Retail and Surveillance - Cyber Security Informer

Your location or browsing habits could lead to price increases when buying online

Malwarebytes

JANUARY 20, 2025

The name for this method is surveillance pricing, and the FTC has just released initial findings of a report looking into that practice. In July 2024, the FTC requested information from eight companies offering surveillance pricing products and services that incorporate data about consumers characteristics and behavior.

Surveillance

Surveillance Artificial Intelligence Consumer Protection Data collection

Dahua Camera flaws allow remote hacking. Update firmware now

Security Affairs

JULY 30, 2025

These cameras are widely used for surveillance in places like retail stores, warehouses, and private homes, making the security risks especially serious. Bitdefender cybersecurity experts discovered serious vulnerabilities in Dahua smart cameras that could have allowed hackers to take full control of the devices remotely.

Firmware

Firmware Hacking Surveillance Retail

Exposed eyes: 40,000 security cameras vulnerable to remote hacking

Security Affairs

JUNE 12, 2025

RTSP is popular in professional surveillance for low-latency streaming. Exposed feeds include private residences, retail shops, public transport, and patient areas—revealing a wide-scale risk from improperly configured surveillance systems across all sectors. To capture screenshots, they tested common RTSP URIs (e.g.,

Hacking

Hacking Telecommunications Surveillance Internet

Legal Zero-Days: How Old Laws Became a Novel Loss Generator

SecureWorld News

APRIL 2, 2025

The intent of these laws was clear at the timestop phone tapping, protect physical spaces, prevent retailers from disclosing what you rented on VHS. No advanced surveillance, no cutting-edge tech stackjust legacy laws being exploited in ways no one saw coming. That's not how they're being used now.

Consumer Protection

Consumer Protection Spyware Surveillance Insurance

$12M Ransomware Attack Hit Because Nobody Listened to the Security Team

SecureWorld News

APRIL 3, 2025

We're not proposing surveillance; we're implementing guardrails that protect everyone while maintaining privacy." A retail CISO secured executive support for a comprehensive security awareness program but failed to maintain communication during rollout.

Ransomware

Ransomware CISO Authentication Healthcare

Texas Passes Most Comprehensive AI Governance Bill

SecureWorld News

JULY 2, 2025

Critics may argue this misses major commercial threats from AI used in surveillance, retail profiling, or hiring tools.) In a LinkedIn post days before the governor signed the bill, Violet Sullivan, AVP, Cyber Solutions Team Leader, at Crum & Forster, broke down what the bill does. Only the AG can enforce.

Government

Government Artificial Intelligence Risk Technology

Security Affairs newsletter Round 495 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 27, 2024

CISA adds ScienceLogic SL1 flaw to its Known Exploited Vulnerabilities catalog VMware failed to fully address vCenter Server RCE flaw CVE-2024-38812 Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment Internet Archive was breached twice in a month Unknown threat actors exploit Roundcube Webmail flaw (..)

Data breaches

Data breaches Healthcare Cybercrime Hacking

Thousands of private camera feeds found online. Make sure yours isn’t one of them

Malwarebytes

JUNE 24, 2025

While some of them were connected to businesses, showing images of offices, retail stores, and factories, many were likely connected in private residences. Cameras could be used to gather surveillance data by someone planning a physical intrusion, it pointed out.

Internet

Internet Internet Passwords Surveillance

16 billion passwords leaked across Apple, Google, more: What to know and how to protect yourself

Zero Day

JUNE 22, 2025

We gather data from the best available sources, including vendor and retailer listings as well as other relevant and independent reviews sites. When you click through from our site to a retailer and buy a product or service, we may earn affiliate commissions. What happens when an attacker is inside a network?

Passwords

Passwords Data breaches Password Management Identity Theft

Security Roundup January 2025

BH Consulting

JANUARY 30, 2025

The roundup lists the incidents in chronological order, starting with last Januarys ransomware incident against LoanDept, one of Americas largest retail mortgage lenders. The Electronic Frontier Federation has a good explainer of the surveillance mechanism behind the world of online ads.

