70TB of Parler users’ messages, videos, and posts leaked by security researchers

Parler, a social network used to plan the storming of the U.S. Capitol last week, has been hit by a massive data scrape. Security researchers collected swaths of user data before the network went dark Monday morning after Amazon, Google, and Apple booted the platform.

The scrape includes user profile data, user information, and which users had administration rights for specific groups within the social network. Twitter user @donk_enby, who first announced about the scrape, claims that over a million video URLs, some deleted and private, were taken.

“These are original, unprocessed, raw files as uploaded to Parler with all associated metadata,” claims one of the authors.

Security researchers claim that the scrapped posts are linked to accounts that posted them, and some of the video and image data have geolocation information. That is said also to include data from Parler’s “Verified Citizens,” users of the network who verified their identity by uploading photographs of government-issued IDs, such as a driver’s license.

https://cybernews.com/news/70tb-of-parler-users-messages-videos-and-posts-leaked-by-security-researchers/

https://nitter.net/donk_enby/status/1348281459031814146

#parler #leak
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Same hacker who was selling @JusPay DB now selling DBs of more Indian companies on Dark Web. @clickindia - 8Mn @chqbook - 1Mn @wedmegood - 1.3Mn. Same Hacker also selling @bigbasket_com too. May be a strong connection between all these recent data leaks. #InfoSec #DataLeak #GDPR

https://nitter.net/rajaharia/status/1346851205272674304

#hacker #darknet #india
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

'Largest illegal darknet marketplace' DarkMarket taken offline

Authorities say the darknet platform had half a million users, where drugs, counterfeit money, stolen credit card data, anonymous SIM cards and malware were traded. The suspected operator was arrested in Germany.

German prosecutors in the cities of Koblenz and Oldenburg said on Tuesday that they had shut down what was "probably the largest illegal marketplace on the Darknet" called DarkMarket and arrested the man believed to operate it near Germany's border with Denmark.

The detained man, believed to be DarkMarket's operator, is a 34-year-old Australian national.

Authorities say drugs, counterfeit money, stolen credit card data, anonymous SIM cards and malware were all traded on the site, which had a half a million users and transacted business in cryptocurrencies equivalent to a value of €140 million ($170 million).

Oldenburg police said the raid took place over the weekend. "Investigators were able to shut down the marketplace and turn off the server on Monday," prosecutors said.

International probe
DarkMarket's bust was not the first for German authorities, which have found illegal platform operators on German soil in recent years. In 2019, Koblenz prosecurots announced the discovery of darknet servers hosted from a former NATO bunker in a sleepy German town.

Authorities say the probe that uncovered DarkMarket involved a months-long international law enforcement operation.

US agencies like the #FBI, #DEA narcotics law enforcement division and #IRS tax authority all contributed to the investigation, along with police from #Australia, #Britain, #Denmark, #Switzerland, #Ukraine and #Moldova, with #Europol playing a "coordinating role."

https://www.dw.com/en/largest-illegal-darknet-marketplace-darkmarket-taken-offline/a-56200737

https://www.tagesschau.de/inland/darknet-plattform-vom-netz-101.html

#DarkMarket #cybercrime #darknet
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Lost Passwords Lock Millionaires Out of Their Bitcoin Fortunes

Bitcoin owners are getting rich because the cryptocurrency has soared. But what happens when you can’t access that wealth because you forgot the password to your digital wallet?

Stefan Thomas, a German-born programmer living in San Francisco, has two guesses left to figure out a password that is worth, as of this week, about $220 million.

The password will let him unlock a small hard drive, known as an IronKey, which contains the private keys to a digital wallet that holds 7,002 Bitcoin. While the price of Bitcoin dropped sharply on Monday, it is still up more than 50 percent from just a month ago when it passed its previous all-time high around $20,000.

The problem is that Mr. Thomas years ago lost the paper where he wrote down the password for his IronKey, which gives users 10 guesses before it seizes up and encrypts its contents forever. He has since tried eight of his most commonly used password formulations — to no avail.

“I would just lay in bed and think about it,” Mr. Thomas said. “Then I would go to the computer with some new strategy, and it wouldn’t work, and I would be desperate again.”

