Developers leave API credentials in applications built on Twilio telephony platform allowing phone call eavesdropping.
Is the ability to effectively bypass monitoring middleboxes is a good thing, both for the enterprise and more broadly network security?
The FBI hasn't yet broken the phone belonging to a gunman who went on a shooting rampage in a Texas church, killing 26 and wounding 24.
Statisticians at the Office for National Statistics (ONS) have been tracking the movements of thousands of people, albeit anonymised, in an experiment' with Vodaphone that could replace census questions in England and Wales.
Dutch moves to strengthen the powers of its state authorities leads Mozilla to propose excluding Dutch CAs from its trust list - could form part of a wider undermining of trust in the Internet
A new Adobe Flash zero day exploit has been identified, reportedly used in an attack on 10 October by a threat actor known as BlackOasis and delivered through a Microsoft Word document to deploy the FinSpy commercial spyware.
Avast continued to reveal further details surrounding the cyberattack that placed a backdoor in its free computer maintenance app, CCleaner. Attack believed originated from a country located in the UTC + 4 or UTC + 5 time zones.
Commercial multi-user gateways may only be licensed where the supplier can demonstrate that callers can be identified following Security Minister direction to Ofcom to ensure government access to information.
Unnamed major internet providers are reported to be the distribution route for the spread of a new variant of government spyware FinFisher (also known as FinSpy) in two countries, targeting people seeking privacy.
Researchers have demonstrated a way for remote attackers to exfiltrate data from and send malicious commands to air-gapped networks, using infrared surveillance cameras.
WhatsApp apparently refused the UK government's entreaties to build what would essentially be a backdoor into its app earlier this year.
A free mobile anti-virus app developed by the DU group, a developer of Android apps, has been found to collect user data without the device owners' consent.
A catastrophic worldwide cyber-attack, the emergence of an IoT-enabled surveillance state, and the weakening of encryption were among the chief security and privacy fears expressed by experts.
Organisations will have to ask permission first before being allowed to conduct electronic monitoring of staff.
A Texas federal judge last week ruled in favour of the US Department of Justice, rejecting a motion to suppress evidence obtained in the course of the investigation using FBI malware.
Major League Baseball investigators in the US have found that the Boston Red Sox used Apple watches to steal hand signals from competitors' catchers and pass them on to their own players.
In addition to intrusion detection and surveillance hardware, technology decision-makers within major cities must consider additional technologies to ensure the hardware and tools themselves are protected says Maya Canetti.
A previously undocumented backdoor program used to spy on foreign embassies and consulates appears to be the work of suspected Russian APT group Turla.
Mobile users who substitute their damaged phone touchscreens or other hardware components with third-party replacements could be infecting their phones with malicious components.
CovertBand uses high-frequency audio to place people in a room and track a person's movements using the speakers and microphones that are found in many smartphones, laptops and other devices.
The US Justice Department has pressed DreamHost to hand over what amounts to more than 1.3 million IP addresses associated with visitors to disruptj20.org, the group that organised protests against Donald Trump on Inauguration Day 2017.
Android Apps on the Google Play Store have been discovered to harbour spyware originally created by an Iraqi developer. Surveillance malware records audio and steals data from users.
Travellers to Europe and the Middle East need to be aware of an on-going malware campaign that is targeting hotel and hospitality Wi-Fi networks and being used to glean guest and corporate information.
UK proposes new data protection regulation in line with GDPR for a post-Brexit world, including right-to-be-forgotten, heavy fines, and new rules on data gathering - expected in Autumn.
In Case You Missed It: Rudd crypto-crash; privacy shield invalid; AI weaponised?; Alexa pwned; Swedish breach fallout
Kryptowire researchers reasserted their claims that certain Android phones manufactured by Blu sent sensitive information to third parties in China, claims which Blu denies.
Older versions of Amazon Echo are vulnerable, and though physical access to the device is needed, this is more achievable with second hand devices.
UK Prime Minister Theresa May says that technology companies are providing a "safe space" for terrorists.
According to a report in The Guardian, London police are being investigated over anonymous claims they hacked emails of environmental activists.