Jan 23, 2023Ravie LakshmananMobile Security / Malvertising Researchers have shut down an "expansive" ad fraud scheme that spoofed more than 1,700 applications from 120 publishers and impacted roughly 11 million devices. "VASTFLUX was a malvertising attack that injected malicious JavaScript code into digital ad creatives, allowing the fraudsters to stack numerous invisible … [Read more...] about Massive Ad Fraud Scheme Targeted Over 11 Million Devices with 1,700 Spoofed Apps
Million
TikTok Fined $5.4 Million by French Regulator for Violating Cookie Laws
Jan 14, 2023Ravie LakshmananPrivacy / Online Safety Popular short-form video hosting service TikTok has been fined €5 million (about $5.4 million) by the French data protection watchdog for breaking cookie consent rules, making it the latest platform to face similar penalties after Amazon, Google, Meta, and Microsoft since 2020. "Users of 'tiktok[.]com' could not refuse … [Read more...] about TikTok Fined $5.4 Million by French Regulator for Violating Cookie Laws
Facebook to Pay $725 Million to settle Lawsuit Over Cambridge Analytica Data Leak
Dec 27, 2022Ravie LakshmananData Security / Privacy Meta Platforms, the parent company of Facebook, Instagram, and WhatsApp, has agreed to pay $725 million to settle a long-running class-action lawsuit filed in 2018. The legal dispute sprang up in response to revelations that the social media giant allowed third-party apps such as those, including Cambridge Analytica to … [Read more...] about Facebook to Pay $725 Million to settle Lawsuit Over Cambridge Analytica Data Leak
France Fines Microsoft €60 Million for Using Advertising Cookies Without User Consent
Dec 23, 2022Ravie LakshmananPrivacy / Data Security France's privacy watchdog has imposed a €60 million ($63.88 million) fine against Microsoft's Ireland subsidiary for dropping advertising cookies in users' computers without their explicit consent in violation of data protection laws in the European Union. The Commission nationale de l'informatique et des libertés (CNIL) … [Read more...] about France Fines Microsoft €60 Million for Using Advertising Cookies Without User Consent
FTC Fines Fortnite Maker Epic Games $275 Million for Violating Children’s Privacy Law
Dec 20, 2022Ravie LakshmananPrivacy / Data Security Epic Games has reached a $520 million settlement with the U.S. Federal Trade Commission (FTC) over allegations that the Fortnite creator violated online privacy laws for children and tricked users into making unintended purchases in the video game. To that end, the company will pay a record $275 million monetary penalty for … [Read more...] about FTC Fines Fortnite Maker Epic Games $275 Million for Violating Children’s Privacy Law
Cuba Ransomware Extorted Over $60 Million in Ransom Fees from More than 100 Entities
The threat actors behind Cuba (aka COLDDRAW) ransomware have received more than $60 million in ransom payments and compromised over 100 entities across the world as of August 2022. In a new advisory shared by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI), the agencies highlighted a "sharp increase in both the … [Read more...] about Cuba Ransomware Extorted Over $60 Million in Ransom Fees from More than 100 Entities
Daixin Ransomware Gang Steals 5 Million AirAsia Passengers’ and Employees’ Data
The cybercrime group called Daixin Team has leaked sample data belonging to AirAsia, a Malaysian low-cost airline, on its data leak portal. The development comes a little over a week after the company fell victim to a ransomware attack on November 11 and 12, per DataBreaches.net. The threat actors allegedly claim to have obtained the personal data associated with five million … [Read more...] about Daixin Ransomware Gang Steals 5 Million AirAsia Passengers’ and Employees’ Data
Google to Pay $391 Million Privacy Fine for Secretly Tracking Users’ Location
Internet giant Google has agreed to pay a record $391.5 million to settle with 40 states in the U.S. over charges the company misled users about the collection of personal location data. "Google misled its users into thinking they had turned off location tracking in their account settings, when, in fact, Google continued to collect their location information," Oregon Attorney … [Read more...] about Google to Pay $391 Million Privacy Fine for Secretly Tracking Users’ Location
Medibank Refuses to Pay Ransom After 9.7 Million Customers Exposed in Ransomware Hack
Australian health insurer Medibank today confirmed that personal data belonging to around 9.7 million of its current and former customers were accessed following a ransomware incident. The attack, according to the company, was detected in its IT network on October 12 in a manner that it said was "consistent with the precursors to a ransomware event," prompting it to isolate its … [Read more...] about Medibank Refuses to Pay Ransom After 9.7 Million Customers Exposed in Ransomware Hack
Experts Find Malicious Cookie Stuffing Chrome Extensions Used by 1.4 Million Users
Five imposter extensions for the Google Chrome web browser masquerading as Netflix viewers and others have been found to track users' browsing activity and profit of retail affiliate programs. "The extensions offer various functions such as enabling users to watch Netflix shows together, website coupons, and taking screenshots of a website," McAfee researchers Oliver Devane and … [Read more...] about Experts Find Malicious Cookie Stuffing Chrome Extensions Used by 1.4 Million Users