Copilot+ PCs in October. The feature takes screenshots, analyzes them on-device using AI, and adds the information to an SQLite database. Despite concerns, Microsoft has adjusted the release approach and promised to prioritize security with the … Read more
July 9, 2024 at 12:05PM Wi-Fi hubs can unintentionally expose data due to quirks in Apple’s geolocation system, beyond just the devices connected to them. Certainly! It appears that the meeting discussed the potential data leakage from Wi-Fi hubs themselves, due to specific quirks in Apple’s geolocation system. This issue goes beyond the devices that … Read more
June 28, 2024 at 09:33AM SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that may have gone unnoticed. This week’s stories include Microsoft patching a critical Dataverse vulnerability, a credential stuffing attack on Levi Strauss, a data breach at Ventura County Credit Union, malware delivery by a South Korean ISP, and various … Read more