Microsoft Edge begins testing Copilot Vision (more surveillance coming? 👀)
BleepingComputer
Microsoft Edge begins testing Copilot Vision
Microsoft Edge Canary has been updated with an interesting feature called Copilot Vision, but it's still in testing.
 #privacy
PyPI Repository Found Hosting Fake Crypto Wallet Recovery Tools That Steal User Data Attack on the supply chain - libraries used by developers to put together the final product (= their application) is getting hot again. Malicious packages were able to fetch executable code from remote and make a couple sad faces. See more in the original post from The Hacker News:
The Hacker News
PyPI Repository Found Hosting Fake Crypto Wallet Recovery Tools That Steal User Data
Malicious PyPI packages disguised as crypto wallet tools steal sensitive data, targeting popular wallets like Trust and MetaMask.
 #security
For these who missed it: Mozilla Faces GDPR Complaint Over New Firefox Tracking Feature NOYB, a European privacy group has filed a complaint with Austrian authorities, alleging that Mozilla breached GDPR by enabling “Privacy Preserving Attribution” (PPA), a tracking feature in Firefox, by default without user consent. It got spicy with July's update to version 128, when Mozilla jumped on Google like dark side to collect data for advertisers = monetizing Firefox users (their thinking was probably something like this: when websites are doing it, when Google is doing it, why not us 🤷‍♂️ How to turn it off and more details in the original article by Hackread:
Mozilla Faces GDPR Complaint Over New Firefox Tracking Feature – Hackread – Cybersecurity News, Data Breaches, AI, and More
 #privacy #privacymatters
Ireland's DPC Hits Meta with €91 Million Penalty for GDPR Violation The DPC launched the initial inquiry in April 2019 after MPIL notified the DPC that it had inadvertently stored certain passwords of social media users in ‘plaintext’ on its internal systems (i.e. without cryptographic protection or encryption).
Infosecurity Magazine
Ireland
Ireland
 #privacy
CUPS flaws enable Linux remote code execution, but there’s a catch Simone Margaritelli, a cybersecurity researcher and Linux developer, claims to have found a decade-old vulnerability rated 9.9 that affects all GNU/Linux systems, allowing attackers to gain control of vulnerable devices. Margaritelli found that if the CUPS (short for Common UNIX Printing System) - browsed daemon is enabled, which is not on most systems, it will listen on UDP port 631. It will also, by default, allow remote connections from any device on the network to create a new printer. But there is a catch! "It is a chain of bugs that rely on spoofing a printer in your local network that is automatically added via network discovery if it is turned on at all - usually not in its default configuration. Then an unverified variable that is used to exploit other vulnerabilities in the CUPS system to execute code, but only when a print job is triggered," said Ilkka Turunen, Field CTO at Sonatype. While patches are still in development, Red Hat shared mitigation measures requiring admins to stop the cups-browsed service from running and prevent it from being started on reboot.
Old Vulnerability Rated 9.9 Impacts All GNU/Linux Systems, Researcher Claims – Hackread – Cybersecurity News, Data Breaches, AI, and More
BleepingComputer
CUPS flaws enable Linux remote code execution, but there’s a catch
Under certain conditions, attackers can chain a set of vulnerabilities in multiple components of the CUPS open-source printing system to execute ar...
The Hacker News
Critical Linux CUPS Printing System Flaws Could Allow Remote Command Execution
Linux CUPS vulnerabilities may allow remote code execution. Attackers could exploit these flaws via print jobs.
 #security #cybersecurity
Tails OS merges with Tor Project for better privacy, security The Tor Project and Tails OS are merging operations to better collaborate for a free internet by protecting users from surveillance and censorship. The idea is to introduce Tails OS to wider user base - which is already familiar with Tor browser, and reach a sustainable funding for both privacy focused projects.
BleepingComputer
Tails OS merges with Tor Project for better privacy, security
The Tor Project and Tails OS are merging operations to better collaborate for a free internet by protecting users from surveillance and censorship.
 #privacy #security #tor
Hackers Could Have Remotely Controlled Kia Cars Using Only License Plates Cybersecurity researchers have disclosed a set of now patched vulnerabilities in Kia vehicles that, if successfully exploited, could have allowed remote control over key functions simply by using only a license plate. "These attacks could be executed remotely on any hardware-equipped vehicle in about 30 seconds, regardless of whether it had an active Kia Connect subscription," security researchers Neiko Rivera, Sam Curry, Justin Rhinehart, and Ian Carroll said. All vehicles after 2013 affected. (More in the article)
The Hacker News
Hackers Could Have Remotely Controlled Kia Cars Using Only License Plates
Kia fixes vulnerabilities that allowed remote car control using only a license plate. Patch issued
 #security
Amazing introduction into zCat Android app from ZecHub! If you are into privacy and security, can check it in here:
X (formerly Twitter)
ZecHub (@ZecHub) on X
@zCat_App is the single best #Zcash aggregator available right now 🟧 📰Custom News Feeds 📲Exchanges & Apps 🔍Arbitrage Explorer 📊...
 #zcash #privacy
Fake NordVPN or Google Chrome can ruin your day. See more in the Bleeping Computer article about Octo Malware: New Octo Android malware version impersonates NordVPN, Google Chrome
BleepingComputer
New Octo Android malware version impersonates NordVPN, Google Chrome
A new version of the Octo Android malware, named "Octo2," has been seen spreading across Europe under the guise of NordVPN, Google Chrome, and an a...
 #cybersecurity
Web tracking report: who monitored users’ online activities in 2023–2024 the most:
Securelist
A review of prevalent web tracking services in 2023–2024, region by region
Kaspersky experts review Do Not Track (DNT) statistics for the most widely used web tracking services in 2023 and 2024 operated by companies like G...
 #privacy