Security News

Security platform provider Netography announced advanced security and enhanced data privacy capabilities with the release of two new powerful data collection agents. They also increase security by supporting the use of encrypted data, and enhance privacy with data filtering.

Ring, Nest, SimpliSafe and eight other manufacturers of internet-connected doorbell and security cameras have been alerted to systemic design flaws discovered by Florida Tech computer science student Blake Janes that allows a shared account that appears to have been removed to actually remain in place with continued access to the video feed. The findings were presented in the paper, "Never Ending Story: Authentication and Access Control Design Flaws in Shared IoT Devices," by Janes and two Florida Tech faculty members from the university's top institute for cybersecurity research, L3Harris Institute for Assured Information, Terrence O'Connor, program chair of cybersecurity, and Heather Crawford, assistant professor in computer engineering and sciences.

As more governments turn to tracing apps in the fight against the coronavirus, a deep-rooted tension between the need for public health information and privacy rights has been thrust into the spotlight. China, where the outbreak was first detected, rolled out several apps using either geolocation via mobile networks or data compiled from train and airline travel or motorway checkpoints.

France's privacy watchdog gave the green light Tuesday to a government-backed cellphone app that will alert users if they have been in contact with an infected person. Use of the app called StopCovid will be voluntary, and will keep track of users who had been in close proximity of one another over a two-week period.

United States lawmakers this week will vote on an amendment to the surveillance bill known as the USA FREEDOM Reauthorization Act that would limit law enforcement access to people's search and browsing histories. Enacted in June 2015, the USA FREEDOM Act amends, among others, the Foreign Intelligence Surveillance Act of 1978, and USA PATRIOT Act, imposing limits on the bulk collection of data on U.S. citizens by the National Security Agency and other intelligence agencies.

"In particular, the page can know which section of text was found using find-in-page, fragment navigation, and scroll-to-text navigation," the documentation says, adding that developers could also glean information about what the user navigated to - via scroll-to-text navigation, or typed into a find-in-page search box - based on which section of the page receives an event. The privacy risk of beforematch is not that of key logging - recording exactly what a web page user typed into a search dialog.

"In particular, the page can know which section of text was found using find-in-page, fragment navigation, and scroll-to-text navigation," the documentation says, adding that developers could also glean information about what the user navigated to - via scroll-to-text navigation, or typed into a find-in-page search box - based on which section of the page receives an event. The privacy risk of beforematch is not that of key logging - recording exactly what a web page user typed into a search dialog.

May 25th is the second anniversary of the General Data Protection Regulation and data around compliance with the regulation shows a significant disconnect between perception and reality. The only way to stay ahead of the numerous privacy regulations is to take a general approach to privacy.

After delays to Chrome version 81 in March, and the scrapping of version 82 a month later, this week sees the early arrival of Chrome 83 with a longer list of new security features than originally planned. First, it's not turned on by default, and might not even be visible under Settings > Privacy and security > Advanced.

Google this week released Chrome 83 to the stable channel with patches for a total of 38 vulnerabilities, with improved Safe Browsing protection, and updated privacy and security controls. The newly introduced Enhanced Safe Browsing protection in Chrome is meant to provide users with a more advanced level of security while browsing the web, by increasing protection from dangerous websites and downloads.