Edward Snowden Hails Court Ruling as Progress on Acknowledging 'Devastation' of Mass Surveillance

Former National Security Agency contractor Edward Snowden hailed a new ruling out of a European court on intelligence-gathering practices, emphasizing "how far we've come" on acknowledging the "devastating consequences" of mass surveillance.

"It is hard to overemphasize how far we've come from the pre-2013 world when even the highest judicial authorities are beginning to acknowledge the devastating consequence of two decades' mass surveillance," Snowden tweeted in response to the Grand Chamber of the European Court of Human Rights' recent decision.

https://telegra.ph/Edward-Snowden-hails-court-ruling-as-progress-on-acknowledging-devastation-of-mass-surveillance-05-26

via www.newsweek.com

#snowden #surveillance #consequences #video
📽@cRyPtHoN_INFOSEC_FR
📽@cRyPtHoN_INFOSEC_EN
📽@cRyPtHoN_INFOSEC_DE
📽@BlackBox_Archiv

Hacktivist Posts Massive Scrape of Crime App Citizen to Dark Web

The cache includes data on 1.7 million incidents, giving insight into the scale of Citizen around the country.

A hacktivist has scraped a wealth of data from the crime and neighborhood watch app Citizen and posted it on a dark web site, Motherboard has learned. The data includes a huge amount of data related to 1.7 million "incidents"—events that Citizen informs users about concerning crime or perceived crime in their area—such as the GPS coordinates of where the incident took place, its update history, a clip of the police radio that the incident relates to, and associated images.

On their dark web site, called "The Concerned Citizen's Citizen Hack," the hacker writes "Fuck snitches, fuck Citizen, fuck Andrew Frame and remember, kids: Cops are not your friends." Andrew Frame is the CEO of Citizen; Frame was responsible for putting a $30,000 bounty for information that would lead to the arrest of a person the company mistakenly suspected of starting a recent wildfire, The Verge reported.

Much of this information would ordinarily be available to users as part of the normal functioning of the Citizen app. But with the hacker scraping it en masse and releasing it as a series of files to download, the data is qualitatively different from what the Citizen app offers, and allows journalists and researchers to gain greater insight into the use and spread of the app around the country. The scrape is somewhat similar to other recent mass collections and redistributions of public information, such as the Parler scrape that occurred after the January 6 insurrection at the U.S. Capitol.

"It's like a full log of police activity in multiple U.S. cities," the hacker, who said they affiliate themselves with the hacking collective Anonymous, told Motherboard. Citizen incidents are often (but not always) linked to police activity; Citizen produces its own summaries of events by listening to police scanners and pushing alerts about them to Citizen users. Users can also contribute their own videos.

https://www.vice.com/en/article/pkbg89/hacker-hacktivist-citizen-app-scrape-dark-web

#hacker #acktivist #scrape #citizen #app #data #darknetlive
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Apple v Epic CourtExhibits - All the Apple vs Epic court files OCR’ed

https://nitter.pussthecat.org/rjonesy/status/1397591446048448514

via Twitter

👉🏼 Download:
https://www.dropbox.com/sh/62uoiig3mg74bds/AAAwA2GK7m_jqZRDnLmK6mvha?dl=0

#epic #apple #courtfiles
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Apple v Epic CourtExhibits - All the Apple vs Epic court files OCR’ed

👉🏼 Download:
https://www.dropbox.com/sh/62uoiig3mg74bds/AAAwA2GK7m_jqZRDnLmK6mvha?dl=0

https://nitter.pussthecat.org/rjonesy/status/1397591446048448514

via Twitter

#epic #apple #courtfiles #download
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Flashpoint and Chainalysis Investigate Cryptocurrency Cybercrime on Russian Dark Market “Hydra”

Since Hydra’s launch in 2016, cryptocurrency activity conducted through the illicit marketplace has skyrocketed: growing from $9.4 million in 2016 to $1.37 billion in 2020.

When profits from illicit sales leave Hydra seller accounts, the money trails go dark. Sellers use veiled, in-region financial operators to convert their withdrawals into Russian fiat currencies and obfuscate further steps in the financial chain.

https://go.flashpoint-intel.com/docs/chainalysis-hydra-cryptocurrency-cybercrime

#chainalysis #cryptocurrency #hydra #cybercrime #research #pdf
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Japanese government agencies suffer data breaches after Fujitsu hack

Offices of multiple Japanese agencies were breached via Fujitsu's "ProjectWEB" information sharing tool.

