Popular weather app AccuWeather has been caught sending geolocation data to a third-party data monetization firm, even when the user has switched off location sharing. AccuWeather is one of the most popular weather apps in Apple's app store, with a near perfect four-star rating and millions of downloads to its name.
But what the app doesn't say is that it sends sensitive data to a firm designed to monetize user locations without users' explicit permission. Security researcher Will Strafach intercepted the traffic from an iPhone running the latest version of AccuWeather and its servers and found that even when the app didn't have permission to access the device's precise location.
Read moreMore and more shopping Web sites accept cryptocurrencies as a method of payment, but users should be aware that these transactions can be used to deanonymize them – even if they are using blockchain anonymity techniques such as CoinJoin.
Independent researcher Dillon Reisman and Steven Goldfeder, Harry Kalodner and Arvind Narayanan from Princeton University have demonstrated that third-party online tracking provides enough information to identify a transaction on the blockchain, link it to the user’s cookie and, ultimately, to the user’s real identity. “Based on tracking cookies, the transaction can be linked to the user’s activities across the web. And based on well-known Bitcoin address clustering techniques, it can be linked to their other Bitcoin transactions,” they noted.
Read moreA short drive south of Alice Springs, the second largest population center in Australia’s Northern Territory, there is a high-security compound, code-named “RAINFALL.”
The remote base is one of the most important covert surveillance sites in the eastern hemisphere. Hundreds of Australian and American employees come and go every day from Joint Defence Facility Pine Gap, as the base is formally known. The official “cover story,” as outlined in a secret U.S. intelligence document, is to “support the national security of both the U.S. and Australia. The [facility] contributes to verifying arms control and disarmament agreements and monitoring military developments.”
Read moreCovertBand uses high-frequency audio to place people in a room and track a person's movements using the speakers and microphones that are found in many smartphones, laptops and other devices.
Researchers have demonstrated how hackers could track a person's movements using the speakers and microphones that are found in many smartphones, laptops and other devices. According to research by the University of Washington, hackers could embed a high-frequency sound in audio recordings that acts as a sonar. Sound waves would bounce off people and objects and this is picked up by a microphone.
Read moreA single threat actor has aggressively bombarded Android users with more than 4,000 spyware apps since February, and in at least three cases the actor snuck the apps into Google's official Play Market, security researchers said Thursday.
Soniac was one of the three apps that made its way into Google Play, according to a blog post published Thursday by a researcher from mobile security firm Lookout. The app, which had from 1,000 to 5,000 downloads before Google removed it, provided messaging functions through a customized version of the Telegram communications program.
Read moreAfter disclosing CIA's strategies to hijack and manipulate webcams and microphones to corrupt or delete recordings, WikiLeaks has now published another Vault 7 leak, revealing CIA's ability to spy on video streams remotely in real-time.
Dubbed 'CouchPotato,' document leaked details how the CIA agents use a remote tool to stealthy collect video streams. CouchPotato gives CIA hackers ability to "collect either the stream as a video file (AVI) or capture still images (JPG) of frames from the stream that are of significant change from a previously captured frame," a leaked CIA manual reads.
Read moreAnchorFree, the California-headquartered company behind the popular virtual private network service Hotspot Shield, has been accused of "unfair and deceptive trade practices" by a US privacy group for allegedly over-collecting user data for advertising purposes.
"Hotspot Shield engages in logging practices and uses third-party tracking libraries to facilitate targeted advertisements," read the 12-page complaint, filed by the US Centre for Democracy and Technology to the Federal Trade Commission. Hotspot Shield "monitors information about users' browsing habits while the VPN is in use," the legal filing stated.
Read moreThe Walt Disney Company is facing a lawsuit alleging it violated federal law aimed at protecting children’s online privacy. The company allegedly allowed ad tech companies to embed software in its apps, enabling the collection of children’s personal information.
The class-action suit claims that children playing Disney’s mobile games have been personally identified by Disney and that their data was scooped up for the purpose of future “commercial exploitation.” The complaint, naming as plaintiff Amanda Rushing and her child, along with others similarly situated, was filed Thursday in the US District Court for the Northern District of California.
Read moreA new hacking tool used by the CIA has been revealed by WikiLeaks. The tool disables security cameras and corrupts recordings made on computers using Windows XP and newer versions of the Microsoft operating system. Dubbed 'Dumbo', it requires an agent to directly access a computer that holds the recordings using a USB thumb drive.
WikiLeaks released information about project Dumbo on its website today. WikiLeaks said: 'Dumbo can identify, control and manipulate monitoring and detection systems on a target computer running the Microsoft Windows operating system.
Read moreAndroid phone maker Blu Products was dealt a blow when Amazon said it would no longer sell its phones, citing security and privacy issues. The phone maker came under scrutiny last week by researchers at Kryptowire during a Black Hat session where they criticized the company for collecting personal identifiable information without user consent.
“Because security and privacy of our customers is of the utmost importance, all Blu phone models have been made unavailable for purchase on Amazon.com until the issue is resolved,” Amazon said. Blu Product phones are Amazon’s top unlocked Android phone seller and known for their affordable prices.
Read moreAxarhöfði 14,
110 Reykjavik, Iceland