Key witness in Assange case admits to lies in indictment

A maj­or wit­n­ess in the United States’ Depart­ment of Justice ca­se against Ju­li­an Assange has admitted to fabricat­ing key accusati­ons in the indict­ment against the Wiki­leaks found­er.

A major witness in the United States’ Department of Justice case against Julian Assange has admitted to fabricating key accusations in the indictment against the Wikileaks founder. The witness, who has a documented history with sociopathy and has received several convictions for sexual abuse of minors and wide-ranging financial fraud, made the admission in a newly published interview in Stundin where he also confessed to having continued his crime spree whilst working with the Department of Justice and FBI and receiving a promise of immunity from prosecution.

The man in question, Sigurdur Ingi Thordarson, was recruited by US authorities to build a case against Assange after misleading them to believe he was previously a close associate of his. In fact he had volunteered on a limited basis to raise money for Wikileaks in 2010 but was found to have used that opportunity to embezzle more than $50,000 from the organization. Julian Assange was visiting Thordarson’s home country of Iceland around this time due to his work with Icelandic media and members of parliament in preparing the Icelandic Modern Media Initiative, a press freedom project that produced a parliamentary resolution supporting whistleblowers and investigative journalism.

The United States is currently seeking Assange’s extradition from the United Kingdom in order to try him for espionage relating to the release of leaked classified documents. If convicted, he could face up to 175 years in prison. The indictment has sparked fears for press freedoms in the United States and beyond and prompted strong statements in support of Assange from Amnesty International, Reporters without borders, the editorial staff of the Washington Post and many others.

US officials presented an updated version of an indictment against him to a Magistrate court in London last summer. The veracity of the information contained therein is now directly contradicted by the main witness, whose testimony it is based on.

https://stundin.is/grein/13627/

#assange #wikileaks #usa #uk #extradition #indictment
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Whistleblowers, The State, and Surveillance with Journalist Barrett Brown

Journalist Barrett Brown will be joining us to discuss the state, digital media, and FBI surveillance, The Intercept, Glenn Greenwald, and other issues related to political struggle.

https://www.youtube.com/watch?v=MBeMZ4UFMaM

#whistleblower #fbi #surveillance #video
📽@cRyPtHoN_INFOSEC_FR
📽@cRyPtHoN_INFOSEC_EN
📽@cRyPtHoN_INFOSEC_DE
📽@BlackBox_Archiv

Craig Wright was granted default judgement against Cobra

Now Cobra will have to remove all references to the Bitcoin whitepaper from bitcoin.org in the UK. The Judge criticized Cobra for not defending himself, despite his multiple emails to the court begging to adjourn the decision until after the COPA ruling.

He also highlighted that Cobra was unwilling to defend himself in front of the court, yet was still sitting in the aisles of the MS teams group as "Cobra" the anon. The judge actually pointed out that the defendant, who refused to defend himself in front of the court, was sitting right there in the aisles.

Cobra now has to pay £35,000 to the court. In addition to adhering to it's judgment.

https://www.reddit.com/r/bitcoincashSV/comments/o9ivuw/craig_wright_was_granted_default_judgement/

#bitcoin #whitepaper #wright #cobra #uk #copa
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Data Poisoning Won't Save You From Facial Recognition

Data poisoning has been proposed as a compelling defense against facial recognition models trained on Web-scraped pictures. By perturbing the images they post online, users can fool models into misclassifying future (unperturbed) pictures.

We demonstrate that this strategy provides a false sense of security, as it ignores an inherent asymmetry between the parties: users' pictures are perturbed once and for all before being published (at which point they are scraped) and must thereafter fool all future models -- including models trained adaptively against the users' past attacks, or models that use technologies discovered after the attack.

https://arxiv.org/abs/2106.14851

#facial #recognition #defense #data #poisoning #study #pdf
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

DoubleVPN servers, logs, and account info seized by law enforcement

Law enforcement has seized the servers and customer logs for DoubleVPN, a double-encryption service commonly used by threat actors to evade detection while performing malicious activities.

DoubleVPN is a Russian-based VPN service that double-encrypts data sent through their service.

Servers and data seized by law enforcement

The doublevpn.com [archive.org] website was seized today by law enforcement, who stated that they gained access to the servers for DoubleVPN and took personal information, logs, and statistics for the service's customers.

