#1 Trusted Cybersecurity News Platform
Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cybersecurity

Advertising | Breaking Cybersecurity News | The Hacker News

Category — Advertising
E.U. Court Limits Meta's Use of Personal Facebook Data for Targeted Ads

E.U. Court Limits Meta's Use of Personal Facebook Data for Targeted Ads

Oct 07, 2024 Data Privacy / Advertising
Europe's top court has ruled that Meta Platforms must restrict the use of personal data harvested from Facebook for serving targeted ads even when users consent to their information being used for advertising purposes, a move that could have serious consequences for ad-driven companies operating in the region. "An online social network such as Facebook cannot use all of the personal data obtained for the purposes of targeted advertising, without restriction as to time and without distinction as to type of data," the Court of Justice of the European Union (CJEU) said in a ruling on Friday. In other words, social networks, such as Facebook, cannot keep using users' personal data for ad targeting indefinitely, the court said, adding limits must be set in place in order to comply with the bloc's General Data Protection Regulation (GDPR) data minimization requirements. It's worth noting that Article 5(1)(c) of GDPR necessitates that companies limit the process
Google Postpones Third-Party Cookie Deprecation Amid U.K. Regulatory Scrutiny

Google Postpones Third-Party Cookie Deprecation Amid U.K. Regulatory Scrutiny

Apr 25, 2024 Technology / Privacy
Google has once again  pushed its plans  to deprecate third-party tracking cookies in its Chrome web browser as it works to address outstanding competition concerns from U.K. regulators over its Privacy Sandbox initiative. The tech giant said it's working closely with the U.K. Competition and Markets Authority (CMA) and hopes to achieve an agreement by the end of the year. As part of the new timeline, it aims to start phasing out third-party cookies early next year, making it the third such extension since the tech giant  announced  the plans in 2020, postponing it from  early 2022 to late 2023 , and again to the  second half of 2024 . Privacy Sandbox refers to a  set of initiatives  that offers privacy-preserving alternatives to tracking cookies and cross-app identifiers in order to serve tailored ads to users. While Google has since  enabled  the features to a subset of Chrome browser users as of last year, the U.K. watchdog, alongside the Information Commissioner's Of
The Secret Weakness Execs Are Overlooking: Non-Human Identities

The Secret Weakness Execs Are Overlooking: Non-Human Identities

Oct 03, 2024Enterprise Security / Cloud Security
For years, securing a company's systems was synonymous with securing its "perimeter." There was what was safe "inside" and the unsafe outside world. We built sturdy firewalls and deployed sophisticated detection systems, confident that keeping the barbarians outside the walls kept our data and systems safe. The problem is that we no longer operate within the confines of physical on-prem installations and controlled networks. Data and applications now reside in distributed cloud environments and data centers, accessed by users and devices connecting from anywhere on the planet. The walls have crumbled, and the perimeter has dissolved, opening the door to a new battlefield: identity . Identity is at the center of what the industry has praised as the new gold standard of enterprise security: "zero trust." In this paradigm, explicit trust becomes mandatory for any interactions between systems, and no implicit trust shall subsist. Every access request, regardless of its origin,
FTC Fines Mental Health Startup Cerebral $7 Million for Major Privacy Violations

FTC Fines Mental Health Startup Cerebral $7 Million for Major Privacy Violations

Apr 16, 2024 Privacy Breach / Regulatory Compliance
The U.S. Federal Trade Commission (FTC) has ordered mental telehealth company Cerebral from using or disclosing personal medical data for advertising purposes. It has also been fined more than $7 million over charges that it revealed users' sensitive personal health information and other data to third-parties for advertising purposes and failed to honor its easy cancellation policies. "Cerebral and its former CEO, Kyle Robertson, repeatedly broke their privacy promises to consumers and misled them about the company's cancellation policies," the FTC  said  in a press statement. While claiming to offer "safe, secure, and discreet" services in order to get consumers to sign up and provide their data, the company, FTC alleged, did not clearly disclose that the information would be shared with third-parties for advertising. The agency also accused the company of burying its data sharing practices in dense privacy policies, with the company engaging in decept
cyber security

The State of SaaS Security 2024 Report

websiteAppOmniSaaS Security / Data Security
Learn the latest SaaS security trends and discover how to boost your cyber resilience. Get your free…
Malicious Ads Targeting Chinese Users with Fake Notepad++ and VNote Installers

