Data collection, Hacking and Surveillance

New LightSpy spyware variant comes with enhanced data collection features targeting social media platforms

Security Affairs

FEBRUARY 26, 2025

Researchers found an updated LightSpy spyware with enhanced data collection features targeting social media platforms like Facebook and Instagram. have found an updated version of the LightSpy spyware that supports an expanded set of data collection features to target social media platforms like Facebook and Instagram.

Data collection

Data collection Spyware Media Surveillance

NationalPublicData.com Hack Exposes a Nation’s Data

Krebs on Security

AUGUST 15, 2024

A great many readers this month reported receiving alerts that their Social Security Number, name, address and other personal information were exposed in a breach at a little-known but aptly-named consumer data broker called NationalPublicData.com. It remains unclear how thieves originally obtained these records from National Public Data.

Hacking

Hacking Data breaches Identity Theft Accountability

On Chinese "Spy Trains"

Schneier on Security

SEPTEMBER 26, 2019

The reason these threats are so real is that it's not difficult to hide surveillance or control infrastructure in computer components, and if they're not turned on, they're very difficult to find. Even so, these examples illustrate an important point: there's no escaping the technology of inevitable surveillance.

Surveillance

Surveillance Wireless Government Internet

Camera tricks: Privacy concerns raised after massive surveillance cam breach

SC Magazine

MARCH 10, 2021

A hacking collective compromised roughly 150,000 internet-connected surveillance cameras from Verkada, Inc., Hacktivist Tillie Kottmann is reportedly among those asserting responsibility for the incident, telling Bloomberg that their act helped expose the security holes of modern-day surveillance platforms.

Surveillance

Surveillance IoT Accountability Passwords

Australian Defense Department will replace surveillance cameras from Chinese firms Hikvision and Dahua

Security Affairs

FEBRUARY 12, 2023

Australia’s Defense Department announced that they will remove surveillance cameras made by Chinese firms linked to the government of Beijing. Australia’s Defense Department is going to replace surveillance cameras made by Chinese firms Hikvision and Dahua, who are linked to the government of Beijing.

Surveillance

Surveillance Government Manufacturing Risk

Over 100 flaws in management and access control systems expose buildings to hack

Security Affairs

MAY 11, 2019

The extent of the flaw is wide, according to data collected by Krstic during the study, the vulnerabilities could impact up to 10 million people and 30,000 doors at 200 facilities. SecurityAffairs – buildings, hacking). ” reads the analysis published by the experts related to Computrols CBAS-Web 18.0.0. Pierluigi Paganini.

Hacking

Hacking Advertising Surveillance Data collection

A chink in the armor of China-based hacking group Nickel

Malwarebytes

DECEMBER 7, 2021

Microsoft has taken control of 42 web domains that a hacking group was using to try to breach its targets. Sadly, any setback to the Chinese hacking group or others will likely be temporary as the hackers will find and build new infrastructure to use in forthcoming attacks. An overview of Chinese hacking groups and their aliases.

Hacking

Hacking Malware Surveillance Data collection

Microsoft disrupts China-based hacking group Nickel

Malwarebytes

DECEMBER 7, 2021

Microsoft has taken control of 42 web domains that a hacking group was using to try to breach its targets. Sadly, any setback to the Chinese hacking group or others will likely be temporary as the hackers will find and build new infrastructure to use in forthcoming attacks. An overview of Chinese hacking groups and their aliases.

Hacking

Hacking Malware Surveillance Data collection

Baidu Android apps removed from Play Store because caught collecting user details

Security Affairs

NOVEMBER 24, 2020

The code found in both apps allowed to gather device data, including model, MAC address, carrier information, and IMSI (International Mobile Subscriber Identity) number. The data collection code was found in the Baidu Push SDK, used to show real-time notifications inside both apps. SecurityAffairs – hacking, Android).

Data collection

Data collection Mobile Spyware Surveillance

Russian spies are attempting to tap transatlantic undersea cables

Security Affairs

MARCH 1, 2020

The Register reports that the secret structures of GCHQ are part of the surveillance programme codenamed “CIRCUIT” and also refers to an Overseas Processing Centre 1 (OPC-1), while another centre, OPC-2, has been planned, according to documents leaked by Snowden. SecurityAffairs – hacking, undersea cables). Pierluigi Paganini.

Wireless

Wireless Surveillance Telecommunications Advertising

Tor Project responded to claims that law enforcement can de-anonymize Tor users

Security Affairs

SEPTEMBER 20, 2024

German law enforcement agencies have been surveilling Tor network by operating their own servers for months. Research conducted by ARD’s Panorama and STRG_F revealed that data collected during surveillance is processed using statistical methods, effectively breaking Tor’s anonymity. ” reported the NDR.

Surveillance

Surveillance Data collection Media Hacking

Google will pay $29.5M to settle two lawsuits over its location tracking practices

Security Affairs

JANUARY 2, 2023

Given the vast level of tracking and surveillance that technology companies can embed into their widely used products, it is only fair that consumers be informed of how important user data, including information about their every move, is gathered, tracked, and utilized by these companies. SecurityAffairs – hacking, privacy).

Consumer Protection

Consumer Protection Surveillance Data collection Accountability

Security Affairs newsletter Round 223 – News of the week

Security Affairs

JULY 21, 2019

Israel surveillance firm NSO group can mine data from major social media. Poland and Lithuania fear that data collected via FaceApp could be misused. Former NSA contractor sentenced to 9 years for stealing classified data. The Problem With the Small Business Cybersecurity Assistance Act.

