Information Security, Surveillance and Technology

Experts discovered surveillance tool EagleMsgSpy used by Chinese law enforcement

Security Affairs

DECEMBER 12, 2024

Chinese law enforcement uses the mobile surveillance tool EagleMsgSpy to gather data from Android devices, as detailed by Lookout. Researchers at the Lookout Threat Lab discovered a surveillance tool, dubbed EagleMsgSpy, used by Chinese law enforcement to spy on mobile devices. ” reads the report published by Lookout.

Surveillance

Surveillance Mobile Spyware Malware

Apple Guidance on Intimate Partner Surveillance

Adam Shostack

MAY 6, 2021

Defending against attackers who are both authorized and “interface-bound” is a weird problem for information security, as traditionally defined. If you want to make sure no one else can see your location. We object with phrases like, “of course people can do the things you’ve authorized them to do.”

Surveillance

Surveillance Information Security Accountability Technology

Sickness Monitoring is the Opening Video Surveillance Has Been Waiting For

Daniel Miessler

MARCH 22, 2020

In other words, I think we can predict the future of technology through a strong understanding of what humans ultimately want as a species. Just yesterday I tweeted that the COVID-19 situation was going to finally make large-scale video surveillance endemic to our society. The Real Internet of Things, January 2017.

Surveillance

Surveillance Government Education Engineering

Report claims that Serbian authorities abused Cellebrite tool to install NoviSpy spyware

Security Affairs

DECEMBER 16, 2024

Researchers warn of previously undetected surveillance spyware, named NoviSpy, that was found infecting a Serbian journalist’s phone. Then he requested help from Amnesty Internationals Security Lab fearing to be the target of surveillance software like other journalists in Serbia.

Spyware

Spyware Surveillance Technology Mobile

Google updates policies to ban any ads for surveillance solutions and services

Security Affairs

JULY 12, 2020

Google announced that starting from August it will update its policies to reject ads proposed by organizations offering surveillance software. The move aims at fighting the advertising of any form of surveillance. Google wants to halt the use of ads for technology that could allow monitoring a person’s online activity (i.e.

Surveillance

Surveillance Spyware Advertising Marketing

US NCSC and DoS share best practices against surveillance tools

Security Affairs

JANUARY 9, 2022

The US NCSC and the Department of State published joint guidance on defending against attacks using commercial surveillance tools. In the last years, we have reported several cases of companies selling commercial surveillance tools to governments and other entities that have used them for malicious purposes. Pierluigi Paganini.

Surveillance

Surveillance Mobile Spyware Malware

French court indicted Nexa Technologies for complicity in acts of torture

Security Affairs

NOVEMBER 28, 2021

Nexa Technologies was indicted for complicity in acts of torture, the French firm is accused of having sold surveillance equipment to the Egypt. Nexa Technologies offers a range of solutions for homeland security, including surveillance solutions. ” reported the website LeMonde. ” continues Télérama.

Technology

Technology Surveillance Software Government

Apple Guidance on Intimate Partner Surveillance

Adam Shostack

JANUARY 2, 2025

They're reasonable from the perspective that information security has long been defined as the ability of system owners to implement their policies, and to have assurance in those implementations. We object with phrases like, "of course people can do the things you've authorized them to do." "How

Surveillance

Surveillance Information Security Risk Accountability

Cisco to pay $8.6 million fine for selling flawed surveillance technology to the US Gov

Security Affairs

AUGUST 1, 2019

Back in 2008, a whistle-blower identifies a vulnerability in Cisco video surveillance software, but the tech giant continued to sell the software to US agencies until July 2013. Cisco finally addressed the flaws in 2013 and stopped selling Cisco Video Surveillance Manager (VSM) in 2014. Cisco is going to pay $8.6 Pierluigi Paganini.

Surveillance

Surveillance Technology Government Software

Tech firms suspend use of ‘biased’ facial recognition technology

Security Affairs

JUNE 14, 2020

Amazon, IBM and now Microsoft ban the sale of facial recognition technology to police departments and are urging for federal laws to regulate its use. Microsoft is joining Amazon and IBM when it comes to halting the sale of facial recognition technology to police departments. ” reads the Amazon’s announcement.

