2022-07-25
“The universal opt-out requirement is nice, but it won't mean much until the largest browsers, especially Chrome and Safari, add the feature.” #privacy Congress Might Pass an Actually Good Privacy Bill https://www.wired.com/...
Wired
A look at the bipartisan American Data Privacy and Protection Act, which privacy experts say might finally give the US a strong federal data protection law
2022-07-24
“The universal opt-out requirement is nice, but it won't mean much until the largest browsers, especially Chrome and Safari, add the feature.” #privacy Congress Might Pass an Actually Good Privacy Bill https://www.wired.com/...
Wired
A look at the bipartisan American Data Privacy and Protection Act, which privacy experts say might finally give the US a strong federal data protection law
A bill with bipartisan support might finally give the US a strong federal data protection law. — Usually, when Congress is working …
2022-06-25
“TAG says it currently tracks more than 30 spyware makers that offer an array of technical capabilities and levels of sophistication to government-backed clients.” Google Warns of New Spyware Targeting iOS and Android Users https://www.wired.com/... via @wired
TechCrunch
Google details the commercial spyware Hermit, used in Kazakhstan and Italy, targeting Android and iOS; the iOS version has six exploits, including two zero-days
Saturday, June 25, 2022 // (IG): BB //Weekly Sponsor: Dataminr Deeba Ahmed / HackRead : ISPs Helping Attackers Install Hermit Spyware on Smartphones- Google Sergiu Gatlan / Bleepin...
2022-06-24
“TAG says it currently tracks more than 30 spyware makers that offer an array of technical capabilities and levels of sophistication to government-backed clients.” Google Warns of New Spyware Targeting iOS and Android Users https://www.wired.com/... via @wired
TechCrunch
Google details the commercial spyware Hermit, used in Kazakhstan and Italy, targeting Android and iOS; the iOS version has six exploits, including two zero-days
Zack Whittaker / TechCrunch :
2022-05-10
“There are more than 16,000 instances of the gear discoverable online, and F5 says it's used by 48 of the Fortune 50.” Hackers are actively exploiting BIG-IP vulnerability with a 9.8 severity rating https://arstechnica.com/...
Ars Technica
F5 disclosed and patched an actively exploited critical bug last week in its BIG-IP products that act as load balancers and firewalls within enterprise networks
Flaw in widely used gear from F5 executes root commands, no password necessary. — Researchers are marveling at the scope …
2022-04-11
Chef's kiss... muah. “For the past month, a hacking group known as NB65 has been breaching Russian entities, stealing their data, and leaking it online, warning that the attacks are due to Russia's invasion of Ukraine.” https://www.bleepingcomputer.com/ ...
BleepingComputer
Hacking group NB65 claims it altered Conti's leaked ransomware to attack Russian entities, including space agency Roscosmos and TV and radio broadcaster VGTRK
2022-03-08
Look peeps, if Samsung & Nvidia can fall victim to ransomware attacks (i.e., a form of data breach), then so can the organization you work for. You need to adopt a Zero Trust Architecture (ZTA) mentality right now & assume compromise. Respond accordingly. https://www.bleepingcomputer.com/ ...
Bloomberg
Samsung confirms a breach that exposed internal company data, including source code related to its Galaxy phones, but says users' personal data was not affected
2021-12-21
“Troy Hunt, the creator of the Have I Been Pwned (HIBP) service, announced today that after importing and parsing the data from the NCA a set of 225,665,425 passwords were found to be completely new.” https://www.bleepingcomputer.com/ ...
The Record
The UK's National Crime Agency shares 585M+ compromised passwords, found during an investigation, with Have I Been Pwned, after the FBI started sharing in May
Catalin Cimpanu / The Record :
2021-12-05
The pawns playing in this game aren't stupid. They know the tightrope they walk. He argues that the insider-trading charges were created as a “pretext” to get Klyushin to the U.S. to pressure him to provide information about the operation. https://www.bloomberg.com/...
Bloomberg
Profile of Group-IB CEO Ilya Sachkov, who is charged with treason in Russia, sources say for allegedly giving the US info about Fancy Bear's 2016 operation
Ilya Sachkov, who's been charged with treason in Russia, is alleged to have given the U.S. information about the “Fancy Bear” … Tweets: @bw , @hewiak , @amandakhurley , @z3r0trust ...
2021-05-16
“The hosting support service doesn't provide any info except ‘at the request of law enforcement authorities.’ [Also], a couple of hours after the seizure, funds from the payment server (belonging to us & our clients) were withdrawn to an unknown account.” https://arstechnica.com/...
Elliptic Blog
Analysis: the wallet used by DarkSide received a total of $17.5M in Bitcoin transactions since March, including a 75 BTC payment made by Colonial
2021-05-15
“The hosting support service doesn't provide any info except ‘at the request of law enforcement authorities.’ [Also], a couple of hours after the seizure, funds from the payment server (belonging to us & our clients) were withdrawn to an unknown account.” https://arstechnica.com/...
Elliptic Blog
Analysis: the wallet used by DarkSide received a total of $17.5M in Bitcoin transactions since March, including a 75 BTC payment made by Colonial
Elliptic's Co-founder and Chief Scientist discusses cryptocurrency forensics, investigations, compliance, and sanctions.
2021-01-14
“A recent report from researchers at the nonprofit Upturn found nearly 50,000 examples of US police in all 50 states using mobile device forensic tools to get access to smartphone data between 2015 and 2019.” #privacy https://www.wired.com/...
Wired
New research details iOS and Android issues that may allow third parties and law enforcement to access user data and suggests mitigation techniques
New research has dug into the openings that iOS and Android security provide for anyone with the right tools.
2021-01-13
“This is as bad as it gets,” White says. “It's gross incompetence on the part of Parler. They marketed themselves as a private, secure, unmoderated platform, and instead it's comedy hour.” https://www.wired.com/...
Wired
After reports of all of Parler's data being downloaded by third parties, analysis shows Parler lacked basic security measures to prevent such a data breach
“This is as bad as it gets,” White says. “It's gross incompetence on the part of Parler. They marketed themselves as a private, secure, unmoderated platform, and instead it's comedy hour.” https://www.wired.com/...
Gizmodo
GPS metadata from videos posted to Parler on Jan. 6 shows several users deep inside the Capitol; source: FBI has expressed interest in examining the data
At least several users of the far-right social network Parler appear to be among the hoard of rioters that managed to penetrate deep inside …
2020-12-12
“Adrozek, as the software maker has dubbed the malware family, relies on a sprawling distribution network comprising 159 unique domains with each one hosting an average of 17,300 unique URLs.” 4 major browsers are getting hit in widespread malware attacks https://arstechnica.com/...
Ars Technica
Microsoft: “Adrozek” malware campaign is distributing an ad-injecting browser modifier which changes security settings; Chrome, Firefox, Edge, Yandex at risk
what to do now Luke Jones / WinBuzzer : Microsoft Edge, Chrome, and Firefox Being Hit By “Adrozek” Attacks Usama Jawad / Neowin : Microsoft issues warning about malware campaign in...
2020-12-11
“Adrozek, as the software maker has dubbed the malware family, relies on a sprawling distribution network comprising 159 unique domains with each one hosting an average of 17,300 unique URLs.” 4 major browsers are getting hit in widespread malware attacks https://arstechnica.com/...
Ars Technica
Microsoft: “Adrozek” malware campaign is distributing an ad-injecting browser modifier which changes security settings; Chrome, Firefox, Edge, Yandex at risk
Chrome, Firefox, Edge, and Yandex are all affected in widespread ad-injection campaign.