The Guardian: Trump immigration database exposes crime victims’ personal info, lawyers say

The Guardian: Trump immigration database exposes crime victims’ personal info, lawyers say. “A new US immigration database has exposed the personal information of crime victims, putting them at risk of further violence and violating federal laws designed to conceal the identities of abuse survivors, according to a coalition of attorneys.”

Dark Reading: 82% of Databases Left Unencrypted in Public Cloud

Dark Reading: 82% of Databases Left Unencrypted in Public Cloud. “The average lifespan of a cloud resource is 127 minutes. Traditional security strategies can’t keep up with this rate of change, and 82% of databases in the public cloud are left unencrypted. These findings come from the RedLock Cloud Security Intelligence (CSI) team’s ‘Cloud Infrastructure Security Trends’ report.”

Techdirt: Boston Globe Blocks Readers Using Privacy Modes In Browsers

Techdirt: Boston Globe Blocks Readers Using Privacy Modes In Browsers. “…people generally like to use privacy and incognito modes in their browsers for the very reasons the browsers developed them: security and privacy. Two things that perhaps the folks at the Boston Globe don’t consider terribly important as they have elected to simply block all readership from browsers running in privacy modes unless the reader signs up for a subscription.”

EFF: New Twitter Policy Abandons A Longstanding Privacy Pledge

EFF: New Twitter Policy Abandons A Longstanding Privacy Pledge. “Twitter plans to roll out a new privacy policy on June 18, and, with it, is promising to roll back its longstanding commitment to obey the Do Not Track (DNT) browser privacy setting. Instead, the company is switching to the Digital Advertising Alliance’s toothless and broken self-regulatory program. At the same time, the company is taking the opportunity to introduce a new tracking option and two new targeting options, all of which are set to ‘track and target’ by default. These are not the actions of a company that respects people’s privacy choices.”

eWeek: Check Point Discovers Media Subtitle Vulnerability Impacting Millions

eWeek: Check Point Discovers Media Subtitle Vulnerability Impacting Millions. “Security firm Check Point Software Technologies publicly disclosed a new threat vector today in media player subtitles, that could have potentially exposed millions of users to security risks. Simply by running a media file that downloads embedded malicious subtitles, Check Point alleges that end-user systems could have been taken over by attackers.”

Washington Post: Google now knows when its users go to the store and buy stuff

Washington Post: Google now knows when its users go to the store and buy stuff. “Google will begin using data from billions of credit and debit card transactions — including card numbers, purchase amounts and time stamps — to solve the advertising juggernaut’s long-standing quest to prove that online ads prompt consumers to make purchases in brick-and-mortar stores, the company said on Tuesday.”

Ars Technica: “Yahoobleed” flaw leaked private e-mail attachments and credentials

Ars Technica: “Yahoobleed” flaw leaked private e-mail attachments and credentials. “For years, Yahoo Mail has exposed a wealth of private user data because it failed to update widely used image-processing software that contained critical vulnerabilities. That’s according to a security researcher who warned that other popular services are also likely to be leaking sensitive subscriber secrets.”