Anonymous Hackers Target TikTok: βDelete This Chinese Spyware Nowβ
βDelete TikTok now,β the account tweeted today, July 1, βif you know someone that is using it, explain to them that it is essentially malware operated by the Chinese government running a massive spying operation.β
https://twitter.com/YourAnonCentral/status/1278204068175818752?s=20
https://www.forbes.com/sites/zakdoffman/2020/07/01/anonymous-targets-tiktok-delete-this-chinese-spyware-now/
#anonymous #hacked #TikTok #DeleteTikTok
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@NoGoolag
π‘@BlackBox
βDelete TikTok now,β the account tweeted today, July 1, βif you know someone that is using it, explain to them that it is essentially malware operated by the Chinese government running a massive spying operation.β
https://twitter.com/YourAnonCentral/status/1278204068175818752?s=20
https://www.forbes.com/sites/zakdoffman/2020/07/01/anonymous-targets-tiktok-delete-this-chinese-spyware-now/
#anonymous #hacked #TikTok #DeleteTikTok
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@NoGoolag
π‘@BlackBox
Facebook once again accidentally reveals user data
5000 developers were able to access user data from Facebook via some apps, which they were not supposed to get. The leak is fixed.
About 5000 developers had access to user data from Facebook, which they should not have been able to see. Actually, the social network has a ban on information from app users that have been inactive for more than 90 days. Actually, that didn't work.
These are apps that users have logged into with their Facebook account. App developers then get access to information such as birthday, email addresses, friend lists and location. After the Cambridge Analytica scandal, in which millions of data were tapped and used for political purposes, Facebook had restricted this access.
Now it has been noticed, says a Facebook blog post, that this 90-day limit did not always last. Nevertheless, some developers continued to gain insights. "This can happen when someone has used a fitness app to invite friends to a workout about it. We didn't notice that some of the friends were inactive for months," explains Facebook. The company doesn't say how many users are affected by this. The data leak has already been plugged. They still want to investigate the incident, but so far there are no indications of misuse of the information by third parties. "We have no indication that any information was shared that users didn't approve."
π https://about.fb.com/news/2020/07/improving-data-limits-simplifying-terms/
Read more π©πͺ π¬π§:
https://www.cnet.com/news/facebook-shared-user-data-with-developers-after-access-should-have-expired/
https://www.heise.de/news/Facebook-gibt-einmal-mehr-aus-Versehen-Nutzerdaten-preis-4801943.html
#DeleteFacebook
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@NoGoolag
π‘@BlackBox
5000 developers were able to access user data from Facebook via some apps, which they were not supposed to get. The leak is fixed.
About 5000 developers had access to user data from Facebook, which they should not have been able to see. Actually, the social network has a ban on information from app users that have been inactive for more than 90 days. Actually, that didn't work.
These are apps that users have logged into with their Facebook account. App developers then get access to information such as birthday, email addresses, friend lists and location. After the Cambridge Analytica scandal, in which millions of data were tapped and used for political purposes, Facebook had restricted this access.
Now it has been noticed, says a Facebook blog post, that this 90-day limit did not always last. Nevertheless, some developers continued to gain insights. "This can happen when someone has used a fitness app to invite friends to a workout about it. We didn't notice that some of the friends were inactive for months," explains Facebook. The company doesn't say how many users are affected by this. The data leak has already been plugged. They still want to investigate the incident, but so far there are no indications of misuse of the information by third parties. "We have no indication that any information was shared that users didn't approve."
π https://about.fb.com/news/2020/07/improving-data-limits-simplifying-terms/
Read more π©πͺ π¬π§:
https://www.cnet.com/news/facebook-shared-user-data-with-developers-after-access-should-have-expired/
https://www.heise.de/news/Facebook-gibt-einmal-mehr-aus-Versehen-Nutzerdaten-preis-4801943.html
#DeleteFacebook
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@NoGoolag
π‘@BlackBox
Meta
Improving Data Limits for Infrequently Used Apps, Simplifying Platform Terms and Developer Policies | Meta
Our review of apps on our platform is ongoing, and we will continue to make improvements.
Mark Zuckerberg is trying to sue families in Hawaii, to force my people to sell him our land. He even filed lawsuits against owners who are dead. Leave Hawaiian land in Hawaiian HANDS. Stop the white man from colonizing our island.
π https://twitter.com/fuckpiIIar/status/1278433319991074816
#DeleteFacebook #thinkabout #why
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@NoGoolag
π‘@BlackBox
π https://twitter.com/fuckpiIIar/status/1278433319991074816
#DeleteFacebook #thinkabout #why
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@NoGoolag
π‘@BlackBox
Multi-million dollar online fraud: Nigerian Instagram Influencer Arrested
On Instagram he posed with luxury cars and reached millions. The money, however, was probably obtained by a Nigerian who had scammed the Internet.
A Nigerian Instagram influencer and several of his accomplices have been arrested in Dubai for millions of dollars of Internet fraud. Dubai police announced on Thursday that the FBI had thanked the authorities of the United Arab Emirates for the arrest and extradition to the USA. The man, together with accomplices, is said to have defrauded nearly two million victims over the Internet.
ππΌ Source π¬π§:
https://www.facebook.com/126070364137174/posts/3126225064121674
ππΌ Read more π©πͺ:
https://www.heise.de/news/Millionenfacher-Online-Betrug-Nigerianischer-Instagram-Influencer-festgenommen-4805836.html
#nigeria #instagram #online #fraud
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@NoGoolag
π‘@BlackBox
On Instagram he posed with luxury cars and reached millions. The money, however, was probably obtained by a Nigerian who had scammed the Internet.
