Tag: identifiers
-
Hacker News: How Google tracks Android device users before they’ve even opened an app
Source URL: https://www.theregister.com/2025/03/04/google_android/ Source: Hacker News Title: How Google tracks Android device users before they’ve even opened an app Feedly Summary: Comments AI Summary and Description: Yes Summary: The research by Doug Leith exposes significant privacy concerns surrounding Android’s data handling practices, particularly regarding the use of advertising cookies and device identifiers without user consent.…
-
The Register: How Google tracks Android device users before they’ve even opened an app
Source URL: https://www.theregister.com/2025/03/04/google_android/ Source: The Register Title: How Google tracks Android device users before they’ve even opened an app Feedly Summary: No warning, no opt-out, and critic claims … no consent Research from a leading academic shows Android users have advertising cookies and other gizmos working to build profiles on them even before they open…
-
Bulletins: Vulnerability Summary for the Week of February 17, 2025
Source URL: https://www.cisa.gov/news-events/bulletins/sb25-055 Source: Bulletins Title: Vulnerability Summary for the Week of February 17, 2025 Feedly Summary: High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info a1post–A1POST.BG Shipping for Woo Cross-Site Request Forgery (CSRF) vulnerability in a1post A1POST.BG Shipping for Woo allows Privilege Escalation. This issue affects A1POST.BG Shipping for Woo: from n/a…
-
Hacker News: Quick correlation of vulnerabilities from various sources
Source URL: https://github.com/vulnerability-lookup/vulnerability-lookup Source: Hacker News Title: Quick correlation of vulnerabilities from various sources Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses Vulnerability-Lookup, a platform that enhances the management of vulnerabilities by facilitating quick correlation from various sources and supporting Coordinated Vulnerability Disclosure (CVD). Its collaborative features allow users to comment…
-
Hacker News: Everyone knows your location: tracking myself down through in-app ads
Source URL: https://timsh.org/tracking-myself-down-through-in-app-ads/ Source: Hacker News Title: Everyone knows your location: tracking myself down through in-app ads Feedly Summary: Comments AI Summary and Description: Yes Summary: The text highlights a significant geolocation data leak involving over 2,000 apps that collect user data without consent, revealing privacy risks from intricate advertising networks. The author’s personal investigation…
-
Bulletins: Vulnerability Summary for the Week of December 16, 2024
Source URL: https://www.cisa.gov/news-events/bulletins/sb24-358 Source: Bulletins Title: Vulnerability Summary for the Week of December 16, 2024 Feedly Summary: High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 1000 Projects–Attendance Tracking Management System A vulnerability has been found in 1000 Projects Attendance Tracking Management System 1.0 and classified as critical. Affected by this vulnerability is…
-
Bulletins: Vulnerability Summary for the Week of January 20, 2025
Source URL: https://www.cisa.gov/news-events/bulletins/sb25-026 Source: Bulletins Title: Vulnerability Summary for the Week of January 20, 2025 Feedly Summary: High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info aEnrich Technology–a+HRD The a+HRD from aEnrich Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database…
-
Cloud Blog: How we’re making GKE more transparent with supply-chain attestation and SLSA
Source URL: https://cloud.google.com/blog/products/identity-security/how-were-making-gke-more-secure-with-supply-chain-attestation-and-slsa/ Source: Cloud Blog Title: How we’re making GKE more transparent with supply-chain attestation and SLSA Feedly Summary: What goes into your Kubernetes software? Understanding the origin of the software components you deploy is crucial for mitigating risks and ensuring the trustworthiness of your applications. To do this, you need to know your…
-
Hacker News: Malicious extensions circumvent Google’s remote code ban
Source URL: https://palant.info/2025/01/20/malicious-extensions-circumvent-googles-remote-code-ban/ Source: Hacker News Title: Malicious extensions circumvent Google’s remote code ban Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text discusses security vulnerabilities related to malicious browser extensions in the Chrome Web Store, focusing on how they can execute remote code and compromise user privacy. It critiques Google’s policies regarding…
-
Slashdot: Dead Google Apps Domains Can Be Compromised By New Owners
Source URL: https://it.slashdot.org/story/25/01/15/2031225/dead-google-apps-domains-can-be-compromised-by-new-owners?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Dead Google Apps Domains Can Be Compromised By New Owners Feedly Summary: AI Summary and Description: Yes Summary: The text highlights a critical security vulnerability regarding the improper management of Google Workspace accounts by defunct startups, leading to potential unauthorized access to sensitive information once the domains are resold.…