"On 29th of June 2021, law enforcement took down DoubleVPN. Law enforcement gained access to the servers of DoubleVPN and seized personal information, logs and statistics kept by DoubleVPN about all of its customers. DoubleVPN’s owners failed to provide the services they promised," says the now-seized doublevpn.com website.

"International law enforcement continues to work collectively against facilitators of cybercrime, wherever and however it is committed. The investigation regarding customer data of this network will continue."

https://www.bleepingcomputer.com/news/security/doublevpn-servers-logs-and-account-info-seized-by-law-enforcement/

#doublevpn #seized #police
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Court Orders YouTube Rippers to Log and Share Data with Record Labels

A Virginia District Court has ordered the Russian operator of two popular YouTube rippers to keep extensive logs of user activity and hand these over to the major record labels. The order was requested by the labels, which argue that FLVTO.biz and 2conv.com facilitate massive copyright infringement in the United States and abroad.

The major record labels believe that YouTube rippers are the most significant piracy threat on the Internet.

https://torrentfreak.com/court-orders-youtube-rippers-to-log-and-share-user-data-210629/

#youtube #piracy #rippers #copyright #userdata
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

iodéOS – does the data saving Android operating system fulfill its promise?

We took a close look at iodéOS, which is based on LineageOS. Can the privacy friendly operating system fulfill its promises? Read our test!

As already mentioned, iodéOS is an Android operating system based on LineageOS with a special focus on privacy. The manufacturer claims that the user can use the full comfort of Android without being spied on by Google and other data octopuses all the way. At least that is what the founder of iodé, Antoine Maurino, promises us.

The increasingly frequent data scandals at Google or Facebook, to name just the two most important ones, usually seem „far away„. But more and more people seem to be slowly realizing that they, too, are a small but important part of this constantly expanding data collection.

Most of the time, it starts out small. An app here, another one there. And then, before you know it, you have countless apps installed on your Android phone.

But all these apps have one thing in common. That’s right, they collect data. Your data! And mostly behind your back. Did you know that Google alone requests location information and other data from your Android smartphone 340 times in a 24-hour period?

https://tarnkappe.info/iodeos-does-the-data-saving-android-operating-system-fulfill-its-promise/

#android #iodéOS #DeleteGoogle #aurora #microG
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

PokeBeach Hacked, Next Steps for the Site

PokeBeach was hacked on Monday. All files were deleted. We have been assessing the situation for the last 72 hours. I have barely slept.

No user data was stolen or compromised.

The hacking was a professional job conducted by an overseas team who wanted to hold the website hostage for monetary gain. The team gained access to the site through an exploit in a popular piece of software we use, which we updated a week prior. We can’t go into too many details because we are currently exploring our legal options.

The team first reverse-engineered our backup script to delete all of our offsite backups. This wasn’t noticed until it was too late. They also attempted to modify PokeBeach’s article program so that new subscribers would be referred to their Paypal account. This was instantly reported to Paypal, who worked with us to confirm no new accounts were affected.

As we locked them out of the web server, they issued a command to wipe it clean. We discovered they were in the process of downloading it so they could offer it back to us for payment. It’s also why they deleted our backups.

Later we received a message from an individual who suggested I should mail him my cards from this tweet if I want some of my files back. He disappeared after I ignored him.

The hackers never had access to our databases. No news stories, forum posts, or user accounts have been affected. However, the last few years of media files are gone. This includes news story images, forum attachments, and similar. We are currently trying to find local backups and use recovery software, but the outlook is grim. Our web host Linode even kindly pooled its team together to help with our recovery efforts.

https://www.pokebeach.com/2021/07/pokebeach-hacked-next-steps-for-the-site

#pokebeach #hacked
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

How to bypass the Windows 11 TPM 2.0 requirement

Microsoft now requires a computer to have a TPM 2.0 module to install Windows 11. However, new Registry entries have been discovered that allow you to bypass the TPM requirement and minimum memory and secure boot requirements.

With Windows 11, Microsoft added new minimum system requirements that all devices need to have a TPM 2.0 security processor to power some of the operating system's security features.