Fujitsu states that attackers gained unauthorized access to projects that used ProjectWEB, and stole some customer data.

It is not yet clear if this breach occurred because of a vulnerability exploit, or a targeted supply-chain attack, and an investigation is ongoing.

Attackers accessed at least 76,000 email addresses

Yesterday, the Ministry of Land, Infrastructure, Transport and Tourism and the National Cyber ​​Security Center (NISC) of Japan announced that attackers were able to obtain inside information via Fujitsu's information-sharing tool.

Fujitsu also said that attackers had gained unauthorized access to projects that used ProjectWEB, and stolen proprietary data.

Fujitsu's ProjectWEB enables companies and organizations to exchange information internally, with project managers and stakeholders, for example.

https://www.bleepingcomputer.com/news/security/japanese-government-agencies-suffer-data-breaches-after-fujitsu-hack/

#japanese #gov #data #breach #fujitsu #attack
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Cyber Crime, How Bad Can it Be?

In this episode we take a look at just how bad a cyber attack on a small business or individual could be as well as the things you can do to protect yourself from such an attack.

https://www.youtube.com/watch?v=GzTE5rm4SDo

#hak5 #cybercrime #cyberattack #video
📽@cRyPtHoN_INFOSEC_FR
📽@cRyPtHoN_INFOSEC_EN
📽@cRyPtHoN_INFOSEC_DE
📽@BlackBox_Archiv

New TeamNewPipe/NewPipe release: v0.21.3 (stable)

### New
- Allow installation on external storage #6037
- Added debug option to disable media tunneling #6288

### Improved
- Remove extra newlines in strings #6274
- [PeerTube] Added workaround for HLS streams #6307
- Persistent backup/import location #6319

### Fixed
- Only show 'download has started' toast when download is started #6139
- Do not set reCaptcha cookie when there is no cookie stored #5997
- Dismiss previous snackbars when deleting downloads #5671
- [Player] Improve cache performance by fixing fragmentSize is below the minimum warning #6238
- [Player] Fixed player not automatically playing #6266
- [Player] Fixed stuttering on Lineage OS by downgrading ExoPlayer to 2.12 #6294
- Fixed trying to delete object not in list #6127
- Fix ErrorActivity actionbar back button not working #6312
- Make some minor changes #6308

### Development
- Replaced if/else with switch in ErrorActivity #6109
- Use Animator.addListener() extension. #6152
- Fix some warnings #6189
- Update actions/setup-java to v2 #6079

https://github.com/TeamNewPipe/NewPipe/releases/tag/v0.21.3

💡 👉🏼 NewPipe's GitHub releases
https://t.iss.one/newpipe_releases

#newpipe #update
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Boss of ATM Skimming Syndicate Arrested in Mexico

Florian “The Shark” Tudor, the alleged ringleader of a prolific ATM skimming gang that siphoned hundreds of millions of dollars from bank accounts of tourists visiting Mexico over the last eight years, was arrested in Mexico City on Thursday in response to an extradition warrant from a Romanian court.

Tudor, a native of Craiova, Romania, moved to Mexico to set up Top Life Servicios, an ATM servicing company which managed a fleet of relatively new ATMs based in Mexico branded as Intacash.

https://krebsonsecurity.com/2021/05/boss-of-atm-skimming-syndicate-arrested-in-mexico/

💡 The Riviera Maya Gang: Cash, Crime, Killing
https://www.youtube.com/watch?v=O9jf-RtpPXM

#atm #skimming #syndicate #tudor #video
📽@cRyPtHoN_INFOSEC_FR
📽@cRyPtHoN_INFOSEC_EN
📽@cRyPtHoN_INFOSEC_DE
📽@BlackBox_Archiv

More than half of Europeans want to replace lawmakers with AI, study says

Researchers at IE University's Center for the Governance of Change asked 2,769 people from 11 countries worldwide how they would feel about reducing the number of national parliamentarians in their country and giving those seats to an AI that would have access to their data.

The results, published Thursday, showed that despite AI's clear and obvious limitations, 51% of Europeans said they were in favor of such a move.

