2018, Architecture and Surveillance - Cyber Security Informer

Google Responds to Warrants for “About” Searches

Schneier on Security

OCTOBER 13, 2020

.” These searches are legal when conducted for the purpose of foreign surveillance, but the worry about using them domestically is that they are unconstitutionally broad. The very nature of these searches requires mass surveillance. The FBI does not conduct mass surveillance. The FBI does not conduct mass surveillance.

Surveillance

Surveillance Wireless Accountability Architecture

Evaluating the NSA's Telephony Metadata Program

Schneier on Security

AUGUST 12, 2019

The first concern was over high numbers: in both 2016 and 2017, the Foreign Intelligence Surveillance Court issued 40 orders for collection, but the NSA collected hundreds of millions of CDRs, and the agency provided little clarification for the high numbers.

Surveillance

Surveillance Architecture Encryption Technology

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

Security Affairs

MARCH 20, 2025

DCRat first appeared in the threat landscape in 2018, but a year later it was redesigned and relaunched. The modular architecture of the malware allows to extend its functionalities for multiple malicious purposes, including surveillance, reconnaissance, information theft, DDoS attacks, and arbitrary code execution.

Computers and Electronics

Computers and Electronics Telecommunications Malware Surveillance

U.S. Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp

Security Affairs

MARCH 2, 2024

Court ordered surveillance firm NSO Group to hand over the source code for its Pegasus spyware and other products to Meta. Judge ordered the surveillance firm to hand over the source code for its Pegasus spyware and other products to the social network giant. from April 29, 2018, to May 10, 2020).

Spyware

Spyware Surveillance Software Architecture

Experts found a macOS version of the sophisticated LightSpy spyware

Security Affairs

MAY 30, 2024

Researchers spotted a macOS version of the LightSpy surveillance framework that has been active in the wild since at least January 2024. ThreatFabric observed threat actors using two publicly available exploits (CVE-2018-4233, CVE-2018-4404) to deliver macOS implants. The flaw resides in WebKit and impacts macOS version 10.13.3

Spyware

Spyware Malware Surveillance Mobile

US officials claim Huawei Equipment has secret backdoor for spying

Security Affairs

FEBRUARY 13, 2020

In November 2018, the Wall Street Journal reported that the US Government was urging its allies to exclude Huawei from critical infrastructure and 5G architectures. Huawei issued a statement on Wednesday denying any accusation, it “has never and will never covertly access telecom networks, nor do we have the capability to do so.”.

Manufacturing

Manufacturing Advertising Surveillance Architecture

MY TAKE: Why locking down ‘firmware’ has now become the next big cybersecurity challenge

The Last Watchdog

JUNE 10, 2019

Loucaides One type of common firmware vulnerability isn’t so much a coding flaw as it is an architectural soft spot, if you will. “They’re able to bypass protections for operating systems and bypass protections for virtualization, as well as bypass almost any of the other protections in the system.”

Firmware

Firmware Cybersecurity Technology Engineering

New FinFisher spyware used to spy on iOS and Android users in 20 countries

Security Affairs

JULY 11, 2019

According to the experts, the new versions have been active at least since 2018, one of the samples analyzed by Kaspersky was used last month in Myanmar, where local government is accused of violating human rights. The implant analyzed by the experts contained binary files for ARMv7 and ARM64 CPU architectures.

Spyware

Spyware Advertising Mobile Architecture

Group-IB presents its annual report on global threats to stability in cyberspace

Security Affairs

NOVEMBER 29, 2019

Compared to its predecessors, the sixth “Hi-Tech Crime Trends” report is the first to contain chapters devoted to the main industries attacked and covers the period from H2 2018 to H1 2019, as compared to the period from H2 2017 to H1 2018. As for 2019, it has become the year of covert military operations in cyberspace.

Banking

Banking Telecommunications Marketing Internet

DCRat, only $5 for a fully working remote access trojan

Security Affairs

MAY 9, 2022

DCRat first appeared in the threat landscape in 2018, but a year later it was redesigned and relaunched. The modular architecture of the malware allows to extend its functionalities for multiple malicious purposes, including surveillance, reconnaissance, information theft, DDoS attacks, and arbitrary code execution.

Cybercrime

Cybercrime Malware Surveillance DDOS

The War in Technology: A Digital Iron Curtain Goes Up

SecureWorld News

MARCH 10, 2022

And it might have been prepared for this moment, years ago, as a surveillance tool. It's easy to put surveillance on telecoms if you have a foothold," Kubecka said. There are reasons for Russia to avoid destroying all digital infrastructure. Advancing Russian troops need it to communicate.

