Skip to main content


Showing posts from December, 2019

TikTok Secretly Sent Users Private Data & PII Number to Chinese Server Including Draft Videos

The popular Android and iOS short-videos creating app, TikTok hit with a lawsuit claims that the app illegally and secretly transfers app's users' private sensitive data and Personally Identifiable Information (PII) to Chinese servers. TikTok which is a 15-second short-video creating app especially popular among the younger generation and also downloaded over 1.3 Billion times worldwide . TikTok remains top in the most downloaded app list for months on the Apple App Store and Google Play Store.  According to the lawsuit, Tiktok shared the user's created videos which include private acts and closeups of user's faces (biometric data) before the videos are saved on the app. TikTok provides many options includes the next button, close button, and button for effects to its users while recording the video. Here, the next button takes users to the screen that shows these two options : "post" and "save".  After clicking on the "next" button, Tik

Major Security Flaw — Airtel’s Mobile App Exposes Personal Data of 32 Crore Subscribers

Indian security researcher, Ehraz Ahmed discovered a critical security flaw in the Airtel mobile app that could expose the personal data of 32 crore subscribers. The flaw exists in their mobile app's API that allows an attacker to retrieve private sensitive information of any Airtel subscribers. Airtel is the 3rd largest telecom service provider in India in terms of subscribers after Vodafone-Idea (VI) and Reliance Jio.  The critical security flaw could allow a hacker to retrieve private sensitive information of any Airtel subscribers and by having the sensitive details hacker can set up targeted attacks.  The private sensitive information that can be exposed includes First Name, Last Name, Birthdate, Email, Gender, Redidential Address, Subscription Data, Network Info, Device Capability info (2G/3G/4G), User Type (Postpaid/Prepaid), and IMEI Number.  The IMEI number is always a unique one and due to this, it can be used to recognize (identify) the device of

Avast and AVG Browser Extensions Spying On Chrome and Firefox Users

Dear Chrome or Firefox users, if you are using any of the below-listed extensions (add-ons) in your web browser then you should immediately remove or disable them . Avast Online Security (Offered By Avast) Avast SafePrice (Offered By Avast)  AVG Online Security (Offered By AVG) AVG SafePrice (Offered By AVG)    Why You Should Immediately Remove or Disable Them? These above four popular and broadly installed browser extensions (add-ons) have been caught gathering too much information of its millions of users including users' detailed online browsing activities. So, that's why you should immediately remove or disable them.  Most of the user might not even recall downloading and installing of any of above extensions (add-ons) on their web browser and that's because if users downloads and installs Avast or AVG anti-virus (endpoints) on their system then the software installer automatically installs corresponding Avast or AVG extensions on their correspon

5G and AI Could Increase Cybersecurity Risks

Recently, Information Risk Management (IRM) published its 2019 Risky Business Report .  This report shows the results of polling decision-makers in the cybersecurity and risk management sectors to get their expert opinions on things like the changing threat landscape, corporate decision-making about cybersecurity and other relevant topics. Two important things covered in the report were cybersecurity experts believe the upcoming 5G network could pose new cybersecurity risks, and that Artificial Intelligence (AI) could introduce new cybersecurity concerns as well. So, cybersecurity experts are concerned about the growing risks this duo will bring along with it. Here's a look at how the report outlines 5G and AI in cybersecurity. The 5G Network Expected to Increase Cybersecurity Risks The IRM (Information Risk Management) report found that 83% of respondents believe that developments in 5G wireless technology will create cybersecurity challenges for their organization