Malicious Ads Targeting Chinese Users with Fake Notepad++ and VNote Installers

Mar 15, 2024 Malvertising / Threat Intelligence
Chinese users looking for legitimate software such as Notepad++ and VNote on search engines like Baidu are being targeted with malicious ads and bogus links to distribute trojanized versions of the software and ultimately deploy  Geacon , a Golang-based implementation of Cobalt Strike. "The malicious site found in the notepad++ search is distributed through an advertisement block," Kaspersky researcher Sergey Puzan  said . "Opening it, an attentive user will immediately notice an amusing inconsistency: the website address contains the line vnote, the title offers a download of Notepad‐‐ (an analog of Notepad++, also distributed as open-source software), while the image proudly shows Notepad++. In fact, the packages downloaded from here contain Notepad‐‐." The website, named vnote.fuwenkeji[.]cn, contains download links to Windows, Linux, and macOS versions of the software, with the link to the Windows variant pointing to the official  Gitee repository  containing the Notepad-- ins
FTC Bans Outlogic (X-Mode) From Selling Sensitive Location Data

FTC Bans Outlogic (X-Mode) From Selling Sensitive Location Data

Jan 10, 2024 Privacy / Regulatory Compliance
The U.S. Federal Trade Commission (FTC) on Tuesday prohibited data broker Outlogic , which was previously known as X-Mode Social , from sharing or selling any sensitive location data with third-parties. The ban is part of a  settlement  over allegations that the company "sold precise location data that could be used to track people's visits to sensitive locations such as medical and reproductive health clinics, places of religious worship and domestic abuse shelters." The  proposed order  also requires it to destroy all the location data it previously gathered unless it obtains consumer consent or ensures the data has been de-identified or rendered non-sensitive as well as maintain a comprehensive list of sensitive locations and develop a comprehensive privacy program with a data retention schedule to prevent abuse. The FTC accused X-Mode Social and Outlogic of failing to establish adequate safeguards to prevent the misuse of such data by downstream customers. The dev
Google's New Tracking Protection in Chrome Blocks Third-Party Cookies

Google's New Tracking Protection in Chrome Blocks Third-Party Cookies

Dec 15, 2023 Privacy / User Tracking
Google on Thursday announced that it will start testing a new feature called "Tracking Protection" beginning January 4, 2024, to 1% of Chrome users as part of its efforts to  deprecate third-party cookies  in the web browser. The setting is designed to limit "cross-site tracking by restricting website access to third-party cookies by default," Anthony Chavez, vice president of Privacy Sandbox at Google,  said . The tech giant noted that participants for Tracking Protection will be selected at random and that chosen users will be notified upon opening Chrome on either a desktop or an Android device. The goal is to restrict third-party cookies (also called "non-essential cookies") by default, preventing them from being used to track users as they move from one website to the other for serving personalized ads. While several major browsers like Apple Safari and Mozilla Firefox have either already placed  restrictions  on third-party cookies via features
Verizon Set to Buy Yahoo for $5 Billion — Here's Why a Telecom is so Interested!

Verizon Set to Buy Yahoo for $5 Billion — Here's Why a Telecom is so Interested!

Jul 22, 2016
Finally, Someone has come forward to buy Yahoo! Guess Who? The telecommunication giant Verizon . Yes, Verizon Communications Inc. is reportedly closing in on a deal to acquire Yahoo's core business for about $5 Billion, according to a report from Bloomberg. Since the agreement between the companies has not been finalized, it is unclear at this moment that which Yahoo's assets the deal would include. "In order to preserve the integrity of the process, we're not going to comment on the issue until we've finalized an agreement," a Yahoo spokeswoman said in a statement provided to CNNMoney. You might be wondering Why Verizon is buying Yahoo! Well, I'll come to it in the second half of my article, because before discussing this point, let's first focus on why Yahoo! wants to get acquired. Why Yahoo Was Up For Sale? Founded in 1995, Yahoo! was once the brightest star of the Web. But when its rivals including Google, Facebook and even few-years-old com
Facebook Sued for illegally Scanning Users' Private Messages

