Cloudflare and Internet Archive team up to make sure websites never fully go offline

Websites that use Cloudflare Always Online can have their URLs automatically archived with Wayback Machine.

Cloudflare and Internet Archive have joined forces to archive more of the public web, touting it would make the web more reliable.

As part of this joint effort, websites that use Cloudflare's Always Online service will be able to allow the web infrastructure company to share their hostname and URLs with Internet Archive's Wayback Machine so their website can be automatically archived.

When a site is down, Cloudflare will then be able to retrieve the most recently archived version from Internet Archive so that a site's content can be accessed by users.

"The Internet Archive's Wayback Machine has an impressive infrastructure that can archive the web at scale," Cloudflare CEO and co-founder Matthew Prince said.

"By working together, we can take another step toward making the internet more resilient by stopping server issues for our customers and in turn from interrupting businesses and users online."

According to Internet Archive, more than 468 billion web pages are available via the Wayback Machine to date.

"We archive URLs that are identified via a variety of different methods, such as 'crawling' from lists of millions of sites, as submitted by users via the Wayback Machine's 'Save Page Now' feature, added to Wikipedia articles, referenced in Tweets, and based on a number of other 'signals' and sources, such multiple feeds of 'news' stories. An additional source of URLs we will preserve now originates from customers of Cloudflare's Always Online service," Wayback Machine director Mark Graham wrote in a blog post.

👀 👉🏼 https://blog.archive.org/2020/09/17/internet-archive-partners-with-cloudflare-to-help-make-the-web-more-useful-and-reliable/

👀 👉🏼 https://www.zdnet.com/article/cloudflare-and-internet-archive-team-up-to-make-sure-websites-never-fully-go-offline

#cloudflare #internet #archive #wayback
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Darknetdiaries - Ep 74: Mikko

Poker is a competitive game. Unlike other casino games, poker is player vs player. Criminal hackers have understood this for a while and sometimes hack the other players to get an edge. And that small edge can result in millions of dollars in winnings.

This episode contains a story from Mikko Hypponen of F-Secure. We also interview Mikko to know more about him and the history of malware.

🎧 👉🏼 https://darknetdiaries.com/episode/74/

#darknetdiaries #truecrime #podcast
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Facebook Accused of Watching Instagram Users Through Cameras

Facebook Inc. is again being sued for allegedly spying on Instagram users, this time through the unauthorized use of their mobile phone cameras.

The lawsuit springs from media reports in July that the photo-sharing app appeared to be accessing iPhone cameras even when they weren’t actively being used.

Facebook denied the reports and blamed a bug, which it said it was correcting, for triggering what it described as false notifications that Instagram was accessing iPhone cameras.

In the complaint filed Thursday in federal court in San Francisco, New Jersey Instagram user Brittany Conditi contends the app’s use of the camera is intentional and done for the purpose of collecting “lucrative and valuable data on its users that it would not otherwise have access to.”

By “obtaining extremely private and intimate personal data on their users, including in the privacy of their own homes,” Instagram and Facebook are able to collect “valuable insights and market research,” according to the complaint.

Facebook declined to comment.

👀 👉🏼 https://www.bloomberg.com/news/articles/2020-09-18/facebook-accused-of-watching-instagram-users-through-cameras

#fb #DeleteFacebook #instagram #accused #spy #privacy #surveillance #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Mozilla wants to understand your weird YouTube recommendations

The organization has announced a new tool to gather the data that YouTube is refusing to share.

From cute cat videos to sourdough bread recipes: sometimes, it feels like the algorithm behind YouTube's "Up Next" section knows the user better than the user knows themselves.

Often, that same algorithm leads the viewer down a rabbit hole. How many times have you spent countless hours clicking through the next suggested video, each time promising yourself that this one would be the last one?

The scenario gets thorny when the system somehow steers the user towards conspiracy theory videos and other forms of extreme content, as some have complained.

To get an idea of how often this happens and how, the non-profit Mozilla Foundation has launched a new browser extension that lets users take action when they are recommended videos on YouTube that they then wish they hadn't ended up watching.

Dubbed the RegretsReporter extension, it provides a tool to report what Mozilla calls "YouTube Regrets" – this one video that messes up the recommendation system and leads the viewer down a bizarre path.

