Schneier on Security

OCTOBER 26, 2023

Interesting article about the Snowden documents, including comments from former Guardian editor Ewen MacAskill MacAskill, who shared the Pulitzer Prize for Public Service with Glenn Greenwald and Laura Poitras for their journalistic work on the Snowden files, retired from The Guardian in 2018.

Surveillance 327

Surveillance Government Marketing 327

Schneier on Security

AUGUST 12, 2019

The first concern was over high numbers: in both 2016 and 2017, the Foreign Intelligence Surveillance Court issued 40 orders for collection, but the NSA collected hundreds of millions of CDRs, and the agency provided little clarification for the high numbers.

Surveillance 245

Surveillance Architecture Encryption Technology 245

Schneier on Security

MAY 11, 2020

While the proposed privacy initiative was initially met with significant opposition, particularly from large technology companies, some of that opposition faded in the wake of the Cambridge Analytica scandal and Mark Zuckerberg's April 2018 testimony before Congress. Enforcement was supposed to start this year, but we haven't seen much yet.

Data privacy 260

Data privacy Surveillance Internet Internet 260

SecureWorld News

NOVEMBER 21, 2023

In a groundbreaking investigative report, the European Investigative Collaborations (EIC) media network, with technical assistance from Amnesty International's Security Lab, has exposed the shocking extent of the global surveillance crisis and the glaring inadequacies of EU regulation in curbing it. Chairman, Cedric Leighton Associates, LLC.

Surveillance 121

Surveillance Spyware Media Technology 121

Security Affairs

FEBRUARY 26, 2025

ThreatFabric observed threat actors using two publicly available exploits (CVE-2018-4233, CVE-2018-4404) to deliver macOS implants. The experts noticed that a portion of the CVE-2018-4404 exploit is likely borrowed from the Metasploit framework. ” Hunt.io ” concludes the report.

Data collection 102

Data collection Spyware Media Surveillance 102

Security Affairs

NOVEMBER 9, 2018

Snowden warns of abuse of surveillance software that also had a role in the murder of the Saudi Arabian journalist Jamal Khashoggi. Officially the sale of surveillance software is limited to authorized governments to support investigation of agencies on criminal organizations and terrorist groups. COUNTRY NEXUS. Saudi Arabia.

Surveillance 111

Surveillance Spyware Software Advertising 111

Security Affairs

AUGUST 30, 2019

A Russian security researcher has found that hardware wiretapping equipment composing Russia’s SORM surveillance system had been leaking user data. SORM is a mass surveillance system that allows the Government of Moscow to track online activities of single individuals thanks to the support of the Russian ISPs. Pierluigi Paganini.

Surveillance 105

Surveillance Firmware Advertising Mobile 105

Security Affairs

FEBRUARY 8, 2021

Iran-linked APT group Domestic Kitten, also tracked as APT-C-50, has been conducting widespread surveillance targeting over 1,000 individuals. Domestic Kitten , also tracked as APT-C-50, is an Iran-linked APT group that has been active at least since 2018. ” reads the report published by Checkpoint. Pierluigi Paganini.

Surveillance 113

Surveillance Mobile Malware Cyber Attacks 113

Security Affairs

MAY 13, 2019

Yoroi Cyber Security Annual Report 2018 – In 2018 cyber-security experts observed an increased number of cyber attacks, malware endure to be the most aggressive and pervasive threat. Yoroi Cyber Security Annual Report 2018 analyzes the evolution of the threat landscape observed between January 2018 and December 2018.

Malware 107

Malware Advertising DNS Surveillance 107

Security Affairs

JUNE 24, 2022

Researchers from Google’s Threat Analysis Group (TAG) revealed that the Italian surveillance firm RCS Labs was helped by some Internet service providers (ISPs) in Italy and Kazakhstan to infect Android and iOS users with their spyware. Then the attackers asked the victims to enable the installation of apps from unknown sources.

Surveillance 133

Surveillance Mobile Spyware Telecommunications 133

Security Affairs

MARCH 20, 2025

DCRat first appeared in the threat landscape in 2018, but a year later it was redesigned and relaunched. The modular architecture of the malware allows to extend its functionalities for multiple malicious purposes, including surveillance, reconnaissance, information theft, DDoS attacks, and arbitrary code execution.

Computers and Electronics 106

Computers and Electronics Telecommunications Malware Surveillance 106

Security Affairs

NOVEMBER 14, 2018

The Zero Day Initiative’s Pwn2Own Tokyo 2018 is a success, participants earned over $300,000 for disclosing flaws affecting iPhone X, Xiaomi Mi 6 and Samsung Galaxy S9 smartphones. During the first day of the Pwn2Own Tokyo 2018 contest, participants hacked Apple iPhone X, Samsung Galaxy S9 and Xiaomi Mi 6 devices earning more than $225,000.

