Security Analysis of Telegram (Symmetric Part)
We performed a detailed security analysis of the encryption offered by the popular Telegram messaging platform. As a result of our analysis, we found several cryptographic weaknesses in the protocol, from technically trivial and easy to exploit to more advanced and of theoretical interest.
For most users, the immediate risk is low, but these vulnerabilities highlight that Telegram fell short of the cryptographic guarantees enjoyed by other widely deployed cryptographic protocols such as TLS. We made several suggestions to the Telegram developers that enable providing formal assurances that rule out a large class of cryptographic attacks, similarly to other, more established, cryptographic protocols.
We disclosed the following vulnerabilities to the Telegram development team on 16 April 2021 and agreed with them on a disclosure on 16 July 2021:
https://mtpsym.github.io/
💡 Read as well: Four cryptographic vulnerabilities in Telegram
https://t.iss.one/BlackBox_Archiv/2391
#telegram #messenger #security #vulnerabilities #disclosure
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
We performed a detailed security analysis of the encryption offered by the popular Telegram messaging platform. As a result of our analysis, we found several cryptographic weaknesses in the protocol, from technically trivial and easy to exploit to more advanced and of theoretical interest.
For most users, the immediate risk is low, but these vulnerabilities highlight that Telegram fell short of the cryptographic guarantees enjoyed by other widely deployed cryptographic protocols such as TLS. We made several suggestions to the Telegram developers that enable providing formal assurances that rule out a large class of cryptographic attacks, similarly to other, more established, cryptographic protocols.
We disclosed the following vulnerabilities to the Telegram development team on 16 April 2021 and agreed with them on a disclosure on 16 July 2021:
https://mtpsym.github.io/
💡 Read as well: Four cryptographic vulnerabilities in Telegram
https://t.iss.one/BlackBox_Archiv/2391
#telegram #messenger #security #vulnerabilities #disclosure
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Telegram
BlackBox (Security) Archiv
Four cryptographic vulnerabilities in Telegram
An international research team of cryptographers completed a detailed security analysis of the popular Telegram messaging platform identifying several weaknesses in its protocol that demonstrate the product…
An international research team of cryptographers completed a detailed security analysis of the popular Telegram messaging platform identifying several weaknesses in its protocol that demonstrate the product…
Hooking Candiru Another Mercenary Spyware Vendor Comes into Focus
💡 Summary:
— Candiru is a secretive Israel-based company that sells spyware exclusively to governments. Reportedly, their spyware can infect and monitor iPhones, Androids, Macs, PCs, and cloud accounts.
— Using Internet scanning we identified more than 750 websites linked to Candiru’s spyware infrastructure. We found many domains masquerading as advocacy organizations such as Amnesty International, the Black Lives Matter movement, as well as media companies, and other civil-society themed entities.
— We identified a politically active victim in Western Europe and recovered a copy of Candiru’s Windows spyware.
— Working with Microsoft Threat Intelligence Center (MSTIC) we analyzed the spyware, resulting in the discovery of CVE-2021-31979 and CVE-2021-33771 by Microsoft, two privilege escalation vulnerabilities exploited by Candiru. Microsoft patched both vulnerabilities on July 13th, 2021.
— As part of their investigation, Microsoft observed at least 100 victims in Palestine, Israel, Iran, Lebanon, Yemen, Spain, United Kingdom, Turkey, Armenia, and Singapore. Victims include human rights defenders, dissidents, journalists, activists, and politicians.
— We provide a brief technical overview of the Candiru spyware’s persistence mechanism and some details about the spyware’s functionality.
— Candiru has made efforts to obscure its ownership structure, staffing, and investment partners. Nevertheless, we have been able to shed some light on those areas in this report.
https://citizenlab.ca/2021/07/hooking-candiru-another-mercenary-spyware-vendor-comes-into-focus/
#candiru #mercenary #spyware #israel
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
💡 Summary:
— Candiru is a secretive Israel-based company that sells spyware exclusively to governments. Reportedly, their spyware can infect and monitor iPhones, Androids, Macs, PCs, and cloud accounts.
— Using Internet scanning we identified more than 750 websites linked to Candiru’s spyware infrastructure. We found many domains masquerading as advocacy organizations such as Amnesty International, the Black Lives Matter movement, as well as media companies, and other civil-society themed entities.
— We identified a politically active victim in Western Europe and recovered a copy of Candiru’s Windows spyware.
— Working with Microsoft Threat Intelligence Center (MSTIC) we analyzed the spyware, resulting in the discovery of CVE-2021-31979 and CVE-2021-33771 by Microsoft, two privilege escalation vulnerabilities exploited by Candiru. Microsoft patched both vulnerabilities on July 13th, 2021.
— As part of their investigation, Microsoft observed at least 100 victims in Palestine, Israel, Iran, Lebanon, Yemen, Spain, United Kingdom, Turkey, Armenia, and Singapore. Victims include human rights defenders, dissidents, journalists, activists, and politicians.
— We provide a brief technical overview of the Candiru spyware’s persistence mechanism and some details about the spyware’s functionality.
— Candiru has made efforts to obscure its ownership structure, staffing, and investment partners. Nevertheless, we have been able to shed some light on those areas in this report.
https://citizenlab.ca/2021/07/hooking-candiru-another-mercenary-spyware-vendor-comes-into-focus/
#candiru #mercenary #spyware #israel
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
The Citizen Lab
Hooking Candiru
Candiru is a secretive Israel-based company that sells spyware exclusively to governments. Using Internet scanning, we identified more than 750 websites linked to Candiru’s spyware infrastructure. We found many domains masquerading as advocacy organizations…
Four cryptographic vulnerabilities in Telegram
An international research team of cryptographers completed a detailed security analysis of the popular Telegram messaging platform identifying several weaknesses in its protocol that demonstrate the product falls short of some essential data security guarantees.
💡 First, the “crime-pizza” vulnerability
Researchers assessed that the most significant vulnerabilities relate to the ability of an attacker on the network to manipulate the sequencing of messages coming from a client to one of the cloud servers that Telegram operates globally. Imagine the potential damage that could occur in swapping the sequence of messages. For example, if the order of the messages in the sequence “I say ’yes’ to”, “pizza”, “I say ’no’ to”, “crime” was altered then it would appear that the client is declaring their willingness to commit a crime.
💡 Second, the “every bit of information is too much” attack
Mostly of theoretical interest, this vulnerability allows for an attacker on the network to detect which of two messages are encrypted by a client or a server. Cryptographic protocols are designed to rule out even such attacks.