Technology

Technology Internet Internet Telecommunications

The sadly neglected Risk Treatment Plan

Notice Bored

JUNE 23, 2022

As to other standards: The current 2018 release of ISO/IEC 27005 doesn't even mention RTP - not once! Design plan' hints at the organisation having developed an information risk and security architecture. Even 'risk treatment' only appears twice, in an annex quoting from ISO 31000 (see below). will include this gem: Nicely put!

Risk

Risk Architecture Accountability InfoSec

APT trends report Q1 2022

SecureList

APRIL 27, 2022

While we were unable to obtain the same results by analyzing the CERT-UA samples, we subsequently identified a different WhiteBlackCrypt sample matching the WhisperKill architecture and sharing similar code. We had initially analyzed this Delphi malware in April 2018.

Malware

Malware Firmware Government Phishing

EP 31: Stopping the Mirai IoT Botnet, One CnC Server At A Time

ForAllSecure

OCTOBER 5, 2021

It was for 1000s of compromised, Internet of Things, enabled devices, such as surveillance cameras, residential gateways, internet connected printers, and even in home baby monitors these devices themselves are often thought of as not having much in the way of resources, and really they don't have many computing resources.

IoT

IoT DDOS Malware Internet

The Hacker Mind: Hacking IoT

ForAllSecure

APRIL 22, 2021

In 2018, we got some broader exemptions for all data, all devices all types of devices. The Mirai botnet contributed to a massive denial of service attack that brought parts of the Internet to a standstill, what was remarkable was that Mariah was constructed from 1000s of Internet of Things devices, namely surveillance cameras.

IoT

IoT Hacking Internet Internet

The Hacker Mind: Hacking IoT

ForAllSecure

APRIL 22, 2021

In 2018, we got some broader exemptions for all data, all devices all types of devices. The Mirai botnet contributed to a massive denial of service attack that brought parts of the Internet to a standstill, what was remarkable was that Mariah was constructed from 1000s of Internet of Things devices, namely surveillance cameras.

IoT

IoT Hacking Internet Internet

5 Major Cybersecurity Trends to Know for 2024

eSecurity Planet

DECEMBER 19, 2023

Ricardo Villadiego, founder & CEO of Lumu , expects “a significant shift towards adopting models based on passwordless architectures like Google Passkeys as the dominant authentication method to combat phishing and scam campaigns. While the EU leads in regulation, the US will also exert regulatory influence.

Cybersecurity

Cybersecurity CISO Government Technology

APT trends report Q3 2023

SecureList

OCTOBER 17, 2023

This strategic shift signals its intent to intensify its surveillance capabilities and expand its range of targets. Lyceum is believed to be a Farsi-speaking threat group that has been active since 2018 and may be behind this novel PowerShell tool set.

Government

Government Malware VPN Manufacturing

FinSpy: unseen findings

SecureList

SEPTEMBER 28, 2021

FinSpy, also known as FinFisher or Wingbird , is an infamous surveillance toolset. This version was detected and researched several times up to 2018. The 32-bit Trojan Loader, which is launched regardless of the victim machine architecture, checks if it is running on a 64-bit system. The Trojan Loader.

Encryption

Encryption Malware Spyware Architecture

Cyber Security Informer

Google Responds to Warrants for “About” Searches

Evaluating the NSA's Telephony Metadata Program

Trending Sources

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

U.S. Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp

Experts found a macOS version of the sophisticated LightSpy spyware

US officials claim Huawei Equipment has secret backdoor for spying

MY TAKE: Why locking down ‘firmware’ has now become the next big cybersecurity challenge

New FinFisher spyware used to spy on iOS and Android users in 20 countries

Group-IB presents its annual report on global threats to stability in cyberspace

DCRat, only $5 for a fully working remote access trojan

The War in Technology: A Digital Iron Curtain Goes Up

The sadly neglected Risk Treatment Plan

APT trends report Q1 2022

EP 31: Stopping the Mirai IoT Botnet, One CnC Server At A Time

The Hacker Mind: Hacking IoT

The Hacker Mind: Hacking IoT

5 Major Cybersecurity Trends to Know for 2024

APT trends report Q3 2023

FinSpy: unseen findings

Stay Connected