Bitcoin, which has been on an extraordinary and volatile eight-month run, has made a lot of its holders very rich in a short period of time, even as the coronavirus pandemic has ravaged the world economy.

But the cryptocurrency’s unusual nature has also meant that there are many people who are locked out of their Bitcoin fortunes as a result of lost or forgotten keys. They have been forced to watch, helpless, as the price has risen and fallen dramatically, unable to cash in on their digital wealth.

Of the existing 18.5 million Bitcoin, around 20 percent — currently worth around $140 billion — appear to be in lost or otherwise stranded wallets, according to the cryptocurrency data firm Chainalysis. Wallet Recovery Services, a business that helps find lost digital keys, said it has gotten 70 requests a day from people who want help recovering their riches, three times the number of a month ago.

https://www.nytimes.com/2021/01/12/technology/bitcoin-passwords-wallets-fortunes.html

#bitcoin #cryptocurrency #wallets #passwords
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Welcome to Go Incognito, your guide to security, privacy & anonymity in our world. From digital protection, to physical safety, Go Incognito will cover all you need to advance through your privacy journey.

Topics include FOSS, metadata, password management, permissions, two-factor authentication, search engines, browser configuration, proxies, VPNs, antiviruses, encryption, communication, Tor, operating systems, cryptocurrencies, networking, activism, and so much more.

https://techlore.tech/goincognito.html

https://tube.privacytools.io/accounts/techlore/video-channels

https://techlore.tech/assets/GoIncognito.torrent

https://www.youtube.com/watch?v=Y19RFmOxfVM


@techloreofficial @techloregroup
#guide #goincognito #privacy #anonymity #security

Darknet Diaries - EP 82: Master of Pwn

The Zero Day Initiative runs a hacker contest called Pwn2Own. The contest calls the best hackers in the world to demonstrate they can hack into software that should be secure. Like browsers, phones, and even cars. A lot of vulnerabilities are discovered from this event which means vendors must fix them. Whoever can demonstrate the most vulnerabilities will be crowned the “Master of Pwn”.

https://darknetdiaries.com/episode/82/

#truecrime #darknetdiaries #podcast
🎙@cRyPtHoN_INFOSEC_DE
🎙@cRyPtHoN_INFOSEC_EN
🎙@BlackBox_Archiv
🎙@NoGoolag

How I stole the data in millions of people’s Google accounts

You don’t know me, but there’s a good chance I know you.

That’s because I have complete and total access to the private information in millions of peoples’ Google accounts. Emailed bank statements, medical records in Google Drive, Facebook chat records sent via Gmail, Google Voice voicemails, private pictures in Google Photos. The list goes on. None of them have any idea, and none of them ever will. Perhaps one of them is you.

So how did I do it? It all starts with an app I made.

For obvious reasons I won’t give away the name. It’s a pretty straightforward app, designed for fitness enthusiasts, with features like logging your pace during a run and guiding you through strength-building exercises. Like many apps, it requires the user to create an account before they can start using it. According to analytics, about 60% of users opt for the enticing ‘Sign up with Google’ button instead.

https://blog.usejournal.com/how-i-stole-the-data-in-millions-of-peoples-google-accounts-aa1b72dcc075?gi=379e212a2b46

#DeleteGoogle #google #data #accounts #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

"Wolf culture" - How Huawei controls its employees in Europe

Former employees accuse Huawei of discrimination. How massively the company interferes in their private lives and how it keeps its staff in line is revealed by internal documents and covert audio recordings that netzpolitik.org and the media partners of The Signals Network have analysed.

The journalist with the camera causes nervousness. Minutes after he appears in front of Huawei’s European headquarters in Düsseldorf in mid-November, a stocky security guard and a female employee rush over. The street in front of the building is public space, but the company seems to feel its turf has been violated. „What do you want here?“, the woman asks. „Delete the photos.“

Insights into the inner workings of the controversial Chinese mobile phone company are rare. Huawei has about 200,000 employees worldwide, and about 2,400 in Germany, according to the company. The European headquarters are in Düsseldorf. „We Are A Top Employer!“, a sign in the entrance area reads, beneath it orchids decorate the reception table. In the corridor hangs a photo of a hiking group posing and waving on a mountain peak.