💡 Third, the “adjust your clocks” attack
Researchers studied the implementation of Telegram clients and found that three - Android, iOS, and Desktop - contained code which, in principle, permitted attackers to recover some plaintext from encrypted messages. While this seems alarming, it would require an attacker to send millions of carefully crafted messages to a target and observe minute differences in how long the response takes to be delivered. Nevertheless, if this type of attack were successful it would be devastating for the confidentiality of Telegram messages and, of course its users. Fortunately, this attack is almost impossible to pull off in practice. But, before you breathe a sigh of relief, this type of attack is mostly mitigated by the sheer coincidence that some metadata in Telegram is selected at random and kept secret.
💡 Fourth, the “piggy in the middle” game
The researchers also show how an attacker can mount an "attacker-in-the-middle" type of attack on the initial key negotiation between the client and the server. This allows an attacker to impersonate the server to a client, enabling it to break both the confidentiality and integrity of the communication. Luckily this attack, too, is quite difficult to pull off as it requires the attacker to send billions of messages to a Telegram server within minutes. However, this attack highlights that while users are required to trust Telegram’s severs, the security of Telegram's servers and their implementations cannot be taken for granted.
⚠️ As is usual in this area of research, the team informed Telegram developers of their findings 90 days prior to making them public, offering the company ample time to address the issues identified. In the meantime, Telegram has reacted to the results and fixed the security issues found by the researchers with software updates.
💡 Read as well: Security Analysis of Telegram (Symmetric Part)
https://t.iss.one/BlackBox_Archiv/2389
https://ethz.ch/en/news-and-events/eth-news/news/2021/07/four-cryptographic-vulnerabilities-in-telegram.html
#telegram #messenger #security #vulnerabilities #disclosure
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
An international research team of cryptographers completed a detailed security analysis of the popular Telegram messaging platform identifying several weaknesses in its protocol that demonstrate the product falls short of some essential data security guarantees.
💡 First, the “crime-pizza” vulnerability
Researchers assessed that the most significant vulnerabilities relate to the ability of an attacker on the network to manipulate the sequencing of messages coming from a client to one of the cloud servers that Telegram operates globally. Imagine the potential damage that could occur in swapping the sequence of messages. For example, if the order of the messages in the sequence “I say ’yes’ to”, “pizza”, “I say ’no’ to”, “crime” was altered then it would appear that the client is declaring their willingness to commit a crime.
💡 Second, the “every bit of information is too much” attack
Mostly of theoretical interest, this vulnerability allows for an attacker on the network to detect which of two messages are encrypted by a client or a server. Cryptographic protocols are designed to rule out even such attacks.
💡 Third, the “adjust your clocks” attack
Researchers studied the implementation of Telegram clients and found that three - Android, iOS, and Desktop - contained code which, in principle, permitted attackers to recover some plaintext from encrypted messages. While this seems alarming, it would require an attacker to send millions of carefully crafted messages to a target and observe minute differences in how long the response takes to be delivered. Nevertheless, if this type of attack were successful it would be devastating for the confidentiality of Telegram messages and, of course its users. Fortunately, this attack is almost impossible to pull off in practice. But, before you breathe a sigh of relief, this type of attack is mostly mitigated by the sheer coincidence that some metadata in Telegram is selected at random and kept secret.
💡 Fourth, the “piggy in the middle” game
The researchers also show how an attacker can mount an "attacker-in-the-middle" type of attack on the initial key negotiation between the client and the server. This allows an attacker to impersonate the server to a client, enabling it to break both the confidentiality and integrity of the communication. Luckily this attack, too, is quite difficult to pull off as it requires the attacker to send billions of messages to a Telegram server within minutes. However, this attack highlights that while users are required to trust Telegram’s severs, the security of Telegram's servers and their implementations cannot be taken for granted.
⚠️ As is usual in this area of research, the team informed Telegram developers of their findings 90 days prior to making them public, offering the company ample time to address the issues identified. In the meantime, Telegram has reacted to the results and fixed the security issues found by the researchers with software updates.
💡 Read as well: Security Analysis of Telegram (Symmetric Part)
https://t.iss.one/BlackBox_Archiv/2389
https://ethz.ch/en/news-and-events/eth-news/news/2021/07/four-cryptographic-vulnerabilities-in-telegram.html
#telegram #messenger #security #vulnerabilities #disclosure
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Telegram
BlackBox (Security) Archiv
Security Analysis of Telegram (Symmetric Part)
We performed a detailed security analysis of the encryption offered by the popular Telegram messaging platform. As a result of our analysis, we found several cryptographic weaknesses in the protocol, from technically…
We performed a detailed security analysis of the encryption offered by the popular Telegram messaging platform. As a result of our analysis, we found several cryptographic weaknesses in the protocol, from technically…
Media is too big
VIEW IN TELEGRAM
Is Proton Mail Really Private, Secure, and Anonymous?
In this video I tackle the topic of whether or not Proton mail is Really Private, Secure, and Anonymous
Privacy Watchdogs article about Proton mail being a honey pot which covers some of the issues in this video in more details, plus other things I didn't talk about.
https://lbry.tv/@AlphaNerd:8/is-proton-mail-really-private,-secure,:f
#protonmail #privacy #security #anonymous #video
📽@cRyPtHoN_INFOSEC_FR
📽@cRyPtHoN_INFOSEC_EN
📽@cRyPtHoN_INFOSEC_DE
📽@BlackBox_Archiv
In this video I tackle the topic of whether or not Proton mail is Really Private, Secure, and Anonymous
Privacy Watchdogs article about Proton mail being a honey pot which covers some of the issues in this video in more details, plus other things I didn't talk about.
https://lbry.tv/@AlphaNerd:8/is-proton-mail-really-private,-secure,:f
#protonmail #privacy #security #anonymous #video
📽@cRyPtHoN_INFOSEC_FR
📽@cRyPtHoN_INFOSEC_EN
📽@cRyPtHoN_INFOSEC_DE
📽@BlackBox_Archiv
Phishing Army
Phishing is a critical cyber-attack vector - Let's fight the criminals!
Compatible with Pi-hole, AdAway, Blokada, AdGuard and any other Host/DNS filtering system. Already included in NextDNS Threat Intelligence Feed.
Generated every 6 hours from PhishTank, OpenPhish, Cert.pl, PhishFindR, Urlscan.io and Phishunt.io reports. Each domain is analyzed to eliminate false positives, through the Whitelist of Anudeep and the Alexa Rank.
