Schneier on Security

JUNE 6, 2023

In 2013 and 2014, I wrote extensively about new revelations regarding NSA surveillance based on the documents provided by Edward Snowden. I wrote the essay below in September 2013. Many have written about how being under constant surveillance changes a person. But I had a more personal involvement as well.

Surveillance 349

Surveillance Computers and Electronics Government Encryption 349

Threatpost

JULY 1, 2020

Never-before-seen Android spyware tools have been used in a widespread APT campaign to spy on the Uyghur ethnic minority group - since 2013.

Spyware 115

Spyware Surveillance Malware Hacking 115

Duo's Security Blog

FEBRUARY 1, 2021

We are proud to announce the Duo has achieved ISO 27001:2013, 27017:2015, and 27018:2019 certification! What is ISO 27001:2013, 27017:27017 and 27018:2019? An ISO 27000 series certification is valid for three years and requires an annual surveillance audit to ensure continued compliance for the lifespan of the certification.

Manufacturing 76

Manufacturing Surveillance Information Security 76

Security Affairs

APRIL 1, 2023

Five of the issues added by CISA to its catalog are part of the exploits used by surveillance vendors to target mobile devices with their commercial spyware: CVE-2021-30900 – Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability. The exploits were used to install commercial spyware and malicious apps on targets’ devices.

Spyware 98

Spyware Surveillance Mobile Education 98

Security Boulevard

JANUARY 10, 2022

After Snowden leaked documents from the NSA and left their employment in 2013, he has been living in Moscow and since charged with violating the Espionage Act.

Surveillance 128

Surveillance Government 128

SecureList

JUNE 16, 2021

From 2015 to February 2018, the malware was compiled with Visual Studio 2013 and 2015, whereas in February 2018, the developers moved to Visual Studio 2017 and embedded the malware’s logic within Microsoft Foundation Class (MFC) classes.

Surveillance 145

Surveillance Malware Password Management Passwords 145

Krebs on Security

SEPTEMBER 30, 2024

Islam also pleaded guilty to reporting dozens of phony bomb threats and fake hostage situations at the homes of celebrities and public officials (Islam participated in a swatting attack against this author in 2013 ). ” who said Iza hired him to surveil Zelocchi but ultimately refused to pay him for much of the work.

Cryptocurrency 311

Cryptocurrency Government Internet Internet 311

Security Affairs

FEBRUARY 11, 2021

Confucius is a pro-India APT group that has been active since 2013, it mainly focused on Pakistani and other South Asian targets. Since 2018, the hackers started targeting mobile users with an Android surveillance malware ChatSpy. ” reads the report published by Lookout. ” concludes the report. Pierluigi Paganini.

Spyware 143

Spyware Surveillance Malware Mobile 143

Duo's Security Blog

FEBRUARY 1, 2021

We are proud to announce the Duo has achieved ISO 27001:2013, 27017:2015, and 27018:2019 certification! What is ISO 27001:2013, 27017:2015 and 27018:2019? An ISO 27000 series certification is valid for three years and requires an annual surveillance audit to ensure continued compliance for the lifespan of the certification.

Manufacturing 52

Manufacturing Surveillance Information Security CISO 52

Security Affairs

MARCH 1, 2020

The Register reports that the secret structures of GCHQ are part of the surveillance programme codenamed “CIRCUIT” and also refers to an Overseas Processing Centre 1 (OPC-1), while another centre, OPC-2, has been planned, according to documents leaked by Snowden. In the documents, the company is referred to as a “partner” codenamed Gerontic.

Wireless 145

Wireless Surveillance Telecommunications Advertising 145

Schneier on Security

JULY 24, 2019

This is exactly the policy debate we should be having­not the fake one about whether or not we can have both security and surveillance. I wrote about all this, and more, in 2013.). But adding that backdoor also decreases our collective security because the bad guys can eavesdrop on everyone.

Encryption 279

Encryption Telecommunications Risk Government 279

Schneier on Security

AUGUST 14, 2019

This is exactly the policy debate we should be having -- not the fake one about whether or not we can have both security and surveillance. I wrote about all this, and more, in 2013.). But adding that backdoor also decreases our collective security because the bad guys can eavesdrop on everyone.

Encryption 275

Encryption Telecommunications Risk Government 275

CyberSecurity Insiders

MAY 3, 2021

As per the report on CNN, this public surveillance program will be carried out by Department of Homeland Security and will be done by collaborating with private companies, mainly those belonging to technology sector.