"The following Windows features require TPM 2.0: Measured Boot, Device Encryption, WD System Guard, Device Health Attestation, Windows Hello/Hello for Business, TPM Platform Crypto Provider Key Storage, SecureBIO, DRTM, vTPM in Hyper-V," Microsoft told BleepingComputer.

For most people running CPUs created in the past 5-6 years, a firmware-based TPM (fTPM) is built into the CPU and can be enabled in the BIOS.

To enable the fTPM, simply boot your computer into the BIOS and enable the Intel Platform Trust Technology (Intel PTT) or the AMD Platform Security Processor, depending on your CPU.

For those who do not have this feature, you may be able to install a discrete TPM 2.0 processor on the motherboard. However, if your processor is old enough that it does not have one built-in fTPM, your motherboard's module will likely be TPM 1.2, which is not compatible with Windows 11.

This requirement is frustrating for users running Windows 10 on older equipment, as now they are being forced to purchase new hardware to install Windows 11.

Furthermore, as Microsoft has stated in documentation that OEMs can get permission to disable the TPM requirement in Windows 11 for their devices, the question becomes: Do you really need a TPM 2.0 processor to use Windows 11?

https://www.bleepingcomputer.com/news/microsoft/how-to-bypass-the-windows-11-tpm-20-requirement/

#microsoft #windows #tpm
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

REvil ransomware executes supply chain attack via malicious Kaseya update

The REvil ransomware gang appears to have gained access to the infrastructure of Kaseya, a provider of remote management solutions, and is using a malicious update for the VSA software to deploy ransomware to companies across the world.

The incident first came to light earlier today in a Reddit section dedicated to managed service providers (MSPs), companies that provide remote IT services to smaller businesses lacking an IT department and which are usually Kaseya’s primary customers.

MSPs use Kaseya’s VSA platform to manage and deploy software updates to customer networks or access remote systems to troubleshoot a customer’s IT problems; however, this very same functionality can be abused by threat actors who manage to gain access to an MSP’s VSA platform.

While at the time of writing, it is unclear how widespread the incident is, security firm Huntress Labs is reporting that at least four MSPs have been hit so far.

According to security firm Sophos, MSPs appear to be getting infected with ransomware via a malicious update to Kaseya VSA on-prem servers.

"We are monitoring a REvil 'supply chain' attack outbreak, which seems to stem from a malicious Kaseya update. REvil binary C:Windowsmpsvc.dll is side-loaded into a legit Microsoft Defender copy, copied into C:WindowsMsMpEng.exe to run the encryption from a legit process."

https://therecord.media/revil-ransomware-executes-supply-chain-attack-via-malicious-kaseya-update/

#revil #ransomware #kaseya
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Not Disclosing That a Photo Was Retouched is Now Illegal in Norway

Norway has recently passed legislation that makes it illegal for photos that feature any kind of retouching without disclosing the edits posted by celebrities and influencers as part of a pushback against unrealistic beauty standards and a rise in body dysmorphic disorder.

The law comes as an amendment to the country’s 2009 Marketing Act that makes it illegal for influencers to share retouched photos of their bodies in promotional posts on social media without disclosing that the image has been edited. The law passed with a considerable majority of 72 to 15 votes and requires advertisements featuring a person with any edits to a body’s size, shape, or skin to be marked with a standardized label designed by the government.

“Advertisements” encompasses celebrities and influencers, as the term is for anyone who receives payment or other benefits as the result of a post on social media. The specific platforms called out were Facebook, Instagram, Snapchat, TikTok, and Twitter. Violators of the law are subject to fines that can escalate in scale and lead to — in extreme cases — imprisonment.

https://petapixel.com/2021/07/02/not-disclosing-that-a-photo-was-retouched-is-now-illegal-in-norway/

#norway #photos #disclosing #influencer
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Build a Hackable Router with a $5 ESP32

If you're looking for a data-connected router for use as a Wi-Fi hacking punching bag, you can set one up for as little as $5. We'll use an ESP32 to create a Wi-Fi network and sniff traffic to discover logins, all using a low-cost microcontroller. This project is also useful for connecting IoT devices, making Wi-Fi honeypots, extending the range of a network.

https://www.youtube.com/watch?v=41Lymi6rXA8

#hak5 #video
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Binance Deploys Crypto Monitoring 'Traveler' System to Comply With FATF Travel Rule

Binance announced yesterday it deployed Ciphertrace’s Traveler system as part of its compliance efforts. Traveler is the first system designed for exchanges to comply with the Travel Rule proposed by the Financial Action Task Force. The exchange would be among the first wave of exchanges implementing this automatic Travel Rule compliance system.

