Security News
DuckDuckGo for Android's 'App Tracking Protection' feature has reached open beta, allowing all Android users to block third-party trackers across all their installed apps. The 'App Tracking Protection' aims to increase privacy throughout the entire operating system by blocking third-party tracking scripts in other Android apps installed on the device.
A hospital network in Wisconsin and Illinois fears visitor tracking code on its websites may have transmitted personal information on as many as 3 million patients to Meta, Google, and other third parties. Advocate Aurora Health reported the potential breach to the US government's Health and Human Services.
In May, DDG admitted its supposedly pro-privacy mobile browser wasn't blocking certain Microsoft trackers, while actively blocking other types of third-party trackers by Microsoft and other organizations, confirming findings by data-usage researcher Zach Edwards. Back in January, Twitter fixed a privacy flaw that made it easy to unmask users.
DuckDuckGo announced today that they will now be blocking all third-party Microsoft tracking scripts in their privacy browser after failing to block them in the past. This change comes after the company faced massive blowback in May for not blocking some third-party Microsoft trackers in the DuckDuckGo browser due to a syndicated search content agreement between the two companies.
DuckDuckGo announced today that they will now be blocking all third-party Microsoft tracking scripts in their privacy browser after failing to block them in the past. This change comes after the company faced massive blowback in May for not blocking some third-party Microsoft trackers in the DuckDuckGo browser due to a syndicated search content agreement between the two companies.
An assessment from security firm BitSight found six vulnerabilities in the Micodus MV720, a GPS tracker that sells for about $20 and is widely available. The researchers who performed the assessment believe the same critical vulnerabilities are present in other Micodus tracker models.
The U.S. Cybersecurity and Infrastructure Security Agency is warning of a handful of unpatched security vulnerabilities in MiCODUS MV720 Global Positioning System trackers outfitted in over 1.5 million vehicles that could lead to remote disruption of critical operations. CVE-2022-2107 - Use of a hard-coded master password that could enable an unauthenticated attacker to carry out adversary-in-the-middle attacks and seize control of the tracker.
Six vulnerabilities in the MiCODUS MV720 GPS tracker that's used by organizations around the world to manage and protect vehicle fleets could be exploited by attackers to remotely cut fuel to or abruptly stop vehicles. The MiCODUS MV720 is a hardwired GPS tracker through which fleet owners can track vehicles, cut off fuel to them, geofence them so they can't be driven outside specific areas, and generally have remote control over the vehicles.
In some countries up to 90% of governmental websites add third-party tracker cookies without users' consent. This occurs even in countries with strict user privacy laws, according to researchers Matthias Götze, Srdjan Matic, Costas Iordanou, Georgios Smaragdakis and Nikolaos Laoutaris.
A handful of vulnerabilities, some critical, in MiCODUS GPS tracker devices could allow criminals to disrupt fleet operations and spy on routes, or even remotely control or cut off fuel to vehicles, according to CISA. And there's no fixes for these security flaws. "Successful exploitation of these vulnerabilities could allow an attacker control over any MV720 GPS tracker, granting access to location, routes, fuel cutoff commands, and the disarming of various features," the US government agency warned in an advisory posted Tuesday.