Troy Hunt

NOVEMBER 17, 2019

References Scott Helme is running my Hack Yourself First workshop in Amsterdam on Dec 9 & 10 (he's getting awesome reviews on these too) Apparently, FinecoBank in Italy reckons you should Google your password and not use it if it appears 10 times or more (no, just don't) You'll also need to pay FinecoBank € 0.95

VPN 201

VPN Surveillance Passwords Banking 201

Malwarebytes

APRIL 9, 2025

The lawsuit claims that this gave Bathula login credentials for the victims’ personal accounts and systems, including bank accounts, emails, home surveillance systems, Dropbox accounts, Google Drives, dating applications, Google Nests, and iCloud accounts. Don’t reuse passwords. Use a password manager.

Accountability 88

Accountability Spyware Passwords Password Management 88

Threatpost

SEPTEMBER 21, 2020

A new Android malware strain has been uncovered, part of the Rampant Kitten threat group's widespread surveillance campaign that targets Telegram credentials and more.

Malware 120

Malware Passwords Surveillance Authentication 120

SecureList

NOVEMBER 29, 2021

The victim was infected by PowerShell malware and we discovered evidence that the actor had already stolen data from the victim and had been surveilling this victim for several months. It contains a password-protected RAR archive with the password shown in the email body. The RAR file contains a malicious Word document.

Surveillance 144

Surveillance Malware Phishing Encryption 144

Security Boulevard

JUNE 4, 2023

Netflix plans to crack down on the widespread practice of password sharing among households. The post Netflix Cracks Down on Password Sharing, AI Legal Research Gone Wrong, Fake Identities and Surveillance Firms appeared first on Security Boulevard.

Surveillance 64

Surveillance Passwords Data privacy InfoSec 64

Security Affairs

MARCH 20, 2025

The modular architecture of the malware allows to extend its functionalities for multiple malicious purposes, including surveillance, reconnaissance, information theft, DDoS attacks, and arbitrary code execution.

Computers and Electronics 107

Computers and Electronics Telecommunications Malware Surveillance 107

Security Affairs

APRIL 18, 2025

However, the limited, targeted nature of these attacks against iOS users suggests that commercial surveillance vendors or a nation-state actor likely exploited the flaws. Attackers triggered the flaw to leak NTLM hashes or user passwords. As usual, Apple has not shared technical details about the attacks. ” states Check Point.

Authentication 101

Authentication Surveillance Passwords Media 101

Duo's Security Blog

JULY 1, 2021

Tall Tale #1: PINs Are Just Passwords In Part 1 , we talked about how passwordless authentication is still multi-factor: Possession of a private key, ideally stored on a piece of secure hardware A biometric or PIN the authenticator uses to locally verify the user’s identity Reasoning about a PIN being used as a factor is simpler than a biometric.

Passwords 98

Passwords Surveillance Authentication Risk 98

SecureList

JUNE 16, 2021

It is interesting to note that an active Keepass (password manager) process gets killed before starting the keylogger. This is likely intended to force the user to restart the program and enter a master password that is then stolen via the keylogger. argument: path to file to upload. – List files and repositories.

Surveillance 145

Surveillance Malware Password Management Passwords 145

Security Affairs

APRIL 5, 2025

cell carrier and instantly retrieve a list of its recent incoming callscomplete with timestampswithout compromising the device, guessing a password, or alerting the user.” Call metadata can enable real-time surveillance if misused. . “Imagine if anyone could punch in a phone number from the largest U.S.

Wireless 103

Wireless Surveillance Risk Media 103

Security Affairs

JULY 28, 2022

The Microsoft Threat Intelligence Center (MSTIC) and the Microsoft Security Response Center (MSRC) researchers linked a threat group known as Knotweed to an Austrian surveillance firm named DSIRF, known for using multiple Windows and Adobe zero-day exploits. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Surveillance 100

Surveillance Malware Authentication Accountability 100

Krebs on Security

MARCH 22, 2021

An ad for RedTorch’s “Cheetah” counter-surveillance tech. Victims of those breaches lost a lot of private data including passwords, and Frigg will help them secure their private data in the future. The Guy Fawkes mask/Anonymous threat featured prominently and often on RedTorch’s website.

Surveillance 322

Surveillance Computers and Electronics Internet Internet 322

Security Boulevard

MARCH 24, 2025

Surveillance Tech in the News This section covers surveillance technology and methods in the news. Specifically, it was fetching account icons and defaulted to opening password reset pages over HTTP. Once bypassed, threat actors had high-level access and could view information such as user passwords and other stored credentials.