👉🏼 Get the Blocklist:
https://phishing.army/download/phishing_army_blocklist.txt
👉🏼 Get the Extended Blocklist:
https://phishing.army/download/phishing_army_blocklist_extended.txt
💡 Extended or Normal Blocklist:
The difference is in the subdomains. The phishing kits can be reached even without subdomains. The extended blocklist also contains domains without subdomains. For example, it will contain the domain pay.phishing.com and phishing.com.
https://phishing.army/
#phishing #blocklist #host #dns #filtering
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Phishing is a critical cyber-attack vector - Let's fight the criminals!
Compatible with Pi-hole, AdAway, Blokada, AdGuard and any other Host/DNS filtering system. Already included in NextDNS Threat Intelligence Feed.
Generated every 6 hours from PhishTank, OpenPhish, Cert.pl, PhishFindR, Urlscan.io and Phishunt.io reports. Each domain is analyzed to eliminate false positives, through the Whitelist of Anudeep and the Alexa Rank.
👉🏼 Get the Blocklist:
https://phishing.army/download/phishing_army_blocklist.txt
👉🏼 Get the Extended Blocklist:
https://phishing.army/download/phishing_army_blocklist_extended.txt
💡 Extended or Normal Blocklist:
The difference is in the subdomains. The phishing kits can be reached even without subdomains. The extended blocklist also contains domains without subdomains. For example, it will contain the domain pay.phishing.com and phishing.com.
https://phishing.army/
#phishing #blocklist #host #dns #filtering
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Phishing Army | The Blocklist to filter Phishing!
The Blocklist to filter Phishing domain! Compatible with Pi-Hole, AdAway, Blokada and any other Host/DNS filtering system.
Revealed: leak uncovers global abuse of cyber-surveillance weapon
Spyware sold to authoritarian regimes used to target activists, politicians and journalists, data suggests.
Human rights activists, journalists and lawyers across the world have been targeted by authoritarian governments using hacking software sold by the Israeli surveillance company NSO Group, according to an investigation into a massive data leak.
The investigation by the Guardian and 16 other media organisations suggests widespread and continuing abuse of NSO’s hacking spyware, Pegasus, which the company insists is only intended for use against criminals and terrorists.
Pegasus is a malware that infects iPhones and Android devices to enable operators of the tool to extract messages, photos and emails, record calls and secretly activate microphones.
The leak contains a list of more than 50,000 phone numbers that, it is believed, have been identified as those of people of interest by clients of NSO since 2016.
Forbidden Stories, a Paris-based media nonprofit organisation, and Amnesty International initially had access to the leaked list and shared access with media partners as part of the Pegasus project, a reporting consortium.
The presence of a phone number in the data does not reveal whether a device was infected with Pegasus or subject to an attempted hack. However, the consortium believes the data is indicative of the potential targets NSO’s government clients identified in advance of possible surveillance attempts.
https://www.theguardian.com/world/2021/jul/18/revealed-leak-uncovers-global-abuse-of-cyber-surveillance-weapon-nso-group-pegasus
https://nitter.net/Snowden/status/1416797153524174854
#leak #surveillance #nso #pegasus #spyware
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Spyware sold to authoritarian regimes used to target activists, politicians and journalists, data suggests.
Human rights activists, journalists and lawyers across the world have been targeted by authoritarian governments using hacking software sold by the Israeli surveillance company NSO Group, according to an investigation into a massive data leak.
The investigation by the Guardian and 16 other media organisations suggests widespread and continuing abuse of NSO’s hacking spyware, Pegasus, which the company insists is only intended for use against criminals and terrorists.
Pegasus is a malware that infects iPhones and Android devices to enable operators of the tool to extract messages, photos and emails, record calls and secretly activate microphones.
The leak contains a list of more than 50,000 phone numbers that, it is believed, have been identified as those of people of interest by clients of NSO since 2016.
Forbidden Stories, a Paris-based media nonprofit organisation, and Amnesty International initially had access to the leaked list and shared access with media partners as part of the Pegasus project, a reporting consortium.
The presence of a phone number in the data does not reveal whether a device was infected with Pegasus or subject to an attempted hack. However, the consortium believes the data is indicative of the potential targets NSO’s government clients identified in advance of possible surveillance attempts.
https://www.theguardian.com/world/2021/jul/18/revealed-leak-uncovers-global-abuse-of-cyber-surveillance-weapon-nso-group-pegasus
https://nitter.net/Snowden/status/1416797153524174854
#leak #surveillance #nso #pegasus #spyware
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
the Guardian
Revealed: leak uncovers global abuse of cyber-surveillance weapon
Spyware sold to authoritarian regimes used to target activists, politicians and journalists, data suggests
Amazon Shuts Down NSO Group Infrastructure
The move comes as activist and media organizations publish new findings on the Israeli surveillance vendor.
Amazon Web Services (AWS) has shut down infrastructure and accounts linked to Israeli surveillance vendor NSO Group, Amazon said in a statement.
The move comes as a group of media outlets and activist organizations published new research into NSO's malware and phone numbers potentially selected for targeting by NSO's government clients.
"When we learned of this activity, we acted quickly to shut down the relevant infrastructure and accounts," an AWS spokesperson told Motherboard in an email.
Amnesty International published a forensic investigation on Sunday that, among other things, determined that NSO customers have had access to zero-day attacks in Apple's iMessage as recently as this year. As part of that research, Amnesty wrote that a phone infected with NSO's Pegasus malware sent information "to a service fronted by Amazon CloudFront, suggesting NSO Group has switched to using AWS services in recent months." The Amnesty report included part of the same statement from Amazon, showing Amnesty contacted the company before publication.
https://www.vice.com/en/article/xgx5bw/amazon-aws-shuts-down-nso-group-infrastructure
💡 Read as well: Revealed: leak uncovers global abuse of cyber-surveillance weapon
https://t.iss.one/BlackBox_Archiv/2394
#leak #surveillance #nso #pegasus #spyware #amazon #aws
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
The move comes as activist and media organizations publish new findings on the Israeli surveillance vendor.
Amazon Web Services (AWS) has shut down infrastructure and accounts linked to Israeli surveillance vendor NSO Group, Amazon said in a statement.
The move comes as a group of media outlets and activist organizations published new research into NSO's malware and phone numbers potentially selected for targeting by NSO's government clients.
"When we learned of this activity, we acted quickly to shut down the relevant infrastructure and accounts," an AWS spokesperson told Motherboard in an email.
