![]() ![]() Elon Musk Says He’ll Create ‘TruthGPT’ to Counter AI ‘Bias’.NSO Group Used at Least 3 iOS Zero-Click Exploits in 2022: Citizen Lab.SpecterOps Scores $25M Funding to Secure ID Attack Paths.Cyfirma Raises $6 Million for Threat Management Platform.Google Proposes More Transparent Vulnerability Management Practices.Cerbos Raises $7.5 Million for Authorization Platform.Juniper Networks Patches Critical Third-Party Component Vulnerabilities.Microsoft Warns Accounting, Tax Return Preparation Firms of Remcos RAT Attacks.Lockr Raises $2.5 Million for Identity and Data Protection Platform.New ‘Domino’ Malware Linked to FIN7 Group, Ex-Conti Members. ![]() Takedown of GitHub Repositories Disrupts RedLine Malware Operations.Related: Macs Infected With New Monero-Mining Malware Related: Mac Apps From Apple’s App Store Steal User Data, Researchers Say This has been corrected,” the company said. “We have learned that browser collection functionality was designed in common across a few of our applications and then deployed the same way for both security-oriented as well as the non-security oriented apps such as the ones in discussion. In addition, the company also claims to have permanently dumped all legacy logs from the US-based AWS servers, including the logs of browser histories that the users permitted at installation (and which was only being held for 3 months).Īccording to Trend Micro, the presence of the same data collection capabilities across a number of its applications was the result of the use of common code libraries. The security firm also notes that the browser history data was uploaded to a U.S.-based server hosted by AWS and managed/controlled by Trend Micro.Īll of the offending applications have been already stripped off the browser history collection capabilities, Trend Micro also says. The security firm also points out that users were informed on the collection and use of browser history data, both in the applicable EULAs and at installation, when the user was also prompted to accept the data collection. “This was a one-time data collection, done for security purposes (to analyze whether a user had recently encountered adware or other threats, and thus to improve the product & service),” Trend Micro claims. The data collection practice, the company says, only targeted “a small snapshot of the browser history on a one-time basis.” Specifically, only the browsing history for the 24 hours prior to the installation were targeted. In a statement regarding these allegations, the company confirmed not only that the two applications collected user data, but also that other Mac apps developed by the company did the same, including Dr Cleaner Pro, Dr. Cleaner, two programs developed by security software provider Trend Micro. The program was observed sending the harvested data to a server located in China.Īmong the other applications that engaged in the collection of browsing history, researchers mentioned Dr. The initial reports focused on Adware Doctor, a $4.99 application that would gather Safari, Chrome, and Firefox browsing history, the list of running processes, and a list of downloaded software. Recent reports revealed that so-called security applications for Mac that are being distributed through Apple’s App Store collected and exfiltrated users’ browsing histories along with some other sensitive information (such as lists of installed apps). Trend Micro on Monday confirmed that some of its applications for Mac collect browser history and send it to the security firm’s servers. ![]()
0 Comments
Leave a Reply. |