Security News
Law enforcement agencies arrested a malware developer linked with the Ragnar Locker ransomware gang and seized the group's dark web sites in a joint international operation. Authorities from France, the Czech Republic, Germany, Italy, Latvia, the Netherlands, Spain, Sweden, Japan, Canada, and the United States were part of this international operation targeting the Ragnar Locker ransomware gang.
The Agence Nationale des Fréquences has asked Apple to withdraw iPhone 12 smartphones from the French market because the device emits radiofrequency energy that is beyond the limit permitted to be absorbed by the human body. ANFR says it recently conducted measurements on 141 phones available on the French market by contracting an accredited laboratory, where it found that iPhone 12's SAR value for limbs is 5.74 W/kg, exceeding the 4.0 W/kg limit by 43.5%. As such, the agency demands that Apple withdraws all iPhone 12 devices from the French market and takes the required action to make them compliant with European regulations.
Per Le Monde, lawmakers from French president Emmanuel Macron's Renaissance party added several amendments to what's been dubbed the "Snoopers' charter" - requiring remote spying only be used "When justified by the nature and seriousness of the crime," and even then only for a "Strict and proportional" length of time. French justice minister Éric Dupond-Moretti said the bill will only apply to a few dozen cases per year and, rather than being a way for France to get government-sponsored spyware onto the devices of anyone accused of a crime, will save lives.
CLEARVIEW AI collects photographs from a wide range of websites, including social networks, and sells access to its database of images of people through a search engine in which an individual can be searched using a photograph. Worse still, CNIL castigated Clearview for trying to cling onto the very data it shouldn't have collected in the first place.
Hyundai has disclosed a data breach impacting Italian and French car owners and those who booked a test drive, warning that hackers gained access to personal data.Hyundai is a multinational automotive manufacturer selling over half a million vehicles per year in Europe, with a market share of roughly 3% in France and Italy.
Worse still, the company responsible for keeping that data secure decided to keep quiet about the intrusion, with the company CEO apparently deciding that he could get away with hiding the breach from the authorities as long as no publicly visible harm came of it. The police have established that the suspect currently resides abroad. For this reason, he was remanded in absentia.
Air France and KLM have informed Flying Blue customers that some of their personal information was exposed after their accounts were breached. KLM's official Twitter account confirmed the attack and told one of the impacted customers that "The attack was blocked in time and no miles were charged."
France's data protection authority has fined Apple €8,000,000 for collecting user data for targeted advertising on the App Store without requesting or securing the user's consent. "The CNIL services found that under the old version 14.6 of the operating system of the iPhone when a user visited the App Store, identifiers used for several purposes, including personalization of ads on the App Store, were by default automatically read on the terminal without obtaining consent." - CNIL. CNIL suggests that Apple could keep the option "Buried" in the settings menu as long as it prompted the user to consent to App Store tracking upon the device's first setup, which wasn't the case in iOS 14.6.
France's privacy watchdog has imposed a €60 million fine against Microsoft's Ireland subsidiary for dropping advertising cookies in users' computers without their explicit consent in violation of data protection laws in the European Union. The Commission nationale de l'informatique et des libertés noted that users visiting the home page of its Bing search engine did not have a "Mechanism to refuse cookies as easily as accepting them."
Clearview AI does not have a legitimate interest in collecting and using this data either, particularly given the intrusive and massive nature of the process, which makes it possible to retrieve the images present on the Internet of several tens of millions of Internet users in France. The seriousness of this breach led the CNIL chair to order Clearview AI to cease, for lack of a legal basis, the collection and use of data from people on French territory, in the context of the operation of the facial recognition software it markets.