Group items tagged

"Google and Mozilla are making changes to their respective web browsers to try and thwart the notoriously corrupt government of Kazakhstan's efforts to launch a surveillance operation against its own citizens."

""Closer investigation by our team confirmed that hackers were carrying out a sustained and determined attack on all parliamentary user accounts in an attempt to identify weak passwords. These attempts specifically were trying to gain access to our emails. "

""We have only examined a tiny fraction of this code base and found a critical, election-stealing issue," said Lewis, who is currently executive director of the Open Privacy Research Society, a Canadian nonprofit that develops secure and privacy-enhancing software for marginalized communities. "Even if this [backdoor] is closed its mere existence raises serious questions about the integrity of the rest of the code.""

"Prominent Bahraini activist Nabeel Rajab was sentenced to six months in jail on Tuesday after criticizing the country's security forces on Twitter. Rajab was arrested in October for tweeting that Bahrain's security organizations are "ideological incubators" for those who join terrorist groups."

"The Chinese government is planning on implementing a system that connects citizens' financial, social, political, and legal credit ratings into one big social trustability score. The idea would be that if someone breaks trust in one area, they'd be adversely affected everywhere."

"The NSA's AURORAGOLD program -- revealed in newly released Snowden docs -- used plundered internal emails to compromise nearly every mobile carrier in the world, and show that the agency had planned to introduce vulnerabilities into future improvements into mobile security. "

"an attempt to stem the tide of the coronavirus pandemic, at least 30 governments around the world have instituted temporary or indefinite efforts to single out infected individuals or maintain quarantines. Many of these efforts, in turn, undermine personal privacy."

"More than 400,000 crime records could have been affected by a data blunder, with records for serious offences supposed to be kept forever accidentally deleted and police fearing criminals may not be caught, a letter from a senior officer reveals. The records were accidentally deleted due to a coding error on 10 January, and the incident affects fingerprints, DNA, and arrest records on the police national computer (PNC)."

"Researchers at the Citizen Lab at the University of Toronto's Munk School said the spyware, which is made by an Israeli company called QuaDream, infected some victims' phones by sending an iCloud calendar invitation to mobile users from operators of the spyware, who are likely to be government clients. Victims were not notified of the calendar invitations because they were sent for events logged in the past, making them invisible to the targets of the hacking. Such attacks are known as "zero-click" because users of the mobile phone do not have to click on any malicious link or take any action in order to be infected."

The battle for control of cyberspace is turning nasty, with young hackers, pirates and activists facing long prison sentences. We report from the frontline

""The satellite's two-year mission will be to develop 'hack-proof' quantum communications, allowing users to send messages securely and at speeds faster than light," Xinhua reported."

"In a discussion of how to secure the "critical infrastructure" of the United States he described the phenomenon of compromised computer hardware - namely, chips that have hidden "back doors" inserted into them at the design or manufacturing stage - as "the problem from hell". And, he went on, "frankly, it's not a problem that can be solved"."

"The NSA's plans don't end with collecting your phone records. Here are just a few of the ways the National Security Agency (NSA) will be keeping tabs on you in the world of tomorrow. Prepare to be shocked, amazed, and a little freaked out."

"The "March 2013 Watchlisting Guidance," a 166-page document issued last year by the National Counterterrorism Center, spells out the government's secret rules for putting individuals on its main terrorist database, as well as the no fly list and the selectee list, which triggers enhanced screening at airports and border crossings."

"The Italian supreme court ordered prosecutors last month to disclose how the Sky ECC data had been retrieved, arguing that it was impossible to have a fair trial if the accused is unable to access the evidence or assess its reliability and legality, a position supposed by the NGO Fair Trials. Whether prosecutors choose to do so could determine whether the arrests made this week lead to convictions or not. Prosecutors in the UK face a similar dilemma in relation to the hacking of EncroChat, another secret messaging platform that had the added facility of a "panic" button that when pressed would immediately erase the phone's contents."

"The bill will now allow police to access all web browsing records in specific crime investigations, beyond the illegal websites and communications services specified in the original draft bill. It will extend the use of state remote computer hacking from the security services to the police in cases involving a "threat to life" or missing persons. This can include cases involving "damage to somebody's mental health", but will be restricted to use by the National Crime Agency and a small number of major police forces."

"Facebook said on Thursday it had taken down about 200 accounts run by a group of hackers in Iran as part of a cyber-spying operation that targeted mostly US military personnel and people working at defense and aerospace companies. The social media company said the group, dubbed "Tortoiseshell" by security experts, used fake online personas to connect with targets, build trust - sometimes over the course of several months - and drive them to other sites, where they were tricked into clicking malicious links that would infect their devices with spying malware."

"Many services retain the data they harvest indefinitely, and some have been caught storing (and losing) the data without encryption: for example, in 2017 the Greater Manchester Police were found to have lost data from victims of violent and sexual crimes, which had been stored unencrypted on DVDs and sent through the post."

"According to the report, Twitter's security "problems" were only exacerbated by the push to remote work necessitated by the coronavirus pandemic. Like many other newly remote workers, Twitter's employees experienced tech problems working from home. Hackers were able to capitalize on this, tricking at least one Twitter employee into believing the hacker was a member of Twitter's IT team."