A Nigerian Instagram influencer and several of his accomplices have been arrested in Dubai for millions of dollars of Internet fraud. Dubai police announced on Thursday that the FBI had thanked the authorities of the United Arab Emirates for the arrest and extradition to the USA. The man, together with accomplices, is said to have defrauded nearly two million victims over the Internet.
ππΌ Source π¬π§:
https://www.facebook.com/126070364137174/posts/3126225064121674
ππΌ Read more π©πͺ:
https://www.heise.de/news/Millionenfacher-Online-Betrug-Nigerianischer-Instagram-Influencer-festgenommen-4805836.html
#nigeria #instagram #online #fraud
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@NoGoolag
π‘@BlackBox
heise online
Millionenfacher Online-Betrug: Nigerianischer Instagram-Influencer festgenommen
Auf Instagram posierte er mit Luxuskarossen und erreichte Millionen. Das Geld hatte sich ein Nigerianer aber wohl mit Internetbetrug ergaunert.
Forwarded from NoGoolag
Avoid Google apps spyware!
π‘ @NoGoolag (links at @microGsupport)
β English Group:
https://t.iss.one/joinchat/FyFlS0X2D7eDayZ4R4Gkzw
β Indonesian channels and group:
@microGindonesia
@StopGapps_id
https://t.iss.one/joinchat/HVU5S1HNr9FuSwsX0vRCuQ
β Off-Topic Group:
In NoGoolag group, retrieve the saved note #ot to know
β Guide: t.iss.one/NoGoolag/63
β Installers: t.iss.one/NoGoolag/182
More software
π‘ @Libreware
π‘ @AuroraOfficial Aurora sw channel
π¬ @AuroraSupport Aurora Store group (Foss playstore alternative)
π¬ @AuroraDroid Aurora Droid group (F-Droid client)
π¬ @AuroraOSS
Group to discuss upcoming Aurora projects (Contacts & Dialer, Aurora Services, Aurora Sync, Aurora Maps)
π¦ @qd_invitation
Firefox Configuration Hardening
DNScrypt Proxy Android
Mixplorer updates
News
π‘ @cRyPtHoN_INFOSEC_EN
π‘ @cRyPtHoN_INFOSEC_DE
π‘@BlackBox
π‘ @NoGoolag (links at @microGsupport)
β English Group:
https://t.iss.one/joinchat/FyFlS0X2D7eDayZ4R4Gkzw
β Indonesian channels and group:
@microGindonesia
@StopGapps_id
https://t.iss.one/joinchat/HVU5S1HNr9FuSwsX0vRCuQ
β Off-Topic Group:
In NoGoolag group, retrieve the saved note #ot to know
β Guide: t.iss.one/NoGoolag/63
β Installers: t.iss.one/NoGoolag/182
More software
π‘ @Libreware
π‘ @AuroraOfficial Aurora sw channel
π¬ @AuroraSupport Aurora Store group (Foss playstore alternative)
π¬ @AuroraDroid Aurora Droid group (F-Droid client)
π¬ @AuroraOSS
Group to discuss upcoming Aurora projects (Contacts & Dialer, Aurora Services, Aurora Sync, Aurora Maps)
π¦ @qd_invitation
Firefox Configuration Hardening
DNScrypt Proxy Android
Mixplorer updates
News
π‘ @cRyPtHoN_INFOSEC_EN
π‘ @cRyPtHoN_INFOSEC_DE
π‘@BlackBox
BlackBox (Security) Archiv pinned Β«Avoid Google apps spyware! π‘ @NoGoolag (links at @microGsupport) β
English Group: https://t.iss.one/joinchat/FyFlS0X2D7eDayZ4R4Gkzw β
Indonesian channels and group: @microGindonesia @StopGapps_id https://t.iss.one/joinchat/HVU5S1HNr9FuSwsX0vRCuQ β
Off-Topic Group:β¦Β»
Dismantling of an encrypted network sends shockwaves through organised crime groups across Europe
At a joint press conference today, French and Dutch law enforcement and judicial authorities, Europol and Eurojust presented the impressive results of a joint investigation team to dismantle EncroChat, an encrypted phone network widely used by criminal networks.
Over the last months, the joint investigation made it possible to intercept, share and analyse millions of messages that were exchanged between criminals to plan serious crimes. For an important part, these messages were read by law enforcement in real time, over the shoulder of the unsuspecting senders.
ππΌ Read more:
https://www.eurojust.europa.eu/press/PressReleases/Pages/2020/2020-07-02b.aspx
#EncroChat #encrypted #network #busted #french #dutch #Europol #Eurojust
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@NoGoolag
π‘@BlackBox
At a joint press conference today, French and Dutch law enforcement and judicial authorities, Europol and Eurojust presented the impressive results of a joint investigation team to dismantle EncroChat, an encrypted phone network widely used by criminal networks.
Over the last months, the joint investigation made it possible to intercept, share and analyse millions of messages that were exchanged between criminals to plan serious crimes. For an important part, these messages were read by law enforcement in real time, over the shoulder of the unsuspecting senders.
ππΌ Read more:
https://www.eurojust.europa.eu/press/PressReleases/Pages/2020/2020-07-02b.aspx
#EncroChat #encrypted #network #busted #french #dutch #Europol #Eurojust
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@NoGoolag
π‘@BlackBox
Surveillance under Surveillance
Surveillance under Surveillance shows you cameras and guards β watching you β almost everywhere. You can see where they are located and, if the information is available, what type they are, the area they observe, or other interesting facts.
Surveillance under Surveillance uses data from OpenStreetMap contributors that is not visualized on the regular OpenStreetMap site.