Cyber Risk

Cyber Risk Computers and Electronics Risk CISO

3 Percent ($30B) of U.S. Military Funding Dedicated to Cybersecurity

SecureWorld News

JANUARY 9, 2025

million in 2017 at Hollywood Presbyterian Medical Center to $240 million in 2021 with an attack on MediaMarkt, Europe's largest consumer electronics retailer. Reforming surveillance practices Proposals to restrict Section 702 of the Foreign Intelligence Surveillance Act (FISA) were left out.

Cybersecurity

Cybersecurity Manufacturing Surveillance Ransomware

Heard about the 16 billion passwords leak? Here are the facts and how to protect yourself

Zero Day

JUNE 20, 2025

We gather data from the best available sources, including vendor and retailer listings as well as other relevant and independent reviews sites. When you click through from our site to a retailer and buy a product or service, we may earn affiliate commissions. What happens when an attacker is inside a network?

Passwords

Passwords Data breaches Password Management Identity Theft

Why I still recommend NordVPN to most people in 2025 - especially with the latest update

Zero Day

JULY 29, 2025

We gather data from the best available sources, including vendor and retailer listings as well as other relevant and independent reviews sites. When you click through from our site to a retailer and buy a product or service, we may earn affiliate commissions.

VPN

VPN Encryption Software DNS

CBP Wants New Tech to Search for Hidden Data on Seized Phones

WIRED Threat Level

JULY 3, 2025

Carmakers are embracing physical buttons again Special Edition: You’re not ready for what’s coming next Caroline Haskins is a business reporter at WIRED, covering Silicon Valley, surveillance, and labor. WIRED may earn a portion of sales from products that are purchased through our site as part of our Affiliate Partnerships with retailers.

Surveillance

Surveillance Retail Accountability Technology

IVPN review: This VPN takes privacy to the next level

Zero Day

JUNE 27, 2025

We gather data from the best available sources, including vendor and retailer listings as well as other relevant and independent reviews sites. When you click through from our site to a retailer and buy a product or service, we may earn affiliate commissions.

VPN

VPN Password Management Small Business Internet

Mysterious Crime Spree Targeted National Guard Equipment Stashes

WIRED Threat Level

AUGUST 7, 2025

In Tennessee alone, the fusion center memo notes that state officials have received at least 25 suspicious activity reports over the past decade, detailing attempted surveillance and theft. WIRED may earn a portion of sales from products that are purchased through our site as part of our Affiliate Partnerships with retailers.

Government

Government Accountability Hacking Small Business

Trump Officials Want to Prosecute Over the ICEBlock App. Lawyers Say That’s Unconstitutional

WIRED Threat Level

JULY 3, 2025

Read More Service Writer Topics Donald Trump Apps immigration First Amendment privacy surveillance Read More What Is Apple One, and Should You Subscribe? WIRED may earn a portion of sales from products that are purchased through our site as part of our Affiliate Partnerships with retailers. All rights reserved.

Accountability

Accountability Media Surveillance Technology

Project Red Hook: Chinese Gift Card Fraud at Scale

Security Boulevard

AUGUST 6, 2025

(Watch on YouTube here: [link] - jump to 16:40 for the "trunk reveal." ) Ventura, California 15MAY2024 - Ventura County detectives are part of the Ventura County Organized Retail Theft Task Force (VCORTTF). Liao was found to be on surveillance camera imagery at stores in Ohio, Georgia, North Carolina, and Florida.

Retail

Retail Surveillance Software

What to Know About Traveling to China for Business

WIRED Threat Level

AUGUST 6, 2025

He launched vast anti-corruption campaigns to weed out enemies and saw the creation of a vast surveillance regime to monitor the population. Foreign executives express growing concerns about doing business there, fearing potential exit bans , pervasive government surveillance, risks to sensitive data, even arbitrary detentions.

Surveillance

Surveillance Risk Government VPN

I've used Aqara's first outdoor camera for over four months now - Here's my verdict

Zero Day

JULY 17, 2025

We gather data from the best available sources, including vendor and retailer listings as well as other relevant and independent reviews sites. You can buy the Aqara Camera Hub G5 Pro to surveil your home and add other Aqara devices without buying a separate hub. Also: This robot vacuum broke the industry mold.

Software

Software Surveillance Artificial Intelligence Digital transformation

I changed 10 settings on my Fire TV for better performance and fewer distractions

Zero Day

JUNE 22, 2025

We gather data from the best available sources, including vendor and retailer listings as well as other relevant and independent reviews sites. When you click through from our site to a retailer and buy a product or service, we may earn affiliate commissions. The answer is: a lot. Go to Settings > Preferences > Privacy Settings.