Technology

Technology Surveillance Artificial Intelligence Advertising

NSO Group, Positive Technologies and other firms sanctioned by the US government

Security Affairs

NOVEMBER 3, 2021

sanctioned four companies for the development of surveillance malware or the sale of hacking tools used by nation-state actors, including NSO Group. The Commerce Department’s Bureau of Industry and Security (BIS) has sanctioned four companies for the development of spyware or the sale of hacking tools used by nation-state actors.

Technology

Technology Government Surveillance Spyware

Apple dismisses lawsuit against surveillance firm NSO Group due to risk of threat intelligence exposure

Security Affairs

SEPTEMBER 16, 2024

The IT giant fears that the disclosures of its threat intelligence related to commercial spyware operations could aid NSO and other surveillance firms. “Apple’s teams work tirelessly to protect the critical threat-intelligence information that Apple uses to protect its users worldwide. ” reads the court filing.

Surveillance

Surveillance Spyware Risk Hacking

Camera tricks: Privacy concerns raised after massive surveillance cam breach

SC Magazine

MARCH 10, 2021

Pictured: a Dome Series security camera from Verkada. A hacking collective compromised roughly 150,000 internet-connected surveillance cameras from Verkada, Inc., When surveillance leads to spying. Individual workers’ patterns and habits could be studied as well, to their detriment.

Surveillance

Surveillance IoT Accountability Passwords

EU officials were targeted with Israeli surveillance software

Security Affairs

APRIL 13, 2022

According to a report published by Reuters, an Israeli surveillance software was used to spy on senior officials in the European Commission. The report did not attribute the attacks to a specific threat actor or did not reveal what information was obtained following the compromise of the victims’ devices. .”

Surveillance

Surveillance Software Spyware Hacking

Israeli surveillance firm QuaDream emerges from the dark

Security Affairs

FEBRUARY 6, 2022

One of the Apple iOS zero-day flaws exploited by the NSO group was also used by another surveillance firm named QuaDream. One of the vulnerabilities in Apple iOS that was previously exploited by the spyware developed by the Israeli company NSO Group was also separately used by another surveillance firm named QuaDream.

Surveillance

Surveillance Spyware Government Hacking

WhatsApp sued Israeli surveillance firm NSO Group and its parent Q Cyber Technologies

Security Affairs

OCTOBER 30, 2019

WhatsApp sued Israeli surveillance firm NSO Group, accusing it of using a flaw in its messaging service to conduct cyberespionage on journalists and activists. WhatsApp sued the Israeli surveillance firm NSO Group accusing it of carrying out malicious attacks against its users. The lawsuit filed by WhatsApp in U.S.

Surveillance

Surveillance Technology Spyware Mobile

US Gov adds surveillance firms Cytrox and Intellexa to Entity List for trafficking in cyber exploits

Security Affairs

JULY 19, 2023

government added surveillance technology vendors Cytrox and Intellexa to an economic blocklist for trafficking in cyber exploits. national security or foreign policy interests. Government warns of the key role that surveillance technology plays in surveillance activities that can lead to repression and other human rights abuses.

Surveillance

Surveillance Spyware Government Technology

Experts link Hermit spyware to Italian surveillance firm RCS Lab and a front company

Security Affairs

JUNE 17, 2022

Experts uncovered an enterprise-grade surveillance malware dubbed Hermit used to target individuals in Kazakhstan, Syria, and Italy since 2019. Lookout Threat Lab researchers uncovered enterprise-grade Android surveillance spyware, named Hermit, used by the government of Kazakhstan to track individuals within the country.

Spyware

Spyware Surveillance Telecommunications Mobile

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

Security Affairs

NOVEMBER 14, 2024

broadband providers, including Verizon, AT&T, and Lumen Technologies, potentially accessing systems for lawful wiretapping and other data. The security breach poses a major national security risk. The WSJ states that the compromise remained undisclosed due to possible impact on national security. “For

Government

Government Telecommunications Surveillance Risk

City Council of Somerville bans facial recognition technology

Security Affairs

JULY 1, 2019

Last week, the Somerville City Council expressed a unanimous vote (11-0) to prohibit the use of facial recognition technology. The technology represents a serious threat to citizens’ privacy. In May, San Francisco was the first city in the US to ban facial recognition technology. ” reported the AP press agency.

Technology

Technology Surveillance Advertising Hacking

QuaDream surveillance firm’s spyware targeted iPhones with zero-click exploit

Security Affairs

APRIL 12, 2023

At least five members of civil society worldwide have been targeted with spyware and exploits developed by surveillance firm QuaDream. Citizen Lab researchers reported that at least five civil society members were victims of spyware and exploits developed by the Israeli surveillance firm QuaDream. ” concludes Citizen Lab.