ππΌ https://sunders.uber.space ππΌ
#surveillance #defense
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@NoGoolag
π‘@BlackBox
Surveillance under Surveillance shows you cameras and guards β watching you β almost everywhere. You can see where they are located and, if the information is available, what type they are, the area they observe, or other interesting facts.
Surveillance under Surveillance uses data from OpenStreetMap contributors that is not visualized on the regular OpenStreetMap site.
ππΌ https://sunders.uber.space ππΌ
#surveillance #defense
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@NoGoolag
π‘@BlackBox
sunders.uber.space
Surveillance under Surveillance
Surveillance Camera Map
New Trump Appointee Puts Global Internet Freedom at Risk, Critics Say
A battle involving Michael Pack and a U.S.-funded tech group revolves around software from Falun Gong, the secretive, anti-Beijing spiritual movement with pro-Trump elements.
WASHINGTON β When Michael Pack, a conservative filmmaker and ally of Stephen K. Bannon, recently fired the heads of four U.S. government-funded news outlets, many became alarmed that he would turn the independently operated organizations, as well as the Voice of America, into βTrump TV.β
But Mr. Pack, the new chief executive of the U.S. Agency for Global Media, also cleaned house last month at the lesser-known Open Technology Fund, an internet freedom group overseen by the agency Mr. Pack now runs.
Many worry that the move could have an even greater effect.
In less than a decade, the Open Technology Fund has quietly become integral to the worldβs repressed communities. Over two billion people in 60 countries rely on tools developed and supported by the fund, like Signal and Tor, to connect to the internet securely and send encrypted messages in authoritarian societies.
After Mr. Pack was confirmed for his new post on June 4, following a personal campaign of support by President Trump, Mr. Pack fired the technology groupβs top officials and bipartisan board, an action now being fought in the courts. A federal judge on Thursday ruled in Mr. Packβs favor, a decision that plaintiffs will likely appeal.
On Friday, Mr. Pack appointed an interim chief executive, James M. Miles, to head the fund, according to a letter obtained by The New York Times. Mr. Miles is little known in the internet freedom community, and his appointment needs approval from the fundβs new board, which is stacked with Trump administration officials and chaired by Mr. Pack.
This battle revolves around software developed by Falun Gong, the secretive spiritual movement persecuted by the Chinese Communist Party.
Some Falun Gong members have become notable players in American politics. The Epoch Times, a newspaper started by Falun Gong practitioners, has spent millions of dollars on pro-Trump ads, including conspiratorial ones, on Facebook and YouTube β and was even banned by Facebook last year from buying more ads because it had tried to evade advertising rules.
Now, allies of Falun Gong are making a big push for the Open Technology Fund and the State Department to give money to some of the groupβs software, notably Ultrasurf, developed about a decade ago by a Falun Gong member.
https://www.nytimes.com/2020/07/04/us/politics/michael-pack-china-internet.html
#thinkabout
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@NoGoolag
π‘@BlackBox
A battle involving Michael Pack and a U.S.-funded tech group revolves around software from Falun Gong, the secretive, anti-Beijing spiritual movement with pro-Trump elements.
WASHINGTON β When Michael Pack, a conservative filmmaker and ally of Stephen K. Bannon, recently fired the heads of four U.S. government-funded news outlets, many became alarmed that he would turn the independently operated organizations, as well as the Voice of America, into βTrump TV.β
But Mr. Pack, the new chief executive of the U.S. Agency for Global Media, also cleaned house last month at the lesser-known Open Technology Fund, an internet freedom group overseen by the agency Mr. Pack now runs.
Many worry that the move could have an even greater effect.
In less than a decade, the Open Technology Fund has quietly become integral to the worldβs repressed communities. Over two billion people in 60 countries rely on tools developed and supported by the fund, like Signal and Tor, to connect to the internet securely and send encrypted messages in authoritarian societies.
After Mr. Pack was confirmed for his new post on June 4, following a personal campaign of support by President Trump, Mr. Pack fired the technology groupβs top officials and bipartisan board, an action now being fought in the courts. A federal judge on Thursday ruled in Mr. Packβs favor, a decision that plaintiffs will likely appeal.
On Friday, Mr. Pack appointed an interim chief executive, James M. Miles, to head the fund, according to a letter obtained by The New York Times. Mr. Miles is little known in the internet freedom community, and his appointment needs approval from the fundβs new board, which is stacked with Trump administration officials and chaired by Mr. Pack.
This battle revolves around software developed by Falun Gong, the secretive spiritual movement persecuted by the Chinese Communist Party.
Some Falun Gong members have become notable players in American politics. The Epoch Times, a newspaper started by Falun Gong practitioners, has spent millions of dollars on pro-Trump ads, including conspiratorial ones, on Facebook and YouTube β and was even banned by Facebook last year from buying more ads because it had tried to evade advertising rules.
Now, allies of Falun Gong are making a big push for the Open Technology Fund and the State Department to give money to some of the groupβs software, notably Ultrasurf, developed about a decade ago by a Falun Gong member.
https://www.nytimes.com/2020/07/04/us/politics/michael-pack-china-internet.html
#thinkabout
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@NoGoolag
π‘@BlackBox
NY Times
New Trump Appointee Puts Global Internet Freedom at Risk, Critics Say
A battle involving Michael Pack and a U.S.-funded tech group revolves around software from Falun Gong, the secretive, anti-Beijing spiritual movement with pro-Trump elements.