Surveillance 75

Surveillance Telecommunications Malware Data breaches 75

SecureWorld News

APRIL 24, 2023

As the frequency of data breaches surges, it becomes increasingly imperative to guarantee the security and adequate encryption of passwords. In this article, I will provide an overview of password encryption, explaining its essence and modus operandi. What is password encryption? Why is password encryption necessary?

Encryption 98

Encryption Passwords Software Password Management 98

Security Affairs

DECEMBER 14, 2022

Some of the most popular brands don’t enforce a strong password policy, meaning anyone can peer into their owners’ lives. Businesses and homeowners increasingly rely on internet protocol (IP) cameras for surveillance. Original post at [link]. After looking at 28 of the most popular manufacturers, our research team found 3.5

Surveillance 145

Surveillance Manufacturing Internet Internet 145

Security Affairs

DECEMBER 4, 2024

Disabling unnecessary protocols and services, avoiding default passwords, and verifying software integrity bolster resilience. Organizations should adopt secure password storage, phishing-resistant MFA, session token limits, and Role-Based Access Control (RBAC). “For are essential for protecting data.

Telecommunications 111

Telecommunications Government Mobile Cyber threats 111

Krebs on Security

JUNE 17, 2020

The CIA produced the report in October 2017, roughly seven months after Wikileaks began publishing Vault 7 — reams of classified data detailing the CIA’s capabilities to perform electronic surveillance and cyber warfare. Not allowing multiple users to share administrative-level passwords.

Data breaches 338

Data breaches Security Awareness Surveillance Media 338

SecureWorld News

APRIL 13, 2025

For instance, errors in the password or odd login habits can be tracked using good AI-driven password managers. 1Password is a top-tier password manager that provides secure password storage, multi-device syncing, and simplified sharing. Variations in these behavioral patterns can be identified as possible dangers.

Cybersecurity 95

Cybersecurity Artificial Intelligence Threat Detection Cyber threats 95

Security Affairs

JANUARY 2, 2021

According to the alert issued by the FBI, the swatters have been hijacking smart devices such as video and audio capable home surveillance devices. Threat actors likely take advantage of customers’ bad habit of re-using email passwords for their smart device. Users should update their passwords on a regular basis.

Passwords 144

Passwords Surveillance Manufacturing Accountability 144

Krebs on Security

SEPTEMBER 12, 2023

Citizen Lab says the bug it discovered was being exploited to install spyware made by the Israeli cyber surveillance company NSO Group. “They could also conduct pass-the-hash attacks, where the attacker uses the hashed version of a password to authenticate themselves without needing to decrypt it.” and iPadOS 16.6.1.

Spyware 296

Spyware Software Surveillance Authentication 296

Schneier on Security

JULY 4, 2019

After I gave him the password to my iPhone, Moncivias spent three hours reviewing hundreds of photos and videos and emails and calls and texts, including encrypted messages on WhatsApp, Signal, and Telegram. Pretty horrible story of a US journalist who had his computer and phone searched at the border when returning to the US from Mexico.

Passwords 279

Passwords Media Encryption Internet 279

The Security Ledger

AUGUST 21, 2020

In this episode of the Security Ledger Podcast (#188), sponsored* by LastPass, we take a look at the fast-expanding world of crowdsourced surveillance by doing a deep dive on Flock Safety, a start up that sells inexpensive license plate scanners to homeowners and police departments. Flying in Surveillance’s Gray Zone.

Surveillance 52

Surveillance Passwords Technology Internet 52

The Last Watchdog

FEBRUARY 6, 2019

This week civil liberties groups in Europe won the right to challenge the UK’s bulk surveillance activities in the The Grand Chamber of the European Court of Human Rights. Related: Snowden on unrestrained surveillance. Ubiquitous surveillance. It’s a healthy thing that a captain of industry can see this. Advanced use cases.

Surveillance 157

Surveillance Technology Retail Artificial Intelligence 157

WIRED Threat Level

NOVEMBER 24, 2018

A USPS data leak, Windows passwords go bye-bye, and more security news this week.

Surveillance 91

Surveillance Insurance Passwords 91

Schneier on Security

NOVEMBER 13, 2018

There's just one specific in the law that's not subject to the attorney general's interpretation: Default passwords are not allowed. Once this kind of sorting is possible, companies will, in all likelihood, return to their profitable surveillance capitalism practices on those who are still fair game. This law is not a panacea.

IoT 264

IoT Manufacturing Internet Internet 264

The Security Ledger

AUGUST 21, 2020

In this episode of the Security Ledger Podcast (#188), sponsored* by LastPass, we take a look at the fast-expanding world of crowdsourced surveillance by doing a deep dive on Flock Safety, a start up that sells inexpensive license plate scanners to homeowners and police departments. Flying in Surveillance’s Gray Zone.

Surveillance 52

Surveillance Passwords Internet Internet 52

Security Affairs

MARCH 23, 2020

Experts observed multiple botnets exploiting zero-day vulnerabilities in DVRs for surveillance systems manufactured by Taiwan-based LILIN. Botnet operators are exploiting several zero-day vulnerabilities in digital video recorders (DVRs) for surveillance systems manufactured by Taiwan-based LILIN-.

Firmware 139

Firmware Surveillance Manufacturing Advertising 139

Krebs on Security

OCTOBER 28, 2020

In August, Gunnebo said it had successfully thwarted a ransomware attack, but this week it emerged that the intruders stole and published online tens of thousands of sensitive documents — including schematics of client bank vaults and surveillance systems.

Hacking 356

Hacking Ransomware Banking Accountability 356

Security Boulevard

FEBRUARY 17, 2025

Surveillance Tech in the News This section covers surveillance technology and methods in the news. Introducing Bitwarden Cupid Vault to securely share (and unshare) passwords with loved ones Bitwarden Bitwarden has already had the ability to securely share passwords. Tips for finding old accounts.

Surveillance 52

Surveillance Data breaches VPN Malware 52

Security Affairs

DECEMBER 29, 2018

A vulnerability in the Guardzilla home video surveillance system could be exploited by users to watch Guardzilla footage of other users. The Guardzilla All-In-One Video Security System is an indoor video surveillance solution. “ The bad news is that the vendor hasn’t yet addressed the flaw.

Firmware 109

Firmware Surveillance IoT Passwords 109

Security Boulevard

MARCH 3, 2025

Surveillance Tech in the News This section covers surveillance technology and methods in the news. The surveillance tech waiting for workers as they return to the office ArsTechnica RTO continues to pick up steam. In pursuit of "more productivity," some employers are leaning heavily into surveillance tech.

Surveillance 52

Surveillance Data breaches Firmware Encryption 52

Security Affairs

MARCH 27, 2025

Compromised data includes usernames, passwords, security details, emails, and Firebase integration data. At this time, the group also listed the company Oregon Surveillance Network on the leak site. The ransomware group steals victims’ data to pressure them into paying a “generous fee.” million accounts.

Hacking 76

Hacking Telecommunications Data breaches Internet 76

Webroot

MARCH 9, 2021

Pretending to be someone else, these hackers manipulate their victims into opening doors to systems or unwittingly sharing passwords or banking details. However, cybercriminals can also use legal DNS traffic surveillance to their advantage. Today’s cybercriminals are masters at exploiting basic human trust.

Hacking 132

Hacking DNS Surveillance Cybercrime 132

Security Affairs

AUGUST 7, 2022

Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports Slack resets passwords for about 0.5% of its users due to the exposure of salted password hashes Twitter confirms zero-day used to access data of 5.4

Spyware 141

Spyware Manufacturing Small Business Surveillance 141

Security Affairs

AUGUST 12, 2019

The abuse of social media passwords for malicious purpose is quite common, for this reason, the FBI is searching for contractors to monitor them. “Such a tool would likely violate the companies’ ban against using their data for surveillance.” ” reads the Solicitation Proposal Number DJF194750PR0000369.

Media 111

Media Surveillance Advertising Passwords 111

Security Affairs

SEPTEMBER 28, 2023

The vulnerability was discovered by Clément Lecigne from Google’s Threat Analysis Group on 2023-09-25, a circumstance that suggests it was exploited by a nation-state actor or by a surveillance firm. _clem1 discovered another ITW 0-day in use by a commercial surveillance vendor: CVE-2023-5217.

Surveillance 131

Surveillance Spyware Passwords Hacking 131

Malwarebytes

AUGUST 9, 2024

Electronic surveillance equipment provider ADT filed a form 8-K with the Security and Exchange Commision (SEC) to report “a cybersecurity incident during which unauthorized actors illegally accessed certain databases containing ADT customer order information.” Change your password. Better yet, let a password manager choose one for you.

Data breaches 129

Data breaches Passwords Phishing Password Management 129