Group items matching

in title, tags, annotations or url

"A big leak of data from a Chinese cybersecurity firm has revealed state security agents paying tens of thousands of pounds to harvest data on targets, including foreign governments, while hackers hoover up huge amounts of information on any person or institution who might be of interest to their prospective clients. The cache of more than 500 leaked files from the Chinese firm I-Soon was posted on the developer website Github and is thought by cybersecurity experts to be genuine. Some of the targets discussed include Nato and the UK Foreign Office."

"The Israeli military's bombing campaign in Gaza used a previously undisclosed AI-powered database that at one stage identified 37,000 potential targets based on their apparent links to Hamas, according to intelligence sources involved in the war. In addition to talking about their use of the AI system, called Lavender, the intelligence sources claim that Israeli military officials permitted large numbers of Palestinian civilians to be killed, particularly during the early weeks and months of the conflict."

"Cybercriminals are targeting people using Apple products as they are more likely to have disposable income, a security expert has warned. Blogger Graham Cluley said that while malware was more common on Windows, Apple customers could not "afford to be lackadaisical" about security. On Monday, he reported a text message scam that tried to trick people into handing over account information. Apple's support site warns customers not to enter details on spoof sites."

"The NSA uses laughably sloppy tools for deciding whether a target is a "US person" (a person in the USA, or an American citizen abroad). For example, people whose address books contain foreign persons are presumed by some analysts to be foreign. Likewise, people who post in "foreign" languages (the US has no official state language) are presumed by some analysts to be non-US persons."

"Facebook has blocked a group of hackers in China who used the platform to target Uighurs living abroad with links to malware that would infect their devices and enable surveillance."

"Under the oxymoronic rubric of "self-regulation", Facebook, Twitter and Google are already considering ways to appear responsible and protective of the integrity of those two elections. Twitter has pledged to stop running political ads, and both Google and Facebook are considering suspending precise targeting of political ads."

"The CCPA exempted many forms of targeted advertising, essentially permitting the collection and sharing of personal user data without consent-precisely the activity the law was intended to eliminate. CCPA also left enforcement solely to the already overburdened state attorney general, a concession that caused an ongoing rift between two of its authors, Mary Stone Ross and Alastair Mactaggart. (Mactaggart coauthored the CPRA, which Ross opposed.)"

"Apple's Not Digging Itself Out of This One: "Online researchers say they have found flaws in Apple's new child abuse detection tool that could allow bad actors to target iOS users.""

"Researchers at the Citizen Lab at the University of Toronto's Munk School said the spyware, which is made by an Israeli company called QuaDream, infected some victims' phones by sending an iCloud calendar invitation to mobile users from operators of the spyware, who are likely to be government clients. Victims were not notified of the calendar invitations because they were sent for events logged in the past, making them invisible to the targets of the hacking. Such attacks are known as "zero-click" because users of the mobile phone do not have to click on any malicious link or take any action in order to be infected."

"A new strain of ransomware has been targeting government agencies and educational institutions in the United States, through scam emails that pretend to be something important. The malware, dubbed as 'MarsJoke' by Proofpoint security researchers, reportedly began a large-scale email campaign which distributed the cryptomalware last week. The developers are sending out emails which seems to be masked as a message from an airline company."

"The criminals were able to send banner ads and javascript to their targets' computers by pushing both into ad networks. These networks aggressively scan advertisers' javascript for suspicious code, so the criminals needed to sneak their bad code past these checks."

"To coincide with the launch, the campaign has released research by Demos revealing the huge scale of social media misogyny. The study monitored the use of the words "slut" and "whore" by UK Twitter users over three weeks from the end of April. It found that 6,500 individuals were targeted by 10,000 aggressive and misogynistic tweets in that period."

"Bruce Schneier makes the point that if the Russian state is behind the DNC hacks, there's no reason to expect that its attacks on the US political system will end there. Voting machines are so notoriously terrible that they'd be a very tempting target for Russia or other states that want to influence the outcome in 2016 (or merely destabilize the US by calling into question the outcome in an election). "

"demonstrate a fiendishly clever procedure for getting data off of airgapped computers that have had their speakers removed to prevent acoustic data-transmission: instead of playing sound through the target computer's speakers, they attack its fans, varying their speeds to produce subtle sounds that humans can barely notice, but which nearby devices can pick up through their microphones."

"Researchers find 8% of cybercrime victims suffered financial losses while those aged over 55 were least likely targets"