jack – Experimental News Clipping Site

The Register: Allstate accused of paying app makers for driver data

Jan 14, 2025

—

by

Source URL: https://www.theregister.com/2025/01/14/allstate_accused_of_paying_app/ Source: The Register Title: Allstate accused of paying app makers for driver data Feedly Summary: Insurance giant sued by Texas for using surveillance without consent to jack up premiums, deny coverage Texas Attorney General Ken Paxton on Monday filed a lawsuit against Allstate Corporation and its mobile analytics subsidiary, Arity, alleging the…

The Register: Miscreants ‘mass exploited’ Fortinet firewalls, ‘highly probable’ zero-day used

Jan 14, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/01/14/miscreants_mass_exploited_fortinet_firewalls/ Source: The Register Title: Miscreants ‘mass exploited’ Fortinet firewalls, ‘highly probable’ zero-day used Feedly Summary: Ransomware ‘not off the table,’ Arctic Wolf threat hunter tells El Reg Miscreants running a “mass exploitation campaign" against Fortinet firewalls, which peaked in December, may be using an unpatched zero-day vulnerability to compromise the equipment, according…

The Register: Cryptojacking, backdoors abound as attackers abuse Aviatrix Controller bug

Jan 13, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/01/13/severe_aviatrix_controller_vulnerability/ Source: The Register Title: Cryptojacking, backdoors abound as attackers abuse Aviatrix Controller bug Feedly Summary: This is what happens when you publish PoCs immediately “Several cloud deployments" are already compromised following the disclosure of the maximum-severity vulnerability in Aviatrix Controller, researchers say.… AI Summary and Description: Yes Summary: The text discusses a…

Slashdot: See the Thousands of Apps Hijacked To Spy On Your Location

Jan 10, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://yro.slashdot.org/story/25/01/10/0056202/see-the-thousands-of-apps-hijacked-to-spy-on-your-location?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: See the Thousands of Apps Hijacked To Spy On Your Location Feedly Summary: AI Summary and Description: Yes Summary: The report highlights a significant privacy concern involving popular apps that are being exploited to harvest sensitive location data through the advertising ecosystem. This data, which is aggregated by rogue…

Hacker News: Candy Crush, Tinder, MyFitnessPal: See the Apps Hijacked to Spy on Your Location

Jan 10, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.wired.com/story/gravy-location-data-app-leak-rtb/ Source: Hacker News Title: Candy Crush, Tinder, MyFitnessPal: See the Apps Hijacked to Spy on Your Location Feedly Summary: Comments AI Summary and Description: Yes Summary: The text exposes a significant privacy issue where popular applications are exploited to harvest sensitive location data through advertising networks without user or developer consent. The…

Hacker News: See the Thousands of Apps Hijacked to Spy on Your Location

Jan 10, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.404media.co/candy-crush-tinder-myfitnesspal-see-the-thousands-of-apps-hijacked-to-spy-on-your-location/ Source: Hacker News Title: See the Thousands of Apps Hijacked to Spy on Your Location Feedly Summary: Comments AI Summary and Description: Yes Summary: The article discusses the alarming exploitation of popular mobile apps by rogue advertisers who harvest sensitive location data without user or developer consent. It highlights how this data…

Wired: Candy Crush, Tinder, MyFitnessPal: See the Thousands of Apps Hijacked to Spy on Your Location

Jan 9, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.wired.com/story/gravy-location-data-app-leak-rtb/ Source: Wired Title: Candy Crush, Tinder, MyFitnessPal: See the Thousands of Apps Hijacked to Spy on Your Location Feedly Summary: A hack of location data company Gravy Analytics has revealed which apps are—knowingly or not—being used to collect your information behind the scenes. AI Summary and Description: Yes Summary: The text highlights…

Cloud Blog: Ivanti Connect Secure VPN Targeted in New Zero-Day Exploitation

Jan 9, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/ivanti-connect-secure-vpn-zero-day/ Source: Cloud Blog Title: Ivanti Connect Secure VPN Targeted in New Zero-Day Exploitation Feedly Summary: Written by: John Wolfram, Josh Murchie, Matt Lin, Daniel Ainsworth, Robert Wallace, Dimiter Andonov, Dhanesh Kizhakkinan, Jacob Thompson Note: This is a developing campaign under active analysis by Mandiant and Ivanti. We will continue to add more…

The Register: Crims backdoored the backdoors they supplied to other miscreants. Then the domains lapsed

Jan 8, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/01/08/backdoored_backdoors/ Source: The Register Title: Crims backdoored the backdoors they supplied to other miscreants. Then the domains lapsed Feedly Summary: Here’s what $20 gets you these days More than 4,000 unique backdoors are using expired domains and/or abandoned infrastructure, and many of these expose government and academia-owned hosts – thus setting these hosts…

The Register: Telemetry data from 800K VW Group EVs exposed online

Jan 6, 2025

—

by

system automation

in Uncategorized

Source URL: https://www.theregister.com/2025/01/06/volkswagen_ev_data_exposed/ Source: The Register Title: Telemetry data from 800K VW Group EVs exposed online Feedly Summary: PLUS: DoJ bans data sale to enemy nations; Do Kwon extradited to US; Tenable CEO passes away; and more Infosec in Brief Welcome to 2025: hopefully you enjoyed a pleasant holiday season and returned to the security…

Tag: jack