Data privacy 102

Data privacy Government Surveillance Media 102

Security Affairs

MARCH 14, 2020

The feature that prevent s the execution of JavaScript code on specific sites is essential for the privacy-friendly Tor Browser that uses it to prevent online surveillance. Malicious JavaScrip codes could reveal the real IP addresses of Tor users if executed.

Advertising 145

Advertising Surveillance Hacking Information Security 145

Security Affairs

DECEMBER 16, 2020

The campaign has been active since at least 2013, but the Goontact malware samples were first observed by Lookout in November 2018. ” conclude the experts.

Spyware 142

Spyware Mobile Surveillance Malware 142

Schneier on Security

FEBRUARY 21, 2020

He didn't become a senator until 2013.) My most recent two books, Data and Goliath -- about surveillance -- and Click Here to Kill Everybody -- about IoT security -- are really about the policy implications of technology. Matt Blaze and Ron Rivest were with me; I don't remember who else. They still are.

Technology 276

Technology Encryption Surveillance Government 276

Security Affairs

SEPTEMBER 11, 2022

The campaigns have been conducted since 2015 and are aimed at conducting information collection and surveillance operations against individuals and organizations of strategic interest to Teheran. ” The surveillance operations conducted by the APT group involved the distribution of Android malware such as VINETHORN and PINEFLOWER.

Surveillance 100

Surveillance Social Engineering Phishing Government 100

Security Boulevard

DECEMBER 1, 2023

| [link] Introduction In 2013, Edward Snowden leaked over 200,000 classified National Security Agency documents concerning widespread government surveillance practices. This Article Navigating Rogue Waves; Balancing Privacy and Security was first published on Signpost Six. |

Surveillance 59

Surveillance Government Media Risk 59

NopSec

JULY 18, 2013

The post Recommended sessions at Black Hat 2013 Conference appeared first on NopSec. A choice of “OPTIROP: Hunting for ROP Gadgets in Style” or “Hacking like in the movies: ” Have a great conference and see you around there!

Surveillance 40

Surveillance Hacking Software 40

Security Affairs

SEPTEMBER 17, 2019

Edward Snowden’s book includes details of the author’s life, including the description of his activity at the US intelligence agencies while they were buiding the Prism surveillance system. The government of the United States has just announced a lawsuit over my memoir, which was just released today worldwide.

Government 98

Government Surveillance Advertising Hacking 98

CyberSecurity Insiders

MAY 31, 2021

However, unless it is done under strict surveillance, none of the benefits could reach the populace. . Note- In the year 2013, NHS was involved in a similar data-sharing program called ‘Care Data’ where all the patient data belonging to the Govt backed healthcare services provide was being stored in a central repository.

Data privacy 94

Data privacy Surveillance Healthcare Ransomware 94

Security Affairs

AUGUST 23, 2020

Transparent Tribe has been active since at least 2013, it targeted entities across 27 countries, most of them in Afghanistan, Germany, India, Iran and Pakistan. These RATs are capable of exfiltrate information, take screenshot, and record webcam streams.

Malware 145

Malware Media Advertising Surveillance 145

Krebs on Security

AUGUST 16, 2018

The claims come in a lawsuit filed this week in Los Angeles on behalf of Michael Terpin , who co-founded the first angel investor group for bitcoin enthusiasts in 2013. Investigators in that case say they have surveillance logs that show the group discussed working directly with mobile store employees to complete the phone number heists.

Mobile 267

Mobile Cryptocurrency Accountability Authentication 267

Security Affairs

MARCH 25, 2020

The feature that prevents the execution of JavaScript code on specific sites is essential for the privacy-friendly Tor Browser that uses it to prevent online surveillance. Malicious JavaScrip codes could reveal the real IP addresses of Tor users if executed.

Surveillance 88

Surveillance Information Security Hacking 88

eSecurity Planet

APRIL 26, 2022

Company Sector Year Status Wiz Cloud security 2020 Private Evervault Developer encryption 2019 Private Verkada Security surveillance 2019 Private Armis IoT network security 2015 Private Sumo Logic Threat intelligence 2014 Nasdaq: SUMO Okta Identity management 2013 Nasdaq: OKTA Barracuda Enterprise security 2006 Private.

