Security News

Identity thieves have been exploiting a glaring security weakness in the website of Experian, one of the big three consumer credit reporting bureaus. Normally, Experian requires that those seeking a copy of their credit report successfully answer several multiple choice questions about their financial history.

Boffins based in China and the UK have devised a telecom network attack that can expose call metadata during VoLTE/VoNR conversations. Researchers Zishuai Cheng and Baojiang Cui, with the Beijing University of Posts and Telecommunications, and Mihai Ordean, Flavio Garcia, and Dominik Rys, with the University of Birmingham, have found a way to access encrypted call metadata - VoLTE activity logs that describe call times, duration, and direction for mobile network conversations.

Online markets selling drugs and other illegal substances on the dark web have started to use custom Android apps for increased privacy and to evade law enforcement. These apps allow shop clients to communicate with drug vendors and provide specific courier instructions for delivery.

"The DPC corresponded with Twitter International Unlimited Company in relation to a notified personal data breach that TIC claims to be the source vulnerability used to generate the datasets and raised queries in relation to GDPR compliance," the Irish privacy regulator said on Friday. Twitter's lead EU watchdog wants to determine if Twitter has complied with its obligation as a data controller regarding the processing of users' data and if it infringed any General Data Protection Regulation or Data Protection Act 2018 provisions.

The developers behind the Brave open-source web browser have revealed a new privacy-preserving data querying and retrieval system called FrodoPIR. The idea, the company said, is to use the technology to build out a wide range of use cases such as safe browsing, checking passwords against breached databases, certificate revocation checks, and streaming, among others. The scheme is called FrodoPIR because "The client can perform hidden queries to the server, just as Frodo remained hidden from Sauron," a reference to the characters from oJ. R. R. Tolkien's The Lord of the Rings.

Brave Software developers have created a new privacy-centric database query system called FrodoPIR that retrieves data from servers without disclosing the content of user queries. [...]

From your accounting software to your team chat, running a business today involves connecting to a variety of online apps. This leaves you vulnerable to attacks - unless you're using something like the KeepSolid Private Browser.

Epic Games has reached a $520 million settlement with the U.S. Federal Trade Commission over allegations that the Fortnite creator violated online privacy laws for children and tricked users into making unintended purchases in the video game. To that end, the company will pay a record $275 million monetary penalty for breaching the Children's Online Privacy Protection Act by collecting the personal information of Fortnite players under the age of 13 without seeking permission from their parents.

The Federal Trade Commission (FTC) says Epic Games, the maker of Fortnite, will pay $520 million to settle allegations of violating children's privacy laws and using dark patterns to trick...

The report reveals that 60% of the data leaders surveyed are unable to use more than 40% of their data due to privacy concerns. "Businesses are facing a tremendous challenge: they need timely access to data to gain accurate insights and drive competitive data initiatives. But they also need to ensure their data remains safe and compliant," said Steve Totman, Chief Strategy Officer at Privitar.