Uninstall These Eight Browser Extensions That Stole Data from Millions


This post is by Brendan Hesse from Lifehacker


Click here to view on the original site: Original Post




A massive data leak was recently discovered by cybersecurity researcher Sam Jidali, revealing private information for 45 major companies and millions of individuals. Dubbed “DataSpii” by Jidali and his team, the leak was perpetrated by innocent-looking Chrome and Firefox browser extensions that collected and…

Read more…

How US national security agencies hold the internet hostage


This post is by Arman Tabatabai from TechCrunch


Click here to view on the original site: Original Post




Team Telecom, a shadowy US national security unit tasked with protecting America’s telecommunications systems, is delaying plans by Google, Facebook and other tech companies for the next generation of international fiber optic cables.

Team Telecom is comprised of representatives from the departments of Defense, Homeland Security, and Justice (including the FBI), who assess foreign investments in American telecom infrastructure, with a focus on cybersecurity and surveillance vulnerabilities.

Team Telecom works at a notoriously sluggish pace, taking over seven years to decide that letting China Mobile operate in the US would “raise substantial and serious national security and law enforcement risks,” for instance. And while Team Telecom is working, applications are stalled at the FCC.

The on-going delays to submarine cable projects, which can cost nearly half a billion dollars each, come with significant financial impacts. They also cede advantage to connectivity projects that have not attracted Team Telecom’s attention –

Continue reading “How US national security agencies hold the internet hostage”

How US national security agencies hold the internet hostage


This post is by Arman Tabatabai from TechCrunch


Click here to view on the original site: Original Post




Team Telecom, a shadowy US national security unit tasked with protecting America’s telecommunications systems, is delaying plans by Google, Facebook and other tech companies for the next generation of international fiber optic cables.

Team Telecom is comprised of representatives from the departments of Defense, Homeland Security, and Justice (including the FBI), who assess foreign investments in American telecom infrastructure, with a focus on cybersecurity and surveillance vulnerabilities.

Team Telecom works at a notoriously sluggish pace, taking over seven years to decide that letting China Mobile operate in the US would “raise substantial and serious national security and law enforcement risks,” for instance. And while Team Telecom is working, applications are stalled at the FCC.

The on-going delays to submarine cable projects, which can cost nearly half a billion dollars each, come with significant financial impacts. They also cede advantage to connectivity projects that have not attracted Team Telecom’s attention –

Continue reading “How US national security agencies hold the internet hostage”

The FTC looks to change children’s privacy law following complaints about YouTube


This post is by Sarah Perez from TechCrunch


Click here to view on the original site: Original Post




The U.S. Federal Trade Commission is considering an update to the laws governing children’s privacy online, known as the COPPA Rule (or, the Children’s Online Privacy Protection Act). The Rule first went into effect in 2000 and was amended in 2013 to address changes in how children use mobile devices and social networking sites. Now, the FTC believes it may be due for more revisions. The organization is seeking input and comments on possible updates, some of which are specifically focused on how to address sites that aren’t necessarily aimed at children, but have large numbers of child users.

In other words, sites like YouTube .

The FTC’s announcement comes only weeks after U.S. consumer advocacy groups and Senator Ed Markey (D-Mass.) sent complaint letters to the FTC, urging the regulators to investigate YouTube for potential COPPA violations.

The advocacy groups allege that YouTube is hiding

youtube kids website
tiktok ftc

Continue reading “The FTC looks to change children’s privacy law following complaints about YouTube”

iOS 13: Here are the new security and privacy features you might’ve missed


This post is by Zack Whittaker from TechCrunch


Click here to view on the original site: Original Post




In just a few weeks Apple’s new iOS 13, the thirteenth major iteration of its popular iPhone software, will be out — along with new iPhones and a new iPad version, the aptly named iPadOS. We’ve taken iOS 13 for a spin over the past few weeks — with a focus on the new security and privacy features — to see what’s new and how it all works.

Here’s what you need to know.