What voices tell us from inside, on the other hand, belies the impression of a friendly atmosphere. They tell of a technology company that seems to see its employees first and foremost as raw materials from which it wants to forge its own success. About a company that moves Chinese employees around like chess pieces, that fires employees at will and where a quasi-military esprit de corps prevails. In Germany, the company sometimes violates the spirit, perhaps even the letter, of labour law.

https://netzpolitik.org/2021/wolf-culture-how-huawei-controls-its-employees-in-europe/

https://www.telegraph.co.uk/news/2021/01/13/huawei-expat-employees-marry-westerners-faced-forced-leave-europe/

(Paywall)
https://www.elmundo.es/economia/2021/01/13/5ffe1f39fc6c83b1588b463e.html

https://www.republik.ch/2021/01/13/inside-huawei

#huawei #discrimination #expat #employees #europe #eu #thinkabout #why
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Data Breach at ‘Resident Evil’ Gaming Company Widens

Capcom, the game developer behind Resident Evil, Street Fighter and Dark Stalkers, now says its recent attack compromised the personal data of up to 400,000 gamers.

A ransomware attack launched against gaming company Capcom last November keeps getting worse. The company now says that the personal data of up to 400,000 of its customers was compromised in the attack — 40,000 more than the company originally thought.

Capcom is a Japan-based publisher of blockbuster games like Resident Evil, Street Fighter and Dark Stalkers. The breach was first detected on Nov. 2.. On Nov. 19, Capcom said its personal as well as corporate data was compromised. This is the third update from Capcom on the incident.

“As an update to its ongoing investigation, the company has verified that the personal information of an additional 16,406 people has been compromised, making the cumulative number since this investigation began 16,415 people, the latest update dated Jan. 12 said. “Further, the company has also ascertained that the potential maximum number of customers, business partners and other external parties etc., whose personal information may have been compromised in the attack is approximately 390,000 people (an increase of approximately 40,000 people from the previous report).”

https://threatpost.com/data-breach-resident-evil-gaming/162977/

#capcom #gaming #data #breach
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Google admits to running 'experiments' which remove some media sites from its search results

The tech giant says it is ‘running a few experiments that will each reach about 1% of Google Search users in Australia’

Google has been hiding some Australian news sites from search results, in a move media outlets say is a show of “extraordinary power” as the tech company bargains with the Australian government over financial payment for content.

The Australian government is attempting to impose a new code on Google and Facebook that would force them to negotiate a fair price for displaying local news content.

Google has criticised the proposed code – which would be a world first – in messages to the search engine’s users while Facebook has warned it could block Australians from sharing local news as a consequence.

The Australian Financial Review on Wednesday reported that Google had tweaked its search and news algorithm to bury links to some commercial Australian media outlets for some users.

https://www.theguardian.com/technology/2021/jan/13/google-admits-to-running-experiments-which-remove-some-media-sites-from-its-search-results

#google #DeleteGoogle #australia #media #experiments #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

The Pfizer Leaks

https://anonymousfiles.io/s3ZTT8kp/

#pfizer #leak #download
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

USA Government UFO Black Vault Release (07.01.2021)

https://vx-underground.org/archive/other/Blackvault.zip

#usa #gov #ufo #blackvault #download
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Asians dump WhatsApp for Signal and Telegram on privacy concerns

Facebook risks losing top markets as users look for more-secure alternatives

HONG KONG/NEW DELHI/SINGAPORE -- A theme has been trending on social media over the past week in Hong Kong, which has come increasingly under the watchful eye of Beijing after a national security law imposed on the territory last year.

"We made it from ICQ to MSN, from MSN to WhatsApp. It's not that hard to switch to another app!" The line refers to popular instant messaging tools that have come and gone over past 20 years.

It is an indication that people in the city have joined social media users around the globe in a shift to other messaging platforms because of concerns over privacy, after WhatsApp dismayed many users by rewriting its terms of use on Jan. 6.

The new terms will essentially allow Facebook, WhatsApp's owner, to gain access to certain personal information, such as contact lists, location, financial information and usage data.

