The US Customs and Border Protection (CBP) agency published last week a new guideline containing updated procedures for searching travelers' electronic devices at US borders.
Two security researchers —Vangelis Stykas and Michael Gruhn— have published a report on a series of vulnerabilities that they named "Trackmageddon" that affect several GPS and location tracking services.
Princeton privacy experts are warning that advertising and analytics firms can secretly extract site usernames from browsers using hidden login fields and tie non-authenticated users visiting a site with their profiles or emails on that domain.
For the second year in a row, "123456" remained the top password among the millions of cleartext passwords exposed online thanks to data breach incidents at various providers.
Google announced plans to crack down on Android applications that fail to warn users when they are collecting personal data. The OS maker is giving app developers 60 days to fix their issues and update apps with notifications of their full practices. In case app developers fail to comply, Google will take it upon itself to warn users
A collaborative effort between the Yale Privacy Lab and Exodus Privacy has shed light on dozens of invasive trackers that are embedded within Android applications and record user activity, sometimes without user consent.
Germany's Federal Network Agency (Bundesnetzagentur), the country's telecommunications agency, has banned the sale of children's smartwatches after it classified such devices as "prohibited listening devices."
The Tor Project has released a security update for the Tor Browser on Mac and Linux to fix a vulnerability that leaks users' real IP addresses.
User targeting capabilities provided by mobile advertisers can also be abused to track users with an accuracy of 8 meters and for a budget of $1,000 or less.
The European Consumer Organisation (BEUC) has issued a public service announcement on the security and privacy concerns surrounding modern children's smartwatches.
OxygenOS, a custom version of the Android operating system that comes installed on all OnePlus smartphones, is tracking users actions without anonymizing data, allowing OnePlus to connect each phone to its customer.
Even if a video streaming service is using HTTPS to encrypt its traffic, an attacker can still determine with a very high accuracy what content a user might be watching.
A rogue iOS application can gain access to limited geo-location information by obtaining image permissions and extracting GPS coordinates from locally-stored photos.
The US Department of Homeland Security (DHS) published documents on Monday that detail a plan for collecting extra information on all US immigrants, including not only permanent residents but also previously naturalized citizens.
GO Keyboard, an insanely popular custom keyboard app for the Android OS, also available on the official Google Play Store, was caught collecting user data and downloading and running code from a third-party server.
iTerm2, a popular Mac application that comes as a replacement for Apple's official Terminal app, just received a security fix minutes ago for a severe security issue that leaked terminal content via DNS requests.
Google removed — and then reinstated — one of the most popular mobile antivirus apps on the Play Store after security firm Check Point discovered that the app was secretly collecting device data from users' smartphones.
A real-time facial recognition software tested by London Metropolitan Police at this year's Notting Hill Carnival was labeled as a "resounding success" by police officers, but privacy groups members who were invited to view it in action called it "inaccurate and painfully crude."