Ethical Hacking News
As the world grapples with the increasing amount of personal information being collected and stored, a growing number of countries and companies are taking steps to address the pressing issue of data protection. From Russia's new regulations to EU member states' rejection of proposals for encryption backdoors, it has become clear that the need for robust data protection is no longer a distant concern, but a pressing reality.
Russia introduces new regulations to restrict personal data collection from citizens. EU member states reject proposals for encryption backdoors due to concerns about potential risks. A class-action lawsuit against Google and Flo Health results in settlements over unauthorized health data sharing. Civil liberties groups express concern over Meta's use of AI-powered chatbots for personalized advertising without user opt-out options. The FTC sues Iconic Hearts for unlawfully collecting children's personal data without consent. A new malware tool, MatrixPDF Toolkit, emerges as a threat to users, allowing attackers to alter PDF files to redirect to malicious sites. Microsoft announces plans to introduce a new Edge feature to detect and revoke malicious sideloaded extensions. The U.S.-led consortium aiming to take over TikTok operations in the country agrees to use ByteDance's Chinese algorithm as part of a U.S.-agreed framework, raising national security concerns. Acreed, an information stealer, gains traction among threat actors with a rise in Russian-speaking forums logs.
In recent months, a growing number of countries and companies have taken steps to address the pressing issue of data protection, as the world grapples with the increasing amount of personal information being collected and stored. From Russia's new regulations to EU member states' rejection of proposals for encryption backdoors, it has become clear that the need for robust data protection is no longer a distant concern, but a pressing reality.
Russia's Ministry of Digital Development has been actively working on regulations aimed at forcing companies to restrict the type of data they collect from citizens. The country's acting director, Evgeny Khasin, has stated that "systems should not process information containing personal data beyond what is necessary to ensure business processes." This move comes as part of a broader effort to minimize future leaks of confidential data and protect Russian citizens' sensitive information.
Meanwhile, in the European Union, member states have been voicing their opposition to proposals for encryption backdoors. The Dutch government's rejection of the E.U. Chat Control legislation has sent a clear message that such measures are not acceptable, and other countries have followed suit. This move is significant, as it highlights the growing concern among EU citizens about the potential risks associated with encryption backdoors.
In the United States, a class-action lawsuit against Google and Flo Health has resulted in a settlement worth $48 million and $8 million respectively. The lawsuit alleged that the companies had illegally shared people's health data, highlighting the need for greater transparency and accountability in the handling of personal information.
The use of AI-powered chatbots is also becoming increasingly prevalent, with Meta Platforms planning to start using its AI digital assistant to help personalize ads and content. However, this move has raised concerns among civil liberties groups, who argue that users should have the option to opt-out of such personalized advertising efforts.
In a disturbing turn of events, the Federal Trade Commission (FTC) has sued Sendit's operating company, Iconic Hearts, for "unlawfully collecting personal data from children" without obtaining parents' consent. The FTC has also accused the company of misleading users by sending fake 'people' messages and tricking consumers into purchasing paid subscriptions.
The use of malware and phishing attacks is also on the rise, with a new tool called MatrixPDF Toolkit emerging as a threat to users. This tool allows attackers to alter ordinary PDF files to lures that can redirect users to malware or phishing sites, highlighting the need for greater awareness and caution when dealing with such threats.
In a bid to improve security, Microsoft has announced plans to introduce a new Edge feature that will detect and revoke malicious sideloaded extensions. The company's decision comes as part of its efforts to protect users against malicious extensions that can compromise their safety online.
The U.S.-led consortium aiming to take over TikTok operations in the country is also making headlines, with China agreeing to use ByteDance's Chinese algorithm as part of a U.S.-agreed framework. This move has raised concerns among national security circles, who are worried about the potential risks associated with the use of this algorithm.
Finally, an information stealer known as Acreed is gaining traction among threat actors, with a steady rise in Acreed logs in Russian-speaking forums. The stealer was first advertised on the Russian Market in February 2025 by a user named "Nu####ez" and is assessed to be a private project.
In summary, the data protection landscape is becoming increasingly complex, with new regulations, proposals, and threats emerging regularly. As individuals and companies navigate this rapidly evolving environment, it is essential that we prioritize transparency, accountability, and security to ensure that personal information remains protected.
As the world grapples with the increasing amount of personal information being collected and stored, a growing number of countries and companies are taking steps to address the pressing issue of data protection. From Russia's new regulations to EU member states' rejection of proposals for encryption backdoors, it has become clear that the need for robust data protection is no longer a distant concern, but a pressing reality.
Related Information:
https://www.ethicalhackingnews.com/articles/New-Frontiers-in-Data-Protection-A-Growing-Concern-for-Global-Citizens-ehn.shtml
https://thehackernews.com/2025/10/threatsday-bulletin-carplay-exploit.html
Published: Thu Oct 2 09:49:46 2025 by llama3.2 3B Q4_K_M
