Ukraine Police Arrest Cyber Criminals Behind Clop Ransomware Attacks

Ukrainian law enforcement officials on Wednesday announced the arrest of the Clop ransomware gang, adding it disrupted the infrastructure employed in attacks targeting victims worldwide since at least 2019.

As part of a joint operation between the National Police of Ukraine and authorities from the Republic of Korea and the U.S., six defendants have been accused of running a double extortion scheme wherein victims refusing to pay a ransom were threatened with the leak of sensitive financial, customer, or personal data stolen from them prior to encrypting the files.

https://thehackernews.com/2021/06/ukraine-police-arrest-cyber-criminals.html

#ukraine #clop #ransomware #police #bust #video
📽@cRyPtHoN_INFOSEC_FR
📽@cRyPtHoN_INFOSEC_EN
📽@cRyPtHoN_INFOSEC_DE
📽@BlackBox_Archiv

Are advertisers coming for your dreams?

If you’ve ever crammed for an exam just before bedtime, you may have tried something dream researchers have been attempting for decades: coaxing knowledge into dreams. Such efforts have had glimmers of success in the lab. Now, brands from Xbox to Coors to Burger King are teaming up with some scientists to attempt something similar: “Engineer” advertisements into willing consumers’ dreams, via video and audio clips. This week, a group of 40 dream researchers has pushed back in an online letter, calling for the regulation of commercial dream manipulation.

“Dream incubation advertising is not some fun gimmick, but a slippery slope with real consequences,” they write on the op-ed website EOS. “Our dreams cannot become just another playground for corporate advertisers.”

https://www.sciencemag.org/news/2021/06/are-advertisers-coming-your-dreams

#advertising #dreams #manipulation #smartspeakers
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Sniptt is a secret manager for developers.

The main purpose of Sniptt is to simplify and improve the experience of sharing secrets and credentials between developers and machines.

You can finally say goodbye to 1Password, LastPass, and Dashlane

https://github.com/sniptt-official/snip-cli

https://sniptt.iss.onedium.com/sharing-secrets-with-teams-82fde5b11149

#sniptt #secret #manager #teams #password #tool
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

EU Internet Providers Can ID Customers Accused of Illegal Downloads

LUXEMBOURG (CN) — European internet service providers can hand over the personal details of customers who are accused of illegally downloading content, the EU’s top court ruled Thursday.

The Court of Justice of the European Union found that, in some cases, internet providers can be compelled to hand over the names and addresses of their customers, so long as the requests are justified, proportionate and not abusive.

“The registration of IP addresses of persons whose internet connections have been used to upload pieces of files containing protected works on peer-to-peer networks, for the purposes of filing a request for disclosure of the names and postal addresses of the holders of those IP addresses, can be regarded as lawful,” the five-judge panel wrote.

The case was referred to the Luxembourg-based court by a court in Antwerp, Belgium, after Belgium’s largest internet provider, Telenet, refused to hand over the names and addresses of its customers that a Cyprus-based company, Mircom, had requested during a copyright infringement investigation.

https://www.courthousenews.com/eu-internet-providers-can-id-customers-accused-of-illegal-downloads/

https://www.courthousenews.com/wp-content/uploads/2021/06/ecj-micm.pdf

#eu #internet #provider #illegal #download #upload #copyright #infringement #pdf
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Cracking BattlEye packet encryption

Recently, Battlestate Games, the developers of Escape From Tarkov, hired BattlEye to implement encryption on networked packets so that cheaters can’t capture these packets, parse them and use them for their advantage in the form of radar cheats, or otherwise. Today we’ll go into detail about how we broke their encryption in a few hours.

We started first by analyzing Escape From Tarkov itself. The game uses Unity Engine, which uses C#, an intermediate langauge, which means you can very easily view the source code behind the game by opening it in tools like ILDasm or dnSpy. Our tool of choice for this analysis was dnSpy.

https://secret.club/2020/06/19/battleye-packet-encryption.html

#battleye #packet #encryption #cracking
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Looks like discogs was hacked

https://www.discogs.com/

https://www.reddit.com/r/ParlerWatch/comments/o4ayb0/discogscom_was_hacked_by_neonazis_today_they/

#discogs #hacked #music #database
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Sony Wins Pirate Site Blocking Order Against DNS-Resolver Quad9 (Updated)

Sony Music has obtained an injunction that requires the freely available DNS-resolver Quad9 to block a popular pirate site. The order, issued by the District Court in Hamburg, Germany, is the first of its kind. The Quad9 foundation has already announced that it will protest the judgment, which could have far-reaching consequences.

