Group items tagged

"The Israeli military's bombing campaign in Gaza used a previously undisclosed AI-powered database that at one stage identified 37,000 potential targets based on their apparent links to Hamas, according to intelligence sources involved in the war. In addition to talking about their use of the AI system, called Lavender, the intelligence sources claim that Israeli military officials permitted large numbers of Palestinian civilians to be killed, particularly during the early weeks and months of the conflict."

"A big leak of data from a Chinese cybersecurity firm has revealed state security agents paying tens of thousands of pounds to harvest data on targets, including foreign governments, while hackers hoover up huge amounts of information on any person or institution who might be of interest to their prospective clients. The cache of more than 500 leaked files from the Chinese firm I-Soon was posted on the developer website Github and is thought by cybersecurity experts to be genuine. Some of the targets discussed include Nato and the UK Foreign Office."

"Last week, Agence France-Presse reported that China had flaunted the gun-carrying robodogs in a 15-day joint military exercise with Cambodia dubbed the "Golden Dragon." And if images of the literal killing machines weren't troubling enough, a new video of the robots released yesterday by the state-owned broadcaster China Central Television shows the killing machine dutifully hopping and diving, leading teams in reconnaissance, and shooting its back-strapped machine gun at targets."

"How China's internet police went from targeting bloggers to their followers In recent months, followers of influential liberal bloggers have been interviewed by police as China widens its net of online surveillance"

"The alleged cybercriminals are thought to have carefully planned out an elaborate and hyper-targeted phishing scam that went after employees of large companies like MGM and Twilio. In fact, Scattered Spider's breach at MGM, which involved a phone call to the company's help desk, resulted in a temporary shut down of the company's hotel and casino operations, costing the company $100 million. The Scattered Spider plan of attack involved sending text messages to employees at the targeted companies while pretending to be part of their employer's IT department. The texts urged the employees to login to a link provided in the text message, otherwise, the text message claimed, their employee accounts would be deactivated."

"The Ukrainian military has used AI-equipped drones mounted with explosives to fly into battlefields and strike at Russian oil refineries. American AI systems identified targets in Syria and Yemen for airstrikes earlier this year. The Israel Defense Forces, meanwhile, used another kind of AI-enabled targeting system to label as many as 37,000 Palestinians as suspected militants during the first weeks of its war in Gaza."

"Russian state-linked hackers have targeted the WhatsApp accounts of government ministers and officials around the world with emails inviting them to join user groups on the messaging app. The WhatsApp tactic marks a new approach by a hacking unit called Star Blizzard. Britain's National Cyber Security Centre (NCSC) has linked Star Blizzard to Russia's domestic spy agency, the FSB, and has accused it of seeking to "undermine trust in politics in the UK and likeminded states"."

"Cybercriminals are targeting people using Apple products as they are more likely to have disposable income, a security expert has warned. Blogger Graham Cluley said that while malware was more common on Windows, Apple customers could not "afford to be lackadaisical" about security. On Monday, he reported a text message scam that tried to trick people into handing over account information. Apple's support site warns customers not to enter details on spoof sites."

"The NSA uses laughably sloppy tools for deciding whether a target is a "US person" (a person in the USA, or an American citizen abroad). For example, people whose address books contain foreign persons are presumed by some analysts to be foreign. Likewise, people who post in "foreign" languages (the US has no official state language) are presumed by some analysts to be non-US persons."

"Facebook has blocked a group of hackers in China who used the platform to target Uighurs living abroad with links to malware that would infect their devices and enable surveillance."

"Under the oxymoronic rubric of "self-regulation", Facebook, Twitter and Google are already considering ways to appear responsible and protective of the integrity of those two elections. Twitter has pledged to stop running political ads, and both Google and Facebook are considering suspending precise targeting of political ads."

"The CCPA exempted many forms of targeted advertising, essentially permitting the collection and sharing of personal user data without consent-precisely the activity the law was intended to eliminate. CCPA also left enforcement solely to the already overburdened state attorney general, a concession that caused an ongoing rift between two of its authors, Mary Stone Ross and Alastair Mactaggart. (Mactaggart coauthored the CPRA, which Ross opposed.)"

"Apple's Not Digging Itself Out of This One: "Online researchers say they have found flaws in Apple's new child abuse detection tool that could allow bad actors to target iOS users.""

"Researchers at the Citizen Lab at the University of Toronto's Munk School said the spyware, which is made by an Israeli company called QuaDream, infected some victims' phones by sending an iCloud calendar invitation to mobile users from operators of the spyware, who are likely to be government clients. Victims were not notified of the calendar invitations because they were sent for events logged in the past, making them invisible to the targets of the hacking. Such attacks are known as "zero-click" because users of the mobile phone do not have to click on any malicious link or take any action in order to be infected."

"A new strain of ransomware has been targeting government agencies and educational institutions in the United States, through scam emails that pretend to be something important. The malware, dubbed as 'MarsJoke' by Proofpoint security researchers, reportedly began a large-scale email campaign which distributed the cryptomalware last week. The developers are sending out emails which seems to be masked as a message from an airline company."

"The criminals were able to send banner ads and javascript to their targets' computers by pushing both into ad networks. These networks aggressively scan advertisers' javascript for suspicious code, so the criminals needed to sneak their bad code past these checks."