Amnesty International published a forensic investigation on Sunday that, among other things, determined that NSO customers have had access to zero-day attacks in Apple's iMessage as recently as this year. As part of that research, Amnesty wrote that a phone infected with NSO's Pegasus malware sent information "to a service fronted by Amazon CloudFront, suggesting NSO Group has switched to using AWS services in recent months." The Amnesty report included part of the same statement from Amazon, showing Amnesty contacted the company before publication.
https://www.vice.com/en/article/xgx5bw/amazon-aws-shuts-down-nso-group-infrastructure
💡 Read as well: Revealed: leak uncovers global abuse of cyber-surveillance weapon
https://t.iss.one/BlackBox_Archiv/2394
#leak #surveillance #nso #pegasus #spyware #amazon #aws
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
VICE
Amazon Shuts Down NSO Group Infrastructure
The move comes as activist and media organizations publish new findings on the Israeli surveillance vendor.
MAGA World’s ‘Freedom Phone’ Actually Budget Chinese Phone
MAGA Influencers are pushing a phone preloaded with apps like Parler and Rumble that appears to be a vastly more expensive version of a phone made in China.
The pro-Trump internet went wild on Wednesday for the Freedom Phone, a $500 smartphone that comes stocked with conservative apps and promises to liberate anyone else who buys it from Silicon Valley censorship. The American flag-branded phone was immediately promoted by a wide range of right-wing figures, including former Trump adviser Roger Stone, Jan. 6 rally organizer Ali Alexander, and pundit Dinesh D’Souza.
“I’m holding a freaking phone that is not controlled by Apple or Google,” conservative personality Candace Owens told her fans in an Instagram video. “We made the switch immediately.”
Despite being lauded by some of the right-wing media’s leading figures, though, the Freedom Phone’s buyers could be getting less than they expect for its $500 price tag. That’s because the Freedom Phone appears to be merely a more expensive rebranding of a budget Chinese phone available elsewhere for a fraction of the Freedom Phone’s price.
The Freedom Phone was created by Erik Finman, the self-proclaimed “youngest bitcoin millionaire” and one of Time Magazine’s “Most Influential Teens of 2014.” In a video announcing the phone, Finman said he was inspired to create the phone after the tech giants’ crackdown on both Donald Trump and conservative social media app Parler in the wake of the Jan. 6 riot.
“Imagine if Mark Zuckerberg censored MLK or Abraham Lincoln,” Finman said in the video.
Freedom Phone’s website is nearly totally devoid of technical information about the device. Finman declares in the promotional video that the Freedom Phone is “comparable to the best smartphones on the market” and “truly is the best phone in the world.”
In fact, Freedom Phone appears to be a simple rebranding of a budget phone called the “Umidigi A9 Pro,” made by the Chinese tech company Umidigi. In an interview with The Daily Beast, Finman confirmed that the Freedom Phone was manufactured by Umidigi, but couldn’t say immediately which Umidigi phone it was based on.
https://www.thedailybeast.com/maga-worlds-freedom-phone-actually-budget-chinese-phone
💡 Read as well:
https://t.iss.one/neo_network/249
#usa #freedomphone #china #finman #TodlerTrump #umidigi #shenzhen
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
MAGA Influencers are pushing a phone preloaded with apps like Parler and Rumble that appears to be a vastly more expensive version of a phone made in China.
The pro-Trump internet went wild on Wednesday for the Freedom Phone, a $500 smartphone that comes stocked with conservative apps and promises to liberate anyone else who buys it from Silicon Valley censorship. The American flag-branded phone was immediately promoted by a wide range of right-wing figures, including former Trump adviser Roger Stone, Jan. 6 rally organizer Ali Alexander, and pundit Dinesh D’Souza.
“I’m holding a freaking phone that is not controlled by Apple or Google,” conservative personality Candace Owens told her fans in an Instagram video. “We made the switch immediately.”
Despite being lauded by some of the right-wing media’s leading figures, though, the Freedom Phone’s buyers could be getting less than they expect for its $500 price tag. That’s because the Freedom Phone appears to be merely a more expensive rebranding of a budget Chinese phone available elsewhere for a fraction of the Freedom Phone’s price.
The Freedom Phone was created by Erik Finman, the self-proclaimed “youngest bitcoin millionaire” and one of Time Magazine’s “Most Influential Teens of 2014.” In a video announcing the phone, Finman said he was inspired to create the phone after the tech giants’ crackdown on both Donald Trump and conservative social media app Parler in the wake of the Jan. 6 riot.
“Imagine if Mark Zuckerberg censored MLK or Abraham Lincoln,” Finman said in the video.
Freedom Phone’s website is nearly totally devoid of technical information about the device. Finman declares in the promotional video that the Freedom Phone is “comparable to the best smartphones on the market” and “truly is the best phone in the world.”
In fact, Freedom Phone appears to be a simple rebranding of a budget phone called the “Umidigi A9 Pro,” made by the Chinese tech company Umidigi. In an interview with The Daily Beast, Finman confirmed that the Freedom Phone was manufactured by Umidigi, but couldn’t say immediately which Umidigi phone it was based on.
https://www.thedailybeast.com/maga-worlds-freedom-phone-actually-budget-chinese-phone
💡 Read as well:
https://t.iss.one/neo_network/249
#usa #freedomphone #china #finman #TodlerTrump #umidigi #shenzhen
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
The Daily Beast
MAGA World’s ‘Freedom Phone’ Actually Budget Chinese Phone
MAGA Influencers are pushing a phone preloaded with apps like Parler and Rumble that appears to be a vastly more expensive version of a phone made in China.
An unprecedented group of allies and partners – including the European Union, the United Kingdom, and NATO – are joining the United States in exposing and criticizing the PRC’s malicious cyber activities.
The United States has long been concerned about the People’s Republic of China’s (PRC) irresponsible and destabilizing behavior in cyberspace. Today, the United States and our allies and partners are exposing further details of the PRC’s pattern of malicious cyber activity and taking further action to counter it, as it poses a major threat to U.S. and allies’ economic and national security.
An unprecedented group of allies and partners – including the European Union, the United Kingdom, and NATO – are joining the United States in exposing and criticizing the PRC’s malicious cyber activities.
The PRC’s pattern of irresponsible behavior in cyberspace is inconsistent with its stated objective of being seen as a responsible leader in the world. Today, countries around the world are making it clear that concerns regarding the PRC’s malicious cyber activities is bringing them together to call out those activities, promote network defense and cybersecurity, and act to disrupt threats to our economies and national security.
Our allies and partners are a tremendous source of strength and a unique American advantage, and our collective approach to cyber threat information sharing, defense, and mitigation helps hold countries like China to account. Working collectively enhances and increases information sharing, including cyber threat intelligence and network defense information, with public and private stakeholders and expand diplomatic engagement to strengthen our collective cyber resilience and security cooperation. Today’s announcement builds on the progress made from the President’s first foreign trip. From the G7 and EU commitments around ransomware to NATO adopting a new cyber defense policy for the first time in seven years, the President is putting forward a common cyber approach with our allies and laying down clear expectations and markers on how responsible nations behave in cyberspace.
https://telegra.ph/The-United-States-Joined-by-Allies-and-Partners-Attributes-Malicious-Cyber-Activity-and-Irresponsible-State-Behavior-to-the-Peop-07-19
via www.whitehouse.gov
#usa #nato #eu #china #prc #malicious #internet #cyberdefence
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
The United States has long been concerned about the People’s Republic of China’s (PRC) irresponsible and destabilizing behavior in cyberspace. Today, the United States and our allies and partners are exposing further details of the PRC’s pattern of malicious cyber activity and taking further action to counter it, as it poses a major threat to U.S. and allies’ economic and national security.
An unprecedented group of allies and partners – including the European Union, the United Kingdom, and NATO – are joining the United States in exposing and criticizing the PRC’s malicious cyber activities.
The PRC’s pattern of irresponsible behavior in cyberspace is inconsistent with its stated objective of being seen as a responsible leader in the world. Today, countries around the world are making it clear that concerns regarding the PRC’s malicious cyber activities is bringing them together to call out those activities, promote network defense and cybersecurity, and act to disrupt threats to our economies and national security.
Our allies and partners are a tremendous source of strength and a unique American advantage, and our collective approach to cyber threat information sharing, defense, and mitigation helps hold countries like China to account. Working collectively enhances and increases information sharing, including cyber threat intelligence and network defense information, with public and private stakeholders and expand diplomatic engagement to strengthen our collective cyber resilience and security cooperation. Today’s announcement builds on the progress made from the President’s first foreign trip. From the G7 and EU commitments around ransomware to NATO adopting a new cyber defense policy for the first time in seven years, the President is putting forward a common cyber approach with our allies and laying down clear expectations and markers on how responsible nations behave in cyberspace.
https://telegra.ph/The-United-States-Joined-by-Allies-and-Partners-Attributes-Malicious-Cyber-Activity-and-Irresponsible-State-Behavior-to-the-Peop-07-19
via www.whitehouse.gov
#usa #nato #eu #china #prc #malicious #internet #cyberdefence
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Telegraph
The United States, Joined by Allies and Partners, Attributes Malicious Cyber Activity and Irresponsible State Behavior to the People’s…
The United States has long been concerned about the People’s Republic of China’s (PRC) irresponsible and destabilizing behavior in cyberspace. Today, the United States and our allies and partners are exposing further details of the PRC’s pattern of malicious…
musescore-downloader
download sheet music from musescore.com for free, no login or Musescore Pro required
Musescore Pro ($6.99/mo) is required to download sheet music from musescore.com recently.
(However, a few months ago, it was free to download.)
The Musescore company said that this is about copyright and licensing, and they must pay to the copyright owners.
Many musics on musescore.com are already in the Public Domain, that means either the author posted them in Public Domain, or the author has been dead for over 70 years.
Do they need to pay to those composers who died hundreds of years ago?
Update: sheets in Public Domain are able to be downloaded without Musescore Pro now, but we still need an account to access them.
Also, there are many sheet music authors on musescore.com who created their own songs and posted them under CC-BY-NC (Creative Commons Attribution-NonCommercial) License.
Is it illegal that they sell them for profit?
Note: Putting ads (to sell Musescore Pro) on the website also means that they use it to generate revenue.
This is absolutely not acceptable, and the only purpose is to profit from stealing.
https://github.com/Xmader/musescore-downloader
💡 Read as well:
https://web.archive.org/web/20210719115639if_/https://github.com/Xmader/musescore-downloader/issues/5#issuecomment-882450335
⚠️ For the purposes of research and study only
#musescore #downloader #tool
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
download sheet music from musescore.com for free, no login or Musescore Pro required
Musescore Pro ($6.99/mo) is required to download sheet music from musescore.com recently.
(However, a few months ago, it was free to download.)
The Musescore company said that this is about copyright and licensing, and they must pay to the copyright owners.
Many musics on musescore.com are already in the Public Domain, that means either the author posted them in Public Domain, or the author has been dead for over 70 years.
Do they need to pay to those composers who died hundreds of years ago?
Update: sheets in Public Domain are able to be downloaded without Musescore Pro now, but we still need an account to access them.
Also, there are many sheet music authors on musescore.com who created their own songs and posted them under CC-BY-NC (Creative Commons Attribution-NonCommercial) License.
Is it illegal that they sell them for profit?
Note: Putting ads (to sell Musescore Pro) on the website also means that they use it to generate revenue.
This is absolutely not acceptable, and the only purpose is to profit from stealing.
https://github.com/Xmader/musescore-downloader
💡 Read as well:
https://web.archive.org/web/20210719115639if_/https://github.com/Xmader/musescore-downloader/issues/5#issuecomment-882450335
⚠️ For the purposes of research and study only
#musescore #downloader #tool
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
GitHub
GitHub - Xmader/musescore-downloader: ⚠️ This repo has moved to https://github.com/LibreScore/dl-librescore ⚠️ | Download sheet…
⚠️ This repo has moved to https://github.com/LibreScore/dl-librescore ⚠️ | Download sheet music (MSCZ, PDF, MusicXML, MIDI, MP3, download individual parts as PDF) from musescore.com for free, no lo...
Apple under pressure over iPhone security after NSO spyware claims
Tech group urged to collaborate with rivals following alleged Pegasus surveillance of journalists and activists
Apple has come under pressure to collaborate more with its Silicon Valley rivals in order to fend off the common threat of surveillance technology, after a report alleged that NSO Group’s Pegasus spyware was used to target journalists and human rights activists.
Amnesty International, which analysed dozens of smartphones targeted by clients of NSO, said Apple’s marketing claims about its devices’ superior security and privacy had been “ripped apart” by the discovery of vulnerabilities in even the most recent versions of its iPhones and iOS software.
“Thousands of iPhones have potentially been compromised,” said Danna Ingleton, deputy director of Amnesty’s tech unit. “This is a global concern — anyone and everyone is at risk, and even technology giants like Apple are ill-equipped to deal with the massive scale of surveillance at hand.”
Security researchers say that Apple could do more to tackle the problem by working with other tech companies to share details about vulnerabilities and vet their software updates.
“Apple unfortunately do a poor job at that collaboration,” said Aaron Cockerill, chief strategy officer at Lookout, a mobile security provider, describing iOS as a “black box” compared with Google’s Android, where it is “much easier to identify malicious behaviour”.
Amnesty worked with the journalism non-profit Forbidden Stories and 17 media partners on the “Pegasus Project” to identify alleged targets of surveillance.
NSO, which says its technology was designed only to target criminal or terrorist suspects, has described the Pegasus Project’s claims as “false allegations” and “full of wrong assumptions and uncorroborated theories”.
Amnesty’s research found that several attempts to steal data and eavesdrop on iPhones had been made through Apple’s iMessage using so-called “zero-click” attacks, which work without the user needing to tap a link.
Bill Marczak, research fellow at Citizen Lab, a non-profit group that has extensively documented NSO’s tactics, said Amnesty’s findings suggested that Apple had a “major blinking red five-alarm-fire problem with iMessage security”.
(Paywall) https://www.ft.com/content/898e14b1-a4e1-4443-8d9a-8b5ff5238396
#leak #surveillance #nso #pegasus #spyware #apple #iMessage
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Tech group urged to collaborate with rivals following alleged Pegasus surveillance of journalists and activists
Apple has come under pressure to collaborate more with its Silicon Valley rivals in order to fend off the common threat of surveillance technology, after a report alleged that NSO Group’s Pegasus spyware was used to target journalists and human rights activists.
Amnesty International, which analysed dozens of smartphones targeted by clients of NSO, said Apple’s marketing claims about its devices’ superior security and privacy had been “ripped apart” by the discovery of vulnerabilities in even the most recent versions of its iPhones and iOS software.
“Thousands of iPhones have potentially been compromised,” said Danna Ingleton, deputy director of Amnesty’s tech unit. “This is a global concern — anyone and everyone is at risk, and even technology giants like Apple are ill-equipped to deal with the massive scale of surveillance at hand.”
Security researchers say that Apple could do more to tackle the problem by working with other tech companies to share details about vulnerabilities and vet their software updates.
“Apple unfortunately do a poor job at that collaboration,” said Aaron Cockerill, chief strategy officer at Lookout, a mobile security provider, describing iOS as a “black box” compared with Google’s Android, where it is “much easier to identify malicious behaviour”.
Amnesty worked with the journalism non-profit Forbidden Stories and 17 media partners on the “Pegasus Project” to identify alleged targets of surveillance.
NSO, which says its technology was designed only to target criminal or terrorist suspects, has described the Pegasus Project’s claims as “false allegations” and “full of wrong assumptions and uncorroborated theories”.
Amnesty’s research found that several attempts to steal data and eavesdrop on iPhones had been made through Apple’s iMessage using so-called “zero-click” attacks, which work without the user needing to tap a link.
Bill Marczak, research fellow at Citizen Lab, a non-profit group that has extensively documented NSO’s tactics, said Amnesty’s findings suggested that Apple had a “major blinking red five-alarm-fire problem with iMessage security”.
(Paywall) https://www.ft.com/content/898e14b1-a4e1-4443-8d9a-8b5ff5238396
#leak #surveillance #nso #pegasus #spyware #apple #iMessage
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Ft
Apple under pressure over iPhone security after NSO spyware claims
Tech group urged to work with rivals after alleged Pegasus surveillance of journalists and activists
Media is too big
VIEW IN TELEGRAM
A Look at Glytch's Pocket Hardware Hacking Kit
Glytch is back again, this time with a cursed video! You read that right, this one has been a bit of a problem...But it's here, sit back, relax, and watch Glytch ramble on about another mishmash of hardware in a fabric package, this time on Hak5!
https://www.youtube.com/watch?v=GI9eWmk54ro
#hak5 #video
📽@cRyPtHoN_INFOSEC_FR
📽@cRyPtHoN_INFOSEC_EN
📽@cRyPtHoN_INFOSEC_DE
📽@BlackBox_Archiv
Glytch is back again, this time with a cursed video! You read that right, this one has been a bit of a problem...But it's here, sit back, relax, and watch Glytch ramble on about another mishmash of hardware in a fabric package, this time on Hak5!
https://www.youtube.com/watch?v=GI9eWmk54ro
#hak5 #video
📽@cRyPtHoN_INFOSEC_FR
📽@cRyPtHoN_INFOSEC_EN
📽@cRyPtHoN_INFOSEC_DE
📽@BlackBox_Archiv
What protects against Pegasus
The spy software is sophisticated. Anyone who wants to be spied on with this software is largely unprotected. But there are a few ways to make the attackers' work more difficult.
💡 The good news about Pegasus is that the notorious spyware is not a tool for mass surveillance. Unlike the tools of NSA and Co., it is - as far as is known - not used to intercept data of millions of people, but very specifically positioned against individuals and their environment. The NSO Group also charges its customers a lot of money for each individual connection it intercepts. There is talk of the equivalent of several thousand euros.
Although the Pegasus Project's research shows that the devices of tens of thousands of people have been targeted by NSO customers, these are mainly activists, journalists and politicians - in short, people who are in the public eye - in addition to many suspected criminals. It is therefore unlikely that "ordinary citizens" will ever come into contact with such technology.
💡 The bad news, however, is that anyone who is to be spied on with Pegasus is largely defenseless. As far as is known, the spy software works on iPhones as well as Blackberrys, and the Android operating system offers no protection either. "There is no effective way for a user to defend against this type of attack," warns IT security expert Claudio Guarnieri of the Amnesty International Security Lab. Leaving the cell phone at home altogether or putting it in another room for confidential conversations is the best protection.
If you don't want to do this, you can at least make it more difficult for attackers to do their work. For example, you should always use the latest version of the operating system. As a rule, security gaps are also closed with every update. You should never click on links in messages from unknown senders. Security experts also recommend deactivating Apple's iMessage service and Facetime, as these are known gateways for Pegasus. It can also help to use a so-called Virtual Private Network - VPN for short - to surf the Internet. IT experts have also observed that when infected with Pegasus software, turning it off and on helps - at least in the short term. This puts the software out of operation, but only until the next attack.
https://projekte.sueddeutsche.de/artikel/politik/pegasus-project-was-vor-nso-spaehsoftware-schuetzt-e876744/
#leak #surveillance #nso #pegasus #spyware #protection
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
The spy software is sophisticated. Anyone who wants to be spied on with this software is largely unprotected. But there are a few ways to make the attackers' work more difficult.
💡 The good news about Pegasus is that the notorious spyware is not a tool for mass surveillance. Unlike the tools of NSA and Co., it is - as far as is known - not used to intercept data of millions of people, but very specifically positioned against individuals and their environment. The NSO Group also charges its customers a lot of money for each individual connection it intercepts. There is talk of the equivalent of several thousand euros.
Although the Pegasus Project's research shows that the devices of tens of thousands of people have been targeted by NSO customers, these are mainly activists, journalists and politicians - in short, people who are in the public eye - in addition to many suspected criminals. It is therefore unlikely that "ordinary citizens" will ever come into contact with such technology.
💡 The bad news, however, is that anyone who is to be spied on with Pegasus is largely defenseless. As far as is known, the spy software works on iPhones as well as Blackberrys, and the Android operating system offers no protection either. "There is no effective way for a user to defend against this type of attack," warns IT security expert Claudio Guarnieri of the Amnesty International Security Lab. Leaving the cell phone at home altogether or putting it in another room for confidential conversations is the best protection.
If you don't want to do this, you can at least make it more difficult for attackers to do their work. For example, you should always use the latest version of the operating system. As a rule, security gaps are also closed with every update. You should never click on links in messages from unknown senders. Security experts also recommend deactivating Apple's iMessage service and Facetime, as these are known gateways for Pegasus. It can also help to use a so-called Virtual Private Network - VPN for short - to surf the Internet. IT experts have also observed that when infected with Pegasus software, turning it off and on helps - at least in the short term. This puts the software out of operation, but only until the next attack.
https://projekte.sueddeutsche.de/artikel/politik/pegasus-project-was-vor-nso-spaehsoftware-schuetzt-e876744/
#leak #surveillance #nso #pegasus #spyware #protection
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Süddeutsche.de
Was vor Pegasus schützt
Die Spionagesoftware ist raffiniert. Wer mit ihr ausgespäht werden soll, ist weitgehend schutzlos. Doch es gibt ein paar Möglichkeiten, den Angreifern die Arbeit zu erschweren.
Northern's ticket machines hit by ransomware cyber attack
Northern rail's new self-service ticket machines have been targeted by a suspected ransomware cyber-attack.
The system has been offline since last week and an investigation is under way.
It comes just two months after 621 of the touch-screen units were installed at 420 stations across the north of England at a cost of £17m.
The government-run operator said it had taken "swift action" along with its supplier, Flowbird, and customer and payment data had not been compromised.
Only the servers which operate the ticket machines have been affected, Northern said.
"This is the subject of an ongoing investigation with our supplier, but indications are that the ticket machine service has been subject to a ransomware cyber-attack," it confirmed.
https://www.bbc.co.uk/news/uk-england-57892711
#uk #ransomware #attack #northern
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Northern rail's new self-service ticket machines have been targeted by a suspected ransomware cyber-attack.
The system has been offline since last week and an investigation is under way.
It comes just two months after 621 of the touch-screen units were installed at 420 stations across the north of England at a cost of £17m.
The government-run operator said it had taken "swift action" along with its supplier, Flowbird, and customer and payment data had not been compromised.
Only the servers which operate the ticket machines have been affected, Northern said.
"This is the subject of an ongoing investigation with our supplier, but indications are that the ticket machine service has been subject to a ransomware cyber-attack," it confirmed.
https://www.bbc.co.uk/news/uk-england-57892711
#uk #ransomware #attack #northern
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
BBC News
Northern's ticket machines hit by ransomware cyber attack
Northern rail's new self-service machines were installed at 420 stations two months ago.
Paranoid NixOS Setup
Most of the time you can get away with a fairly simple security posture on NixOS. Don't run services as root, separate each service into its own systemd units, don't run packages you don't trust the heritage of and most importantly don't give random people shell access with passwordless sudo.
Sometimes however, you have good reasons to want to lock everything down as much as humanly possible. This could happen when you want to create production servers for something security-critical such as a bastion host. In this post I'm going to show you a defense-in-depth model for making a NixOS server that is a bit more paranoid than usual, as well as explanations of all the moving parts.
💡At a high-level I'm assuming the following things about this setup:
— It should be very difficult to get in as a passive attacker
— But the defense doesn't stop at "just hope they don't get in"
— It should be annoying for attackers to get a user-level shell
— But ensure they'll be able to anyways if they're dedicated enough
— It should be difficult for attackers to run their own code on the system
— But assume that it could happen and make evidence of that very loud
— It should be aggravating for attackers to access the package manager on the system
— But ensure that they can't do anything very easily even if they can access the package manager itself
💡 Some additional goals:
— Make the system only manageable by a central management system such as morph or nixops
— Only make SSH visible over a VPN of some kind, such as Tailscale or another WireGuard setup
— Mount the root filesystem on a tmpfs
— Have explicitly defined persistent folders
— Mark everything as noexec except for the mount that /nix/store is on
— Don't make the system too difficult to use in the process
https://christine.website/blog/paranoid-nixos-2021-07-18
#paranoid #nixos #setup
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Most of the time you can get away with a fairly simple security posture on NixOS. Don't run services as root, separate each service into its own systemd units, don't run packages you don't trust the heritage of and most importantly don't give random people shell access with passwordless sudo.
Sometimes however, you have good reasons to want to lock everything down as much as humanly possible. This could happen when you want to create production servers for something security-critical such as a bastion host. In this post I'm going to show you a defense-in-depth model for making a NixOS server that is a bit more paranoid than usual, as well as explanations of all the moving parts.
💡At a high-level I'm assuming the following things about this setup:
— It should be very difficult to get in as a passive attacker
— But the defense doesn't stop at "just hope they don't get in"
— It should be annoying for attackers to get a user-level shell
— But ensure they'll be able to anyways if they're dedicated enough
— It should be difficult for attackers to run their own code on the system
— But assume that it could happen and make evidence of that very loud
— It should be aggravating for attackers to access the package manager on the system
— But ensure that they can't do anything very easily even if they can access the package manager itself
💡 Some additional goals:
— Make the system only manageable by a central management system such as morph or nixops
— Only make SSH visible over a VPN of some kind, such as Tailscale or another WireGuard setup
— Mount the root filesystem on a tmpfs
— Have explicitly defined persistent folders
— Mark everything as noexec except for the mount that /nix/store is on
— Don't make the system too difficult to use in the process
https://christine.website/blog/paranoid-nixos-2021-07-18
#paranoid #nixos #setup
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
👍1
2107.08590.pdf
963.4 KB
EvilModel: Hiding Malware Inside of Neural Network Models
Delivering malware covertly and detection-evadingly is critical to advanced malware campaigns. In this paper, we present a method that delivers malware covertly and detection-evadingly through neural network models. Neural network models are poorly explainable and have a good generalization ability. By embedding malware into the neurons, malware can be delivered covertly with minor or even no impact on the performance of neural networks.
https://arxiv.org/pdf/2107.08590.pdf
#evilmodel #malware #neuralnetworks #pdf
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Delivering malware covertly and detection-evadingly is critical to advanced malware campaigns. In this paper, we present a method that delivers malware covertly and detection-evadingly through neural network models. Neural network models are poorly explainable and have a good generalization ability. By embedding malware into the neurons, malware can be delivered covertly with minor or even no impact on the performance of neural networks.
https://arxiv.org/pdf/2107.08590.pdf
#evilmodel #malware #neuralnetworks #pdf
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
India’s PM Modi accused of ‘treason’ over Pegasus spyware scandal
Opposition accuses Modi of compromising national security following revelations that dozens of Indians were potential targets of snooping by Israeli-made spyware.