Since then, WhatsApp's rivals have seen a record-breaking amount of downloads.

Signal, a private messaging app, logged 7.5 million downloads globally between Jan. 6 and Jan. 10 following endorsements from the likes of Tesla CEO Elon Musk and former U.S. National Security Agency contractor Edward Snowden. That marks a 43-fold increase from the previous week, according to Sensor Tower, an app-analytics company.

https://asia.nikkei.com/Business/Technology/Asians-dump-WhatsApp-for-Signal-and-Telegram-on-privacy-concerns

#whatsapp #DeleteWhatsApp #signal #telegram #privacy #asia
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

The pirate bay, the most censored website in the world, started by kids, run by people with problems with alcohol, drugs and money, still is up after almost 2 decades. Parlor and gab etc have all the money around but no skills or mindset. Embarrassing.

https://nitter.net/brokep/status/1348194329005875203

#piratebay #parler
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Facebook Has Been Showing Military Gear Ads Next To Insurrection Posts

Earlier this week, Facebook employees warned that military product ads were being advertised against news about DC riots. The company did not act.

Facebook has been running ads for body armor, gun holsters, and other military equipment next to content promoting election misinformation and news about the attempted coup at the US Capitol, despite internal warnings from concerned employees.

In the aftermath of an attempted insurrection by President Donald Trump’s supporters last week at the US Capitol building, Facebook has served up ads for defense products to accounts that follow extremist content, according to the Tech Transparency Project, a nonprofit watchdog group. Those ads — which include New Year’s specials for specialized body armor plates, rifle enhancements, and shooting targets — were all delivered to a TTP Facebook account used to monitor right-wing content that could incite violence.

Beginning last summer, the Mark Zuckerberg–led company banned pages, groups, and accounts belonging to US-based militant groups, “boogaloo” extremists, and those associated with the QAnon mass delusion. But members of those movements quickly found ways around the company’s policies by renaming their pages or using code names. They continue to proliferate, organize, and advertise on the social network.

These ads for tactical gear, which were flagged internally by employees as potentially problematic, show Facebook has been profiting from content that amplifies political and cultural discord in the US.

https://www.buzzfeednews.com/article/ryanmac/facebook-profits-military-gear-ads-capitol-riot

#facebook #DeleteFacebook #advertising #military #gear #capitol #riot #thinkabout #why
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Apple reportedly scrapped plans to fully secure iCloud backups after FBI intervention

Apple can’t read your device data, but it can read your backups

Apple reportedly dropped plans to fully secure users’ iPhone and iPad backups after the FBI complained about the initiative, reports Reuters.

Apple devices have a well-deserved reputation for protecting on-device data, but backups made using iCloud are a different matter. This information is encrypted to stop attackers, but Apple holds the keys to decrypt it and shares it with police and governments when legally required.

https://www.reuters.com/article/us-apple-fbi-icloud-exclusive/exclusive-apple-dropped-plan-for-encrypting-backups-after-fbi-complained-sources-idUSKBN1ZK1CT

https://www.theverge.com/2020/1/21/21075033/apple-icloud-end-to-end-encryption-scrapped-fbi-reuters-report

#apple #icloud #encryption #fbi #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Bellingcat's Online Investigation Toolkit - version 6.6 (Feb.11, 2021)

"Welcome to Bellingcat’s freely available online open source investigation toolkit.

This toolkit includes satellite and mapping services, tools for verifying photos and videos, websites to archive web pages, and much more. Follow Bellingcat's work using many of those tools via the website or through various social media. The group provides workshops to familiarize with the tools and learn open source investigative methods.

Content:

💡 Maps, Satellites & Streetview
💡 Location Based Searches
💡 Image & Video Verification
💡 Social Media
💡 Transportation
💡 Date & Time

💡 WhoIs, IPs & Website Analysis
💡 People & Phone Numbers
💡 Archiving & Downloading
💡 Company Registries
💡 Data Visualization
💡 Online Security & Privacy
💡 Finding Experts
💡 Miscellaneous
💡 Guides & Handbooks

https://docs.google.com/spreadsheets/d/18rtqh8EG2q1xBo2cLNyhIDuK9jrPGwYr9DI2UncoqJQ/edit#gid=930747607

#Bellingcat #toolkit #research #collection
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

EXCLUSIVE-Trump administration adds China's Comac, Xiaomi to Chinese military blacklist

WASHINGTON, Jan 14 (Reuters) - The Trump administration on Thursday added nine Chinese firms to a blacklist of alleged Chinese military companies, including planemaker Comac and mobile phone maker Xiaomi, according to a document seen by Reuters.

