Accountability, Advertising and Data collection

Why You Should Opt Out of Sharing Data With Your Mobile Provider

Krebs on Security

MARCH 20, 2023

A new breach involving data from nine million AT&T customers is a fresh reminder that your mobile provider likely collects and shares a great deal of information about where you go and what you do with your mobile device — unless and until you affirmatively opt out of this data collection.

Mobile

Mobile Wireless Advertising Telecommunications

Grindr fined for selling user data to advertisers

Malwarebytes

DECEMBER 16, 2021

million fine by Norwegian regulator Datatilsynet for sharing data with advertisers. Grindr—which call itself the world’s largest social networking app for gay, bi, trans, and queer people—sold data which includes GPS, IP address, age, and gender. Shared data. Dating network Grindr has been slapped with a US$7.7

Advertising

Advertising Marketing Data collection Mobile

Kaiser Permanente Discloses Data Breach Impacting 13.4 Million People

SecureWorld News

APRIL 29, 2024

Information collected by online trackers is often shared with an extensive network of marketers, advertisers, and data brokers. Once shared, advertisers have used this information to target ads at users for complimentary products (based on health data); this has happened multiple times in the past few years, including at GoodRx.

Data breaches

Data breaches Healthcare Identity Theft Advertising

GUEST ESSAY: What everyone should know about the pros and cons of online fingerprinting

The Last Watchdog

MAY 21, 2020

The idea was that by fingerprinting devices used to connect to the internet we could achieve better accountability. Fingerprinting is considered a necessary practice to fight challenges such as fake accounts and the misuse of internet services. At the same time, the profile that advertisers can create reveals a lot.

Advertising

Advertising Internet Internet Accountability

How to Secure Your Business Social Media Accounts

BH Consulting

AUGUST 31, 2023

Having policies and procedures to secure social media accounts and minimise the potential for incidents can help. billion people are on social media , and businesses have come to rely on these channels in their everyday operations as a form of advertising, recruiting and more. More than 4.7 Another risk is social media hacking.

Media

Media Accountability Authentication Passwords

Facebook and Twitter warn of malicious SDK harvesting personal data from its accounts

Security Affairs

NOVEMBER 26, 2019

Some third-party apps quietly scraped personal information from people’s accounts from Twitter and Facebook, the social media companies claim. Facebook and Twitter revealed that some third-party apps quietly scraped personal information from people’s accounts without their consent. Pierluigi Paganini.

Accountability

Accountability Mobile Advertising Media

TikTok's "secret operation" tracks you even if you don't use it

Malwarebytes

OCTOBER 4, 2022

Meta's near-omnipresence wherever you are online enabled it to gather data on users, even those who don't have Facebook accounts—thanks, in part, to the Facebook "Like" button, a piece of code embedded on most websites. Something similar happens to users who are either logged out of Facebook or don't have an account.

Data collection

Data collection Advertising Accountability Technology

Accused ‘Raccoon’ Malware Developer Fled Ukraine After Russian Invasion

Krebs on Security

OCTOBER 31, 2022

Justice Department , FBI agents have identified more than 50 million unique credentials and forms of identification (email addresses, bank accounts, cryptocurrency addresses, credit card numbers, etc.) A selfie pulled from Mark Sokolovsky’s iCloud account. Working with investigators in Italy and The Netherlands, U.S.

Malware

Malware Identity Theft Cybercrime Accountability

Google to pay $40m for "deceptive and unfair" location tracking practices

Malwarebytes

MAY 23, 2023

Practices highlighted included “hard to find” location settings, misleading descriptions of location settings, and “repeated nudging” to enable location settings alongside incomplete disclosures of Google’s location data collection.

Advertising

Advertising Accountability Data collection Engineering

Online Businesses Often Steal And Exploit Customer Data Collected During Cancelled Transactions

Joseph Steinberg

JANUARY 18, 2024

As I have warned for decades, just as they are in the physical world, “too good to be true” prices found online are often scams; one should be especially careful when dealing with retailers who advertise such prices but who are also previously unknown to the buyer.