👀 👉🏼 https://foundation.mozilla.org/en/blog/mozilla-crowdsourcing-research-youtube-recommendations/

👀 👉🏼 https://www.zdnet.com/article/mozilla-wants-to-understand-your-weird-youtube-recommendations

#mozilla #youtube #recommendations #research #RegretsReporter #firefox #extension
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Rampant Kitten – An Iranian Espionage Campaign

Introduction

Check Point Research unraveled an ongoing surveillance operation by Iranian entities that has been targeting Iranian expats and dissidents for years. While some individual sightings of this attack were previously reported by other researchers and journalists, our investigation allowed us to connect the different campaigns and attribute them to the same attackers.

💡 Among the different attack vectors we found were:

👉🏼 Four variants of Windows infostealers intended to steal the victim’s personal documents as well as access to their Telegram Desktop and KeePass account information

👉🏼 Android backdoor that extracts two-factor authentication codes from SMS messages, records the phone’s voice surroundings and more

👉🏼 Telegram phishing pages, distributed using fake Telegram service accounts

💡 The above tools and methods appear to be mainly used against Iranian minorities, anti-regime organizations and resistance movements such as:

👉🏼 Association of Families of Camp Ashraf and Liberty Residents (AFALR)

👉🏼 Azerbaijan National Resistance Organization

👉🏼 Balochistan people

👀 👉🏼 https://research.checkpoint.com/2020/rampant-kitten-an-iranian-espionage-campaign/

👀 👉🏼 https://www.zdnet.com/article/iranian-hacker-group-developed-android-malware-to-steal-2fa-sms-codes

#iranian #hacker #rampantkitten #android #malware #espionage #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Backdoors and other vulnerabilities in HiSilicon based hardware video encoders

Update 2020-09-17: Huawei issued a statement saying that none of the vulnerabilities have been introduced by HiSilicon chips and SDK packages. I will update this article as more information comes in.

This article discloses critical vulnerabilities in IPTV/H.264/H.265 video encoders based on HiSilicon hi3520d hardware. The vulnerabilities exist in the application software running on these devices. All vulnerabilities are exploitable remotely and can lead to sensitive information exposure, denial of service, and remote code execution resulting in full takeover of the device. With multiple vendors affected, and no complete fixes at the time of the publication, these encoders should only be used on fully trusted networks behind firewalls. I hope that my detailed write-up serves as a guide for more security research in the IoT world.

👀 👉🏼 https://kojenov.com/2020-09-15-hisilicon-encoder-vulnerabilities/

👀 👉🏼 🇩🇪 https://www.heise.de/news/Backdoors-in-Video-Encodern-auf-Huawei-Chips-entdeckt-Ursprung-unbekannt-4905641.html

#hisilicon #hardware #video #encoder #vulnerabilities #huawei #chips #backdoors
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Get this - there is a Bitcoin wallet with 69,000 Bitcoins ($693,207,618) that is being passed around between hackers/crackers for the past 2 years for the purpose of cracking the password, no success so far.

👀 👉🏼 https://twitter.com/UnderTheBreach/status/1303316723186139136

#wallet #bitcoin #breach #hack #whynot
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Exploitation of LAN vulnerability found in Firefox for Android (PoC)

I tested this PoC exploit on 3 devices on same wifi, it worked pretty well.

I was able to open custom URL on every smartphone using vulnerable Firefox (68.11.0 and below)

👀 👉🏼 https://twitter.com/LukasStefanko/status/1307013106615418883

👀 👉🏼 Firefox for Android LAN-Based Intent Triggering:
https://gitlab.com/gitlab-com/gl-security/security-operations/gl-redteam/red-team-tech-notes/-/tree/master/firefox-android-2020

#android #security #exploit #firefox #LAN #vulnerability #poc
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

A Threat Actor is selling several databases from various companies worldwide including 3 from the Financial sector:

- Indonesia 🇮🇩 - 2,9 million records
- Mexico 🇲🇽 - 4,7 million records
- USA 🇺🇸 - 2,2 million records

👀 👉🏼 The Threat Actor shared samples for each DB.
https://nitter.net/Bank_Security/status/1306964926041403393

#hacker #hack #breach #database #worldwide #indonesia #uk #mexico #usa #india #thailand
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

We Are All Algorithms Now - Is that what's really destroying the legitimacy of our democracy?

I’ve never felt this way about an election before. For my entire adult life, campaigns could be exhilarating, tedious, crowded with incident or laden with foreboding, but you always felt that, at some point, there would be a resolution. The votes would be counted; the exit polls parsed; a decision made; and both sides would respect it. The one time that didn’t happen — in 2000 — I felt for the first time an inkling of what I feel in every part of my psyche now: a sense that the system itself was buckling.

👉🏼 ..(..)...
And the reason this dystopian scenario is so credible is not just the fault of these political actors. It’s ours too — thanks to the impact of social media. I think we’ve under-estimated just how deep the psychological damage has been in the Trump era — rewiring the minds of everyone, including your faithful correspondent, in ways that make democratic discourse harder and harder and harder to model. The new Netflix documentary, The Social Dilemma, is, for that reason, a true must-watch. It doesn’t say anything shockingly new, but it persuasively weaves together a whole bunch of points to reveal just how deeply and thoroughly fucked we are. Seriously, take a look.

👉🏼 ..(..)..
For #Facebook and #Google and #Instagram and #Twitter, the business goal quickly became maximizing and monetizing human attention via #addictive #dopamine hits. Attention, they meticulously found, is correlated with emotional intensity, outrage, shock and provocation. Give artificial intelligence this simple knowledge about what distracts and compels humans, let the algorithms do their work, and the profits snowball. The cumulative effect — and it’s always in the same incendiary direction — is mass detachment from reality, and immersion in tribal fever.

👀 👉🏼 https://andrewsullivan.substack.com/p/we-are-all-algorithms-now

👀👇🏼 "Dopamine": Miniseries about the addiction mechanisms of Tinder, Facebook and Co. 👇🏼

"They'll do anything to make you an addict," they say about #Tinder, #Facebook, #CandyCrush, #Instagram, #YouTube, #Snapchat, #Uber and #Twitter in the miniseries of #Arte. Eight episodes explain in detail which mechanisms are triggered in our brain to keep us engaged

📺 👉🏼 https://t.iss.one/BlackBox_Archiv/833 👈🏼 📺

#surveillance #capitalism #SocialDilemma #dystopian #democracy #thinkabout #why
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Surveilling the surveillers - About military RF communication surveillance and other activist art & technology projects

This talk will present relevant works in this field and will draw connections between critical art and regulatory power, warfare, surveillance, electronic waste, electronic self-defense and the re-appropriation of architectural and technological artifacts in militant ways.

💡 👇🏼 🇩🇪 🇬🇧 🇫🇷 These file here contains multiple languages.
https://media.ccc.de/v/33c3-7978-surveilling_the_surveillers#t=70

#surveilling #surveillers #33c3 #ccc #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Bitwarden leaks passwords to other subdomains

Today I was on a domain that should only be available via BasicAuth. Then I was really scared when I did not have to login. Even in incognito mode the page was visible without login. Is my BasicAuth broken? Turns out: No, but @Bitwarden has automatically logged in for me.

👀 👉🏼 https://nitter.net/RitzmannMarkus/status/1307614248835731456

#bitwarden #leak #password #subdomains
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

How money is laundered through New York banks

An ICIJ investigation reveals the role of global banks in industrial-scale money laundering — and the bloodshed and suffering that flow in its wake.

The FinCEN Files show trillions in tainted dollars flow freely through major banks, swamping a broken enforcement system.

📺 👉🏼 https://www.icij.org/investigations/fincen-files/

#investigation #FinCEN #money #laundering #video #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Fair Code vs Open Source, Which Wins The Future?

Fair code is a new software development model which aims to replace the long-ruling open source model. Fair code authors argue that open source software lack a critical point in terms of commercial usage of the software, and hence, introduced their initiative to fix it.

What is Fair Code?

When developers release their software as open source, they are also giving a by-definition right to every company in the world to commercially use their software without having to obtain a license or share some profits with them. And this caused some problems in the open source world few years ago. For example, Amazon took the MongoDB source code (An open source database system), changed its name and then provided it as a SaaS (Software-as-a-Service) on its AWS platform, and then charged people money to use it. MongoDB developers were angered since they literally got nothing back from Amazon although they are the original creators of 100% of the code.

👀 👉🏼 https://fosspost.org/fair-code-open-source/

#foss #faircode #OpenSource #future #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Did Russian Spies Use Diplomatic Cover to Run a Global Cocaine-Smuggling Operation?