Binance Implements Ciphertrace’s Traveler Protocol in Its Trading Platform

Binance, one of the largest cryptocurrency exchanges in the market, announced the implementation of Traveler, a system that will help them comply with the Travel Rule established by the Financial Action Task Force (FATF). Ciphertrace, a blockchain analytics startup, created Traveler as a third-party compliance platform.

Ciphertrace claims Traveler automatizes the process of complying with FATFs mandate, automatically making connections and identifying different VASPs (Virtual Asset Service Providers). Therefore, exchanges simplify their due diligence burden by implementing it.

https://news.bitcoin.com/binance-deploys-crypto-monitoring-traveler-system-to-comply-with-fatf-travel-rule/

#binance #crypto #monitoring #traveler #system #fatf
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

US companies hit by 'colossal' cyber-attack

About 200 US businesses have been hit by a "colossal" ransomware attack, according to a cyber-security firm.

Huntress Labs said the hack targeted Florida-based IT company Kaseya before spreading through corporate networks that use its software.

Kaseya said in a statement on its own website that it was investigating a "potential attack".

Huntress Labs said it believed the Russia-linked REvil ransomware gang was responsible.

The US Cybersecurity and Infrastructure Agency, a federal agency, said in a statement that it was taking action to address the attack.

The cyber-breach emerged on Friday afternoon as companies across the US were clocking off for the long Independence Day weekend.

The two big things that are keeping cyber-security professionals up at night lately are ransomware attacks and supply chain attacks. This latest incident combines both nightmares into one big Independence Holiday weekend-ruining event for hundreds of US IT teams.

Ransomware is the scourge of the internet. Multiple organised criminal gangs are constantly attempting to gain access to computer networks to hold them hostage. The rate of attack is relentless but it can take a lot of time and effort on the criminals part to successfully hijack one victim's computer system.

In this latest incident the hackers showed that by going after the software supplier of multiple organisations they can pop dozens, perhaps hundreds of victims in one go. We've seen horrendous supply chain attacks in the past but this one has the potential to be the biggest incident involving ransomware yet.

It shows that ransomware gangs are thinking creatively about how to have the most impact possible and command the biggest ransom possible.

https://www.bbc.co.uk/news/world-us-canada-57703836

#kaseya #ransomware #revil #attack #usa #cybersecurity
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Digital Violence: How the NSO Group Enables State Terror

The data for the project is based on fifteen months of open source research that extracted data from hundreds of pages of documents as well as interviews. The Platform offers the most comprehensive database to date (containing over a thousand data points) of the reported infections of the phones using Pegasus.

https://forensic-architecture.org/investigation/digital-violence-how-the-nso-group-enables-state-terror

#digital #violence #nso #pegasus #surveillance #state #terror
📽@cRyPtHoN_INFOSEC_FR
📽@cRyPtHoN_INFOSEC_EN
📽@cRyPtHoN_INFOSEC_DE
📽@BlackBox_Archiv

If you use Audacity, the new owners just updated the terms of service so they can collect data on you, including for very open-ended "legal enforcement"; and then sell it to "potential buyers" all without your consent.

https://nitter.pussthecat.org/KrashHash/status/1411725491581587457

via Twitter

https://appleinsider.com/articles/21/07/04/open-source-audacity-deemed-spyware-over-data-collection-changes

#audacity
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Darknet Diaries - EP 96: The Police Station Incident

Nicole Beckwith wears a lot of hats. She’s a programmer, incident responder, but also a cop and Secret Service agent. In this episode she tells a story which involves all of these roles.

https://darknetdiaries.com/episode/96/

#truecrime #darknetdiaries #podcast
🎙@cRyPtHoN_INFOSEC_FR
🎙@cRyPtHoN_INFOSEC_EN
🎙@cRyPtHoN_INFOSEC_DE
🎙@BlackBox_Archiv

Israel Just Used Fully AI Controlled Drone Swarms in a World First

The system is fed with data from satellites, other reconnaissance drones, aerial vehicles, and intel collected by the ground unit.