The companies will be subject to a new U.S. investment ban which forces American investors to divest their holdings of the blacklisted firms by Nov. 11, 2021.

https://www.reuters.com/article/usa-china-comac-military/exclusive-trump-administration-adds-chinas-comac-xiaomi-to-chinese-military-blacklist-idUSL1N2JP233

#trump #usa #china #comac #xiaomi #military #blacklist
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Signal: New Signal groups use Google servers

Some readers have pointed out to me that Signal appears to be using the Google Data Center to create / manage new Signal groups. The domain storage.signal.org resolves to the IP addresses:

216.239.32.21
216.239.34.21
216.239.36.21
and 216.239.38.21

These addresses belong to Google, Mountain View. The host name of these servers or the Revese lookup also listens to the name any-in-2015.1e100.net.

The question now is, why the group function is linked to Google servers. Especially for privacy-sensitive users Google is a red flag - for a good reason: The sick WWW: Stop using Google Web-Services.

https://www.kuketz-blog.de/signal-neue-signal-gruppen-nutzen-google-server/

#signal #messenger #google #thinkabout #why
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Julian Assange pleaded with Edward Snowden to hide 'where CIA doesn't have influence'

JULIAN ASSANGE delivered a desperate plea to Edward Snowden, a US whistleblower, to seek asylum in Russia as opposed to Latin America, as it was a nation "where the CIA doesn't have influence".

Mr Assange, who founded the news leaks website WikiLeaks, was told today he cannot be extradited to the US during a hearing at the Old Bailey. Judge Vanessa Baraitser said extradition had been refused amid fears Mr Assange could take his own life, a decision the US government said it would appeal. The 49-year-old was indicted by prosecutors in the US over 17 espionage charges, and one allegation of computer misuse, over WikiLeaks' decision to publish leaked military and diplomatic documents ten years ago.

Whistleblower Mr Snowden urged US President Donald Trump to "free Julian Assange", and that he "alone can save his life".

It had previously been reported Mr Trump was "considering" pardoning Mr Assange, but it appears the US will continue its battle to ensure the website editor goes in front of a court in America.

https://www.express.co.uk/news/world/1379409/julian-assange-news-edward-snowden-donald-trump-pardon-cia-wikileaks-nationality-spt

#assange #snowden #cia #usa #russia
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Denuvo Anti-Cheat now available on Steamworks

Denuvo’s Anti-Cheat protection is available to all Valve Steamworks partners

AMSTERDAM, January 18, 2021 – Denuvo by Irdeto, the leader in video games protection and anti-cheat security, is now available for direct anti-cheat integration through Steamworks, offering security solutions for publishers and developers whose games are available on Steam.

Denuvo has more than two billion unique game protected installs across all platforms, making it one of the leading security providers in the video gaming industry. More than 1,000 games have been secured by Denuvo worldwide, proving Denuvo’s strong understanding of developers’ needs and the gaming landscape. Denuvo offering its services via direct integration through Steamworks makes it easier for developers and publishers to prevent cheating in their competitive multiplayer games.

According to Irdeto’s latest research, 77% of global gamers are likely to abandon a game when cheating occurs, creating a tremendous monetization risk for publishers and developers. By offering its services directly through Steamworks, Denuvo can further its mission of bringing fairness and fun back to gaming by providing security solutions to all developers who want to protect their games and gamers from hackers and cheaters.

https://irdeto.com/news/denuvo-anti-cheat-now-available-on-steamworks/

Earlier post: Why You Should Remove DOOM Eternal from your PC Immediately
https://t.iss.one/BlackBox_Archiv/900

#irdeto #denuvo #anticheat #steamworks
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag