Security News
University researchers in the US have developed a new fingerprint capturing and browser spoofing attack called Gummy Browsers. The 'Gummy Browsers' attack is the process of capturing a person's fingerprint by making them visit an attacker-controlled website and then using that fingerprint on a target platform to spoof that person's identity.
Brave, the privacy-conscious web browser, has announced plans to introduce additional privacy protections against 'bounce tracking,' a newer form of tracking that is not currently blocked by the browser. The new system, which Brave's team calls "Debouncing", addresses the bounce tracking method, which disregards users' privacy preferences such as the 'Do Not Track' setting and the blocking of third-party cookies.
Google's Threat Analysis Group on Thursday said it's tracking more than 270 government-backed threat actors from more than 50 countries, adding it has approximately sent 50,000 alerts of state-sponsored phishing or malware attempts to customers since the start of 2021. Google said it disrupted a number of campaigns mounted by an Iranian state-sponsored attacker group tracked as APT35, including a sophisticated social engineering attack dubbed "Operation SpoofedScholars" aimed at think tanks, journalists, and professors with an aim to solicit sensitive information by masquerading as scholars with the University of London's School of Oriental and African Studies.
Reports that the military has started outfitting firearms with RFID tags for tracking have raised security alarms. The Department of Defense, the Marines and the Navy have already rejected the RFID tagging tech for that specific reason, according to the AP. However, five Air Force bases are operating at least one RFID armory, along with a Florida-based Green Beret unit that uses RFID in what officials said were a "Few" armories.
Good article about the current state of cryptocurrency forensics.
You can tell iOS and iPadOS apps not to track your activity. After you've been running the latest update on your iPhone or iPad, start opening different apps as you normally would.
Another article on the privacy risks of static MAC addresses and always-on Bluetooth connections. Several of the headphones which could be tracked over time are for sale in electronics stores, but according to two of the manufacturers NRK have spoken to, these models are being phased out.
It's possible to track someone's user location via Google Play sign-ins, a researcher has discovered - a potential stalker avenue that, so far, the internet behemoth has yet to address. In short: Arntz logged into his Google Play account from his wife's phone, in order to pay for an app that that she wanted to install.
Here, we'll take a look at actual malware domain traffic and how it correlates to ransomware attacks in the news. In many ways, it's exactly what cybersecurity experts expected after the major cyber attacks of 2020-including hospital ransomware attacks on a healthcare industry hard-hit by both ransomware and Covid-19.
The revised timelines comes close on the heels of a fresh regulatory setback in the European Union, after the European Commission opened a wide-ranging investigation into Google's digital advertising business to examine its "Plans to prohibit the placement of third party 'cookies' on Chrome and replace them with the 'Privacy Sandbox' set of tools," and assess its "Effects on online display advertising and online display advertising intermediation markets." Third-party tracking cookies have emerged as a point of privacy concern as the technology enables marketers and ad platforms to monitor user activity online as they hop from one website to the other for purposes of behavioral targeting.