Facebook, WhatsApp, Twitter Suspend Review of Hong Kong Requests for User Data
Action is taken βpending further assessmentβ of Chinaβs national-security law for territory, WhatsApp says
"Facebookβs WhatsApp messaging service has suspended its processing of requests for user data from Hong Kong law-enforcement agencies following Chinaβs imposition of a national-security law on the city.
The company is βpausingβ such reviews βpending further assessment of the impact of the National Security Law, including formal human rights due diligence and consultations with human rights experts,β a WhatsApp spokeswoman said in response to a Wall Street Journal query on Monday [β¦]
Dubai-based Telegram Group Inc. said in a statement that was earlier reported by the Hong Kong Free Press that it doesnβt intend to process βany data requests related to its Hong Kong users until an international consensus is reached in relation to the ongoing political changes in the city.β A Telegram representative said in a statement that the company βhas never shared any data with the Hong Kong authorities in the past.β
https://9to5mac.com/2020/07/06/whatsapp-and-telegram/
https://www.wsj.com/articles/whatsapp-to-suspend-processing-law-enforcement-requests-for-user-data-in-hong-kong-11594034580
#china #hk #fb #DeleteFacebook #wa #twitter
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@NoGoolag
π‘@BlackBox
Action is taken βpending further assessmentβ of Chinaβs national-security law for territory, WhatsApp says
"Facebookβs WhatsApp messaging service has suspended its processing of requests for user data from Hong Kong law-enforcement agencies following Chinaβs imposition of a national-security law on the city.
The company is βpausingβ such reviews βpending further assessment of the impact of the National Security Law, including formal human rights due diligence and consultations with human rights experts,β a WhatsApp spokeswoman said in response to a Wall Street Journal query on Monday [β¦]
Dubai-based Telegram Group Inc. said in a statement that was earlier reported by the Hong Kong Free Press that it doesnβt intend to process βany data requests related to its Hong Kong users until an international consensus is reached in relation to the ongoing political changes in the city.β A Telegram representative said in a statement that the company βhas never shared any data with the Hong Kong authorities in the past.β
https://9to5mac.com/2020/07/06/whatsapp-and-telegram/
https://www.wsj.com/articles/whatsapp-to-suspend-processing-law-enforcement-requests-for-user-data-in-hong-kong-11594034580
#china #hk #fb #DeleteFacebook #wa #twitter
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@NoGoolag
π‘@BlackBox
9to5Mac
WhatsApp and Telegram will not hand over user data to Hong Kong authorities
Both WhatsApp and Telegram have announced that they will not β for now, at least β hand over user data to Hong Kong authorities. The move follows China ...
SECURING_IPSEC_VIRTUAL_PRIVATE_NETWORKS_EXECUTIVE_SUMMARY_2020_07.PDF
224.8 KB
National Security Agency |Cybersecurity Information
Securing IPsec Virtual Private Networks
Many organizations currently utilizeIP Security (IPsec) Virtual Private Networks (VPNs) to connect remote sites andenable telework capabilities. These connections use cryptographytoprotect sensitive information that traversesuntrusted networks. To protect this trafficand ensure data confidentiality, it is critical that these VPNs use strong cryptography.This guidance identifiescommon VPN misconfigurations andvulnerabilities.
π PDF:
https://media.defense.gov/2020/Jul/02/2002355625/-1/-1/0/SECURING_IPSEC_VIRTUAL_PRIVATE_NETWORKS_EXECUTIVE_SUMMARY_2020_07_01_FINAL_RELEASE.PDF
#nsa #cybersecurity #IPsec #vpn #information #guide #pdf
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@NoGoolag
π‘@BlackBox
Securing IPsec Virtual Private Networks
Many organizations currently utilizeIP Security (IPsec) Virtual Private Networks (VPNs) to connect remote sites andenable telework capabilities. These connections use cryptographytoprotect sensitive information that traversesuntrusted networks. To protect this trafficand ensure data confidentiality, it is critical that these VPNs use strong cryptography.This guidance identifiescommon VPN misconfigurations andvulnerabilities.
π PDF:
https://media.defense.gov/2020/Jul/02/2002355625/-1/-1/0/SECURING_IPSEC_VIRTUAL_PRIVATE_NETWORKS_EXECUTIVE_SUMMARY_2020_07_01_FINAL_RELEASE.PDF
#nsa #cybersecurity #IPsec #vpn #information #guide #pdf
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@NoGoolag
π‘@BlackBox
U.S. looking at banning Chinese social media apps, including TikTok
(Reuters) - Secretary of State Mike Pompeo said on Monday that the United States is βcertainly looking atβ banning Chinese social media apps, including TikTok, suggesting it shared information with the Chinese government, a charge it denied.
βI donβt want to get out in front of the President (Donald Trump), but itβs something weβre looking at,β Pompeo said in an interview with Fox News.
U.S. lawmakers have raised national security concerns over TikTokβs handling of user data, saying they were worried about Chinese laws requiring domestic companies βto support and cooperate with intelligence work controlled by the Chinese Communist Party.β
Pompeo said Americans should be cautious in using the short-form video app owned by China-based ByteDance.
βOnly if you want your private information in the hands of the Chinese Communist Party,β Pompeo remarked when asked if he would recommend people to download TikTok.
π Read more π¬π§:
https://www.reuters.com/article/us-usa-tiktok-china-pompeo/pompeo-says-u-s-looking-at-banning-chinese-social-media-apps-including-tiktok-fox-idUSKBN2480DF
π Read in π©πͺ:
https://t3n.de/news/social-media-apps-china-visier-1297614
#DeleteTikTok #TikTok #usa #china #pompeo #ToddlerTrump
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@NoGoolag
π‘@BlackBox
(Reuters) - Secretary of State Mike Pompeo said on Monday that the United States is βcertainly looking atβ banning Chinese social media apps, including TikTok, suggesting it shared information with the Chinese government, a charge it denied.