Spyware

Spyware Surveillance Malware Government

Snowden Ten Years Later

Schneier on Security

JUNE 6, 2023

In 2013 and 2014, I wrote extensively about new revelations regarding NSA surveillance based on the documents provided by Edward Snowden. Those of us in the information security community had long assumed that the NSA was doing things like this. Many have written about how being under constant surveillance changes a person.

Surveillance

Surveillance Computers and Electronics Government Encryption

Planet WGS-804HPT Industrial Switch flaws could be chained to achieve remote code execution

Security Affairs

JANUARY 19, 2025

Critical flaws in WGS-804HPT switches could be chained to gain remote code execution on Planet Technology’s industrial devices. Planet Technology has released firmware version 1.305b241111 to address these issues. This switch family is equipped with a web service and SNMP management interface. ” concludes the report.

Firmware

Firmware IoT Wireless Surveillance

European firm DSIRF behind the attacks with Subzero surveillance malware

Security Affairs

JULY 28, 2022

The Microsoft Threat Intelligence Center (MSTIC) and the Microsoft Security Response Center (MSRC) researchers linked a threat group known as Knotweed to an Austrian surveillance firm named DSIRF, known for using multiple Windows and Adobe zero-day exploits. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Surveillance

Surveillance Malware Authentication Accountability

NSO Group spyware used to compromise iPhones of 9 US State Dept officials

Security Affairs

DECEMBER 3, 2021

The US officials targeted by the surveillance software were either based in Uganda or focused on matters concerning the African country, revealed Reuters which was not able to determine which was NSO client that orchestrated the attacks. officials through NSO technology.” “Apple Inc iPhones of at least nine U.S. .

Spyware

Spyware Surveillance Hacking Software

GUEST ESSAY: Going beyond watermarks to protect sensitive documents from illegal access

The Last Watchdog

JANUARY 6, 2022

As a result, The majority of businesses (55 percent) are using some sort of a tool to monitor for insider threats; including data leak prevention (DLP) software (54 percent), user behavior analytics (UBA) software (50 percent), and employee monitoring and surveillance (47 percent). The technology uses the steganography method.

Marketing

Marketing Software Surveillance Information Security

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Krebs on Security

OCTOBER 28, 2020

In August, Gunnebo said it had successfully thwarted a ransomware attack, but this week it emerged that the intruders stole and published online tens of thousands of sensitive documents — including schematics of client bank vaults and surveillance systems. ”

Hacking

Hacking Ransomware Banking Accountability

Pegasus Project – how governments use Pegasus spyware against journalists

Security Affairs

JULY 19, 2021

Pegasus Project investigation into the leak of 50,000 phone numbers of potential surveillance targets revealed the abuse of NSO Group’s spyware. Pegasus Project is the name of a large-scale investigation into the leak of 50,000 phone numbers of potential surveillance targets that revealed the abuse of NSO Group’s spyware.

Spyware

Spyware Government Surveillance Media

US pharmacy Rite Aid banned from operating facial recognition systems

Malwarebytes

DECEMBER 21, 2023

The regulator found so many flaws in the retailer’s surveillance program that it concluded Rite Aid had failed to implement reasonable procedures and prevent harm to consumers in its use of facial recognition technology in hundreds of stores. It failed to monitor or test the accuracy of the technology after deployment.

Surveillance

Surveillance Technology Retail Artificial Intelligence

Facebook vs NSO Group lawsuit: 1,400+ users were targeted with Pegasus spyware

Security Affairs

APRIL 25, 2020

The legal dispute between Facebook and NSO group continues even after the Israeli surveillance firm filed a motion to dismiss the case earlier this month. Now both companies are providing technical details requested by the cyber-security experts. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Spyware

Spyware Surveillance Advertising Mobile

GUEST ESSAY: As cyber risks rise in 2020, as they surely will, don’t overlook physical security

The Last Watchdog

DECEMBER 31, 2019

Related: Good to know about IoT Physical security is often a second thought when it comes to information security. Despite this, physical security must be implemented correctly to prevent attackers from gaining physical access and taking whatever they desire. Access control is the restricting of access to a system.

