Security News

With the arrival of Google Chrome v89 on Tuesday, Google is preparing to test a technology called Federated Learning of Cohorts, or FLoC, that it hopes will replace increasingly shunned, privacy-denying third-party cookies. Bennett Cyphers, staff technologist at the Electronic Frontier Foundation, argues FLoC is "a terrible idea," and urges Google to refocus its efforts on building a web that serves the people who use it.

While controversy over the potential overreach of neighborhood and law-enforcement video surveillance has focused mainly on Ring, an Atlanta-based startup has quietly rolled out its own network of smart surveillance cameras across the country that is again raising questions of privacy and the ire of some advocating it, according to a published report. Langley so far has not responded to an email sent Thursday by Threatpost requesting comments and details about Flock TALON and the technology's privacy protections.

TripleBlind, a Kansas City, Missouri-based startup that provides data privacy solutions, on Monday announced raising $8.2 million in seed funding. TripleBlind told SecurityWeek that it emerged from stealth mode in November 2020, when Accenture announced a strategic investment in the company.

A federal judge on Friday approved a $650 million settlement of a privacy lawsuit against Facebook for allegedly using photo face-tagging and other biometric data without the permission of its users. U.S. District Judge James Donato approved the deal in a class-action lawsuit that was filed in Illlinois in 2015.

With a stalkerware app on your phone, another person can spy on your activities and view your personal information, Kaspersky says. A report released Friday by Kaspersky explains how stalkerware works and how you can protect yourself against it.

An analysis of 40 COVID-19 contact tracing applications for Android has led to the discovery of numerous security and privacy issues, according to a new research paper. Contact tracing applications have been created to help authorities automate the process of identifying those who have been in close contact with infected individuals.

TikTok's Chinese parent company ByteDance has agreed to pay $92 million in a settlement to U.S. users who are part of a class-action lawsuit alleging that the video-sharing app failed to get their consent to collect data in violation of a strict Illinois privacy law. The federal lawsuit alleged that TikTok broke the Illinois biometric privacy law, which allows suits against companies that harvest consumer data without consent, including via facial and fingerprint scanning.

Balancing data privacy within an organization is no easy task, particularly for data scientists who need quick access to data, and security and governance teams whose job it is to protect it. In typical cloud data architectures, there is no magic button for IT or data architects to gain instant access to the different data sets that are created by users across the enterprise and often distributed across different cloud services.

Through the app employed in the study researchers were able to identify which kind of personal information the app extracted and its privacy sensitivity according to users. "Users are largely unaware of the privacy implications of some permissions they grant to apps and services, in particular when it comes to location tracking information", explains Musolesi.

Boffins based in Belgium have found that a DNS-based technique for bypassing defenses against online tracking has become increasingly common and represents a growing threat to both privacy and security. In a research paper to be presented in July at the 21st Privacy Enhancing Technologies Symposium, KU Leuven-affiliated researchers Yana Dimova, Gunes Acar, Wouter Joosen, and Tom Van Goethem, and privacy consultant Lukasz Olejnik, delve into increasing adoption of CNAME-based tracking, which abuses DNS records to erase the distinction between first-party and third-party contexts.