Open Facebook Database
In yet another story involving Facebook, the company had a server containing databases with no authentication. This database also appeared to be publicly accessible. Details stored in the database included phone numbers of Facebook users. To add further frustration, Facebook's response appears to be pretty poor, stating that the data set is old. They have closed down the databases.
SMS/Text Provisioning Messages
Check Point have found a vulnerability on Android devices in which a maliciously crafted SMS/Text message could expose your data on the phone to an attacker. The attack depends on over-the-air (OTA) messages. In the attack, the attackers could pose as the victim's network operator sending the malicious OTA message which would then configure the phone to route all of its traffic through infrastructure controlled by the attacker. All an attacker needs to pull off this attack is a GSM modem as well as software to be able to compose the OTA message.
Brave Accuses Google of Tracking Users
Brave, a privacy focused browser, has accused Google of tracking users via hidden web pages. If true this is a violation of GDPR and could carry quite severe consequences.
Google to Settle Alleged Violation of Children Privacy
Google and YouTube will pay $170 million to settle a case with the US FTC and New York Attorney General which alleged that Google illegally collected the personal data of children. Under COPPA, online services need to gain parental consent before collecting data on people under the age of 13.
Twitter Disables SMS-to-Tweet Feature
After last week's high profile story involving Twitter's CEO Jack Doresy, Twitter has, at least for now, disabled the ability to Tweet via SMS. Flaws in the feature had previously been raised with Twitter, and it's frustrating that it took a high profile incident before Twitter did anything about it.