You’ll start to see reminders about apps that track your location

1 location track

Ever wonder which apps track your location? Wonder no more. iOS 13 will periodically remind you about apps that are tracking your location in the background. Every so often it will tell you how many times an app has tracked where you’ve been in a recent period of time, along with a small map of the location points. From this screen you can “always allow”

2 location ask
Screen Shot 2019 07 18 at 12.18.38 PM
5 find my
8 contact snoop
6 sign in
4 block callers
7 strip location
9 safari improvements

Continue reading “iOS 13: Here are the new security and privacy features you might’ve missed”

Facebook accused of contradicting itself on claims about platform policy violations


This post is by Natasha Lomas from TechCrunch


Click here to view on the original site: Original Post




Prepare your best * unsurprised face *: Facebook is being accused of contradicting itself in separate testimonies made on both sides of the Atlantic.

The chair of a UK parliamentary committee which spent the lion’s share of last year investigating online disinformation, going on to grill multiple Facebook execs as part of an enquiry that coincided with a global spotlight being cast on Facebook as a result of the Cambridge Analytica data misuse scandal, has penned another letter to the company — this time asking which versions of claims it has made regarding policy-violating access to data by third party apps on its platform are actually true.

In the letter, which is addressed to Facebook global spin chief and former UK deputy prime minister Nick Clegg, Damian Collins cites paragraph 43 of the Washington DC Attorney General’s complaint against the company — which asserts that the company “knew of other

Continue reading “Facebook accused of contradicting itself on claims about platform policy violations”

FaceApp gets federal attention as Sen. Schumer raises alarm on data use


This post is by Devin Coldewey from TechCrunch


Click here to view on the original site: Original Post




It’s been hard to get away from FaceApp over the last few days, whether it’s your friends posting weird selfies using the app’s aging and other filters, or the brief furore over its apparent (but not actual) circumvention of permissions on iPhones. Now even the Senate is getting in on the fun: Sen. Chuck Schumer (D-NY) has asked the FBI and the FTC to look into the app’s data handling practices.

“I write today to express my concerns regarding FaceApp,” he writes in a letter sent to FBI Director Christopher Wray and FTC Chairman Joseph Simons. I’ve excerpted his main concerns below:

In order to operate the application, users must provide the company full and irrevocable access to their personal photos and data. According to its privacy policy, users grant FaceApp license to use or publish content shared with the application, including their username or even their real name, without

Continue reading “FaceApp gets federal attention as Sen. Schumer raises alarm on data use”

Microsoft has warned 10,000 victims of state-sponsored hacking


This post is by Zack Whittaker from TechCrunch


Click here to view on the original site: Original Post




Microsoft said it has notified close to 10,000 people in the past year that they have been targeted by state-sponsored hackers.

The tech giant said Wednesday that the victims were either targeted or compromised by hackers working for a foreign government. In almost all cases, Microsoft said, enterprise customers were the primary targets — such as businesses and corporations. About one in ten victims are consumer personal accounts, the company said.

Microsoft said its new data, revealed at the Aspen Security Forum in Colorado, demonstrates the “significant extent to which nation-states continue to rely on cyberattacks as a tool to gain intelligence, influence geopolitics, or achieve other objectives.”

On top of that the company also said it has made 781 notifications of state-sponsored attacks on organizations using its AccountGuard technology, designed for political campaigns, parties and government institutions.

Almost all of the attacks targeted U.S.-based organizations,

Continue reading “Microsoft has warned 10,000 victims of state-sponsored hacking”

Facebook’s regulation dodge: Let us, or China will


This post is by Josh Constine from TechCrunch


Click here to view on the original site: Original Post




Facebook is leaning on fears of China exporting its authoritarian social values to counter arguments that it should be broken up or slowed down. Its top executives have each claimed that if the U.S. limits its size, blocks its acquisitions, or bans its cryptocurrency, Chinese company’s absent these restrictions will win abroad, bringing more power and data to their government. CEO Mark Zuckerberg, COO Sheryl Sandberg, and VP of communications Nick Clegg have all expressed this position.

The latest incarnation of this talking point came in today and yesterday’s congressional hearings over Libra, the Facebook-spearheaded digital currency it hopes to launch in the first half of 2020. Facebook’s head of its blockchain subsidiary Calibra David Marcus wrote in his prepared remarks to the House Financial Services Committee today that:

“I believe that if America does not lead innovation in the digital currency and payments area, others will. If we

Senate Banking Committee Holds Hearing On Facebook's Proposed Crypto Currency
facebook logo down glitch

Continue reading “Facebook’s regulation dodge: Let us, or China will”

FaceApp responds to privacy concerns 


This post is by Natasha Lomas from TechCrunch


Click here to view on the original site: Original Post




FaceApp, the AI-powered selfie-editing app that’s been having another viral moment of late, has now responded to a privacy controversy that we covered earlier here.

