#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

Digital Advertising | Breaking Cybersecurity News | The Hacker News

Category — Digital Advertising
TikTok Pixel Privacy Nightmare: A New Case Study

TikTok Pixel Privacy Nightmare: A New Case Study

Nov 14, 2024 Data Privacy / Compliance
Advertising on TikTok is the obvious choice for any company trying to reach a young market, and especially so if it happens to be a travel company, with 44% of American Gen Zs saying they use the platform to plan their vacations. But one online travel marketplace targeting young holidaymakers with ads on the popular video-sharing platform broke GDPR rules when a third-party partner misconfigured a TikTok pixel on one of its regional sites. An intriguing new case study reveals how the cyber security company that discovered the problem stopped a data breach from becoming a costly flood.  For the full case study, click here .  Dangers Close to Home Cyberattacks often make the headlines because hacking is a natural attention-grabber. The groups behind the attacks seem like modern-day highwaymen, shadowy figures who can rob countless victims from behind a mask of anonymity. Faceless criminals like these will always grab readers' attention, and while this is understandable, we'...
Irish Watchdog Imposes Record €310 Million Fine on LinkedIn for GDPR Violations

Irish Watchdog Imposes Record €310 Million Fine on LinkedIn for GDPR Violations

Oct 25, 2024 Digital Advertising / Privacy
The Irish data protection watchdog on Thursday fined LinkedIn €310 million ($335 million) for violating the privacy of its users by conducting behavioral analyses of personal data for targeted advertising. "The inquiry examined LinkedIn's processing of personal data for the purposes of behavioral analysis and targeted advertising of users who have created LinkedIn profiles (members)," the Data Protection Commission (DPC) said . "The decision [...] concerns the lawfulness, fairness, and transparency of this processing." The penalty has been issued under the European Union's (E.U.) General Data Protection Regulation ( GDPR ), an information privacy law that establishes a framework for the collection, processing, storage, and transfer of personal data in the E.U. and the European Economic Area (EEA). It went into effect on May 25, 2018. The probe, which was initiated following a complaint made to the French Data Protection Authority in 2018, found that Lin...
Unlocking Google Workspace Security: Are You Doing Enough to Protect Your Data?

Crowdstrike Named A Leader In Endpoint Protection Platforms

Nov 22, 2024Endpoint Security / Threat Detection
CrowdStrike is named a Leader in the 2024 Gartner® Magic Quadrant™ for Endpoint Protection Platforms for the fifth consecutive time, positioned highest on Ability to Execute and furthest to the right on Completeness of Vision.
Mozilla Faces Privacy Complaint for Enabling Tracking in Firefox Without User Consent

Mozilla Faces Privacy Complaint for Enabling Tracking in Firefox Without User Consent

Sep 25, 2024 Data Protection / Online Tracking
Vienna-based privacy non-profit noyb (short for None Of Your Business) has filed a complaint with the Austrian data protection authority (DPA) against Firefox maker Mozilla for enabling a new feature called Privacy-Preserving Attribution (PPA) without explicitly seeking users' consent. "Contrary to its reassuring name, this technology allows Firefox to track user behavior on websites," noyb said . "In essence, the browser is now controlling the tracking, rather than individual websites." Noyb also called out Mozilla for allegedly taking a leaf out of Google's playbook by "secretly" enabling the feature by default without informing users. PPA, which is currently enabled in Firefox version 128 as an experimental feature, has its parallels in Google's Privacy Sandbox project in Chrome. The initiative, now abandoned by Google , sought to replace third-party tracking cookies with a set of APIs baked into the web browser that advertisers can t...
cyber security

Creating, Managing and Securing Non-Human Identities

websitePermisoCybersecurity / Identity Security
A new class of identities has emerged alongside traditional human users: non-human identities (NHIs). Permiso Security's new eBook details everything you need to know about managing and securing non-human identities, and strategies to unify identity security without compromising agility.
Meta Given Deadline to Address E.U. Concerns Over 'Pay or Consent' Model

Meta Given Deadline to Address E.U. Concerns Over 'Pay or Consent' Model

Jul 23, 2024 Data Privacy / Regulatory Compliance
Meta has been given time till September 1, 2024, to respond to concerns raised by the European Commission over its "pay or consent" advertising model or risk-facing enforcement measures, including sanctions. The European Commission said the Consumer Protection Cooperation ( CPC ) Network has notified the social media giant that the model adopted for Facebook and Instagram might potentially violate consumer protection laws. It described the new practice as misleading and confusing, with authorities expressing worries that consumers might have been pressured into choosing quickly between either paying for a monthly subscription or consenting to their personal data being used for targeted advertising. This, the agency said, could have been motivated by fears that they "would instantly lose access to their accounts and their network of contacts." Meta, which introduced a subscription plan for European Union (E.U.) users in late 2023, has run into hot water over o...
Meta's 'Pay or Consent' Approach Faces E.U. Competition Rules Scrutiny