Cybersecurity 130

Cybersecurity Technology Marketing Healthcare 130

Malwarebytes

APRIL 17, 2024

There are new relationships in which the rules around privacy and sharing are still being agreed upon, old relationships in which power imbalances are deeply entrenched, and, of course, abusive relationships in which non-consensual tracking and surveillance are used as levers of control. The man murdered his two children.

Risk 132

Risk Spyware Surveillance Cybersecurity 132

Identity IQ

FEBRUARY 8, 2024

From 2011 to 2013, the Silk Road hosted 1.2 2013: The End of the Silk Road Authorities were able to trace the pseudonym back to Ulbricht thanks to the efforts of an IRS investigator who was working with the DEA on the Silk Road case in mid-2013. The FBI shut down the Silk Road in October 2013. billion in value.

Identity Theft 98

Identity Theft Cryptocurrency Government Engineering 98

eSecurity Planet

SEPTEMBER 25, 2022

In 2013, for example, the FIDO Alliance was created to solve the world’s password problem by replacing login technology. Identity, citizenship, and surveillance are all societal concerns. For years the tech industry has promised a shift toward a passwordless future. By 2015, Microsoft joined, and in 2020, Apple followed.

Passwords 126

Passwords Password Management Authentication Technology 126

Scary Beasts Security

MARCH 21, 2014

Whilst it's true that Flash 0-days have seen a resurgence in Dec 2013 - Feb 2014, this does not invalidate the data that the whitehat community made a difference in 2010 - 2011 onwards. (You should also call Mateusz Jurczyk, Gynvael Coldwind and Fermin Serna heroes too.

Surveillance 50

Surveillance Software Internet Internet 50

Security Affairs

MARCH 31, 2019

Booz Allen Hamilton is the same defense contractor that employed the notorious Edward Snowden at the time the whistleblower when he disclosed the mass surveillance program conducted by the NSA on a global scale. The DoJ’s chief national security prosecutor John Carlin revealed that Martin was employed by Booz Allen Hamilton.

Computers and Electronics 85

Computers and Electronics Government Advertising Surveillance 85

Malwarebytes

JULY 4, 2022

In 2013, Edward Snowden’s revelations about pervasive Internet surveillance triggered a huge gobal effort to make encrypted web traffic the norm, rather than the exception. In all likelihood, it will take something quite dramatic to change that, but that doesn’t mean it can’t happen.

Internet 123

Internet Internet Technology DNS 123

SecureList

APRIL 27, 2022

Janicab was first introduced in 2013 as malware able to run on macOS and Windows operating systems. Another victim in which the same chain was exhibited is a computer game manufacturer in Cambodia, where the attack could have been used for a different purpose, possibly to infiltrate the company’s supply chain.

Malware 145

Malware Firmware Government Phishing 145

SecureList

JANUARY 20, 2022

Some elements of shellcode leveraged in MoonBounce were spotted in an old rootkit that was part of a malicious framework dubbed xTalker, which has been seen in the wild since at least 2013, alongside several malware families affiliated to known actors, e.g. NetTraveler, Enfal and Microcin.

Firmware 145

Firmware Malware Encryption Passwords 145

ForAllSecure

APRIL 22, 2021

In 2013, researcher Nitesh Dhanjani found that a popular brand used simple MD5 hashes of the device's MAC addresses for authentication. Raccoons are blind in the light, so they were effectively creating a denial of service attack upon themselves. The next day I cut the string, There's a parallel here to IoT light bulbs that change colors.

IoT 52

IoT Hacking Internet Internet 52

ForAllSecure

APRIL 22, 2021

In 2013, researcher Nitesh Dhanjani found that a popular brand used simple MD5 hashes of the device's MAC addresses for authentication. Raccoons are blind in the light, so they were effectively creating a denial of service attack upon themselves. The next day I cut the string, There's a parallel here to IoT light bulbs that change colors.

IoT 52

IoT Hacking Internet Internet 52

ForAllSecure

JUNE 2, 2021

So, in 2013, I also started working as a penetration tester doing web application penetration tests or application security tests, mostly code audits, code review. So it's not necessarily related to Binary exploitation but I'm interested in in all the fields Yeah, I've been doing that for the site since 2013.

Media 52

Media Hacking InfoSec Marketing 52

ForAllSecure

JUNE 2, 2021

So, in 2013, I also started working as a penetration tester doing web application penetration tests or application security tests, mostly code audits, code review. So it's not necessarily related to Binary exploitation but I'm interested in in all the fields Yeah, I've been doing that for the site since 2013.

Media 52

Media Hacking InfoSec Marketing 52