βI donβt want to get out in front of the President (Donald Trump), but itβs something weβre looking at,β Pompeo said in an interview with Fox News.
U.S. lawmakers have raised national security concerns over TikTokβs handling of user data, saying they were worried about Chinese laws requiring domestic companies βto support and cooperate with intelligence work controlled by the Chinese Communist Party.β
Pompeo said Americans should be cautious in using the short-form video app owned by China-based ByteDance.
βOnly if you want your private information in the hands of the Chinese Communist Party,β Pompeo remarked when asked if he would recommend people to download TikTok.
π Read more π¬π§:
https://www.reuters.com/article/us-usa-tiktok-china-pompeo/pompeo-says-u-s-looking-at-banning-chinese-social-media-apps-including-tiktok-fox-idUSKBN2480DF
π Read in π©πͺ:
https://t3n.de/news/social-media-apps-china-visier-1297614
#DeleteTikTok #TikTok #usa #china #pompeo #ToddlerTrump
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@NoGoolag
π‘@BlackBox
Reuters
Pompeo says U.S. looking at banning Chinese social media apps, including TikTok
(Reuters) - Secretary of State Mike Pompeo said on Monday that the United States is βcertainly looking atβ banning Chinese social media apps, including TikTok, suggesting it shared information with the Chinese government, a charge it denied.
69: Human Hacker
Darknet Diaries - EP 69: Human Hacker
We all know that computers and networks are vulnerable to hacking and malicious actors, but what about us, the humans who interface with these devices? Con games, scams, and strategic deception are far older than computers, and in the modern era, these techniques can make humans the weakest link in even the most secure system. This episode, security consultant and master social engineer, Christopher Hadnagy, joins us to share his stories and wisdom. He describes what it was like to be a social engineer before the world knew what social engineering was and tells some of his amazing stories from his long career in penetration testing.
π§ https://darknetdiaries.com/episode/69/
#DarknetDiaries #podcast
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@NoGoolag
π‘@BlackBox
We all know that computers and networks are vulnerable to hacking and malicious actors, but what about us, the humans who interface with these devices? Con games, scams, and strategic deception are far older than computers, and in the modern era, these techniques can make humans the weakest link in even the most secure system. This episode, security consultant and master social engineer, Christopher Hadnagy, joins us to share his stories and wisdom. He describes what it was like to be a social engineer before the world knew what social engineering was and tells some of his amazing stories from his long career in penetration testing.
π§ https://darknetdiaries.com/episode/69/
#DarknetDiaries #podcast
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@NoGoolag
π‘@BlackBox
Introducing Project Freta - Microsoft Launches Free Linux Forensics and Rootkit Malware Detection Service
Microsoft has announced a new free-to-use initiative aimed at uncovering forensic evidence of sabotage on Linux systems, including rootkits and intrusive malware that may otherwise go undetected.
The cloud offering, dubbed Project Freta, is a snapshot-based memory forensic mechanism that aims to provide automated full-system volatile memory inspection of virtual machine (VM) snapshots, with capabilities to spot malicious software, kernel rootkits, and other stealthy malware techniques such as process hiding.
The project is named after Warsaw's Freta Street, the birthplace of Marie Curie, the famous French-Polish physicist who brought X-ray medical imaging to the battlefield during World War I.
"Modern malware is complex, sophisticated, and designed with non-discoverability as a core tenet," said Mike Walker, Microsoft's senior director of New Security Ventures. "Project Freta intends to automate and democratize VM forensics to a point where every user and every enterprise can sweep volatile memory for unknown malware with the push of a button β no setup required."
The objective is to infer the presence of malware from memory, at the same time gain the upper hand in the fight against threat actors who deploy and reuse stealthy malware on target systems for ulterior motives, and more importantly, render evasion infeasible and increase the development cost of undiscoverable cloud malware.
https://www.microsoft.com/en-us/research/blog/toward-trusted-sensing-for-the-cloud-introducing-project-freta/
https://thehackernews.com/2020/07/microsoft-linux-forensics-rootkit.html
#microsoft #linux #cloud #Freta #forensics #research #rootkit #malware
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
Microsoft has announced a new free-to-use initiative aimed at uncovering forensic evidence of sabotage on Linux systems, including rootkits and intrusive malware that may otherwise go undetected.
The cloud offering, dubbed Project Freta, is a snapshot-based memory forensic mechanism that aims to provide automated full-system volatile memory inspection of virtual machine (VM) snapshots, with capabilities to spot malicious software, kernel rootkits, and other stealthy malware techniques such as process hiding.
The project is named after Warsaw's Freta Street, the birthplace of Marie Curie, the famous French-Polish physicist who brought X-ray medical imaging to the battlefield during World War I.
"Modern malware is complex, sophisticated, and designed with non-discoverability as a core tenet," said Mike Walker, Microsoft's senior director of New Security Ventures. "Project Freta intends to automate and democratize VM forensics to a point where every user and every enterprise can sweep volatile memory for unknown malware with the push of a button β no setup required."