We’ve pasted the company’s full statement at the bottom of this post.

The tl;dr here is that concerns had been raised that FaceApp, a Russian startup, uploads users’ photos to the cloud — without making it clear to them that processing is not going on locally on their device.

Another issue raised by FaceApp users was that the iOS app appears to be overriding settings if a user had denied access to their camera roll, after people reported they could still select and upload a photo — i.e. despite the app not having permission to access their photos.

As we reported earlier, the latter is actually allowed behavior in iOS — which gives users the power to choose to block an app from full

Continue reading “FaceApp responds to privacy concerns “

Another 2.2 million patients affected by AMCA data breach


This post is by Zack Whittaker from TechCrunch


Click here to view on the original site: Original Post




Another clinical lab ensnared in the AMCA data breach has come forward.

Clinical Pathology Laboratories (CPL) says 2.2 million patients may have had their names, addresses, phone numbers, dates of birth, dates of service, balance information and treatment provider information stolen in the previously-reported breach.

Another 34,500 patients had their credit card or banking information compromised.

The breach was limited to U.S. residents, the company said.

CPL blamed the AMCA, which it and other labs used to process payments for their patients, for not providing more details on the breach when it was disclosed in June.

“At the time of AMCA’s initial notification, AMCA did not provide CPL with enough information for CPL to identify potentially affected patients or confirm the nature of patient information potentially involved in the incident, and CPL’s investigation is on-going,” said the company in a statement.

LabCorp was first hit with 7.7

Continue reading “Another 2.2 million patients affected by AMCA data breach”

Nexar’s Live Map is like Street View with pictures from 5 minutes ago


This post is by Devin Coldewey from TechCrunch


Click here to view on the original site: Original Post




We all rely on maps to get where we’re going or investigate a neighborhood for potential brunch places, but the data we’re looking at is often old, vague, or both. Nexar, maker of dashcam apps and cameras, aims to put fresh and specific data on your map with images from the street taken only minutes before.

If you’re familiar with dash cams, and you’re familiar with Google’s Street View, then you can probably already picture what Live Map essentially is. It’s not quite as easy to picture how it works or why it’s useful.

Nexar sells dash cams and offers an app that turns your phone into one temporarily, and the business has been doing well, with thousands of active users on the streets of major cities at any given time. Each node of this network of gadgets shares information with the other nodes — warning of traffic snarls, potholes,

nexar zoom
Detection Filtering

Continue reading “Nexar’s Live Map is like Street View with pictures from 5 minutes ago”

Highlights from Facebook’s Libra Senate hearing


This post is by Josh Constine from TechCrunch


Click here to view on the original site: Original Post




Facebook will only build its own Calibra cryptocurrency wallet into Messenger and Whatsapp, and will refuse to embed competing wallets, the head of Calibra David Marcus told the Senate Banking Committee today.

Calibra will be interoperable so users can send money back and forth with other wallets, and Marcus committed to data portability so users can switch entirely to a competitor. But solely embedding Facebook’s own wallet into its leading messaging apps could give the company a sizable advantage over banks, PayPal, Coinbase, or any other potential wallet developer.

Other highlights from the “Examining Facebook’s Proposed Digital Currency and Data Privacy Considerations” hearing included Marcus saying:

Aavgo security lapse exposed hotel bookings


This post is by Zack Whittaker from TechCrunch


Click here to view on the original site: Original Post




A security lapse at a hotel management startup has exposed hotel bookings and guests’ personal information.

The security lapse was resolved Monday after TechCrunch reached out to Aavgo, a hospitality tech company based in San Francisco, which secured a server it had left online without a password.

The server was open for three weeks — long enough for security researcher Daniel Brown to find the database.

He shared his findings exclusively with TechCrunch, then published them.

Aavgo bills itself as a way for hotels to organize their operations by using several connected apps — one for use by guests using tablets installed in their hotel rooms for entertainment, ordering room service and checking out, and another for staff to communicate with each other, file maintenance tickets and manage housekeeping.

Several large hotel chains, including Holiday Inn Express and Zenique Hotels, use Aavgo’s technology in their properties.