Data collection

Data collection Retail Scams Artificial Intelligence

Malicious ads for restricted messaging applications target Chinese users

Malwarebytes

JANUARY 25, 2024

The threat actor is abusing Google advertiser accounts to create malicious ads and pointing them to pages where unsuspecting users will download Remote Administration Trojan (RATs) instead. While we don’t know the threat actor’s true intentions, data collection and spying may be one of their motives.

Malware

Malware Advertising Accountability Encryption

The Future of Privacy: How Big Tech Is Changing the Way We Think About Our Data

Cytelligence

DECEMBER 8, 2023

Amidst the data practices of industry giants like Google, Amazon, Facebook, and Apple, concerns about individual privacy intensified. While these conglomerates use collected data to refine their services and for targeted advertising, concerns are mounting regarding the accumulation of excessive data beyond individual control.

Data collection

Data collection Ransomware Advertising Risk

A Deep Dive Into the Residential Proxy Service ‘911’

Krebs on Security

JULY 18, 2022

net , a service that advertised to cybercriminals seeking to obfuscate their malicious software so that it goes undetected by all or at least most of the major antivirus products on the market. net , which advertised “free unlimited internet file-sharing platform” for those who agreed to install their software.

VPN

VPN Computers and Electronics Antivirus Software

New streaming ad technology plays hide-and-seek with gamers

Malwarebytes

OCTOBER 27, 2022

A new form of digital advertising is looking to make its way to you courtesy of video gaming. Let’s take a look at how advertising has been used in an Amazon gaming title previously, and see how that could create a frosty reception for any new ad technology. The sliding doors of advertising banners. How does this work?

Technology

Technology Advertising Marketing Retail

Microsoft illegally collected and retained children's data, says FTC

Malwarebytes

JUNE 6, 2023

Microsoft is counting the cost of privacy violations, with $20m in fines related to illegal data collection from children’s Xbox accounts. Microsoft was holding on to that data even in situations where the account didn’t complete the registration process.

Accountability

Accountability Advertising Data collection Manufacturing

Russian cybercriminal Aleksandr Brovko sentenced to 8 years in jail

Security Affairs

NOVEMBER 3, 2020

The scripts developed by the cyber criminal were used to parse log data collected from botnet and searched for personally identifiable information (PII) and account credentials. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reads the press release published by the DoJ.

Accountability

Accountability Banking Advertising Data collection

Getting Started: A Beginner’s Guide for Improving Privacy

Security Boulevard

JANUARY 16, 2024

Put into context, it would make little sense to use a privacy-oriented browser and all the features such a browser may have to offer, but continue to reuse passwords across online accounts. It’s also viable to implement this guide and the cybersecurity one at the same time for simultaneous improvement for your privacy and security!

Accountability

Accountability Engineering Passwords Internet

Google to Pay a record $391M fine for misleading users about the collection of location data

Security Affairs

NOVEMBER 15, 2022

“Google misled its users into thinking they had turned off location tracking in their account settings, when, in fact, Google continued to collect their location information. Location data represent the core of the digital advertising business of the IT giant. ” reads the DoJ’s press release.

Consumer Protection

Consumer Protection Accountability Data collection Advertising

Twitter inadvertently collected and shared iOS location data

Security Affairs

MAY 15, 2019

A new story of a violation of the user’s privacy made the lines, Twitter revealed that due to a bug is collected and shared iOS location data with a third-party advertising company, Fortunately, only one partner of the micro-blogging firm was involved and the data collection and sharing occurred in certain circumstances.

Advertising

Advertising Accountability Data collection Mobile

Google will pay $29.5M to settle two lawsuits over its location tracking practices

Security Affairs

JANUARY 2, 2023

Google misled its users into thinking they had turned off location tracking in their account settings, when, in fact, Google continued to collect their location information. According to the article, there are two settings responsible for the location data collection, the “Location History” and “Web & App Activity”.

Consumer Protection

Consumer Protection Surveillance Data collection Accountability

Coffee app in hot water for constant tracking of user location

Malwarebytes

JUNE 8, 2022

In reality, this level of data collection is not as uncommon as is being suggested. The app collects how much data? How can apps collect data? These are a staple diet of Out of Home (OOH) advertising. That’s one theory, anyway. That was expected behaviour. The investigation findings.