The objective is to infer the presence of malware from memory, at the same time gain the upper hand in the fight against threat actors who deploy and reuse stealthy malware on target systems for ulterior motives, and more importantly, render evasion infeasible and increase the development cost of undiscoverable cloud malware.
https://www.microsoft.com/en-us/research/blog/toward-trusted-sensing-for-the-cloud-introducing-project-freta/
https://thehackernews.com/2020/07/microsoft-linux-forensics-rootkit.html
#microsoft #linux #cloud #Freta #forensics #research #rootkit #malware
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
Microsoft Research
Toward trusted sensing for the cloud: Introducing Project Freta - Microsoft Research
Editorβs note, Feb. 14, 2024 β The Project Freta analysis web portal is no longer publicly accessible. Please contact [email protected]. βSunlight is said to be the best of disinfectants.β βLouis D. Brandeis, 1914 Weβ¦
Police data - BlueLeaks server confiscated near Zwickau (Germany)
A few weeks ago, the transparency collective Distributed Denial of Secrets published hundreds of thousands of internal data from 200 police stations in the USA. The case now also occupies the public prosecutor's office in Zwickau, which apparently confiscated a server of the collective.
Zwickau police have confiscated a server on which data from US police departments known as BlueLeaks was available for download. This was announced by Emma Best via Twitter, a person associated with the Leaking collective Distributed Denial of Secrets (DDoS). The server is the "primary public download server" and no sources are in danger due to the confiscation.
In another tweet, an excerpt from an e-mail from the provider is attached, in which the provider states the file number and writes that he should only now have informed the persons concerned. He was not allowed to say more about the case. This provider is apparently the company Hetzner, which maintains a data centre near Zwickau. A used IP address of DDoS also refers to Hetzner.
A short-term inquiry by netzpolitik.org on Tuesday evening, on what basis the server was seized and what the operators are accused of, has not yet been answered by the Zwickau public prosecutor's office.
https://twitter.com/NatSecGeek/status/1280519169151205381
More info π©πͺ:
https://netzpolitik.org/2020/polizei-daten-blueleaks-server-bei-zwickau-beschlagnahmt/
#BlueLeaks #DDoS #Zwickau
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
A few weeks ago, the transparency collective Distributed Denial of Secrets published hundreds of thousands of internal data from 200 police stations in the USA. The case now also occupies the public prosecutor's office in Zwickau, which apparently confiscated a server of the collective.
Zwickau police have confiscated a server on which data from US police departments known as BlueLeaks was available for download. This was announced by Emma Best via Twitter, a person associated with the Leaking collective Distributed Denial of Secrets (DDoS). The server is the "primary public download server" and no sources are in danger due to the confiscation.
In another tweet, an excerpt from an e-mail from the provider is attached, in which the provider states the file number and writes that he should only now have informed the persons concerned. He was not allowed to say more about the case. This provider is apparently the company Hetzner, which maintains a data centre near Zwickau. A used IP address of DDoS also refers to Hetzner.
A short-term inquiry by netzpolitik.org on Tuesday evening, on what basis the server was seized and what the operators are accused of, has not yet been answered by the Zwickau public prosecutor's office.
https://twitter.com/NatSecGeek/status/1280519169151205381
More info π©πͺ:
https://netzpolitik.org/2020/polizei-daten-blueleaks-server-bei-zwickau-beschlagnahmt/
#BlueLeaks #DDoS #Zwickau
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
White Hat and Black Hat: Racism debate about designations for hackers
Do the hacker terms white hat and black hat evoke racist associations? The head of Android security sees it that way and causes a debate.
https://twitter.com/DaveKSecure/status/1279472868712013824
#lostnfound #thinkabout
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
Do the hacker terms white hat and black hat evoke racist associations? The head of Android security sees it that way and causes a debate.
https://twitter.com/DaveKSecure/status/1279472868712013824
#lostnfound #thinkabout
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
Twitter
David Kleidermacher
Language change is not βthe answerβ, itβs but one (small) part of the fight against racial, ethnic, and other injustice and inequity that has a many important battlefields. The fact that weβre having this conversation, even with inevitable twitter trollingβ¦
Microsoft takes legal action against COVID-19-related cybercrime
Today, the U.S. District Court for the Eastern District of Virginia unsealed documents detailing Microsoftβs work to disrupt cybercriminals that were taking advantage of the COVID-19 pandemic in an attempt to defraud customers in 62 countries around the world. Our civil case has resulted in a court order allowing Microsoft to seize control of key domains in the criminalsβ infrastructure so that it can no longer be used to execute cyberattacks.
Microsoftβs Digital Crimes Unit (DCU) first observed these criminals in December 2019, when they deployed a sophisticated, new phishing scheme designed to compromise Microsoft customer accounts. The criminals attempted to gain access to customer email, contact lists, sensitive documents and other valuable information. Based on patterns discovered at that time, Microsoft utilized technical means to block the criminalsβ activity and disable the malicious application used in the attack. Recently, Microsoft observed renewed attempts by the same criminals, this time using COVID-19-related lures in the phishing emails to target victims.
This malicious activity is yet another form of business email compromise (BEC) attack, which has increased in complexity, sophistication and frequency in recent years. According to the FBIβs 2019 Internet Crime Report, the most-costly complaints received by their Internet Crime Complaint Center (IC3) involved BEC crimes, with losses of over $1.7 billion, representing nearly half of all financial losses due to cybercrime. While most of the publicβs attention in recent years has justifiably focused on the malign acts of nation state actors, the increasing economic harm caused by cybercriminals must also be considered and confronted by the public and private sectors. For our part, Microsoft and our Digital Crimes Unit will continue to investigate and disrupt cybercriminals and will seek to work with law enforcement agencies around the world, whenever possible, to stop these crimes.
https://blogs.microsoft.com/on-the-issues/2020/07/07/digital-crimes-unit-covid-19-cybercrime/
#microsoft #DCU #cybercrime #corona
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
Today, the U.S. District Court for the Eastern District of Virginia unsealed documents detailing Microsoftβs work to disrupt cybercriminals that were taking advantage of the COVID-19 pandemic in an attempt to defraud customers in 62 countries around the world. Our civil case has resulted in a court order allowing Microsoft to seize control of key domains in the criminalsβ infrastructure so that it can no longer be used to execute cyberattacks.