Password Management

Password Management Software Small Business Passwords

Retailers Are Rapidly Scaling Surveillance of Australian Consumers — Why This Is a Red Flag

Tech Republic Security

SEPTEMBER 21, 2023

Australian retailers are rolling out mass surveillance solutions to combat shoplifting, but a poor regulatory environment could mean high risks associated with data security and privacy.

Surveillance

Surveillance Retail Risk Big data

Finally, a battery floodlight camera that's perfect for my dark yard

Zero Day

JULY 15, 2025

We gather data from the best available sources, including vendor and retailer listings as well as other relevant and independent reviews sites. When you click through from our site to a retailer and buy a product or service, we may earn affiliate commissions.

Artificial Intelligence

Artificial Intelligence Digital transformation Password Management Retail

German laptop retailer fined €10.4m under GDPR for video-monitoring employees

Security Affairs

JANUARY 18, 2021

fine under GDPR against the online laptop and electronic goods retailer NBB for video-monitoring employees. million fine under the GDPR against an online laptop and electronic goods retailer NBB’s (notebooksbilliger.de) for video-monitoring employees for at least a couple of years. .”The ” reported ComplianceWeek.

Retail

Retail Surveillance Hacking Information Security

This battery floodlight camera is perfect for my dark yard (and just hit its lowest price)

Zero Day

JUNE 18, 2025

We gather data from the best available sources, including vendor and retailer listings as well as other relevant and independent reviews sites. When you click through from our site to a retailer and buy a product or service, we may earn affiliate commissions.

Password Management

Password Management Small Business Software Artificial Intelligence

US Retailers Pull Surveillance Company Products Linked to Genocide

Security Boulevard

NOVEMBER 30, 2021

Some argue a national security concern was the greater driver for pulling product off retail shelves. Best Buy, Home Depot, and Lowe’s dropped Lorex … Continue reading US Retailers Pull Surveillance Company Products Linked to Genocide ?.

Retail

Retail Surveillance Network Security

Facial Recognition Systems in the US

Schneier on Security

JANUARY 3, 2024

A helpful summary of which US retail stores are using facial recognition, thinking about using it, or currently not planning on using it. This, of course, can all change without notice.) Three years ago, I wrote that campaigns to ban facial recognition are too narrow. The problem here is identification, correlation, and then discrimination.

Retail

Retail Technology Surveillance

How Card Skimming Disproportionally Affects Those Most In Need

Krebs on Security

OCTOBER 18, 2022

When a participant uses a SNAP payment card at an authorized retail store, their SNAP EBT account is debited to reimburse the store for food that was purchased. ” The woman profiled in Smith’s story contacted all of the retailers where her EBT card was used to buy thousands of dollars worth of baby formula.

Retail

Retail Banking Accountability Technology

European firm DSIRF behind the attacks with Subzero surveillance malware

Security Affairs

JULY 28, 2022

The Microsoft Threat Intelligence Center (MSTIC) and the Microsoft Security Response Center (MSRC) researchers linked a threat group known as Knotweed to an Austrian surveillance firm named DSIRF, known for using multiple Windows and Adobe zero-day exploits. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Surveillance

Surveillance Malware Authentication DNS

MY TAKE: Why Satya Nadella is wise to align with privacy advocates on regulating facial recognition

The Last Watchdog

FEBRUARY 6, 2019

This week civil liberties groups in Europe won the right to challenge the UK’s bulk surveillance activities in the The Grand Chamber of the European Court of Human Rights. Related: Snowden on unrestrained surveillance. Ubiquitous surveillance. It’s a healthy thing that a captain of industry can see this. Advanced use cases.

Surveillance

Surveillance Technology Retail Authentication

US pharmacy Rite Aid banned from operating facial recognition systems

Malwarebytes

DECEMBER 21, 2023

The regulator found so many flaws in the retailer’s surveillance program that it concluded Rite Aid had failed to implement reasonable procedures and prevent harm to consumers in its use of facial recognition technology in hundreds of stores. Notify consumers when their biometric information is used.