Cyber Risk

Cyber Risk Risk Firewall Surveillance

Unsupervised Learning: No. 227

Daniel Miessler

MAY 3, 2020

THIS WEEK’S TOPICS: VICE vs. Chinese Surveillance, Indian Contact Tracing, NHS + GCHQ, Banjo Racism, Singapore Requires Check-ins, Bruce on Contact Tracing, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…. The newsletter serves as the show notes for the podcast. —.

Surveillance

Surveillance Technology Information Security

Unsupervised Learning: No. 234

Daniel Miessler

JUNE 21, 2020

THIS WEEK’S TOPICS: Ripple20 IoT Vulns, Homeland Security Surveillance, US Cyber Budget, Adobe EOL, AWS DDoS, Bellingcat Poison Investigation, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…. Subscribe To Podcast. Show Notes. Newsletter. All Episodes. —.

Surveillance

Surveillance DDOS IoT Technology

Commercial spyware vendors are behind most zero-day exploits discovered by Google TAG

Security Affairs

FEBRUARY 6, 2024

The latest report published by Google Threat Analysis Group (TAG), titled “ Buying Spying, an in-depth report with our insights into Commercial Surveillance Vendors (CSVs )”, warns of the rise of commercial spyware vendors and the risks to free speech, the free press, and the open internet. ” concludes Google.

Spyware

Spyware Surveillance Government Software

Unsupervised Learning: No. 221

Daniel Miessler

MARCH 23, 2020

THIS WEEK’S TOPICS: Health-justified Video Surveillance, FDA Emergency Approval of a C19 Test, Israel Mobile Monitoring, Amazon Essentials, Pandemic Drone Monitoring, Retasking Factories, Rich People Ventilators, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism….

Surveillance

Surveillance Mobile Technology Information Security

Ukraine is using Clearview AI’s facial recognition during the conflict

Security Affairs

MARCH 14, 2022

Ukraine’s defense ministry began using Clearview AI’s facial recognition technology to uncover Russian assailants, combat misinformation and identify the dead. Ukraine’s defense ministry announced it will use the AI’s facial recognition technology offered by Clearview.

Surveillance

Surveillance Technology Government Media

3.5m IP cameras exposed, with US in the lead

Security Affairs

DECEMBER 14, 2022

Businesses and homeowners increasingly rely on internet protocol (IP) cameras for surveillance. All too often, this gives them a false sense of security: when in fact, threat actors can not only access and watch your camera feed but exploit the unsecured device to hack into your network. Surge in internet-facing cameras.

Surveillance

Surveillance Manufacturing Internet Internet

Zero-day exploit used to hack iPhones of Al Jazeera employees

Security Affairs

DECEMBER 21, 2020

The attackers used an exploit chain named Kismet that was part of the arsenal of the controversial Pegasus spyware that is sold by the surveillance firm NSO Group. Citizen Lab has already published several reports unmasking operations that involved the use of the NSO’s surveillance software. ” Pierluigi Paganini.

Hacking

Hacking Surveillance Spyware Government

Will iPhone’s New “Lockdown Mode” Create Dangerous Overconfidence In Apple’s CyberSecurity Capabilities?

Joseph Steinberg

JULY 13, 2022

To begin with, it is important to understand that, like most vendors, Apple has touted its security features in the past , and, yet, at least some of the dangers against which the new features are intended to protect exist precisely because sophisticated attackers have proven capable of defeating Apple’s security technologies.

Cybersecurity

Cybersecurity Artificial Intelligence Government Social Engineering

Netflix Cracks Down on Password Sharing, AI Legal Research Gone Wrong, Fake Identities and Surveillance Firms

Security Boulevard

JUNE 4, 2023

We investigate the consequences of referencing non-existent legal cases, the lawyer’s claim of […] The post Netflix Cracks Down on Password Sharing, AI Legal Research Gone Wrong, Fake Identities and Surveillance Firms appeared first on Shared Security Podcast.

Surveillance

Surveillance Passwords Data privacy InfoSec

Rhythm in the algorithm: digital rights groups call on Spotify to abandon voice recognition invention

SC Magazine

APRIL 9, 2021

A screenshot from a music video of hte Evan Greer song, “Surveillance Capitalism,” which tackles the dangers of commercial surveillance technology. Sometimes fighting the excesses of the creeping surveillance economy is done through position papers, coalition building and lawsuits. Our concern is not ‘Hey patch this up.’