Meta's 'Pay or Consent' Approach Faces E.U. Competition Rules Scrutiny

Jul 02, 2024 Digital Regulation / Tech News
Meta's decision to offer an ad-free subscription in the European Union (E.U.) has faced a new setback after regulators accused the social media behemoth of breaching the bloc's competition rules by forcing users to choose between seeing ads or paying to avoid them. The European Commission said the company's "pay or consent" advertising model is in contravention of the Digital Markets Act ( DMA ). "This binary choice forces users to consent to the combination of their personal data and fails to provide them a less personalized but equivalent version of Meta's social networks," the Commission said . It also noted that companies in gatekeeper roles must seek users' permission to combine their personal data between designated core platform services and other services (e.g., advertising), and that users who refuse to opt in should have access to a less personalized but equivalent alternative. On top of that, Meta's approach does not allow us...
Privacy Sandbox Initiative: Google to Phase Out Third-Party Cookies Starting 2024

Privacy Sandbox Initiative: Google to Phase Out Third-Party Cookies Starting 2024

May 19, 2023 Online Privacy / Tech News
Google has announced plans to officially flip the switch on its twice-delayed  Privacy Sandbox  initiatives as it slowly works its way to deprecate support for third-party cookies in Chrome browser. To that end, the search and advertising giant said it intends to phase out third-party cookies for 1% of Chrome users globally in the first quarter of 2024. "This will support developers in conducting real world experiments that assess the readiness and effectiveness of their products without third-party cookies," Anthony Chavez, vice president of Privacy Sandbox at Google,  said . Prior to rolling this out, Google said it would introduce the ability for third-party developers to simulate the process for a configurable subset of their users (up to 10%) in Q4 2023. Google further emphasized that the plans have been designed and developed with regulatory oversight and input from the U.K.'s Competition and Markets Authority ( CMA ), which is overseeing the implementation to...
Google Bringing Privacy Sandbox to Android to Limit Sharing of User Data

Google Bringing Privacy Sandbox to Android to Limit Sharing of User Data

Feb 17, 2022
Google on Wednesday announced plans to bring its Privacy Sandbox initiatives to Android in a bid to expand its privacy-focused, but also less disruptive, advertising technology beyond the desktop web. To that end, the internet giant said it will work towards building solutions that prevent cross-app tracking à la Apple's App Tracking Transparency ( ATT ) framework, effectively limiting sharing of user data with third-parties as well as eliminating identifiers such as advertising IDs on mobile devices. "The Privacy Sandbox on Android builds on our existing efforts on the web, providing a clear path forward to improve user privacy without putting access to free content and services at risk," Anthony Chavez, vice president of product management for Android security and privacy,  said . Privacy Sandbox , launched in 2019, is Google's umbrella term for a set of technologies that will phase out third-party cookies and curb covert tracking, like  fingerprinting , by redu...
Google Extends Support for Tracking Party Cookies Until 2023

Google Extends Support for Tracking Party Cookies Until 2023

Jun 25, 2021
Google's sweeping proposal to deprecate third-party cookies in Chrome browser is going back to the drawing board after the company announced plans to delay the rollout from early 2022 to late 2023, pushing back the project by nearly two years. "While there's  considerable progress  with this initiative, it's become clear that more time is needed across the ecosystem to get this right," Chrome's Privacy Engineering Director, Vinay Goel,  said  Thursday. In buying extra time, the search giant said it hopes to arrive at a consensus on the right solutions, while simultaneously engaging with regulators, and enabling publishers and the advertising industry to migrate their services to privacy-preserving technologies that prevent "alternative forms of individual tracking, and discourage the rise of covert approaches like  fingerprinting ." The revised timelines comes close on the heels of a fresh regulatory setback in the European Union, after the Euro...
Mozilla Says Google's New Ad Tech—FLoC—Doesn't Protect User Privacy

Mozilla Says Google's New Ad Tech—FLoC—Doesn't Protect User Privacy

Jun 11, 2021
Google's upcoming plans to replace third-party cookies with a less invasive ad targeted mechanism have a number of issues that could defeat its privacy objectives and allow for significant linkability of user behavior, possibly even identifying individual users. "FLoC is premised on a compelling idea: enable ad targeting without exposing users to risk,"  said  Eric Rescorla, author of TLS standard and chief technology officer of Mozilla. "But the current design has a number of privacy properties that could create significant risks if it were to be widely deployed in its current form." Short for Federated Learning of Cohorts,  FLoC  is part of Google's fledgling  Privacy Sandbox  initiative that aims to develop alternate solutions to satisfy cross-site use cases without resorting to third-party cookies or other opaque tracking mechanisms. Essentially, FLoC allows marketers to guess users' interests without having to uniquely identify them, thereby eli...
Python-Based Adware Evolves to Install Malicious Browser Extensions

