The American cyber agency CISA today advised to only communicate end-to-end encrypted, as well as to stop using SMS-based multi-factor authentication (MFA) and personal VPN services. The advice is contained in a document on best practices for mobile communications and is suitable for everyone, but especially for ‘highly targeted’ individuals, according to the description (pdf). […]

The US government’s proposals to break Google’s search monopoly will affect Firefox and other smaller, independent browsers, and will only strengthen the position of a handful of strong players, Mozilla said. The US Department of Justice recently asked a federal court to take several measures to break Google’s monopoly on the search engine market. For

The American authorities are considering a ban on the sale of routers from manufacturer TP-Link, The Wall Street Journal (WSJ) reports based on sources. TP-Link routers are said to regularly contain vulnerabilities for which the manufacturer does not release updates, according to anonymous sources quoted by the WSJ. The company would also not cooperate with

Online age verification systems are surveillance systems that threaten everyone’s privacy and anonymity, according to the American civil rights movement EFF, in response to a law recently passed in Australia that bans social media for people under the age of 16. To enforce the age ban, social media platforms must take “reasonable measures” to verify

The maker of the Kaspr extension, a paid extension for Google Chrome that allows LinkedIn users to see the contact details of profiles they visit, has illegally collected contact details on LinkedIn and other websites, French privacy regulator CNIL ruled today. The authority has fined Kaspr 240,000 euros. LinkedIn users have four options to display

An American chain of addiction clinics has leaked the data of more than 422,000 patients. This includes name, address information, telephone number, date of birth, medical file number, social security number and health insurance information that have come into the hands of attackers, American Addiction Centers said in a letter to affected patients. Treatment information

A critical path traversal vulnerability in the Fortinet Wireless Manager (FortiWLM) could allow an unauthenticated attacker to gain access to sensitive files. The impact of the vulnerability is rated 9.6 on a scale of 1 to 10. Fortinet has released security updates to fix the problem. Through the Fortinet Wireless Manager, an ‘application suite’, organizations

The British regulator ICO is not happy with a decision by Google to allow fingerprinting for advertisements. “Our response is clear: companies do not have free rein to use fingerprinting as they wish. Like any advertising technology, it must be applied lawfully and transparently and if it is not, the ICO will take action,” said

A critical vulnerability in Apache Tomcat allows remote code execution. The Apache Foundation released a security update last week, but it did not appear to completely solve the problem, and a new patch has now been made available. Tomcat is software for running a web server. Last Tuesday, the Apache Foundation warned about a vulnerability

Millions of people do not know how to delete data from an old device, according to the British privacy regulator ICO based on research it conducted among almost 2,200 Britons. Nearly 30 percent of survey participants do not know how to delete personal information, which equates to around 14 million Britons, the ICO said. According