Surveillance

Surveillance Artificial Intelligence Technology Media

WhatsApp zero-day exploited in targeted attacks to deliver NSO spyware

Security Affairs

MAY 14, 2019

The bad news is that experts are aware of attacks exploiting the WhatsApp zero-day to deliver surveillance software. The Financial Times reported that the WhatsApp zero-day has been exploited by threat actors to deliver the spyware developed by surveillance firm NSO Group.

Spyware

Spyware Surveillance Mobile Advertising

Proton Technologies makes the code of ProtonMail iOS App open source

Security Affairs

NOVEMBER 2, 2019

Proton Technologies announced this week that it has made available the source code of its popular ProtonMail iOS App. The Proton Technologies firm continues to propose initiatives aimed at ensuring the transparency of its ProtonMail applications, this week it announced the availability of the source code of its popular ProtonMail iOS App.

Technology

Technology Mobile Advertising Surveillance

US Bureau of Industry and Security bans export of hacking tools to authoritarian regimes

Security Affairs

OCTOBER 21, 2021

The Commerce Department’s Bureau of Industry and Security (BIS) would introduce a new export control rule aimed at banning the export or resale of hacking tools to authoritarian regimes. ” reads the announcement published by the Bureau of Industry and Security, Commerce. national security.

Hacking

Hacking Surveillance Technology Cybersecurity

Experts discovered surveillance tool EagleMsgSpy used by Chinese law enforcement

Apple Guidance on Intimate Partner Surveillance

Trending Sources

Sickness Monitoring is the Opening Video Surveillance Has Been Waiting For

Report claims that Serbian authorities abused Cellebrite tool to install NoviSpy spyware

Google updates policies to ban any ads for surveillance solutions and services

US NCSC and DoS share best practices against surveillance tools

French court indicted Nexa Technologies for complicity in acts of torture

Apple Guidance on Intimate Partner Surveillance

Cisco to pay $8.6 million fine for selling flawed surveillance technology to the US Gov

Tech firms suspend use of ‘biased’ facial recognition technology

NSO Group, Positive Technologies and other firms sanctioned by the US government

Apple dismisses lawsuit against surveillance firm NSO Group due to risk of threat intelligence exposure

Camera tricks: Privacy concerns raised after massive surveillance cam breach

EU officials were targeted with Israeli surveillance software

Israeli surveillance firm QuaDream emerges from the dark

WhatsApp sued Israeli surveillance firm NSO Group and its parent Q Cyber Technologies

US Gov adds surveillance firms Cytrox and Intellexa to Entity List for trafficking in cyber exploits

Experts link Hermit spyware to Italian surveillance firm RCS Lab and a front company

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

City Council of Somerville bans facial recognition technology

QuaDream surveillance firm’s spyware targeted iPhones with zero-click exploit

Snowden Ten Years Later

Planet WGS-804HPT Industrial Switch flaws could be chained to achieve remote code execution

European firm DSIRF behind the attacks with Subzero surveillance malware

NSO Group spyware used to compromise iPhones of 9 US State Dept officials

GUEST ESSAY: Going beyond watermarks to protect sensitive documents from illegal access

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Pegasus Project – how governments use Pegasus spyware against journalists

US pharmacy Rite Aid banned from operating facial recognition systems

Facebook vs NSO Group lawsuit: 1,400+ users were targeted with Pegasus spyware

GUEST ESSAY: As cyber risks rise in 2020, as they surely will, don’t overlook physical security

Unsupervised Learning: No. 227

Unsupervised Learning: No. 234

Commercial spyware vendors are behind most zero-day exploits discovered by Google TAG

Unsupervised Learning: No. 221

Ukraine is using Clearview AI’s facial recognition during the conflict

3.5m IP cameras exposed, with US in the lead

Zero-day exploit used to hack iPhones of Al Jazeera employees

Will iPhone’s New “Lockdown Mode” Create Dangerous Overconfidence In Apple’s CyberSecurity Capabilities?

Netflix Cracks Down on Password Sharing, AI Legal Research Gone Wrong, Fake Identities and Surveillance Firms

Rhythm in the algorithm: digital rights groups call on Spotify to abandon voice recognition invention

WhatsApp zero-day exploited in targeted attacks to deliver NSO spyware

Proton Technologies makes the code of ProtonMail iOS App open source

US Bureau of Industry and Security bans export of hacking tools to authoritarian regimes

Stay Connected