Python-Based Adware Evolves to Install Malicious Browser Extensions

Jun 26, 2018
Security researchers have been warning of a few newly detected variants of python -based adware that are being distributed in the wild not only to inject ads but also found installing malicious browser extensions and hidden cryptocurrency miner into victims' computers. Dubbed PBot , or PythonBot , the adware was first uncovered more than a year ago, but since then the malware has evolved, as its authors have been trying different money-making schemes to profit themselves, according to researchers at Kaspersky Labs. The previous versions of the PBot malware were designed to perform man-in-the-browser (MITB) attacks to inject unwanted advertising scripts on web pages visited by the victim, but the newer variants have been found installing malicious ad extensions in the web browser. "Developers are constantly releasing new versions of this modification, each of which complicates the script obfuscation," Kaspersky researchers said in their blog post published today....
US Senate Just Voted to Let ISPs Sell Your Web Browsing Data Without Permission

US Senate Just Voted to Let ISPs Sell Your Web Browsing Data Without Permission

Mar 24, 2017
The ISPs can now sell certain sensitive data like your browsing history without permission, thanks to the US Senate. The US Senate on Wednesday voted, with 50 Republicans for it and 48 Democrats against, to roll back a set of broadband privacy regulations passed by the Federal Communication Commission (FCC) last year when it was under Democratic leadership. In October, the Federal Communications Commission ruled that ISPs would need to get consumers' explicit consent before being allowed to sell their web browsing data to the advertisers or other big data companies. Before the new rules could take effect on March 2, the President Trump's newly appointed FCC chairman Ajit Pai temporarily put a hold on these new privacy rules. Ajit Pai argued that the rules, which are regulated by FTC, unfairly favored companies like Google, Twitter, and Facebook, who have the ability to collect more data than ISPs and thus dominate digital advertising. "All actors in the online...
New Privacy Rules require ISPs to must Ask you before Sharing your Sensitive Data

New Privacy Rules require ISPs to must Ask you before Sharing your Sensitive Data

Oct 28, 2016
Good News for privacy concerned people! Now, your online data will not be marketed for business; at least by your Internet Service Providers (ISPs). Yes, it's time for your ISPs to ask your permission in order to share your sensitive data for marketing or advertisement purposes, the FCC rules. On Thursday, the United States Federal Communications Commission (FCC) has imposed new privacy rules on Internet Service Providers (ISPs) that restrict them from sharing your online history with third parties without your consent. In a 3-2 vote, the FCC approved the new rules by which many privacy advocates seem pleased, while some of them wanted the Commission to even apply the same rules to web-based services like Google and Facebook as well. Initially proposed earlier this year, the new rule says : "ISPs are required to obtain affirmative 'opt-in' consent from consumers to use and share sensitive information." What does 'sensitive' information mean h...
Beware! Advertisers Are Tracking You via Phone's Battery Status

Beware! Advertisers Are Tracking You via Phone's Battery Status

Aug 02, 2016
Is my smartphone battery leaking details about me? Unfortunately, YES! Forget about supercookies, apps, and malware; your smartphone battery status is enough to monitor your online activity, according to a new report. In 2015, researchers from Stanford University demonstrated a way to track users' locations – with up to 90 percent accuracy – by measuring the battery usage of the phone over a certain time. The latest threat is much worse. Two security researchers, Steve Engelhard and Arvind Narayanan, from Princeton University, have published a paper describing how phone's battery status has already been used to track users across different websites. The issue is due to the Battery Status API (application programming interface). How Does Battery Status API Help Advertisers Track You? The battery status API was first introduced in HTML5 and had already shipped in browsers including Firefox, Chrome, and Opera by August last year. The API is intended to allo...
Verizon Set to Buy Yahoo for $5 Billion — Here's Why a Telecom is so Interested!

Verizon Set to Buy Yahoo for $5 Billion — Here's Why a Telecom is so Interested!

Jul 22, 2016
Finally, Someone has come forward to buy Yahoo! Guess Who? The telecommunication giant Verizon . Yes, Verizon Communications Inc. is reportedly closing in on a deal to acquire Yahoo's core business for about $5 Billion, according to a report from Bloomberg. Since the agreement between the companies has not been finalized, it is unclear at this moment that which Yahoo's assets the deal would include. "In order to preserve the integrity of the process, we're not going to comment on the issue until we've finalized an agreement," a Yahoo spokeswoman said in a statement provided to CNNMoney. You might be wondering Why Verizon is buying Yahoo! Well, I'll come to it in the second half of my article, because before discussing this point, let's first focus on why Yahoo! wants to get acquired. Why Yahoo Was Up For Sale? Founded in 1995, Yahoo! was once the brightest star of the Web. But when its rivals including Google, Facebook and even few-years-old com...
Expert Insights / Articles Videos
Cybersecurity Resources