Facebook Sued for illegally Scanning Users' Private Messages

May 20, 2016
Facebook is in trouble once again regarding its users' privacy. Facebook is facing a class-action lawsuit in Northern California over allegations that the company systematically scans its users' private messages on the social network without their consent and makes the profit by sharing the data with advertisers and marketers. According to the lawsuit filing, Facebook might have violated federal privacy laws by scanning users' private messages. Facebook routinely scans the URLs within users' private messages for several purposes like anti-malware protection and industry-standard searches for child pornography, but it has been claimed that the company is also using this data for advertising and other user-targeting services. Also Read:   Google to Face a Record $3.4 Billion AntiTrust Fine in Europe The plaintiffs, Matthew Campbell, and Michael Hurley argue that the Facebook is scanning and collecting URLs-related data in a searchable form, violating both the
AOL Advertising Network Abused to Distribute Malware

AOL Advertising Network Abused to Distribute Malware

Jan 07, 2015
Security researchers have uncovered a malvertising campaign used to distribute malware to visitors of The Huffington Post website, as well as several other sites, through malicious advertisements served over the AOL  advertising  network . At the end of last year, Cyphort Labs, security firm specialized in detecting malware threats, came across some malicious advertisements that were being served on the United States and Canadian versions of the popular news website The Huffington Post . The malicious advertisements eventually redirected visitors of the news website to other websites hosting exploit kits, in order to attack victims' computers and install malware. Researchers discovered that the malvertising campaign originates with ads being served by AOL's Advertising.com network. Once clicked, users are redirected through a series of redirects, some of which used HTTPS encrypted connections, to a page that served either the Neutrino Exploit Kit or the Sweet Orange E
Facebook To Use Your Web Browsing History for Targeted Ads, Here's How To Opt-Out Now

Facebook To Use Your Web Browsing History for Targeted Ads, Here's How To Opt-Out Now

Jun 14, 2014
Surfing the Internet?? Facebook CEO Mark Zuckerberg is watching your every move on Web, and this time even more closure. It's not surprising that Facebook collects data of its 1.3 billion users, just like everyone else, which the company has said it only holds onto your data for security and advertisement purposes. But, this would be first time when some company is using people's browsing history to deliver 'targeted Ads' on its service. The biggest social networking giant recently announced it has plans to use information from our Web browsing and app history to deliver more targeted advertisements to us. HOW IT WORKS The move will track you with every site you visit, even its a non-Facebook website. EVERY SITE?? No! No! No! The company can't track your online activity while visiting any website, but only those that have Facebook " LIKE ", " Recommend ", " Share " buttons across the web, and I think almost all have at least one included in it. Yes! Any web
OpenX Advertising Network hacked and backdoor Injected

OpenX Advertising Network hacked and backdoor Injected

Aug 07, 2013
OpenX, a leading provider of digital and mobile advertising technology has accordingly served backdoors that are injected into the Code and allows hackers to control over your Web server. German tech site the Heise notified Germany's computer emergency response team (CERT) this week about the OpenX Ad Server (2.8.10) backdoor, allowing an attacker to execute any PHP code via the "eval" function  and could have provided attackers full access to their web sites. The OpenX team has confirmed the breach  and OpenX senior application security engineer Nick Soracco said that two files in the binary distribution of 2.8.10 had been replaced with modified files that contained a remote code execution vulnerability . The attack code is written in PHP but is hidden in a JavaScript file that is part of a video player plugin ( vastServeVideoPlayer ) in the OpenX distribution. This vulnerability only applies to the free downloadable open source product, OpenX Source.
Popular Facebook Games Exposing User Data to Third Parties

Popular Facebook Games Exposing User Data to Third Parties

Oct 31, 2010 Cybersecurity / Social Media
Facebook privacy has been a recurring topic in the news. With the massive number of users on the site, the amount of personal data involved is enormous. Recently, it has been revealed that many popular third-party apps, mainly games like Farmville and Texas HoldEm Poker, are leaking the unique Facebook ID that can track individual users. According to an investigation by the Wall Street Journal, several Facebook apps have been providing advertisers with information that makes social networking users easily identifiable. All ten of Facebook's most popular apps, including Farmville and Texas HoldEm Poker, are leaking the unique Facebook ID number to outside firms. Each Facebook ID is unique and linked to every profile. By searching for this number, anyone can access the user's profile and view the information they have chosen to share with the public. This can include their name, date of birth, and even photos. Farmville, with 59 million users, also passes this information about a u
Expert Insights / Articles Videos
Cybersecurity Resources