Privacy is a growing concern in today’s world. Follow along with all our coverage related to privacy, security, what Apple and other companies are doing to keep your information safe, and what steps you can take to keep your information private.
Pegasus spyware journalists Laurent Richard and Sandrine Rigaud were the first to discover an extensive list of specific people being targeted by NSO’s clients. In working on the story, they said they had to take extreme privacy precautions to avoid their own devices being compromised.
One of the major uses of Pegasus has been to silence journalists working on revealing abuses by tyrannical governments, so the risk of their own devices being hacked without their knowledge was very real …
A member of the Senate Intelligence Committee has called on both Apple and Google to remove TikTok from their respective app stores.
The demand follows growing concerns about the Chinese-owned app, with the video sharing app already banned from US federal government devices, along with those in more than half of US states …
Anker has admitted that its statements about Eufy security camera encryption were not accurate. The smart home brand had previously stated that all video footage is end-to-end encrypted, but has now admitted there was an exception to this (which it has now fixed).
The company only finally came clean about the privacy breach after The Verge threatened to post a story about the company’s failure to answer its questions …
An Apple Maps privacy bug fixed in iOS 16.3 may have allowed apps to collect user location data without permission.
At least one app appears to have done so, and a security reporter has speculated that the same privacy bug could have been exploited by countless apps over an unknown time period …
Pegasus spyware – a zero-click way of remotely hacking an iPhone, and gaining access to all the personal data stored on it – has been defended by the company’s CEO. NSO chief exec said that the company had made “mistakes” in selling it to repressive governments, but claimed that it now sells Pegasus only to countries to whom the US sells weapons.
A security researcher said that the comparison was bogus, stating that a more reasonable comparison would be selling long-range nuclear missiles …
The number of data breaches in 2022 was slightly down on the previous year, but the number of people whose personal data was exposed by the security failures was significantly higher …
In honor of Data Privacy Day, Apple has announced a handful of new resources “designed to help users take control of their data.” This year, those initiatives include dedicated privacy-focused “Today at Apple” sessions, a new short film with Ted Lasso star Nick Mohammed (Nate the Great), and more.
A GoTo hack related to the LastPasssecurity breach was far worse than initially disclosed. The company, formerly known as LogMeIn, has revealed that attackers obtained not only encrypted backups of customer data, but also an encryption key for at least some of that data.
It’s a similar tale to the LastPass hack, which followed a similar path from low-key initial announcement to revelations that it was significantly worse than initially feared …
Apple is facing a third class action privacy lawsuit, after the company was found to be collecting analytics data from iPhone users even after they refused permission.
Apple insists that all developers ask permission to collect analytics data, but security researcher Tommy Mysk discovered last year that the company wasn’t playing by its own rules …
There have been numerous examples of people losing a lifetime’s worth of photos after being locked out of their iCloud account. The Apple account recovery process often proves impossible, especially in cases where an iPhone has been stolen and its owner forced to unlock it.
Just yesterday there was a fresh example, where an unlocked iPhone was stolen at gunpoint by seemingly tech-savvy thieves …
Apple has been fined $8.5 million in France over how personalized advertising works on the iPhone. France’s CNIL data protection agency (National Commission on Informatics and Liberty) issued the €8 million penalty against Apple as the result of an investigation.
Brand owner Anker has finally responded to proof of a major Eufy camera security breach, but its official statement still leaves a great many questions unanswered.
The company has now admitted that it lied to users about all footage and images being stored locally, and never sent to the cloud, after a security researcher proved that this was not true …
One of the ironies of Apple’s long-running battle with the FBI over the agency’s desire for a security backdoor into iPhones is that it could have taken advantage of one which already existed: The fact that iCloud backups of iPhones didn’t use end-to-end encryption. Apple has now finally fixed this with Advanced Data Protection (ADP).
Apple on Wednesday announced new iCloud security features to strengthen users’ privacy. This includes Advanced Data Protection with end-to-end encryption for all data saved in the cloud, as well as support for physical security keys. In an interview with WSJ’s Joanna Stern, Apple’s SVP of software, Craig Federighi, shared some details about what led the company to introduce such features to iCloud.
The LastPass security breach that occurred back in August did allow attackers to access customer data, says the company. It had previously said that no customer data was compromised.
LastPass owner LogMeIn stresses that customer passwords have not been compromised, as the company uses end-to-end encryption so that only the subscriber has the decryption key …
Elon Musk recently hinted that Twitter encrypted DMs were on the way, using full end-to-end encryption – and code spotted in the iOS app suggests that it will use the same E2E encryption standard as Signal.
Plans for E2E encryption of Twitter direct messages date back to at least 2018, and it appears that the company has resuscitated code written back then …
A massive Twitter data breach last year, exposing more than five million phone numbers and email addresses, was worse than initially reported. We’ve been shown evidence that the same security vulnerability was exploited by multiple bad actors, and the hacked data has been offered for sale on the dark web by several sources.
It had previously been thought that only one hacker gained access to the data, and Twitter’s belated admission reinforced this impression …
Mozilla has announced an update to its Firefox Relay and VPN security offerings today with the main change making them a more affordable, bundled subscription. For $6.99/month, you can get both the Relay and VPN services from the non-profit to protect your devices.
The same researchers have now demonstrated that Apple can – despite assurances to the contrary – link this data back to individual users, as the same ID is used as that for iCloud accounts …
A potentially sensitive US Army iOS app is among thousands of iOS and Android apps to include user-profiling code from a Russian company that pretended to be an American one – raising both privacy and security concerns.
The Centers for Disease Control and Prevention (CDC) also used the code in seven of its apps. Both organizations have now removed the code, but it remains present in thousands of other apps …
A security researcher has discovered that Apple analytics data is collected and sent from iPhones, whether or not users consented during the setup process. The amount of data collected was described by the researcher as “shocking.”
A class action lawsuit has now filed, which says that Apple’s privacy promises are “completely illusory” …