Surveillance

Surveillance Technology Retail Artificial Intelligence

GUEST ESSAY: The privacy implications of facial recognition systems rising to the fore

The Last Watchdog

NOVEMBER 19, 2018

Tech advances are accelerating the use of facial recognition as a reliable and ubiquitous mass surveillance tool, privacy advocates warn. Assuming privacy concerns get addressed, much wider consumer uses are envisioned in areas such as marketing, retailing and health services. Related: Drivers behind facial recognition boom.

Surveillance

Surveillance Marketing Technology Authentication

Why Amazon Ads Could Be a Disaster Waiting to Happen

Adam Levin

OCTOBER 24, 2018

Meanwhile, the dings and indignities visited on the surveillance economy (i.e., As a retailer, Amazon is already in the business of providing a portal to consumers looking to buy, where products vie for attention and commerce happens. The operative word here is yet. billion in the first quarter, compared with the same period in 2017.”

Advertising

Advertising Retail Surveillance Insurance

Amazon will pay you $10 for your palm prints. Should you be worried?

Malwarebytes

AUGUST 5, 2021

Retail giant Amazon recently offered to pay $10 USD for your palm prints. Would you offer them your hand? Amazon One is Amazon’s plam-powered contactless identity service. ” The announcement came in the thick of the Covid-19 pandemic, which seemed to give it a boost due to its non-contact nature.

Retail

Retail Encryption Surveillance Authentication

Eken camera doorbells allow ill-intentioned individuals to spy on you

Security Affairs

MARCH 3, 2024

The company produces video doorbells under the brand names EKEN and Tuck, its products are by major retailers, including Amazon, Walmart, Shein, Sears and Temu. Researchers from Consumer Reports (CR) discovered severe vulnerabilities in doorbell cameras manufactured by the Chinese company Eken Group Ltd.

Manufacturing

Manufacturing Wireless Surveillance Retail

Keyless Car Entry Systems May Allow Anyone To Open And Steal Your Vehicle

Joseph Steinberg

JANUARY 28, 2021

Put the fob in a “Faraday Bag” as sold on Amazon and at other retailers. Any fobs not normally used and stored at home can be wrapped as well. Want a cleaner look than a fob wrapped in foil?

Artificial Intelligence

Artificial Intelligence Wireless Surveillance Retail

Florida Man Arrested in SIM Swap Conspiracy

Krebs on Security

AUGUST 7, 2018

The Pasco County Sherrif’s office says their surveillance of the Discord server revealed that the group routinely paid employees at cellular phone companies to assist in their attacks, and that they even discussed a plan to hack accounts belonging to the CEO of cryptocurrency exchange Gemini Trust Company. All four major U.S.

Mobile

Mobile Cryptocurrency Computers and Electronics Scams

Security Affairs newsletter Round 435 by Pierluigi Paganini – International edition

Security Affairs

SEPTEMBER 3, 2023

LockBit ransomware gang hit the Commission des services electriques de Montréal (CSEM) Social engineering attacks target Okta customers to achieve a highly privileged role Talos wars of customizations of the open-source info stealer SapphireStealer UNRAVELING EternalBlue: inside the WannaCry’s enabler Researchers released a free decryptor for the Key (..)

Social Engineering

Social Engineering Spyware Data breaches Surveillance

Security Affairs newsletter Round 453 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JANUARY 7, 2024

Experts spotted a new macOS Backdoor named SpectralBlur linked to North Korea Merck settles with insurers regarding a $1.4

Artificial Intelligence

Artificial Intelligence Data breaches Scams Insurance

This Week’s Trends in Privacy with Nymity Research – August 9, 2021

TrustArc

AUGUST 9, 2021

Below are snapshots of recent global updates courtesy of Nymity Research.

Surveillance

Surveillance Retail Technology Risk

OmniVision disclosed a data breach after the 2023 Cactus ransomware attack

Security Affairs

MAY 22, 2024

The company designs and develops digital imaging products for use in mobile phones, laptops, netbooks and webcams, security and surveillance cameras, entertainment, automotive and medical imaging systems. In early January, the Cactus ransomware group claimed to have hacked Coop, one of the largest retail and grocery providers in Sweden.

Data breaches

Data breaches Ransomware Manufacturing Encryption

IKEA Canada becomes a victim of a large data breach

CyberSecurity Insiders

MAY 9, 2022

The online furniture retailer stated it has informed the Office of Commissioner (OPC) Data Watch Dog of Canada and has launched an investigation into the fraudulent data access conducted by cyber crooks in between March 1st- March 3rd, 2022.

