Security
Headlines
HeadlinesLatestCVEs

Tag

#apple

How Threads' Privacy Policy Compares to Twitter's (and Its Rivals')

Want to try out Meta’s new social media app? Here’s more context on what personal data is collected by Threads and similar social media apps.

Wired
Open in Source
#web#ios#android#apple#google#sap
Don't Join Threads—Make Instagram's 'Twitter Killer' Join You

Meta’s Twitter alternative promises that it will work with decentralized platforms, giving you greater control of your data. You can hold the company to that—if you don't sign up.

Iranian Hackers' Sophisticated Malware Targets Windows and macOS Users

The Iranian nation-state actor known as TA453 has been linked to a new set of spear-phishing attacks that infect both Windows and macOS operating systems with malware. "TA453 eventually used a variety of cloud hosting providers to deliver a novel infection chain that deploys the newly identified PowerShell backdoor GorjolEcho," Proofpoint said in a new report. "When given the opportunity, TA453

Privacy Woes Hold Up Global Instagram Threads Launch

Meta's answer to Twitter went live and quickly racked up millions of members — but the social media app's privacy practices are under the microscope.

CVE-2023-35937: metersphere 存在权限检查缺失漏洞

Metersphere is an open source continuous testing platform. In versions prior to 2.10.2 LTS, some key APIs in Metersphere lack permission checks. This allows ordinary users to execute APIs that can only be executed by space administrators or project administrators. For example, ordinary users can be updated as space administrators. Version 2.10.2 LTS has a patch for this issue.

The growth of commercial spyware based intelligence providers without legal or ethical supervision

Commercial spyware has become so notorious that international governments are taking notice and action against it, as evidenced by the Biden administration’s recent Executive Order on commercial spyware.

CVE-2023-26137: HTTP Response Splitting in [email protected]

All versions of the package drogonframework/drogon are vulnerable to HTTP Response Splitting when untrusted user input is used to build header values in the addHeader and addCookie functions. An attacker can add the \r\n (carriage return line feeds) characters to end the HTTP response headers and inject malicious content.

Startup Spotlight: Gomboc.ai Balances Cloud Infrastructure Security

The startup, one of four finalists in Black Hat USA's 2023 startup competition, uses deterministic AI to optimize cloud security.

Instagram's Twitter Alternative 'Threads' Launch Halted in Europe Over Privacy Concerns

Instagram Threads, the upcoming Twitter competitor from Meta, will not be launched in the European Union due to privacy concerns, according to Ireland's Data Protection Commission (DPC). The development was reported by the Irish Independent, which said the watchdog has been in contact with the social media giant about the new product and confirmed the release won't extend to the E.U. "at this