Copyright holders have made serious work of website blocking in Germany.

A few months ago a voluntary agreement was announced with the country’s largest ISPs, which agreed to block pirate sites after a verification process.

This is a major win for rightsholders, but one that can be easily defeated. The Internet providers use relatively simple DNS blockades which can be circumvented by switching to third-party DNS resolvers such as Google, Cloudflare or Quad9, which are all free to use. However, that loophole may not last forever.

Last week Sony Music obtained an injunction at the District Court of Hamburg which requires the Swiss DNS-resolver Quad9 to block access to a site that’s frequently used to host pirated music. While the site remains unnamed, the consequences could be far-reaching.

The Hamburg court found that the DNS service is not eligible for the liability protections that other third-party intermediaries such as ISPs and domain registrars typically enjoy. And if Quad9 fails to comply with the injunction, it will have to pay a fine of 250,000 euros per ‘infringing’ DNS query plus potentially two years in prison.

One of the arguments that Sony brought up in court was that Quad9 already blocks various problematic sites voluntarily. In fact, the DNS-resolver promotes threat blocking as a feature.

https://torrentfreak.com/sony-wins-pirate-site-blocking-order-against-dns-resolver-quad9-210621/

#sony #copyright #pirate #site #blocking #dns #resolver #quad9 #cannapower
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Anonymous hacker arrested after fleeing 10 years

The US Department of Justice reports a blow against Anonymous. After almost a decade on the run, Christopher Doyon, known as Commander X of the Anonymous hacker group, was arrested on June 11 in Mexico and immediately deported to the United States. He had to appear there in a US federal court last Tuesday.

Doyon considers his deportation from Mexico to the USA to be unlawful: “Please tell the world that I was illegally transferred from Mexico, where I had political asylum and where I was a humanitarian refugee. I was taken out of the country under cover of darkness” he says in a recording his sister Amy Beth Doyon posted on social media. She also asks the Mexican President Andrés Manuel López Obrador to campaign for the release of her brother.

https://marijuanapy.com/anonymous-hackers-arrested-after-fleeing-10-years/

#anonymous #arrested #usa #mexico #commanderX
📽@cRyPtHoN_INFOSEC_FR
📽@cRyPtHoN_INFOSEC_EN
📽@cRyPtHoN_INFOSEC_DE
📽@BlackBox_Archiv

Edward Snowden: The Most Dangerous Censorship

Invisible but present, and far from the eyes of the public

At the height of the events in Poland, just at the time when the trade union Solidarnosc was being outlawed, I received a letter stamped NIE CENZUROWANO. What exactly did these words mean? They were probably supposed to indicate that the country from which it came was free of censorship.

But it could also mean that letters not bearing this stamp were censored, a token of the selective nature of this office, which apparently mistrusts certain citizens while trusting others. It could naturally also mean that all letters bearing this stamp actually did pass through the censor's hand. At any rate, this symbolic and ambiguous stamp gives a profound insight into the nature of censorship, which on the one hand wants to establish its rightfulness, while at the same time attempting to camouflage its very existence.

For, while censorship considers itself a historical necessity and an institution destined to defend public order and the ruling political party, it does not like to admit that it is there. It sees itself as a temporary evil, to be applied during a state of war. Censorship, then, is only a transitory measure which will be scrapped as soon as all those people who write letters, books, etc are politically mature and responsible, thus exonerating the State and its representatives from having to act as guardians of their citizens.

https://edwardsnowden.substack.com/p/on-censorship-pt-1

#snowden #censorship
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Even creepier COVID tracking: Google silently pushed app to users’ phones [Updated]

Massachusetts launched a COVID tracking app, and uh, it was automatically installed?!

Over the weekend, Google and the state of Massachusetts managed to make creepy COVID tracking apps even creepier by automatically installing them on people's Android phones. Numerous reports on Reddit, Hacker News, and in-app reviews claim that "MassNotify," Massachusetts' COVID tracking app, silently installed on their Android device without user consent.

https://arstechnica.com/gadgets/2021/06/even-creepier-covid-tracking-google-silently-pushed-app-to-users-phones/

#google #covid #tracking
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Darknet Diaries - EP 95: Jon & Brian's Big Adventure

Jon and Brian are penetration testers who both worked at a place called RedTeam Security. They’re paid to break into buildings and hack into networks to test the security of those buildings. In this episode they bring us a story of how they prepare and execute a mission like this. But even with all the preparation, something still goes terribly wrong.

https://darknetdiaries.com/episode/95/

#truecrime #darknetdiaries #podcast
🎙@cRyPtHoN_INFOSEC_FR
🎙@cRyPtHoN_INFOSEC_EN
🎙@cRyPtHoN_INFOSEC_DE
🎙@BlackBox_Archiv

Russian security chief says Moscow will cooperate with U.S. against hackers

MOSCOW, June 23 (Reuters) - Russia will work with the United States to locate cyber criminals, the head of the FSB security service said on Wednesday, a week after the countries' leaders agreed to step up cooperation in certain areas.

FSB chief Alexander Bortnikov said the security agency would follow agreements reached by presidents Vladimir Putin and Joe Biden in discussions about cybersecurity issues at a summit last week in Switzerland, their first face-to-face meeting since Biden took office in January.

"We will work together (on locating hackers) and hope for reciprocity," the RIA news agency quoted Bortnikov as saying at a security conference in Moscow.

Another senior official said Moscow was awaiting an answer from Washington on holding consultations about cybersecurity issues, TASS news agency reported.

https://www.reuters.com/technology/russian-security-chief-says-moscow-will-cooperate-with-us-against-hackers-report-2021-06-23/

#russia #usa #cooperate #hacker #cyberattack
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Video Game Preservation

An archive of commercial video game source code.

https://github.com/videogamepreservation

#videogames #preservation #archive
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

South African Brothers Vanish, and So Does $3.6 Billion in Bitcoin

A Cape Town law firm hired by investors says they can’t locate the brothers and has reported the matter to the Hawks, an elite unit of the national police force. It’s also told crypto exchanges across the globe should any attempt be made to convert the digital coins.

Following a surge in Bitcoin’s value in the past year, the disappearance of about 69,000 coins -- worth more than $4 billion at their April peak -- would represent the biggest-ever dollar loss in a cryptocurrency scam. The incident could spur regulators’ efforts to impose order on the market amid rising cases of fraud.

The first signs of trouble came in April, as Bitcoin was rocketing to a record. Africrypt Chief Operating Officer Ameer Cajee, the elder brother, informed clients that the company was the victim of a hack. He asked them not to report the incident to lawyers and authorities, as it would slow down the recovery process of the missing funds.

https://www.bloomberg.com/news/articles/2021-06-23/s-african-brothers-vanish-and-so-does-3-6-billion-in-bitcoin

#cryptocurrency #investment #scam #africrypt
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

John McAfee dead: Antivirus software mogul found dead in Barcelona prison

John McAfee, the founder of McAfee antivirus, has been found dead in a Barcelona prison this afternoon.

It comes after the Spanish High Court authorised the extradition of McAfee to the United States where he faces tax evasion charges, a court document released on Wednesday showed.

McAfee, 75, who was arrested at Barcelona airport in October 2020, said during an extradition hearing this month that the accusations against him were politically motivated.

He linked the charges filed by the Internal Revenue Service to his failed bid to run as a Libertarian Party candidate in the 2020 US presidential election, a second such attempt.

The Spanish prosecutor, Carlos Bautista, said McAfee was just a tax dodger and dismissed the accusation of a political motivation, insisting the Libertarian Party rarely gains more than 1 percent of votes in U.S. elections.

US federal prosecutors unsealed an indictment in October against McAfee over charges that he evaded taxes and willfully failed to file returns.

That came shortly after the U.S. Securities and Exchange Commission said it had brought civil charges against McAfee, alleging he made over $23.1million in undisclosed income from false and misleading cryptocurrency recommendations.

The Spanish court authorised the extradition but only to face charges related to his tax returns for 2016, 2017 and 2018 as the prosecution had asked.

https://www.express.co.uk/news/world/1453763/John-McAfee-dead-suicide-Barcelona-prison-spain-tax-evasion-probe

https://www.vilaweb.cat/noticies/john-mcafee-suicidi-barcelona-can-brians-extradicio/

https://digismak.com/john-mcafee-the-creator-of-the-antivirus-found-dead-in-brians-2-prison-after-the-an-ordered-his-extradition/

https://www.euroweeklynews.com/2021/06/23/breaking-news-antivirus-creator-john-mcafee-found-dead-in-catalan-prison-cell/

#macafee #suicide #barcelona #prison
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Google turned me into a serial killer

As I was scrolling through my inbox today, I stumbled upon an e-mail from a former colleague of mine who wanted to inform me that a Google search of my name yields a picture of me linked to a Wikipedia article about a serial killer who happens to have the same name as mine.

https://hristo-georgiev.com/google-turned-me-into-a-serial-killer

#google #DeleteGoogle
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Update: Warp-Plus-Cloudflare - A project for getting unlimited GB on Warp+ ( https://1.1.1.1/ )

WARP+ uses Cloudflare’s virtual private backbone, known as Argo, to achieve higher speeds and ensure your connection is encrypted across the long haul of the Internet. Read more.

https://github.com/ALIILAPRO/warp-plus-cloudflare

#cloudflare #warp #script #tool
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Elcomsoft Breaks the Latest Version of VeraCrypt

Elcomsoft updates Elcomsoft Forensic Disk Decryptor, the company’s all-in-one tool for accessing encrypted disks and containers. In this update, the tool adds support for the latest versions of VeraCrypt, enabling experts to extract on-the-fly encryption keys from the computer’s RAM to instantly mount or decrypt VeraCrypt-protected disks without running password attacks and bypassing the associated complexity altogether.

Recent versions of VeraCrypt are using a newer, stronger way to keep on-the-fly encryption keys in the computer’s RAM. Elcomsoft Forensic Disk Decryptor 2.18 can now extract these on-the-fly encryption keys from the computer’s RAM for the latest versions of VeraCrypt.

https://www.elcomsoft.com/press_releases/efdd_20210603.html

#elcomsoft #forensic #veracrypt
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Mozilla: Take control over your data with Rally, a novel privacy-first data sharing platform

Mozilla teams up with Princeton University researchers to enable crowdsourced science for public good; collaborates with research groups at Princeton, Stanford on upcoming studies.

Your data is valuable. But for too long, online services have pilfered, swapped, and exploited your data without your awareness. Privacy violations and filter bubbles are all consequences of a surveillance data economy. But what if, instead of companies taking your data without giving you a say, you could select who gets access to your data and put it to work for public good?

Today, we’re announcing the Mozilla Rally platform. Built for the browser with privacy and transparency at its core, Rally puts users in control of their data and empowers them to contribute their browsing data to crowdfund projects for a better Internet and a better society. At Mozilla, we’re working on building a better internet, one that puts people first, respects their privacy and gives them power over their online experience. We’ve been a leader in privacy features that help you control your data by blocking trackers. But, being “data-empowered” also requires the ability to choose who you want to access your data.

https://blog.mozilla.org/en/mozilla/take-control-over-your-data-with-rally-a-novel-privacy-first-data-sharing-platform/

#mozilla #privacy #rally #data #sharing
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Key witness in Assange case admits to lies in indictment

A maj­or wit­n­ess in the United States’ Depart­ment of Justice ca­se against Ju­li­an Assange has admitted to fabricat­ing key accusati­ons in the indict­ment against the Wiki­leaks found­er.

A major witness in the United States’ Department of Justice case against Julian Assange has admitted to fabricating key accusations in the indictment against the Wikileaks founder. The witness, who has a documented history with sociopathy and has received several convictions for sexual abuse of minors and wide-ranging financial fraud, made the admission in a newly published interview in Stundin where he also confessed to having continued his crime spree whilst working with the Department of Justice and FBI and receiving a promise of immunity from prosecution.

The man in question, Sigurdur Ingi Thordarson, was recruited by US authorities to build a case against Assange after misleading them to believe he was previously a close associate of his. In fact he had volunteered on a limited basis to raise money for Wikileaks in 2010 but was found to have used that opportunity to embezzle more than $50,000 from the organization. Julian Assange was visiting Thordarson’s home country of Iceland around this time due to his work with Icelandic media and members of parliament in preparing the Icelandic Modern Media Initiative, a press freedom project that produced a parliamentary resolution supporting whistleblowers and investigative journalism.

The United States is currently seeking Assange’s extradition from the United Kingdom in order to try him for espionage relating to the release of leaked classified documents. If convicted, he could face up to 175 years in prison. The indictment has sparked fears for press freedoms in the United States and beyond and prompted strong statements in support of Assange from Amnesty International, Reporters without borders, the editorial staff of the Washington Post and many others.

US officials presented an updated version of an indictment against him to a Magistrate court in London last summer. The veracity of the information contained therein is now directly contradicted by the main witness, whose testimony it is based on.

https://stundin.is/grein/13627/

#assange #wikileaks #usa #uk #extradition #indictment
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Whistleblowers, The State, and Surveillance with Journalist Barrett Brown

Journalist Barrett Brown will be joining us to discuss the state, digital media, and FBI surveillance, The Intercept, Glenn Greenwald, and other issues related to political struggle.

https://www.youtube.com/watch?v=MBeMZ4UFMaM

#whistleblower #fbi #surveillance #video
📽@cRyPtHoN_INFOSEC_FR
📽@cRyPtHoN_INFOSEC_EN
📽@cRyPtHoN_INFOSEC_DE
📽@BlackBox_Archiv