Data breaches

Data breaches Identity Theft Surveillance Retail

The stealthy email stealer in the TA505 hacker group’s arsenal

Security Affairs

MAY 16, 2019

During the last month, our Threat Intelligence surveillance team spotted increasing evidence of an operation intensification against the Banking sector. Investigating the attacker infrastructure we noticed interesting information such as the information of the stolen emails through our Digital Surveillance systems.

Banking

Banking Malware Surveillance Accountability

Security Affairs newsletter Round 415 by Pierluigi Paganini – International edition

Security Affairs

APRIL 16, 2023

New Android malicious library Goldoson found in 60 apps +100M downloads Siemens Metaverse exposes sensitive corporate data CISA adds bugs in Android and Novi Survey to its Known Exploited Vulnerabilities catalog Volvo retailer leaks sensitive files A cyberattack on the Cornwall Community Hospital in Ontario is causing treatment delays Google fixed (..)

Data breaches

Data breaches Spyware Surveillance Cybercrime

Your location or browsing habits could lead to price increases when buying online

Dahua Camera flaws allow remote hacking. Update firmware now

Trending Sources

Exposed eyes: 40,000 security cameras vulnerable to remote hacking

Legal Zero-Days: How Old Laws Became a Novel Loss Generator

$12M Ransomware Attack Hit Because Nobody Listened to the Security Team

Texas Passes Most Comprehensive AI Governance Bill

Security Affairs newsletter Round 495 by Pierluigi Paganini – INTERNATIONAL EDITION

Thousands of private camera feeds found online. Make sure yours isn’t one of them

16 billion passwords leaked across Apple, Google, more: What to know and how to protect yourself

Security Roundup January 2025

3 Percent ($30B) of U.S. Military Funding Dedicated to Cybersecurity

Heard about the 16 billion passwords leak? Here are the facts and how to protect yourself

Why I still recommend NordVPN to most people in 2025 - especially with the latest update

CBP Wants New Tech to Search for Hidden Data on Seized Phones

IVPN review: This VPN takes privacy to the next level

Mysterious Crime Spree Targeted National Guard Equipment Stashes

Trump Officials Want to Prosecute Over the ICEBlock App. Lawyers Say That’s Unconstitutional

Project Red Hook: Chinese Gift Card Fraud at Scale

What to Know About Traveling to China for Business

I've used Aqara's first outdoor camera for over four months now - Here's my verdict

I changed 10 settings on my Fire TV for better performance and fewer distractions

Retailers Are Rapidly Scaling Surveillance of Australian Consumers — Why This Is a Red Flag

Finally, a battery floodlight camera that's perfect for my dark yard

German laptop retailer fined €10.4m under GDPR for video-monitoring employees

This battery floodlight camera is perfect for my dark yard (and just hit its lowest price)

US Retailers Pull Surveillance Company Products Linked to Genocide

Facial Recognition Systems in the US

How Card Skimming Disproportionally Affects Those Most In Need

European firm DSIRF behind the attacks with Subzero surveillance malware

MY TAKE: Why Satya Nadella is wise to align with privacy advocates on regulating facial recognition

US pharmacy Rite Aid banned from operating facial recognition systems

GUEST ESSAY: The privacy implications of facial recognition systems rising to the fore

Why Amazon Ads Could Be a Disaster Waiting to Happen

Amazon will pay you $10 for your palm prints. Should you be worried?

Eken camera doorbells allow ill-intentioned individuals to spy on you

Keyless Car Entry Systems May Allow Anyone To Open And Steal Your Vehicle

Florida Man Arrested in SIM Swap Conspiracy

Security Affairs newsletter Round 435 by Pierluigi Paganini – International edition

Security Affairs newsletter Round 453 by Pierluigi Paganini – INTERNATIONAL EDITION

This Week’s Trends in Privacy with Nymity Research – August 9, 2021

OmniVision disclosed a data breach after the 2023 Cactus ransomware attack

IKEA Canada becomes a victim of a large data breach

The stealthy email stealer in the TA505 hacker group’s arsenal

Security Affairs newsletter Round 415 by Pierluigi Paganini – International edition

Stay Connected