A native-first approach delivers better protections and a more efficient use of resources than best-of-breed solutions, benefiting cloud service providers and end-user customers alike.
darkreading – Read More
The introduction of Open AI’s ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI.
Among a wide range of uses, GenAI tools make it easier for developers to build software, assist sales teams in mundane email writing,
The Hacker News – Read More
Mandiant summarizes some of the latest operations of Russia’s notorious Sandworm group, which it now tracks as APT44.
The post Recent OT and Espionage Attacks Linked to Russia’s Sandworm, Now Named APT44 appeared first on SecurityWeek.
SecurityWeek – Read More
Chrome and Firefox security updates resolve over 35 vulnerabilities, including a dozen high-severity bugs.
The post Chrome 124, Firefox 125 Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
SecurityWeek – Read More
The industrial scale of surveillance of internet users is a topic we keep returning to. Every click on a website, every scroll in a mobile app, and every word you type into a search bar is tracked by dozens of tech companies and advertising firms. And it affects not only phones and computers, but also smart watches, smart TVs and speakers — even cars. As it turns out, these motherlodes of information are used not only by advertisers offering vacuum cleaners or travel insurance. Through various intermediary companies, this data is snapped up by security agencies of all stripes: police, intelligence, you name it. See here for the latest investigation into such practices, focusing on the Patternz platform and the “advertising” firm Nuviad. Previously, similar investigations probed Rayzone, Near Intelligence, and others. These companies, their jurisdictions of incorporation, and their client lists vary, but the general formula is always the same: collect and save proprietary information generated by advertising, then resell it to law enforcement agencies worldwide.
We’ve already described in detail how data is collected on web pages and in apps — but not how it gets put to use. In overly simplified terms, behind every banner display or advertising link in today’s online world, there is some lightning-fast, super-complex trading. Advertisers upload their ads and audience requirements to a demand-side platform (DSP), which finds suitable sites or apps to display such advertising. The DSP then takes part in an auction for the types of advertising (banner, video, and so on) to be displayed on these sites and apps. Depending on who views the ads and how well they match the advertiser’s requirements, a particular type of ad may win the auction. This process is known as real-time bidding (RTB). During the bidding, participants receive information about the potential ad consumer: previously collected data on the individual is condensed into a brief description card. Depending on the platform, the composition of this data may vary, but a fairly typical set would be the consumer’s approximate or precise location, the device in use, the OS version, as well as “demographic and psychographic attributes” — that is, gender, age, family members, hobbies, and other topics of interest to the user.
A 404 Media investigation found that the Patternz platform advertised to clients that it processed 90 terabytes of data daily, covering the actions of around five billion user IDs. Note that there are far fewer real users than IDs since each person can have several IDs. Because advertising is global — so too is the scope of data collection.
Collecting and analyzing the above data allows precision tracking of:
potential consumers’ movements
times when they leave or visit certain places
times when they are located close to certain people
their interests and search queries
history of changing interests
affiliation to certain segments, for example, “recently had a baby” or “just went on vacation”
This information makes it possible to discover lots of curious things: where the person is during the day and at night, who they like to spend time with, who they travel with by car and where, and masses of other personal information. As stated by the U.S. Office of the Director of National Intelligence (ODNI), such depth of data collection was previously only possible through physical surveillance or targeted wiretapping.
Is such data collection legal? Although laws vary greatly from country to country, in most cases intelligence agencies’ carrying out mass surveillance — especially with the use of commercial data — finds itself in a gray area.
There’s another unrelated, but no less unpleasant method of centralized surveillance of users. In this case, the role of treasure trove falls to Apple and Google, which send centralized push notifications to all iOS and Android devices, respectively. To save power on smartphones, almost all app notifications are delivered through Apple or Google servers; and depending on the app’s architecture, a notification may contain information that’s easy to see and of interest to third parties. It turns out that some intelligence agencies have tried to gain access to notification data. What’s more, a recent study found that a significant number of apps abuse notifications to collect data about the device (and the user) at the time the notification is received — even if the user is not in the relevant app at that moment or on their phone at all.
Since all of the above-mentioned companies collect data using central hubs in the shape of large ad exchanges, no amount of denylisting apps and sites will protect you from being tracked. Any banner ad, video insert, or social network advertising generates events for trackers.
The only way to achieve any meaningful reduction in the scale of surveillance is with quite radical anti-advertising measures. Not all of them are convenient or suitable for everyone, but the more tips from the list you can apply, the fewer “events” involving you will end up on the servers of Rayzone or other such companies. In a nutshell:
Use apps that don’t display ads. This doesn’t guarantee the absence of web beacons and tracking, but will at least reduce the intensity.
Block ads and tracking in web browsers. Mozilla Firefox and Safari have built-in anti-surveillance protection, while anti-spyware and anti-advertising add-ons are available for all popular browsers in the official add-on stores.
For maximum protection, turn on Private Browsing in Kaspersky Standard, Kaspersky Plus, or Kaspersky Premium.
Disable auto-downloading of images in emails.
Configure secure DNS on your smartphone, computer, and home router by specifying an ad-blocking server, say, BlahDNS.
Check your smartphone’s privacy settings. Make it a habit to reset your advertising ID at least once a month. Prevent apps from collecting data for personalized ads and showing location-based ads (Apple, Google);
Revoke permissions to access location and other sensitive data from all apps that do not require it for their primary function.
Completely disable push notifications in your smartphone settings for all apps that can do without it.
Kaspersky official blog – Read More
Cybersecurity researchers have discovered a new campaign that’s exploiting a recently disclosed security flaw in Fortinet FortiClient EMS devices to deliver ScreenConnect and Metasploit Powerfun payloads.
The activity entails the exploitation of CVE-2023-48788 (CVSS score: 9.3), a critical SQL injection flaw that could permit an unauthenticated attacker to execute unauthorized code or
The Hacker News – Read More
According to many reports, this is part of a campaign targeted at current and former mobile carrier workers who could have access to the systems required to perform a SIM swap.
Cyware News – Latest Cyber News – Read More
Oracle releases 441 new security patches to address 230 vulnerabilities as part of its April 2024 Critical Patch Update.
The post Oracle Patches 230 Vulnerabilities With April 2024 CPU appeared first on SecurityWeek.
SecurityWeek – Read More
Threat actors are exploiting unpatched Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware.
The attacks leverage CVE-2023-22518 (CVSS score: 9.1), a critical security vulnerability impacting the Atlassian Confluence Data Center and Server that allows an unauthenticated attacker to reset Confluence and create an administrator account.
Armed with this access, a
The Hacker News – Read More
Recently, the Debian security team fixed several issues in GTKWave, an open-source waveform viewer for VCD files. These vulnerabilities, if exploited, could result in the execution of arbitrary code, posing a significant risk to users.
Cyware News – Latest Cyber News – Read More