Outside Europe, some 75% of people surveyed in China supported the idea of replacing parliamentarians with AI, while 60% of American respondents opposed it.

https://www.cnbc.com/2021/05/27/europeans-want-to-replace-lawmakers-with-ai.html

#wtf #eu #lawmakers #ai #thinkabout
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

US Soldiers Expose Nuclear Weapons Secrets Via Flashcard Apps

For US soldiers tasked with the custody of nuclear weapons in Europe, the stakes are high. Security protocols are lengthy, detailed and need to be known by heart. To simplify this process, some service members have been using publicly visible flashcard learning apps — inadvertently revealing a multitude of sensitive security protocols about US nuclear weapons and the bases at which they are stored.

While the presence of US nuclear weapons in Europe has long been detailed by various leaked documents, photos and statements by retired officials, their specific locations are officially still a secret with governments neither confirming nor denying their presence.

As many campaigners and parliamentarians in some European nations see it, this ambiguity has often hampered open and democratic debate about the rights and wrongs of hosting nuclear weapons.

However, the flashcards studied by soldiers tasked with guarding these devices reveal not just the bases, but even identify the exact shelters with “hot” vaults that likely contain nuclear weapons.

They also detail intricate security details and protocols such as the positions of cameras, the frequency of patrols around the vaults, secret duress words that signal when a guard is being threatened and the unique identifiers that a restricted area badge needs to have.

https://www.bellingcat.com/news/2021/05/28/us-soldiers-expose-nuclear-weapons-secrets-via-flashcard-apps/

#bellingcat #usa #soldiers #expose #nuclear #waepons #secrets #flashcard #apps
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

The Robot Smiled Back

Columbia Engineering researchers use AI to teach robots to make appropriate reactive human facial expressions, an ability that could build trust between humans and their robotic co-workers and care-givers.

https://www.youtube.com/watch?v=1vBLI-q04kM

https://telegra.ph/The-Robot-Smiled-Back-05-28

via www.newswise.com

#research #robots #ai #facial #expressions #video
📽@cRyPtHoN_INFOSEC_FR
📽@cRyPtHoN_INFOSEC_EN
📽@cRyPtHoN_INFOSEC_DE
📽@BlackBox_Archiv

Your iPhone (and iCloud backups) are full of gigabytes-worth of old iMessages that are virtually impossible to read

Many iPhone owners have iMessages from years ago that they can’t access. For example, my wife and I simply want to read the first few messages that we exchanged in 2017, but we can’t.

Yet we pay for the right to read these messages in two ways: precious space our 64GB iPhones (and Macs) and iCloud storage, which Apple charges us for each month. Many other people have had this problem for several years, a quick Google search reveals ...

The cumbersome way Apple lets you (theoretically) access old messages is to “scroll to the top” of your conversation, but it’s extremely time consuming and doesn’t work in practice. Yesterday I tried to scroll to the “top” of my iMessages that were from and to my wife. After just a few minutes, my computer with 16GB of RAM started “beach balling” and the app froze before I could even get to messages from 6 months ago. Meanwhile, my wife tried to access our earliest messages on her iPhone 8 Plus and it was even sadder: after over 45 minutes of scrolling, she got within a year of the conversation’s beginning and then the iMessages app crashed on her.

https://keydiscussions.com/2021/05/28/apple-charges-for-storing-gigabytes-worth-of-old-imessages-you-cant-reliably-access/

#apple #imessages #storage #iCloud
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Embracing and Governing Technological Disruption

There has always existed an interplay between human-kind and technology’s promise to improve our lives. Seldom, and certainly not in modern times, has the adoption of technology accelerated as quickly as it has with the Covid-19 pandemic.

https://docs.ie.edu/cgc/IE-CGC-European-Tech-Insights-2021-%28Part-II%29.pdf

💡 👉🏼 related article:
More than half of Europeans want to replace lawmakers with AI, study says
https://www.cnbc.com/2021/05/27/europeans-want-to-replace-lawmakers-with-ai.html

#eu #tech #insights #pdf
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

The Pirate Bay Remains Resilient, 15 Years After The Raid

Fifteen years ago today The Pirate Bay was raided by dozens of Swedish police officers. The entertainment industries hoped that this would permanently shut down the site, but that was not the case. Instead, the police action inadvertently helped to create one of the most resilient and iconic websites on the Internet.

There are a handful of traditions we have at #TorrentFreak, and remembering the first raid on The Pirate Bay is one of them.