Mobile

Mobile Data collection Advertising Marketing

XKCD forum data breach impacted 562,000 subscribers

Security Affairs

SEPTEMBER 3, 2019

The data breach impacted 562,000 subscribers, the forum has been taken offline after the incident. We’ve been alerted that portions of the PHPBB user table from our forums showed up in a leaked data collection.” New breach: XKCD had 562k accounts breached last month. SecurityAffairs – XKCD, data breach).

Data breaches

Data breaches Passwords Advertising Data collection

Phishers migrate to Telegram

Security Affairs

APRIL 6, 2023

The creators of phishing bots and kits can get access to data that is gathered with their tools. “To attract larger audiences, scam operators advertise their services, promising to teach others how to phish for serious cash.” User personal data for sale. ” reads the post published by Kaspersky.

Phishing

Phishing Scams Social Engineering Banking

Russian Twitter bot activity increased in the wake Mueller report release

Security Affairs

APRIL 22, 2019

The experts also observed a significant increase in the number of unique bots and trolls (+48%) from the previous day, a circumstance that suggests the involvement of an army of dormant Twitter bot accounts previously created. Data collected by SafeGuard confirm the intensification of the presence of Russian bots on Twitter.

Advertising

Advertising Data collection Media Accountability

New Android malicious library Goldoson found in 60 apps +100M downloads

Security Affairs

APRIL 15, 2023

The Goldoson library was discovered by researchers from McAfee’s Mobile Research Team, it collects lists of applications installed on a device, and a history of Wi-Fi and Bluetooth devices information, including nearby GPS locations. The collected data is sent to the C2 server every two days, but the cycle depends on the remote configuration.

Data collection

Data collection Mobile Malware Education

Judging Facebook's Privacy Shift

Schneier on Security

MARCH 13, 2019

Increased transparency over advertiser and app accesses to user data. Today, Facebook users can download and view much of the data the company has about them. The company could be more transparent about what data it shares with advertisers and others and how it allows advertisers to select users they show ads to.

Surveillance

Surveillance Advertising Engineering Encryption

Trend Micro Apps removed from Mac App Store after being caught exfiltrating user data

Security Affairs

SEPTEMBER 11, 2018

The security researcher that handle the Twitter account Privacy First first reported the alleged unethical behavior and published a video that shows how the app harvest users ‘data. “The data collected was explicitly identified to the customer in the data collection policy and is highlighted to the user during the install.

Adware

Adware Data collection Advertising Antivirus

It’s Google’s World. Your Business Is Just Living in It

Adam Levin

SEPTEMBER 27, 2019

” “We’re the #1 result,” Basecamp’s ad copy continued, “but this site lets companies advertise against us using our brand. percent of the online advertising market ) and pay to show up in search results. The copy: “We don’t want to run this ad.” So here we are.

Advertising

Advertising Marketing Data collection Accountability

Navigating the Digital Landscape: Insights from the 2024 Thales Digital Trust Index

Thales Cloud Protection & Licensing

FEBRUARY 7, 2024

Consumer Expectations Privacy Rights and Seamless Online Experiences An overwhelming 87% of consumers expect privacy rights from online interactions, with the most significant expectations being the right to be informed about data collection (55%) and the right to data erasure (53%).

Media

Media Passwords Authentication Digital transformation

Not the Invasion They Warned Us About: TikTok and the Continued Erosion of Online Privacy

Approachable Cyber Threats

AUGUST 2, 2021

A hacker or scammer could also use faceprint and voiceprint data in a plethora of ways to impersonate you, and to create very realistic deep fakes or digital personas - combined with the other information obtainable from TikTok and some rudimentary AI, create a not-so-easily discerned, fake digital version of any user.

Data collection

Data collection Media Mobile Identity Theft

EvilProxy Phishing-As-A-Service With MFA Bypass Emerged In Dark Web

Security Affairs

SEPTEMBER 5, 2022

Resecurity researchers discovered a new Phishing-as-a-Service (PhaaS) called EvilProxy advertised on the Dark Web. Resecurity has recently identified a new Phishing-as-a-Service (PhaaS) called EvilProxy advertised in the Dark Web. Original post: [link]. Google 2FA. Microsft 2FA.

Phishing

Phishing Accountability Hacking Advertising

Promising Jobs at the U.S. Postal Service, ‘US Job Services’ Leaks Customer Data

Krebs on Security

MAY 2, 2023

By 2008, the USPS job exam preppers had shifted to advertising their schemes mostly online. Plott said his company never refuses to issue a money-back request from a customer, because doing so would result in costly chargebacks for NextLevel (and presumably for the many credit card merchant accounts apparently set up by Mr. Mirza).

Marketing

Marketing Advertising Scams Telecommunications

Facebook sues data analytics firm Rankwave over alleged data misuse

Security Affairs

MAY 13, 2019

“Facebook was investigating Rankwave’s data practices in relation to its advertising and marketing services,” Facebook was investigating the advertising and marketing activities of the South Korean company and accused it of the lack of co-operation in demonstrating compliance with Facebook policies.

Advertising

Advertising Data collection Marketing Media

How to Help Protect Your Digital Footprint

Identity IQ

JANUARY 24, 2024

Protecting your digital footprint can help you keep your personal information and online activities private, which can be important for helping prevent identity theft , avoid targeted advertising, and maintain control over your online reputation. Begin by cleaning up old accounts. 6 Ways to Help Protect Your Digital Footprint 1.

Identity Theft

Identity Theft Education Media Accountability

MY TAKE: Even Google CEO Sundar Pichai agrees that it is imperative to embed ethics into AI

The Last Watchdog

JULY 27, 2020

These heads of state and captains of industry even coined a buzz phrase, “stakeholder capitalism,” to acknowledge the need to take into account the interests of the economically disadvantaged and politically powerless citizens of the world as they bull ahead with commercial and political uses of AI.“AI AI was prominent on their agenda.

Surveillance

Surveillance Government Accountability Artificial Intelligence

Confessions of an ID Theft Kingpin, Part I

Krebs on Security

AUGUST 26, 2020

Ngo’s businesses enabled an entire generation of cybercriminals to commit an estimated $1 billion worth of new account fraud , and to sully the credit histories of countless Americans in the process. info , a website that advertised the sale of individual consumer records. . ” Freshly released from the U.S.

Identity Theft

Identity Theft Computers and Electronics Accountability Hacking

Protonmail hacked …. a very strange scam attempt

Security Affairs

NOVEMBER 17, 2018

link ) was posted on Pastebin , the hacker claims to have compromised user’s email and also accused ProtonMail of sending user’s decrypted data to American servers. AmFearLiathMor also wrote that ProtonMail hasn’t configured the mandatory Subresource Integrity ( SRI ) allowing tampering and data collection.

Scams

Scams Hacking Data collection Advertising

Consent to gather data is a "misguided" solution, study reveals

Malwarebytes

FEBRUARY 13, 2023

A person must also believe that companies will give them the freedom to decide whether to give up their data and when, Levine said. More than 8 in 10 Americans believe, incorrectly, that the federal Health Insurance Portability and Accountability Act (HIPAA) stops apps from selling data collected about app users’ health to marketers.

Data collection

Data collection Insurance Technology Risk

For 2nd Time in 3 Years, Mobile Spyware Maker mSpy Leaks Millions of Sensitive Records

Krebs on Security

SEPTEMBER 4, 2018

Less than a week ago, security researcher Nitish Shah directed KrebsOnSecurity to an open database on the Web that allowed anyone to query up-to-the-minute mSpy records for both customer transactions at mSpy’s site and for mobile phone data collected by mSpy’s software. The database required no authentication.

Spyware

Spyware Mobile Advertising Software

MY TAKE: Why the next web-delivered ad you encounter could invisibly infect your smartphone

The Last Watchdog

FEBRUARY 27, 2019

The tech titans have swelled into multi-billion dollar behemoths by myopically focusing on delivering targeted online advertising, in support of online retailing. Cybercriminals have begun escalating their efforts to bend the legitimate online advertising and retailing fulfillment ecosystem to their whims.

