Privacy

An AirTag stalker has been handed a prison sentence and subjected to a restraining order after he was found to have planted the tracking device in his former girlfriend’s car.

Not being the brightest of criminals, the stalker revealed his knowledge of the victim’s whereabouts by sending her a text message …

One of the more annoying things some apps do is incorporate their own in-app browser, opening that for web links instead of respecting your chosen default browser.

This has long been a nuisance, but a developer has now explained the security risks of doing so, especially when dealing with companies not noted for their privacy standards – like Facebook …

An FTC privacy push could begin as soon as today, says a new report, thanks to the determination of chair Lina Khan to make this a key issue for the commission.

However, insiders say that the process of drawing up FTC privacy rules is likely to be a slow one, and it could be years before the commission is in a position to enforce them …

Update: Twitter has rather belatedly confirmed that a hacker was able to expose the account details, though the company has not commented on the 5.4M number. See statement at the end of the piece.

A Twitter data breach has allowed an attacker to get access to the contact details of 5.4M accounts. Twitter has confirmed the security vulnerability which allowed the data to be extracted.

The data – which ties Twitter handles to phone numbers and email addresses – has been offered for sale on a hacking forum, for $30,000 …

A European court ruling could result in ad tracking rules becoming much stricter in future. The court essentially set a precedent that inferred data is still personal data.

This means that if a company can work out things about you, then that information is protected every bit as much as personal data you provided directly …

Security researchers have discovered a developer error in more than 3,200 mobile apps, which make possible full or partial Twitter account hijacks.

In the worst examples, affecting around 320 apps, it enables an attacker to gain complete control of a Twitter account …

Congress is set to vote on The Intelligence Authorization Act, intended to further punish spyware makers like NSO. It follows evidence that the company’s Pegasus spyware was used to hack iPhones used by American diplomats.

The Commerce Department had already named NSO as a threat to US national security, and banned the import and use of Pegasus, but the bill would take things further …

The Federal Communications Commission (FCC) is again investigating the collection and use of carrier location data – the information mobile networks have about where your mobile devices are, as well as your movement patterns.

It follows a previous investigation which last year found that wireless carriers broke federal law by selling this private data to a number of third-party companies …

An Apple Indonesia agreement could force the company to hand over to the government the personal data of iCloud users.

Other tech companies also signed the agreement after the government set a deadline to avoid fines or even being banned from operating in the country.

A nasty piece of Mac malware is being actively used in the wild to capture personal data from Macs. Security researchers say that CloudMensis spyware can allow an attacker to download files, capture keystrokes, take screengrabs, and more.

Cybersecurity firm ESET says that the spyware has been in active use since February, and appears to be targeting specific individuals …

The latest Pegasus iPhone hack to come to light targeted more than 30 pro-democracy protestors. Apple detected that their phones had been infected by NSO’s spyware, and alerted them.

Thailand has been the subject of multiple military coups over the years, the most recent of which was in 2014, with an army-backed leader still in power today after elections widely believed to have been fraudulent …

Update: The vote on the bill is now expected to be delayed until the fall – see end for more details.

A proposed new CSAM law in the UK could force all messaging companies to use the type of client-side scanning approach that Apple planned to launch to detect child sexual abuse material (CSAM) on iPhones.

An amendment to the Online Safety Bill has been put forward that would require tech companies to identify and remove CSAM, even in end-to-end encrypted private messages …

Apple had big security news yesterday, announcing that iOS 16 will introduce a new iPhone Lockdown Mode designed to protect users from even the most sophisticated cyber attacks like those carried out by NSO’s Pegasus spyware.

Apple says that the mode offers an “extreme” level of security that will be needed only by the tiny percentage of people who might be targeted by state-sponsored attacks. But it’s been argued that although most of us will never use it, we may still benefit from it …

An FCC commissioner has called on both Apple and Google to delete TikTok from their respective app stores, giving the companies until July 8 to respond. It is not clear what measures the Federal Communications Commission might take if the companies do not comply.

The lengthy four-page letter says that TikTok is not a video-sharing app, but a “sophisticated surveillance tool” for the Chinese government …

Apple may be fined by Russia for failing to store user data within the country, according to a new report today.

Twitch, Pinterest, Airbnb, and UPS have already been fined – though the sums involved are hardly likely to concern any of them …

The legal risks of prosecutors getting access to data from period tracking apps have been getting increasing attention. The Democratic party now plans to enact legislation to provide legal protection for the privacy of this data.

The news was announced by Speaker of the House Nancy Pelosi, who also outlined plans for additional legal protections for women seeking abortions …

The scale and reach of Chinese surveillance of its own citizens is well documented, but a new piece shows that the country’s government is now trying to use this vast trove of data to predict crimes and protests before they happen.

The Supreme Court ruling on abortion is also raising fresh concerns about the way that personal data may be used to prosecute women. We’re increasingly living in a world where Apple’s decision to have privacy be a major focus is looking increasingly prescient – but even the Cupertino company may now need to do more …

A report by The Wall Street Journal shows that four Democratic lawmakers want the Federal Trade Commission to investigate Apple and Google due to collecting and selling their users’ personal information.

iPhone hacks developed by Italian company RCS Lab have been used by law enforcement agencies in Europe, according to a new Google report. The hacking tool used a variety of exploits to allow the firm’s customers to spy on private messages, contacts, and passwords.

However, Apple has patched all six of the exploits used in different versions of iOS (see below), so keeping your iPhone up to date will protect it from the hacking tools …

Hopes of passing a federal privacy law during the current session of Congress are now fading. The problem to date has been getting enough Republicans on board, but now there are challenges on the Democrat side, too.

Two key Democratic figures say they are unwilling to see the current version progress any further …

NSO Pegasus spyware has been used by at least five EU countries, admits the company. The admission was made as part of a European investigation into the impact of Pegasus, with an interim report now published.

It’s likely that the true number is higher, with the company promising to provide a ‘more concrete number’ …