India’s main opposition Congress party has accused Prime Minister Narendra Modi of “treason” and compromising national security following revelations that dozens of Indians were potential targets of snooping by an Israeli-made spyware.
More than 1,000 phone numbers in India were among nearly 50,000 selected worldwide as possibly of interest to clients of the Israel-based NSO Group, maker of the Pegasus spyware, an investigation by a consortium of media organisations revealed on Sunday.
The leaked list, shared with the news outlets by Forbidden Stories, a Paris-based journalism nonprofit, and rights group Amnesty International, showed the identities of people targeted with more than 300 of those phone numbers in India, including politicians, dozens of journalists, businessmen and even two ministers in the Modi government.
Indian media reports said Modi’s main rival, former Congress party president Rahul Gandhi, was among dozens of Indian politicians, activists and government critics identified as potential targets of the Pegasus spyware.
“Is spying on India’s security forces, judiciary, cabinet ministers, opposition leaders including Rahul Gandhi, journalists and other activities through a foreign entity’s spyware not treason and an inexcusable dismantling of national security?” Congress spokesman Randeep Surjewala said at a press conference in New Delhi on Monday.
https://www.aljazeera.com/news/2021/7/20/pegasus-project-india-modi-treason-spyware-snooping-scandal
#leak #surveillance #nso #israel #pegasus #spyware #india #modi
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Opposition accuses Modi of compromising national security following revelations that dozens of Indians were potential targets of snooping by Israeli-made spyware.
India’s main opposition Congress party has accused Prime Minister Narendra Modi of “treason” and compromising national security following revelations that dozens of Indians were potential targets of snooping by an Israeli-made spyware.
More than 1,000 phone numbers in India were among nearly 50,000 selected worldwide as possibly of interest to clients of the Israel-based NSO Group, maker of the Pegasus spyware, an investigation by a consortium of media organisations revealed on Sunday.
The leaked list, shared with the news outlets by Forbidden Stories, a Paris-based journalism nonprofit, and rights group Amnesty International, showed the identities of people targeted with more than 300 of those phone numbers in India, including politicians, dozens of journalists, businessmen and even two ministers in the Modi government.
Indian media reports said Modi’s main rival, former Congress party president Rahul Gandhi, was among dozens of Indian politicians, activists and government critics identified as potential targets of the Pegasus spyware.
“Is spying on India’s security forces, judiciary, cabinet ministers, opposition leaders including Rahul Gandhi, journalists and other activities through a foreign entity’s spyware not treason and an inexcusable dismantling of national security?” Congress spokesman Randeep Surjewala said at a press conference in New Delhi on Monday.
https://www.aljazeera.com/news/2021/7/20/pegasus-project-india-modi-treason-spyware-snooping-scandal
#leak #surveillance #nso #israel #pegasus #spyware #india #modi
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Al Jazeera
Pegasus Project: Is India ‘at mercy of a shady, private company’?
Indian PM attacked after revelations that dozens of Indians were potential targets of snooping by Israeli-made spyware.
97: The Pizza Problem
Darknet Diaries - Ep 97: The Pizza Problem
What if someone wanted to own your Instagram account? Not just control it, but make it totally theirs. This episode tells the story of how someone tried to steal an Instagram account from someone.
https://darknetdiaries.com/episode/97/
#truecrime #darknetdiaries #podcast
🎙@cRyPtHoN_INFOSEC_FR
🎙@cRyPtHoN_INFOSEC_EN
🎙@cRyPtHoN_INFOSEC_DE
🎙@BlackBox_Archiv
What if someone wanted to own your Instagram account? Not just control it, but make it totally theirs. This episode tells the story of how someone tried to steal an Instagram account from someone.
https://darknetdiaries.com/episode/97/
#truecrime #darknetdiaries #podcast
🎙@cRyPtHoN_INFOSEC_FR
🎙@cRyPtHoN_INFOSEC_EN
🎙@cRyPtHoN_INFOSEC_DE
🎙@BlackBox_Archiv
Mobile Verification Toolkit - identify a potential compromise of Android and iOS devices with Pegasus Malware
Mobile Verification Toolkit (MVT) is a collection of utilities to simplify and automate the process of gathering forensic traces helpful to identify a potential compromise of Android and iOS devices.
https://github.com/mvt-project/mvt
#leak #surveillance #nso #israel #pegasus #spyware #toolkit #forensic
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Mobile Verification Toolkit (MVT) is a collection of utilities to simplify and automate the process of gathering forensic traces helpful to identify a potential compromise of Android and iOS devices.
https://github.com/mvt-project/mvt
#leak #surveillance #nso #israel #pegasus #spyware #toolkit #forensic
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
GitHub
GitHub - mvt-project/mvt: MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find…
MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise. - mvt-project/mvt
Except if a client/customer of NSO wants to know it
https://nitter.pussthecat.org/malwrhunterteam/status/1082283761776160768
via Twitter
#surveillance #nso #pegasus #spyware #apple
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
https://nitter.pussthecat.org/malwrhunterteam/status/1082283761776160768
via Twitter
#surveillance #nso #pegasus #spyware #apple
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
NSO's claim that it is "technologically impossible” to spy on American phone numbers is a bald-faced lie: a exploit that works against Macron's iPhone will work the same on Biden's iPhone.
Any code written to prohibit targeting a country can also be unwritten. It's a fig leaf.
https://nitter.pussthecat.org/Snowden/status/1417528060245647372
via Twitter
💡 Read as well: On the list: Ten prime ministers, three presidents and a king
https://telegra.ph/On-the-list-Ten-prime-ministers-three-presidents-and-a-king-07-20
via www.washingtonpost.com
#surveillance #nso #pegasus #spyware #snowden #france #macron
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Any code written to prohibit targeting a country can also be unwritten. It's a fig leaf.
https://nitter.pussthecat.org/Snowden/status/1417528060245647372
via Twitter
💡 Read as well: On the list: Ten prime ministers, three presidents and a king
https://telegra.ph/On-the-list-Ten-prime-ministers-three-presidents-and-a-king-07-20
via www.washingtonpost.com
#surveillance #nso #pegasus #spyware #snowden #france #macron
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv