Meta Settles for $1.4 Billion with Texas Over Illegal Biometric Data Collection
Meta, the parent company of Facebook, Instagram, and WhatsApp, agreed to a record $1.4 billion settlement with the U.S. state of Texas over allegations that it illegally collected biometric data of millions of users without their permission, marking one of the largest penalties levied by regulators against the tech giant. “This historic settlement demonstrates our commitment to standing up to the world’s biggest technology companies and holding them accountable for breaking the law and violating Texans’ privacy rights,” Attorney General Ken Paxton said. “Any abuse of Texans’ sensitive data will be met with the full force of the law.”
Bumble and Hinge allowed stalkers to pinpoint users’ locations down to 2 meters, researchers say
A group of researchers said they found that vulnerabilities in the design of some dating apps, including the popular Bumble and Hinge, allowed malicious users or stalkers to pinpoint the location of their victims down to 2 meters. In a new academic paper, researchers from the Belgian university KU Leuven detailed their findings when they analyzed 15 popular dating apps. Of those, Badoo, Bumble, Grindr, happn, Hinge and Hily all had the same vulnerability that could have helped a malicious user identify the near-exact location of another user, according to the researchers.
Cuckoo Spear – the latest Nation-state Threat Actor targeting Japanese companies
Highly sophisticated, well-funded, and strategically motivated nation-state cybersecurity threats are complex and challenging, requiring advanced cybersecurity measures, threat intelligence, and international cooperation. Government agencies or state-sponsored groups, are engaging in cyber-attacks for various reasons, including espionage, sabotage, or for political influence. Cuckoo Spear is the latest nation-state threat discovered through Cybereason threat analysis. By tying multiple incidents together, the report outlines how the associated Threat Actor persists stealthily on their victims’ network for years. In fact Cybereason identified that the associated Threat Actor was present in victim networks for a time period between 2 and 3 years.
Mozilla follows Google in losing trust in Entrust’s TLS certificates
Mozilla is following in Google Chrome’s footsteps in officially distrusting Entrust as a root certificate authority (CA) following what it says was a protracted period of compliance failures. A little over a month ago, Google was the first to make the bold step of dropping Entrust as a CA, saying it noted a “pattern of concerning behaviors” from the company. Entrust has apologized to Google, Mozilla, and the wider web community, outlining its plans to regain the trust of browsers, but these appear to be unsatisfactory to both Google and Mozilla. In an email shared by Mozilla’s Ben Wilson on Wednesday, the root store manager said the decision wasn’t taken lightly, but equally Entrust’s response to Mozilla’s concerns didn’t inspire confidence that the situation would materially change for the better.
Delta CEO: ‘When was the last time you heard of a big outage at Apple?’
In an interview with CNBC, Delta Air Lines CEO Ed Bastian said the July 19th outage caused by a CrowdStrike update cost his company half a billion dollars in five days. Delta canceled more than 5,000 flights that weekend and had blue error screens still visible at airports days after the initial crash. Among the costs Bastian said Delta incurred were more than 40,000 servers that “we had to physically touch and reset” as well as compensation payments to travelers left in the lurch. Asked about a continuing relationship with Microsoft after the crash, Bastian said he regards it as “probably the most fragile platform” and asked the question, “When was the last time you heard of a big outage at Apple?” He placed some blame on the valuations of big tech companies, which lately have been lifted by generative AI hype, saying, “…they’re building the future, and they have to make sure they fortify the current.”