Six men await trial in Moscow and Buenos Aires, charged with operating one of the craziest, most ambitious narco-trafficking rings in history. Russia’s embassy in Argentina was the storage depot and Russian government transport was intended to move a cartel-sized consignment of virtually uncut cocaine from South America to Moscow.

It was a transnational crime that astounded and confused the world, not least because authorities allege it was carried out by a small but resourceful cabal including one dirty embassy employee, one corrupt cop, and one charismatic chameleon who used some of the most secure Russian state real estate to store and smuggle $60 million worth of drugs.

According to the official narrative, they did it all right under the noses of innocent diplomats and intelligence officers—and they would have gotten away with it without the plucky joint police work of Russian and Argentinian law enforcement. But what if that neat conclusion, which will soon be presented in court, is intentionally incomplete, a whitewash designed to protect more senior officials in the Russian government?

👀 👉🏼 https://www.thedailybeast.com/was-andrei-kovalchuk-and-the-russian-embassy-in-argentina-at-the-center-of-a-russian-spy-cocaine-ring

#russia #argentina #embassy #spy #drugs #cocaine #smuggling #whitewash #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

The KGB Experience - How to Catch a Spy who Uses Numbers Stations?

Introduction

From 2019 onwards the Latvian National Archive offers access to various KGB documents. The author had already previously shown the very detailed efforts of the Latvian KGB counterintelligence to monitor and study the CIA and BND numbers stations broadcasts, or what they called – “one directional communications”.[1] These are one of the most definitive archival sources which prove that foreign intelligence actively used shortwave in the USSR and that the KGB was aware of it. The documents showed that the KGB had monitored these broadcasts from at least 1978, but the files spoke very vaguely if the monitoring effort led to any apprehension and capture of a foreign agent. We, however, know that there were such cases like Alexander Ogorodnik[2], and others where the use of shortwave signals was determined.

👀 👉🏼 https://www.numbers-stations.com/how-to-catch-a-spy-who-uses-numbers-stations-the-kgb-experience/

#russia #kgb #spy #numbersstations #research
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Yandex - no longer to be found in Turkey

The "Russian Google" is withdrawing from the country. It is apparently reacting to new Turkish laws which, according to critics, are intended to control government opponents on the Internet.

The Russian Internet provider Yandex is apparently withdrawing from Turkey. As the Turkish business site Marketing Türkiye reports, the digital giant, which is considered the Russian answer to Google, will close its Istanbul office. An official confirmation from Yandex is still pending. Turkish media, however, reported that the company will close its office on October 1, lay off employees and conduct business in Turkey from Russia.

The Russian company is thus likely to react to the new Turkish digital legislation, which will come into force in the fall and will force providers of digital services to control the use of Internet platforms much more than before. According to the new law, platforms with more than one million users in the country will have to register with their own branch. They are thus subject to Turkish law and are liable. At the same time they will be forced to register the identities of their users. In addition, platform operators are to be forced to delete postings that are classified as untrue or offensive.

👀 👉🏼 🇩🇪 Translated with DeepL:
https://www.sueddeutsche.de/digital/yandex-tuerkei-erdogan-1.5038746

#yandex #russia #turkey #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Microsoft acquires game publisher Bethesda Softworks for $7.5 billion

Microsoft is continuing to add firepower to its gaming unit. Its latest move: Spending $7.5 billion for the creator of The Elder Scrolls, Fallout, Doom and other key franchises.

Microsoft is continuing to beef up its gaming franchise with the purchase of ZeniMax Media, the parent company of Bethesda Softworks, for $7.5 billion in cash. Bethesda is a major game publisher and creator of The Elder Scrolls, Fallout, Wolfenstein, Doom and other key franchises.

For a sense of perspective, Microsoft also paid $7.5 billion for GitHub in 2018.

The move comes on September 21, a day before Microsoft is opening up preorders for its new gaming consoles, the Xbox One X and Xbox One S. (It's also the day before the start of its Ignite 2020 IT Pro conference.) Both of the new consoles will go on sale on November 10.

With the addition of Bethesda, Microsoft will grow its number of game studios from from 15 to 23. Plans are to add Bethesda's franchises to Xbox Game Pass, Microsoft's gaming subscription bundle. According to Microsoft, officials are planning to add Bethesda's future games into Xbox Game Pass the same day they launch on Xbox or PC.