Not only was it the first major story we covered, it also had a significant impact on how the piracy ecosystem evolved over the years. It also changed the lives of the site’s co-founders, who were eventually convicted.

While a lot has changed over the years, The Pirate Bay is still around and there are no signs that this will change anytime soon. What many people may not realize, however, is that without a few essential keystrokes in the site’s early years, the site would be a distant memory today.

This is what happened....

https://torrentfreak.com/the-pirate-bay-remains-resilient-15-years-after-the-raid-210531/

#piratebay #raid
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Shieldy got acquired by 1inch Network

I am announcing the acquisition of Shieldy Telegram bot by 1inch Network and telling you my personal story of how I've built, grown and sold Shieldy in detail.

I'm thrilled to announce that @shieldy_bot is now in better hands that are more suitable to grow it past the 20 000 000 users point. I believe that the new owner of Shieldy has better chances of supporting this open-source solution in the long run and bringing more value to the users. After all, I'm just a single guy standing in front of my computer writing code. 1inch has way more resources than I.

In the previous article, I've described how I calculated an estimated value of Shieldy and how I got three acquisition offers ranging from $100 000 to $150 000, which I rejected. In this article, I'm going to tell you the story of Shieldy. Starting from the beginning and up to the point when I sold it to 1inch for $329 000. How and why I built it, how it became popular, how I could find a better future maintainer and why I picked 1inch to succeed me in owning Shieldy (yes, I was fortunate enough to choose my successor). Keep reading!

https://blog.borodutch.com/shieldy-got-acquired-by-1inch-exchange/

https://1inch.io/

#tg #telegram #bot #shieldy #borodutch
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Mass scale manipulation of Twitter Trends discovered

New EPFL research has found that almost half of local Twitter trending topics in Turkey are fake, a scale of manipulation previously unheard of. It also proves for the first time that many trends are created solely by bots due to a vulnerability in Twitter’s Trends algorithm.

Social media has become ubiquitous in our modern, daily lives. It has changed the way that people interact, connecting us in previously unimaginable ways. Yet, where once our social media networks probably consisted of a small circle of friends most of us are now part of much larger communities that can influence what we read, do, and even think.

One influencing mechanism, for example, is ‘Twitter Trends’. The platform uses an algorithm to determine hashtag-driven topics that become popular at a given point in time, alerting twitter users to the top words, phrases, subjects and popular hashtags globally and locally.

Now, new EPFL research focused on Turkey, from the Distributed Information Systems Laboratory, part of the School of Computer and Communication Sciences has found a vulnerability in the algorithm that decides Twitter Trending Topics: it does not take deletions into account. This allows attackers to push the trends they want to the top of Twitter Trends despite deleting their tweets which contain the candidate trend shortly afterwards.

https://actu.epfl.ch/news/mass-scale-manipulation-of-twitter-trends-discov-2/

💡 Ephemeral Astroturfing Attacks: The Case of Fake Twitter Trends (PDF)
https://arxiv.org/pdf/1910.07783.pdf

#twitter #manipulation #turkey #research #pdf
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

FUJIFILM shuts down network after suspected ransomware attack

FujiFilm is investigating a ransomware attack and has shut down portions of its network to prevent the attack's spread.

FujiFilm, also known as just Fuji, is a Japanese multinational conglomerate headquartered in Tokyo, Japan, which initially started in optical film and cameras. It has grown to include pharmaceuticals, storage devices, photocopiers and printers (XEROX), and digital cameras.

FUJIFILM earned $20.1 billion in 2020 and has 37,151 employees worldwide.

Today, FUJIFILM announced that their Tokyo headquarters suffered a cyberattack Tuesday night that they indicate is a ransomware attack.

"FUJIFILM Corporation is currently carrying out an investigation into possible unauthorized access to its server from outside of the company. As part of this investigation, the network is partially shut down and disconnected from external correspondence," FUJIFILM said in a statement.

"We want to state what we understand as of now and the measures that the company has taken. In the late evening of June 1, 2021, we became aware of the possibility of a ransomware attack. As a result, we have taken measures to suspend all affected systems in coordination with our various global entities."

"We are currently working to determine the extent and the scale of the issue. We sincerely apologize to our customers and business partners for the inconvenience this has caused."

Due to the partial network outage, FUJIFILM USA has added an alert to the top of their website stating that they are experiencing network problems that are impacting their email and phone systems.

https://www.bleepingcomputer.com/news/security/fujifilm-shuts-down-network-after-suspected-ransomware-attack/

#fujifilm #ransomware #attack
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

NortonLifeLock Unveils Norton Crypto

New Feature Enables a Safe and Easy Way to Mine Cryptocurrency

TEMPE, Ariz.--(BUSINESS WIRE)-- NortonLifeLock (NASDAQ: NLOK), a global leader in consumer Cyber Safety, today announced the launch of Norton™ Crypto, a new feature designed to enable consumers to safely and easily mine cryptocurrency through its trusted Norton™ 360 platform. Starting tomorrow, select Norton 360 customers in Norton’s early adopter program will be invited to mine for Ethereum.

“As the crypto economy continues to become a more important part of our customers’ lives, we want to empower them to mine cryptocurrency with Norton, a brand they trust,” said Vincent Pilette, CEO of NortonLifeLock. “Norton Crypto is yet another innovative example of how we are expanding our Cyber Safety platform to protect our customers’ ever-evolving digital lives.”

For years, many coinminers have had to take risks in their quest for cryptocurrency, disabling their security in order to run coinmining and allowing unvetted code on their machines that could be skimming from their earnings or even planting ransomware. Earnings are commonly stored directly on miners’ hard drives, where their digital wallet could be lost should it fail.

Norton Crypto delivers a secure, reliable way for consumers to mine for Ethereum without opening themselves and their devices up to these pitfalls. Once cryptocurrency has been earned, customers can track and transfer earnings into their Norton Crypto Wallet, which is stored in the cloud so it cannot be lost due to hard drive failure.

“We are proud to be the first consumer Cyber Safety company to offer coinminers the ability to safely and easily turn the idle time on their PCs into an opportunity to earn digital currency,” said Gagan Singh, chief product officer at NortonLifeLock. “With Norton Crypto, our customers can mine for cryptocurrency with just a few clicks, avoiding many barriers to entry in the cryptocurrency ecosystem.”

https://investor.nortonlifelock.com/About/Investors/press-releases/press-release-details/2021/NortonLifeLock-Unveils-Norton-Crypto/default.aspx

#norton #crypto #mining
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

German IT company that serves banks experiences DDoS hack attack

A German company that operates technology for the nation's cooperative banks said on Friday that it was experiencing continued distributed denial-of-service (DDoS) attacks throughout the night.

In such attacks, hackers attempt to flood a network with unusually high volumes of data traffic in order to paralyse it.

The company, Fiducia & GAD IT AG, said the attacks began on Thursday morning, shutting down or hindering the websites of some cooperative banks in parts of the country.

The issue stabilized by the afternoon, but picked up again in the evening with "further major attacks into the night".

"Fiducia & GAD's crisis team continues to monitor the systems closely in order to be able to react quickly to any new attacks," the company said in a statement.

The company noted that such attacks weren't uncommon in the industry.

A spokeswoman for Fiducia & GAD IT AG couldn't immediately say how many banks were affected.

The banking blog Finanz-Szene earlier reported about the attack.

https://www.reuters.com/technology/german-it-company-that-serves-banks-experiences-ddos-hack-attack-2021-06-04/

#germany #it #company #ddos #attack
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Brit retailer Furniture Village confirms 'cyber-attack' as systems outage rolls into Day 7

Sofa, not-so-good: Angry customers still can't access systems, phones, and deliveries delayed

Furniture Village – the UK's largest independent furniture retailer with 54 stores nationwide – has been hit by a "cyber-attack", the company confirmed to The Register.

Details are still sketchy, but it emerged late last week that some of the retailer’s internal systems had been taken offline.

Although its website remains up and running, this is not the case for the back end. The problems emerged last weekend on 29 May when Furniture Village admitted it was experiencing "technical issues" and it was unable to answer calls. This is still the case at the time of publication, 6 days later.

By Wednesday, Furniture Village revealed it was “still experiencing technical issues with [its] internal systems” and that the team was working to resolve them as quickly as possible. These included delivery systems, phone systems, and according to customers, payment mechanisms.

https://www.theregister.com/2021/06/04/furniture_village_confirms_cyberattack/

#cyberattack #uk #FurnitureVillage
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv