Ireland’s Watchdog Launches Inquiry into Google’s AI Data Practices in Europe

September 12, 2024 at 07:18AM The Irish Data Protection Commission has initiated a statutory inquiry into Google’s AI model, PaLM 2, to assess its compliance with data protection regulations when processing European users’ personal data. This inquiry aims to safeguard individuals’ rights and freedoms, following similar actions against other tech companies for potential privacy violations. … Read more

Google Play Bug Bounty Program Shutting Down

August 21, 2024 at 11:00AM Google is discontinuing its Google Play Security Reward Program (GPSRP) after achieving its goal of increasing Android OS security. Bug submissions will be accepted until August 31, 2024, with final rewards decided by September 30. The program has incentivized developers to improve their app security, paying out a total of … Read more

Microsoft Bug Bounty Payouts Increased to $16.6 Million in Past Year

August 6, 2024 at 06:12AM Microsoft announced that it paid out $16.6 million through its bug bounty programs over the past year, an increase from the previous annual average of $13 million. They rewarded 343 researchers from 55 countries for over 1,300 eligible reports, with the largest single reward being $200,000. Microsoft plans to continue … Read more

Meta Agrees to $1.4B Settlement With Texas in Privacy Lawsuit Over Facial Recognition

July 31, 2024 at 03:06AM Meta has agreed to a $1.4 billion settlement with Texas over a privacy lawsuit involving alleged unauthorized use of biometric data. Texas Attorney General Ken Paxton called it the largest state-secured settlement. This follows a $650 million settlement in Illinois. Meta’s total biometric privacy settlements now exceed $2 billion. The … Read more

Microsoft Delaying Recall Feature to Improve Security

June 14, 2024 at 06:39AM Microsoft has postponed the launch of the Recall feature preview due to security and privacy concerns. It allows users to find past screenshots on their PC, but experts have pointed out potential risks of sensitive data being obtained by malware. The feature will now be rolled out through the Windows … Read more

Researchers Show How Malware Could Steal Windows Recall Data

June 5, 2024 at 09:30AM Microsoft’s Recall feature, enabled by default on new Copilot+ PCs, captures user activity through regular screenshots stored locally. However, cybersecurity researchers have raised concerns over potential data theft, with demonstrations showing information-stealing malware could access sensitive data. They also highlighted the feature’s security vulnerabilities, prompting Microsoft to address the issues … Read more

Google fixes eighth actively exploited Chrome zero-day this year

May 24, 2024 at 05:36AM Google has released a new emergency security update for Chrome to address the eighth actively exploited zero-day vulnerability. Tracked as CVE-2024-5274, the high-severity ‘type confusion’ flaw in V8, Chrome’s JavaScript engine, can lead to crashes and data corruption. The fix is available for Windows and Mac, with updates for Linux … Read more

Patch Now: Another Google Zero-Day Under Exploit in the Wild

May 16, 2024 at 08:57AM A new zero-day vulnerability has been disclosed for Google Chrome, marking the third such bug revealed within a week. Google has released an emergency fix for the high-severity flaw (CVE-2024-4947) affecting Mac, Windows, and Linux. This type-confusion weakness in the Chrome V8 JavaScript engine can lead to browser crashes and … Read more

Feds to Microsoft: Clean Up Your Cloud Security Act Now

April 3, 2024 at 11:36AM A federal review board placed responsibility on the tech giant for the Microsoft 365 breach, urging them to prioritize their “inadequate” security. The breach enabled China’s Storm-0558 to hack email accounts of government officials. Based on the meeting notes, it is clear that a federal review board has demanded the … Read more

Apple Patches Code Execution Vulnerability in iOS, macOS

March 26, 2024 at 08:48AM Apple has issued security updates for iOS and macOS to fix an arbitrary code execution vulnerability affecting CoreMedia and WebRTC components. This issue, also impacting the dav1d AV1 decoder, can lead to memory corruption and arbitrary code execution. The company credited Google Project Zero researcher Nick Galloway for reporting the … Read more