How Apple's efforts to bring privacy to the masses will change the web | New Scientist
Google adds E2E RCS encryption to their default Messages using Signalapp messages, emoji mashup suggests, and more for Android - The Verge
APT hacker group "TA402/Molerats" has resurfaced after a two-month hiatus to target government institutions in the Middle East and global government agencies linked to geopolitics in the region.
#CISA has issued an advisory #warning #IoT manufacturers of a critical #vulnerability — CVE-2021-32934 / CVSS score: 9.1 —in #ThroughTek's P2P #SDK that could be #exploited by attackers to #eavesdrop on connected #cameras.
Malicious Attack Campaign Targeting Jetpack Users Reusing Passwords
Chrome zero-day, hot on the heels of Microsoft's IE zero-day. Patch now!
This could be part of a supply chain spy campaign on the airline industry, via a breach of air industry IT supplier SITA.
New - There’s compelling evidence linking APT41 - one of China’s most prolific espionage and cybercrime crews, and an FBI Most Wanted - to the huge hack of Air India. Read 👉 https://www.forbes.com/sites/thomasbrewster/2021/06/10/are-the-fbis-most-wanted-chinese-spies-hacking-the-airline-industry/
New: Otonomo is a firm that sells location data from cars, etc. They say it's privacy-preserving. But source scraped data from their website en masse, gave it to us, we could see where people drove and where they likely lived
"Privacy nightmare," EFF said https://www.vice.com/en/article/4avagd/car-location-data-not-anonymous-otonomo
New York State Senate passes right to repair legislation: https://appleinsider.com/articles/21/06/11/new-york-state-senate-passes-right-to-repair-legislation
France fines Google $268 million for unfair treatment in online ads
Data privacy vs. innovation: The new rules of the road
Ireland must learn lessons from Estonia on cybersecurity
India's requirement to trace messaging apps content back to its originators has wider implications on users' right to privacy. Weakening end-to-end encryption for some means doing so for all, and could set a dangerous global precedent for secure apps. https://t.co/C9IpmrYlPr
Google this week announced 4 major privacy and security that everyone needs to know about:
— Two-factor authentication for all, by default.
— Privacy labels for Google Play apps
— Hardware-Enforced Exploit Protection for Chrome
— Cosign for signing and verifying container images
Read details here: https://thehackernews.com/2021/05/4-major-privacy-and-security-updates.html
The European Commission has funded an open source project to create a Gateway between the ActivityPub and XMPP PubSub Protocols, and E2EE on PubSub
From goffi: "it's my pleasure to announce that an ActivityPub XMPP gateway doubled with Pubsub end-to-end encryption project has been selected for a grant by NLNet/NGI0 Discovery Fund (with financial support from European Commission's Next Generation Internet programme)".
The XMPP ActivityPub gateway will join two major open and decentralised protocols. In practice it will be a XMPP server component (usable with any server), and implement the ActivityPub server to server protocol (or "Federation Protocol"). On XMPP side, it will be mostly a Pubsub service (with some extra, like private messages converted to XMPP message stanza).
XMPP blogging (XEP-0277: Microblogging over XMPP) will be used, and thus any client supporting it will have access to ActivityPub publications (Libervia and Movim for instance). https://squeet.me/objects/962c3e10d49fcdffb18921bec5dc1b0281d1ad2d
Continuous popularity of #Telegram extends to the cyber-criminal community such that Malware authors are increasingly using Telegram as a ready-made command and control (C&C) system for their malicious products, because it offers several advantages compared to conventional web-based malware administration.
Server run by the main developers of the project It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!