Small Business

Small Business Media Spyware Advertising

Microsoft to Add Dedicated AI Copilot Button on Windows PCs

SecureWorld News

JANUARY 8, 2024

Surveillance and monitoring risks: The integration of AI into everyday computing could lead to increased surveillance capabilities. This constant monitoring can be perceived as intrusive, especially if users are not fully aware or have not consented to such surveillance.

Artificial Intelligence

Artificial Intelligence Surveillance Technology Risk

Security experts disclosed Wyze data leak

Security Affairs

DECEMBER 29, 2019

The incident was independently verified by the authors of the blog IPVM that focuses on video surveillance products. ” Song pointed out that several of the things reported by Twelve are not true, for example he denied that Wyze sends data to Alibaba Cloud in China. SecurityAffairs – data leak, hacking).

IoT

IoT Accountability Advertising Wireless

Confronting the ethics of security and privacy during the pandemic

SC Magazine

MARCH 26, 2021

On the flip side, their employees had to grapple with the reality that their corporate devices could surveil their activities in their own homes. In the past, these items were given as a security measure for employees to cover their webcam on the slight chance their computer was hacked. I saw this demand as well.

Surveillance

Surveillance Software Media Data collection

What To Know About Privacy Data

Identity IQ

JANUARY 17, 2023

For example, some countries may use a singular set of data protection regulations, whereas the United States decided to divide the data protection law into multiple categories. Let’s take a closer look at the specific data privacy laws that have been implemented in the U.S.:

Data privacy

Data privacy Identity Theft Accountability Banking

What Is Industrial Control System (ICS) Cyber Security?

eSecurity Planet

SEPTEMBER 9, 2024

They communicate with the central control system, allowing data collection and remote control over long distances. These networks enable data exchange between PLCs, RTUs, SCADA systems, and HMIs. Remote Terminal Units (RTUs) RTUs are field devices that interface with sensors and actuators in remote locations.

Firmware

Firmware Encryption Manufacturing Risk

On Executive Order 12333

Schneier on Security

SEPTEMBER 28, 2020

Although electronic surveillance programs authorized by EO 12333 generally target foreign intelligence from foreign targets, its permissive targeting standards allow for the substantial collection of Americans’ communications containing little to no foreign intelligence value.

Surveillance

Surveillance Telecommunications Internet Internet

Advanced threat predictions for 2024

SecureList

NOVEMBER 14, 2023

Mail servers become priority targets In June, Recorded Future warned that BlueDelta (aka Sofacy, APT28, Fancy Bear and Sednit) exploited vulnerabilities in Roundcube Webmail to hack multiple organizations including government institutions and military entities involved in aviation infrastructure. Drone hacking!

Hacking

Hacking Energy and Utilities Media Malware

META hit with privacy complaints by EU consumer groups

Security Affairs

MARCH 4, 2024

Consumer groups assert that Meta is not adhering to various rules established by the European privacy regulation GDPR: Fair Processing (Article 5(1)(a)): Personal data must be processed lawfully, fairly, and transparently. Consumer groups claim that Meta’s data collection is unfair and lacks transparency.

Data collection

Data collection Surveillance Hacking Information Security

CIA covert operations likely behind attacks against APT34 and FSB

Security Affairs

JULY 15, 2020

CIA orchestrated dozens of hacking operations against targets worldwide, including APT34 and FSB hacks, states an exclusive report from Yahoo News. ” President Trump extended the powers granted to the CIA, which was involved in is offensive cyber operations along with surveillance and data collection activities.

Banking

Banking Hacking Advertising Media

Security Affairs newsletter Round 513 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MARCH 2, 2025

from Bybit, it is the largest cryptocurrency heist ever International Press Newsletter Cybercrime Mining Company NioCorp Loses $500,000 in BEC Hack Inside Black Bastas Exposed Internal Chat Logs: A Firsthand Look The Bleeding Edge of Phishing: darcula-suite 3.0

Cybercrime

Cybercrime Hacking Ransomware Cryptocurrency

Cyber Security Informer

New LightSpy spyware variant comes with enhanced data collection features targeting social media platforms

NationalPublicData.com Hack Exposes a Nation’s Data

Trending Sources

On Chinese "Spy Trains"

Camera tricks: Privacy concerns raised after massive surveillance cam breach

Australian Defense Department will replace surveillance cameras from Chinese firms Hikvision and Dahua

Over 100 flaws in management and access control systems expose buildings to hack

A chink in the armor of China-based hacking group Nickel

Microsoft disrupts China-based hacking group Nickel

Baidu Android apps removed from Play Store because caught collecting user details

Russian spies are attempting to tap transatlantic undersea cables

Tor Project responded to claims that law enforcement can de-anonymize Tor users

Google will pay $29.5M to settle two lawsuits over its location tracking practices

Security Affairs newsletter Round 223 – News of the week

Microsoft to Add Dedicated AI Copilot Button on Windows PCs

Security experts disclosed Wyze data leak

Confronting the ethics of security and privacy during the pandemic

What To Know About Privacy Data

What Is Industrial Control System (ICS) Cyber Security?

On Executive Order 12333

Advanced threat predictions for 2024

META hit with privacy complaints by EU consumer groups

CIA covert operations likely behind attacks against APT34 and FSB

Security Affairs newsletter Round 513 by Pierluigi Paganini – INTERNATIONAL EDITION

Stay Connected