Retail

Retail Digital transformation Advertising Software

Evolution of threat landscape for IoT devices – H1 2018

Security Affairs

SEPTEMBER 19, 2018

percent of all the data collected, followed by TP-Link that accounted for 9.07%. Let me suggest to read to read the report , is full of interesting data. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT Passwords Malware Advertising

Online market for counterfeit goods in Russia has reached $1,5 billion

Security Affairs

OCTOBER 15, 2018

Scammers create fake websites of known brands, fraudulent promotional campaigns, and fake accounts on social media. In recent years, an often-used fraud method has been fake mobile applications: 36% of users are unable to distinguish between genuine and fake apps, and 60% of the latter request access to the user’s personal data. .

Marketing

Marketing Phishing Media Engineering

Ransomware en masse on the wane: top threats inside web-phishing in H1 2020

Security Affairs

SEPTEMBER 18, 2020

Web-phishing targeting various online services almost doubled during the COVID-19 pandemic , it accounted for 46 percent of the total number of fake web pages. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Phishing

Phishing Ransomware Spyware Banking

GDPR for WooCommerce Sites

SiteLock

AUGUST 27, 2021

In complying with the “opt-in” requirement of the law, email newsletter subscribers are asked to manually opt back in to their mailing lists, but many subscribers are either ignoring the request, or taking this opportunity to unsubscribe, resulting in a huge loss for targeted advertising. WooCommerce My Account Page. Opt-In Forms.

eCommerce

eCommerce Data collection Accountability Marketing

Why You Should Opt Out of Sharing Data With Your Mobile Provider

Grindr fined for selling user data to advertisers

Trending Sources

Kaiser Permanente Discloses Data Breach Impacting 13.4 Million People

GUEST ESSAY: What everyone should know about the pros and cons of online fingerprinting

How to Secure Your Business Social Media Accounts

Facebook and Twitter warn of malicious SDK harvesting personal data from its accounts

TikTok's "secret operation" tracks you even if you don't use it

Accused ‘Raccoon’ Malware Developer Fled Ukraine After Russian Invasion

Google to pay $40m for "deceptive and unfair" location tracking practices

Online Businesses Often Steal And Exploit Customer Data Collected During Cancelled Transactions

Malicious ads for restricted messaging applications target Chinese users

The Future of Privacy: How Big Tech Is Changing the Way We Think About Our Data

A Deep Dive Into the Residential Proxy Service ‘911’

New streaming ad technology plays hide-and-seek with gamers

Microsoft illegally collected and retained children's data, says FTC

Russian cybercriminal Aleksandr Brovko sentenced to 8 years in jail

Getting Started: A Beginner’s Guide for Improving Privacy

Google to Pay a record $391M fine for misleading users about the collection of location data

Twitter inadvertently collected and shared iOS location data

Google will pay $29.5M to settle two lawsuits over its location tracking practices

Coffee app in hot water for constant tracking of user location

XKCD forum data breach impacted 562,000 subscribers

Phishers migrate to Telegram

Russian Twitter bot activity increased in the wake Mueller report release

New Android malicious library Goldoson found in 60 apps +100M downloads

Judging Facebook's Privacy Shift

Trend Micro Apps removed from Mac App Store after being caught exfiltrating user data

It’s Google’s World. Your Business Is Just Living in It

Navigating the Digital Landscape: Insights from the 2024 Thales Digital Trust Index

Not the Invasion They Warned Us About: TikTok and the Continued Erosion of Online Privacy

EvilProxy Phishing-As-A-Service With MFA Bypass Emerged In Dark Web

Promising Jobs at the U.S. Postal Service, ‘US Job Services’ Leaks Customer Data

Facebook sues data analytics firm Rankwave over alleged data misuse

How to Help Protect Your Digital Footprint

MY TAKE: Even Google CEO Sundar Pichai agrees that it is imperative to embed ethics into AI

Confessions of an ID Theft Kingpin, Part I

Protonmail hacked …. a very strange scam attempt

Consent to gather data is a "misguided" solution, study reveals

For 2nd Time in 3 Years, Mobile Spyware Maker mSpy Leaks Millions of Sensitive Records

MY TAKE: Why the next web-delivered ad you encounter could invisibly infect your smartphone

Evolution of threat landscape for IoT devices – H1 2018

Online market for counterfeit goods in Russia has reached $1,5 billion

Ransomware en masse on the wane: top threats inside web-phishing in H1 2020

GDPR for WooCommerce Sites

Stay Connected