Bethesda Softworks was founded 34 years ago and along with ZeniMax employs multiple thousands of people.

👀 👉🏼 https://news.microsoft.com/features/microsoft-to-acquire-zenimax-media-and-its-game-publisher-bethesda-softworks-for-7-5-billion/

👀 👉🏼 https://www.zdnet.com/article/microsoft-acquires-game-publisher-bethesda-softworks-for-7-5-billion

#microsoft #bethesda #ZeniMax
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

BigBrotherAwards 2020 - The Oscars for surveillance

Exciting, entertaining and easy to understand, the 'Oscars for Surveillance' (Le Monde) are awarded to the biggest data offenders of the last year. A jury of prominent civil rights activists annually awards this data protection negative prize to companies, organizations and politicians.

👉🏼 📺 🇩🇪 🇬🇧
https://media.ccc.de/v/bba20

💡 These file here contains multiple languages.
The file available for download contains all languages as separate audio-tracks.

#bba20 #surveillance #video #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Facebook Says it Will Stop Operating in Europe If Regulators Don’t Back Down

European regulators are cracking down on Facebook's ability to transfer data across the Atlantic. Now the tech giant is threatening to pull its services from more than 400 million European users.

CORK, Ireland — Facebook has threatened to pack up its toys and go home if European regulators don’t back down and let the social network get its own way.

In a court filing in Dublin, Facebook said that a decision by Ireland’s Data Protection Commission (DPC) would force the company to pull up stakes and leave the 410 million people who use Facebook and photo-sharing service Instagram in the lurch.

If the decision is upheld, “it is not clear to [Facebook] how, in those circumstances, it could continue to provide the Facebook and Instagram services in the EU,” Yvonne Cunnane, who is Facebook Ireland’s head of data protection and associate general counsel, wrote in a sworn affidavit.

The decision Facebook’s referring to is a preliminary order handed down last month to stop the transfer of data about European customers to servers in the U.S., over concerns about U.S. government surveillance of the data.

Facebook hit back by filing a lawsuit challenging the Irish DPC’s ban, and in a sworn affidavit filed this week, the company leveled some very serious accusations about the Irish data-protection commissioner, including a lack of fairness and apparent bias in singling out Facebook.

Cunnane points out that Facebook was given only three weeks to respond to the decision, a period that is “manifestly inadequate,” adding that Facebook wasn’t contacted about the inquiry prior to judgment being handed down.

She also raises concerns about the decision being made “solely” by Helen Dixon, Ireland’s data protection commissioner.

“The fact one person is responsible for the entire process is relevant to [Facebook’s] concerns, in respect of the inadequacy of the investigative process engaged in and independence of the ultimate decision-making process,” Cunnane wrote.

Cunnane also complains that Facebook is being singled out, noting no other big tech company using similar methods to transfer data to the U.S. from the EU is under the same scrutiny.

👀 👉🏼 https://www.vice.com/en_us/article/889pk3/facebook-threatens-to-pull-out-of-europe-if-it-doesnt-get-its-way

#fb #facebook #DeleteFacebook #usa #eu #ireland #data #regulators
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Brazil's data protection regulations sanctioned

But the country still lacks an agency to enforce the rules.

Brazil's General Data Protection Regulations (LGPD, in the Portuguese acronym) have been sanctioned by president Jair Bolsonaro on Friday (18), after nearly a month of uncertainty over the actual go-live date of the rules.

The latest development brings a change in relation to the implementation date of May 2021 proposed by the Brazilian Congress and means the regulations are already valid, with sanctions for non-compliance applicable from August 2021.

Among other things, the LGPD prohibits illicit or abusive processing of personal data from a specific person or a group to support business decisions - consumer data for the sale of goods or services, for example - public policies or the performance of a government agency. Sanctions for non-compliance range from warnings to daily fines of up to 50 million reais (USD 9.2 million), in addition to a partial or total suspension of activities related to data processing.

Despite the fact that the data protection rules have gone live in Brazil, the presidential sanction did not include any mention to the formation of the National Data Protection Authority (ANPD, in the Portuguese acronym), which will be tasked with enforcing the rules and is set to include members from industry, academia and national Internet governance bodies.

👀 👉🏼 https://www.zdnet.com/article/brazils-data-protection-regulations-sanctioned

#brazil #data #protection #regulations
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag