Security News

The American authorities are considering a ban on the sale of routers from manufacturer TP-Link, The Wall Street Journal (WSJ) reports based on sources. TP-Link routers are said to regularly contain vulnerabilities for which the manufacturer does not release updates, according to anonymous sources quoted by the WSJ. The company would also not cooperate with […]

Online age verification systems are surveillance systems that threaten everyone’s privacy and anonymity, according to the American civil rights movement EFF, in response to a law recently passed in Australia that bans social media for people under the age of 16. To enforce the age ban, social media platforms must take “reasonable measures” to verify

The maker of the Kaspr extension, a paid extension for Google Chrome that allows LinkedIn users to see the contact details of profiles they visit, has illegally collected contact details on LinkedIn and other websites, French privacy regulator CNIL ruled today. The authority has fined Kaspr 240,000 euros. LinkedIn users have four options to display

An American chain of addiction clinics has leaked the data of more than 422,000 patients. This includes name, address information, telephone number, date of birth, medical file number, social security number and health insurance information that have come into the hands of attackers, American Addiction Centers said in a letter to affected patients. Treatment information

A critical path traversal vulnerability in the Fortinet Wireless Manager (FortiWLM) could allow an unauthenticated attacker to gain access to sensitive files. The impact of the vulnerability is rated 9.6 on a scale of 1 to 10. Fortinet has released security updates to fix the problem. Through the Fortinet Wireless Manager, an ‘application suite’, organizations

The British regulator ICO is not happy with a decision by Google to allow fingerprinting for advertisements. “Our response is clear: companies do not have free rein to use fingerprinting as they wish. Like any advertising technology, it must be applied lawfully and transparently and if it is not, the ICO will take action,” said

A critical vulnerability in Apache Tomcat allows remote code execution. The Apache Foundation released a security update last week, but it did not appear to completely solve the problem, and a new patch has now been made available. Tomcat is software for running a web server. Last Tuesday, the Apache Foundation warned about a vulnerability

Millions of people do not know how to delete data from an old device, according to the British privacy regulator ICO based on research it conducted among almost 2,200 Britons. Nearly 30 percent of survey participants do not know how to delete personal information, which equates to around 14 million Britons, the ICO said. According

This year, criminals have managed to steal $2.2 billion from crypto platforms, mainly due to compromised private keys, according to blockchain analysis company Chainalysis based on its own research. The $2.2 billion is an increase of 21 percent compared to the $1.8 billion stolen last year, but less than the record year of 2022, when

McDonald’s India has leaked customer and delivery person data due to a vulnerability in an API (Application Programming Interface) used. In addition, it was possible to hijack customer orders, place orders for just one cent, provide feedback on other customers’ orders, view details of each order, and download invoices. This involved the name, email address,