Hacking 109

Hacking Advertising Surveillance IoT 109

Schneier on Security

FEBRUARY 13, 2021

That included an FBI counterintelligence investigation that began around 2012, when agents started monitoring the communications of a small group of Supermicro workers, using warrants obtained under the Foreign Intelligence Surveillance Act , or FISA, according to five of the officials.

Surveillance 363

Surveillance Internet Internet Government 363

Schneier on Security

JULY 28, 2021

Carriers were caught in 2018 selling real-time location data to brokers , drawing the ire of Congress. The Pillar says it obtained 24 months’ worth of “commercially available records of app signal data” covering portions of 2018, 2019, and 2020, which included records of Grindr usage and locations where the app was used.

Mobile 363

Mobile Advertising Data collection Surveillance 363

Krebs on Security

MARCH 22, 2021

An ad for RedTorch’s “Cheetah” counter-surveillance tech. 2018 was for two years as a “senior skunk works analyst” at an unnamed employer. The Guy Fawkes mask/Anonymous threat featured prominently and often on RedTorch’s website.

Surveillance 323

Surveillance Computers and Electronics Internet Internet 323

Security Affairs

MARCH 13, 2025

North Korea-linked threat actor ScarCruft (aka APT37 , Reaper, and Group123) is behind a previously undetected Android surveillance tool namedKoSpythat was used to target Korean and English-speaking users. ” KoSpy collects SMS, calls, location, files, audio, and screenshots via plugins.

Spyware 76

Spyware Surveillance Encryption Malware 76

Security Affairs

NOVEMBER 11, 2022

Lookout researchers discovered two long-running surveillance campaigns targeting the ethnic minority Uyghurs. Researchers from mobile security firm Lookout uncovered two long-running surveillance campaigns targeting the Uyghurs minority. Bazar is a lesser known spelling of Bazaar.” ” reads the report published by Lookout.

Surveillance 98

Surveillance Spyware Malware Mobile 98

Schneier on Security

MARCH 5, 2020

To do so, they are using a variety of digital communications and surveillance systems. More recently, in 2018, Russia undertook an extensive disinformation campaign to amplify the anti-vaccination movement using social media platforms like Twitter and Facebook. That vulnerability should be deeply concerning.

Surveillance 278

Surveillance Hacking Government Risk 278

Security Affairs

MARCH 2, 2024

Court ordered surveillance firm NSO Group to hand over the source code for its Pegasus spyware and other products to Meta. Judge ordered the surveillance firm to hand over the source code for its Pegasus spyware and other products to the social network giant. from April 29, 2018, to May 10, 2020).

Spyware 142

Spyware Surveillance Software Architecture 142

Security Affairs

OCTOBER 10, 2018

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature, a gift for APT groups and cyber crime syndicates. The flaws reside in a feature named the “XMEye P2P Cloud” that is enabled by default which is used to connect surveillance devices to the cloud infrastructure. Pierluigi Paganini.

Surveillance 108

Surveillance Hacking Firmware Manufacturing 108

Schneier on Security

APRIL 29, 2020

in 2018 beat back federal prosecutors seeking to wiretap its encrypted Messenger app. Here's the 2018 story. This is interesting : Facebook Inc. Now the American Civil Liberties Union is seeking to find out how. The entire proceeding was confidential, with only the result leaking to the press. Slashdot thread.

Encryption 262

Encryption Government Surveillance 262

Security Affairs

APRIL 17, 2020

Syrian-linked APT group SEA recently used COVID-19-themed lures as part of a long-running surveillance campaign, security researchers warn. Syrian hackers are behind a long-running campaign that has been active since January 2018 and that targets Arabic-speaking Android users. ” reads the analysis published by the Lookout.

Surveillance 129

Surveillance Telecommunications Mobile Advertising 129

SecureList

JUNE 16, 2021

From 2015 to February 2018, the malware was compiled with Visual Studio 2013 and 2015, whereas in February 2018, the developers moved to Visual Studio 2017 and embedded the malware’s logic within Microsoft Foundation Class (MFC) classes.

Surveillance 145

Surveillance Malware Password Management Passwords 145

Malwarebytes

FEBRUARY 13, 2022

It is noted that Twitter’s decision to move away from Mitto AG came after allegations that its co-founder and Chief Operating Officer, Ilja Gorelik, sold access to Mitto’s networks to surveillance technology firms. In December, Bloomberg reported that Gorelik had sold access to Mitto’s networks between 2017 and 2018.

Surveillance 80

Surveillance Mobile Media Marketing 80

Malwarebytes

FEBRUARY 22, 2022

Bosch, known more for its line of refrigerators, ovens, and dishwashers, also develops and sells an entire suite of surveillance cameras. The Intercept also reported that the operating system used on modern Bosch surveillance cameras could potentially be out of date. It shouldn’t. This is not innovation.