The database contained daily

Continue reading “Aavgo security lapse exposed hotel bookings”

Why commerce companies are the advertising players to watch in a privacy-centric world


This post is by Arman Tabatabai from TechCrunch


Click here to view on the original site: Original Post




The unchecked digital land grab for consumers’ personal data that has been going on for more than a decade is coming to an end, and the dominoes have begun to fall when it comes to the regulation of consumer privacy and data security.

We’re witnessing the beginning of a sweeping upheaval in how companies are allowed to obtain, process, manage, use and sell consumer data, and the implications for the digital ad competitive landscape are massive.

On the backdrop of evolving privacy expectations and requirements, we’re seeing the rise of a new class of digital advertising player: consumer-facing

GettyImages 912948496

Continue reading “Why commerce companies are the advertising players to watch in a privacy-centric world”

No technical reason to exclude Huawei as 5G supplier, says UK committee


This post is by Natasha Lomas from TechCrunch


Click here to view on the original site: Original Post




A UK parliamentary committee has concluded there are no technical grounds for excluding Chinese network kit vendor Huawei from the country’s 5G networks.

In a letter from the chair of the Science & Technology Committee to the UK’s digital minister Jeremy Wright, the committee says: “We have found no evidence from our work to suggest that the complete exclusion of Huawei from the UK’s telecommunications networks would, from a technical point of view, constitute a proportionate response to the potential security threat posed by foreign suppliers.”

Though the committee does go on to recommend the government mandate the exclusion of Huawei from the core of 5G networks, noting that UK mobile network operators have “mostly” done so already — but on a voluntary basis.

If it places a formal requirement on operators not to use Huawei for core supply the committee urges the government to provide “clear criteria” for

Continue reading “No technical reason to exclude Huawei as 5G supplier, says UK committee”

As FTC cracks down, data ethics is now a strategic business weapon


This post is by Danny Crichton from TechCrunch


Click here to view on the original site: Original Post




Five billion dollars. That’s the apparent size of Facebook’s latest fine for violating data privacy. 

While many believe the sum is simply a slap on the wrist for a behemoth like Facebook, it’s still the largest amount the Federal Trade Commission has ever levied on a technology company. 

Facebook is clearly still reeling from Cambridge Analytica, after which trust in the company dropped 51%, searches for “delete Facebook” reached 5-year highs, and Facebook’s stock dropped 20%.

While incumbents like Facebook are struggling with their data,

Continue reading “As FTC cracks down, data ethics is now a strategic business weapon”

TrickBot malware learns how to spam, ensnares 250M email addresses


This post is by Zack Whittaker from TechCrunch


Click here to view on the original site: Original Post




Old bot, new tricks.

TrickBot, a financially motivated malware in wide circulation, has been observed infecting victims’ computers to steal email passwords and address books to spread malicious emails from their compromised email accounts.

The TrickBot malware was first spotted in 2016 but has since developed new capabilities and techniques to spread and invade computers in an effort to grab passwords and credentials — eventually with an eye on stealing money. It’s highly adaptable and modular, allowing its creators to add in new components. In the past few months it’s adapted for tax season to try to steal tax documents for making fraudulent returns. More recently the malware gained cookie stealing capabilities, allowing attackers to log in as their victims without needing their passwords.

With these new spamming capabilities, the malware — which researchers are calling “TrickBooster” — sends malicious from a victim’s account then removes the sent messages from

Continue reading “TrickBot malware learns how to spam, ensnares 250M email addresses”

TrickBot malware learns how to spam, ensnares 250M email addresses


This post is by Zack Whittaker from TechCrunch


Click here to view on the original site: Original Post




Old bot, new tricks.

TrickBot, a financially motivated malware in wide circulation, has been observed infecting victims’ computers to steal email passwords and address books to spread malicious emails from their compromised email accounts.

The TrickBot malware was first spotted in 2016 but has since developed new capabilities and techniques to spread and invade computers in an effort to grab passwords and credentials — eventually with an eye on stealing money. It’s highly adaptable and modular, allowing its creators to add in new components. In the past few months it’s adapted for tax season to try to steal tax documents for making fraudulent returns. More recently the malware gained cookie stealing capabilities, allowing attackers to log in as their victims without needing their passwords.

With these new spamming capabilities, the malware — which researchers are calling “TrickBooster” — sends malicious from a victim’s account then removes the sent messages from

Continue reading “TrickBot malware learns how to spam, ensnares 250M email addresses”