In July 2019, unidentified drones swarmed the US Navy destroyers, triggering an alert. In May of 2021, Israel allowed the use of drone swarms to locate, identify, and attack Hamas militants, in what is likely the first-ever use of drone swarms in combat.

Last month, we had reported that Israel deployed a semi-autonomous robot during the recent Gaza conflict. Carrying a machine gun, this robot named Jaguar, was capable of driving to a designated location, returning fire, and even self-destructing when compromised. However, the robot needed a human operator to initiate the firing from the machine gun.

A fully autonomous drone swarm is a different level of technology altogether. It is a networked entity that is not controlled by human operators at all. Operated by artificial intelligence (AI), it can continue its mission, even if loses some drones during its mission. The machine learning system is fed with data sourced from satellites, other reconnaissance drones, and aerial vehicles, as well as intel collected by ground units.

https://telegra.ph/Israel-Just-Used-Fully-AI-Controlled-Drone-Swarms-in-a-World-First-07-06

via interestingengineering.com

#israel #ai #drones
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Cryptocurrency fraud: Brazil's 'Bitcoin King' arrested for allegedly embezzling $300 million

Cláudio Oliveira, a self-proclaimed 'King of Bitcoin', allegedly skimmed the amount from a large number of investors.

Brazil's federal police has arrested Cláudio Oliveira, the president of the Bitcoin Banco Group, for allegedly embezzling 1.5 billion Brazilian reais (about $300 million) through a cryptocurrency scheme, Coindesk reported.

Oliveira, the self-proclaimed 'King of Bitcoin', allegedly skimmed the amount from a large number of investors.

In 2019, the group had reported that 7,000 Bitcoins had gone missing and reportedly applied for judicial recovery -- a special arrangement under the Brazilian law to reorganise its finances -- in a bid to pay its creditors and avoid bankruptcy.

However, at the beginning of 2020, it was found that the group was not complying with the obligations determined at the time of the decree of judicial reorganisation and, to promote its activities and attract new customers, it continued to offer the public collective investment contracts without registration with the market regulator.

Subsequently, the police formed a task force comprising 90 officers and launched 'Operation Daemon' to nab the accused and to further investigate bankruptcy crimes, embezzlement, money laundering and criminal organization, Brazil's federal police said in a press release.

https://telegra.ph/Cryptocurrency-Fraud-Brazils-Bitcoin-King-Arrested-For-Allegedly-Embezzling-300-Million-07-06

via www.moneycontrol.com

#brazil #bitcoin #bbg #skimming
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Methods To Block Program Backdoors/Privacy Violations (Audacity Privacy Policy Example)

You can do this for ALL non internet needing programs to maximize privacy/security. We cover many ways we can restrict ALL non internet using programs from sending your IP address/backdoors (reverse shells?) and then use Audacity's new Privacy Policy and data sharing potential as an example: You should do this with All non internet programs to protect security + privacy.

https://devtube.dev-wiki.de/videos/watch/25321ef1-8663-43c9-926a-678df26c6d5e

https://www.buymeacoffee.com/politictech/block-program-backdoors-privacy-violations-related-ex-use-audacity-your-data-may-now-be-shared

#privacy #security #backdoors #audacity #video
📽@cRyPtHoN_INFOSEC_FR
📽@cRyPtHoN_INFOSEC_EN
📽@cRyPtHoN_INFOSEC_DE
📽@BlackBox_Archiv

NOTHING TO HIDE documentary (Eng, 2017)

NOTHING TO HIDE (2017) deals with the acceptance of mass surveillance through the "I have nothing to hide" narrative. “Eye-opening” (Forbes) “Fascinating” (Les Inrocks).
Support the Creative Commons Non Derivative Non Commercial licence of the film: leetchi.com/c/project-nothing-to-hide allowing the film to be online for free.

💡 More info about Nothing to Hide and its sequel Disappear:
https://deepdocs.eu

https://invidious.fdn.fr/watch?v=M3mQu9YQesk

#snowden #NothingToHide #documentation
📽@cRyPtHoN_INFOSEC_FR
📽@cRyPtHoN_INFOSEC_EN
📽@cRyPtHoN_INFOSEC_DE
📽@BlackBox_Archiv