Surveillance 99

Surveillance Artificial Intelligence Technology Internet 99

Security Affairs

JULY 19, 2021

Pegasus Project investigation into the leak of 50,000 phone numbers of potential surveillance targets revealed the abuse of NSO Group’s spyware. Pegasus Project is the name of a large-scale investigation into the leak of 50,000 phone numbers of potential surveillance targets that revealed the abuse of NSO Group’s spyware.

Spyware 129

Spyware Government Surveillance Media 129

Security Affairs

AUGUST 1, 2018

An employee at Amnesty International has been targeted with Israeli surveillance malware, the news was revealed by the human rights group. Amnesty International revealed that one of its employees was targeted with a surveillance malware developed by an Israeli firm. com , pine-sales[.]com com , and ecommerce-ads[.]org.”

Surveillance 67

Surveillance Malware Spyware Mobile 67

Security Affairs

OCTOBER 30, 2019

WhatsApp sued Israeli surveillance firm NSO Group, accusing it of using a flaw in its messaging service to conduct cyberespionage on journalists and activists. WhatsApp sued the Israeli surveillance firm NSO Group accusing it of carrying out malicious attacks against its users. The lawsuit filed by WhatsApp in U.S.

Surveillance 75

Surveillance Technology Spyware Mobile 75

Schneier on Security

MARCH 13, 2019

And if you read his 3,000-word post carefully, Zuckerberg says nothing about changing Facebook's surveillance capitalism business model. This data is combined with other surveillance data the company buys, including health and financial data. Better use of Facebook data to prevent violence.

Advertising 244

Advertising Surveillance Engineering Encryption 244

Krebs on Security

AUGUST 7, 2018

On July 18, 2018, Pasco County authorities arrested Ricky Joseph Handschumacher , an employee of the city of Port Richey, Fla, charging him with grand theft and money laundering. ” A SIM card is the tiny, removable chip in a mobile device that allows it to connect to the provider’s network. A WORRIED MOM. GRAND PLANS.

Mobile 247

Mobile Cryptocurrency Computers and Electronics Scams 247

Security Affairs

FEBRUARY 11, 2021

Since 2018, the hackers started targeting mobile users with an Android surveillance malware ChatSpy. “We are confident SunBird and Hornbill are two tools used by the same actor, perhaps for different surveillance purposes.” ” reads the report published by Lookout. ” concludes the report.

Spyware 142

Spyware Surveillance Malware Mobile 142

Security Affairs

MAY 30, 2024

Researchers spotted a macOS version of the LightSpy surveillance framework that has been active in the wild since at least January 2024. ThreatFabric observed threat actors using two publicly available exploits (CVE-2018-4233, CVE-2018-4404) to deliver macOS implants. The flaw resides in WebKit and impacts macOS version 10.13.3

Spyware 135

Spyware Malware Surveillance Mobile 135

The Hacker News

MAY 18, 2021

In July 2018, when Guizhou-Cloud Big Data (GCBD) agreed to a deal with state-owned telco China Telecom to move users' iCloud data belonging to Apple's China-based users to the latter's servers, the shift raised concerns that it could make user data vulnerable to state surveillance.

Big data 101

Big data Government Surveillance 101

Schneier on Security

JUNE 8, 2018

When Marc Zuckerberg testified before both the House and the Senate last month, it became immediately obvious that few US lawmakers had any appetite to regulate the pervasive surveillance taking place on the internet. On the other side of the country, Representative Norma Smith of Washington introduced a similar bill in both 2017 and 2018.

Data privacy 191

Data privacy Marketing Surveillance Internet 191

The Last Watchdog

AUGUST 27, 2018

This is borne out by Akamai Technologies’ Summer 2018 Internet Security/Web Attack Report. I had the chance to visit with Don Shin, A10 Networks’ Senior Product Marketing Manager, at Black Hat USA 2018. A10 is a leading supplier of advanced DDoS detection and mitigation systems.

DDOS 255

DDOS IoT Digital transformation Internet 255

Security Affairs

NOVEMBER 18, 2024

The General Data Protection Regulation ( GDPR ), enacted in 2018, has set a new standard for data privacy across the European Union (EU). government surveillance. With this penalty, regulators are sending a strong message that inadequate data protections, especially in international transfers, will not be tolerated.

Data privacy 125

Data privacy Risk Surveillance Government 125

Krebs on Security

SEPTEMBER 30, 2024

In December 2018, a then 21-year-0ld Troy Woody Jr. sued Iza, Zelocchi and Zort, alleging (PDF) Iza and Zelocchi were involved in a 2018 home invasion at his residence, wherein Woody claimed his assailants stole laptops and phones containing more than $200 million in cryptocurrencies. and refers to T.W. In December 2022, Troy Woody Jr.

Cryptocurrency 310

Cryptocurrency Government Internet Internet 310