Microsoftβs Digital Crimes Unit (DCU) first observed these criminals in December 2019, when they deployed a sophisticated, new phishing scheme designed to compromise Microsoft customer accounts. The criminals attempted to gain access to customer email, contact lists, sensitive documents and other valuable information. Based on patterns discovered at that time, Microsoft utilized technical means to block the criminalsβ activity and disable the malicious application used in the attack. Recently, Microsoft observed renewed attempts by the same criminals, this time using COVID-19-related lures in the phishing emails to target victims.
This malicious activity is yet another form of business email compromise (BEC) attack, which has increased in complexity, sophistication and frequency in recent years. According to the FBIβs 2019 Internet Crime Report, the most-costly complaints received by their Internet Crime Complaint Center (IC3) involved BEC crimes, with losses of over $1.7 billion, representing nearly half of all financial losses due to cybercrime. While most of the publicβs attention in recent years has justifiably focused on the malign acts of nation state actors, the increasing economic harm caused by cybercriminals must also be considered and confronted by the public and private sectors. For our part, Microsoft and our Digital Crimes Unit will continue to investigate and disrupt cybercriminals and will seek to work with law enforcement agencies around the world, whenever possible, to stop these crimes.
https://blogs.microsoft.com/on-the-issues/2020/07/07/digital-crimes-unit-covid-19-cybercrime/
#microsoft #DCU #cybercrime #corona
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
Microsoft On the Issues
Microsoft takes legal action against COVID-19-related cybercrime
Today, a U.S. court unsealed detaiils of Microsoftβs work disrupting cybercriminals that were taking advantage of the COVID-19 pandemic in an attempt to defraud customers around the world. Our civil case has resulted in a court order allowing Microsoft toβ¦
Firefox Send offline due to malware distribution
Mozilla has taken his Firefox send offline. This is due to malware abuse of the file transfer. The service is being revised.
The Firefox Send web service, which was launched by browser manufacturer Mozilla just under a year ago, is offline. However, this is not a short failure or error. Mozilla itself pulled the plug on the service, which is supposed to transfer files quickly, easily and encrypted over the web.
On the service's website it says: "Firefox Send is temporarily unavailable while we work on product improvements. Thank you for your patience as we improve the Firefox Send experience". Details or a public statement as to why the Service is currently unavailable from Mozilla are not available on the website.
https://send.firefox.com/
ππΌ Read more π¬π§:
https://www.zdnet.com/article/mozilla-suspends-firefox-send-service-while-it-addresses-malware-abuse/
ππΌ Read more π©πͺ:
https://www.golem.de/news/mozilla-firefox-send-wegen-malware-verbreitung-offline-2007-149529.html
#mozilla #ff #firefox #send #malware
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
Mozilla has taken his Firefox send offline. This is due to malware abuse of the file transfer. The service is being revised.
The Firefox Send web service, which was launched by browser manufacturer Mozilla just under a year ago, is offline. However, this is not a short failure or error. Mozilla itself pulled the plug on the service, which is supposed to transfer files quickly, easily and encrypted over the web.
On the service's website it says: "Firefox Send is temporarily unavailable while we work on product improvements. Thank you for your patience as we improve the Firefox Send experience". Details or a public statement as to why the Service is currently unavailable from Mozilla are not available on the website.
https://send.firefox.com/
ππΌ Read more π¬π§:
https://www.zdnet.com/article/mozilla-suspends-firefox-send-service-while-it-addresses-malware-abuse/
ππΌ Read more π©πͺ:
https://www.golem.de/news/mozilla-firefox-send-wegen-malware-verbreitung-offline-2007-149529.html
#mozilla #ff #firefox #send #malware
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
Mozilla
Mozilla - Internet for people, not profit (US)
Weβre working to put control of the internet back in the hands of the people using it.
Bunker.is - a non-profit isp
collaborating to create shared platforms with open products and no vendor lock-in
ππΌ #Cloud:
A nextcloud instance for our contributors
ππΌ #VPN:
We provide vpn services to our contributors
ππΌ #Search:
A non-tracking search engine
ππΌ #Etherpad:
A shared open etherpad instance
ππΌ #Mail:
We provide mail accounts to our contributors
ππΌ #Ethercalc:
An open public ethercalc instance
ππΌ #Cryptpad:
We provide an open public instance of cryptpad
Our free services are possible due to the generosity of our users. Becoming a contributor gives you access to a wider range of services.
We dont think the users should be the product. We think you should know who has access to your data and why. Meet us and find out more.
ππΌ https://bunker.is/ ππΌ
#bunker #isp
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
collaborating to create shared platforms with open products and no vendor lock-in
ππΌ #Cloud:
A nextcloud instance for our contributors
ππΌ #VPN:
We provide vpn services to our contributors
ππΌ #Search:
A non-tracking search engine
ππΌ #Etherpad:
A shared open etherpad instance
ππΌ #Mail:
We provide mail accounts to our contributors
ππΌ #Ethercalc:
An open public ethercalc instance
ππΌ #Cryptpad:
We provide an open public instance of cryptpad
Our free services are possible due to the generosity of our users. Becoming a contributor gives you access to a wider range of services.
We dont think the users should be the product. We think you should know who has access to your data and why. Meet us and find out more.
ππΌ https://bunker.is/ ππΌ
#bunker #isp
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
bunker.is
Services | bunker.is
together
PimEyes - A Polish company just abolishes our anonymity
Research by netzpolitik.org shows the potential for abuse of PimEyes, a free search engine for 900 million faces. All of whom have photos on the Internet could already be part of their database.
Dylan smiles into the camera, arm in arm with the other guests of a queer boat party. Behind them, glasses glisten on the shelves of a bar. Eight years ago a party photographer uploaded this snapshot on the internet. Dylan had already forgotten it - until today. Because with a reverse search engine for faces, everyone can find this old party photo of Dylan. All they have to do is upload his profile picture from the Xing career network, free of charge and without registration. But Dylan wants to keep his private and professional life separate: During the day he works as a banker in Frankfurt am Main.
The name of the search engine is PimEyes. It analyses masses of faces on the Internet for individual characteristics and stores the biometric data. When Dylan tests the search engine with his profile picture, it compares it with the database and delivers similar faces as a result, shows a preview picture and the domain where the picture was found. Dylan was recognized even though, unlike today, he did not even have a beard then.
Our research shows: PimEyes is a wholesale attack on anonymity and possibly illegal. A snapshot may be enough to identify a stranger using PimEyes. The search engine does not directly provide the name of a person you are looking for. But if it finds matching faces, in many cases the displayed websites can be used to find out name, profession and much more.
π ππΌ π¬π§ PimEyes - A Polish company just abolishes our anonymity
https://netzpolitik.org/2020/pimeyes-face-search-company-is-abolishing-our-anonymity/
π ππΌ π©πͺ: https://netzpolitik.org/2020/gesichter-suchmaschine-pimeyes-schafft-anonymitaet-ab/
π ππΌ π¬π§ https://www.bbc.com/news/technology-53007510
π ππΌ π¬π§ https://petapixel.com/2020/06/11/this-creepy-face-search-engine-scours-the-web-for-photos-of-anyone/
π ππΌ π©πͺ Automated face recognition -
Enforce our data protection rights at last!
https://netzpolitik.org/2020/automatisierte-gesichtserkennung-setzt-unsere-datenschutzrechte-endlich-auch-durch/
#PimEyes #facialrecognition #searchengine #privacy #anonymity #ourdata #thinkabout
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
Research by netzpolitik.org shows the potential for abuse of PimEyes, a free search engine for 900 million faces. All of whom have photos on the Internet could already be part of their database.
Dylan smiles into the camera, arm in arm with the other guests of a queer boat party. Behind them, glasses glisten on the shelves of a bar. Eight years ago a party photographer uploaded this snapshot on the internet. Dylan had already forgotten it - until today. Because with a reverse search engine for faces, everyone can find this old party photo of Dylan. All they have to do is upload his profile picture from the Xing career network, free of charge and without registration. But Dylan wants to keep his private and professional life separate: During the day he works as a banker in Frankfurt am Main.
The name of the search engine is PimEyes. It analyses masses of faces on the Internet for individual characteristics and stores the biometric data. When Dylan tests the search engine with his profile picture, it compares it with the database and delivers similar faces as a result, shows a preview picture and the domain where the picture was found. Dylan was recognized even though, unlike today, he did not even have a beard then.
Our research shows: PimEyes is a wholesale attack on anonymity and possibly illegal. A snapshot may be enough to identify a stranger using PimEyes. The search engine does not directly provide the name of a person you are looking for. But if it finds matching faces, in many cases the displayed websites can be used to find out name, profession and much more.
π ππΌ π¬π§ PimEyes - A Polish company just abolishes our anonymity
https://netzpolitik.org/2020/pimeyes-face-search-company-is-abolishing-our-anonymity/
π ππΌ π©πͺ: https://netzpolitik.org/2020/gesichter-suchmaschine-pimeyes-schafft-anonymitaet-ab/
π ππΌ π¬π§ https://www.bbc.com/news/technology-53007510
π ππΌ π¬π§ https://petapixel.com/2020/06/11/this-creepy-face-search-engine-scours-the-web-for-photos-of-anyone/
π ππΌ π©πͺ Automated face recognition -
Enforce our data protection rights at last!
https://netzpolitik.org/2020/automatisierte-gesichtserkennung-setzt-unsere-datenschutzrechte-endlich-auch-durch/
#PimEyes #facialrecognition #searchengine #privacy #anonymity #ourdata #thinkabout
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
netzpolitik.org
PimEyes: A Polish company is abolishing our anonymity
An investigation by netzpolitik.org shows the potential for abuse of PimEyes, a free search engine for 900 million faces. Whoeverβs photos have been published on the Internet could already be part of their database.
Atlas of Surveillance - A project of the Electronic Frontier Foundation
The Atlas of Surveillance database, containing several thousand data points on over 3,000 city and local police departments and sheriffs' offices nationwide, allows citizens, journalists, and academics to review details about the technologies police are deploying, and provides a resource to check what devices and systems have been purchased locally.
π ππΌ https://atlasofsurveillance.org/ ππΌ π
π ππΌ https://www.eff.org/press/releases/eff-launches-searchable-database-police-agencies-and-tech-tools-they-use-spy
#eff #atlas #surveillance
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag
The Atlas of Surveillance database, containing several thousand data points on over 3,000 city and local police departments and sheriffs' offices nationwide, allows citizens, journalists, and academics to review details about the technologies police are deploying, and provides a resource to check what devices and systems have been purchased locally.
π ππΌ https://atlasofsurveillance.org/ ππΌ π
π ππΌ https://www.eff.org/press/releases/eff-launches-searchable-database-police-agencies-and-tech-tools-they-use-spy
#eff #atlas #surveillance
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@NoGoolag