Capture Wi-Fi Passwords From Smartphones with a Half-Handshake Attack

In this episode, we show how hackers can abuse convenience features of Wi-Fi to extract passwords from nearby smartphones belonging to Wi-Fi networks they've connected to in the past.

https://www.youtube.com/watch?v=5guDKTc6Hak

#hak5 #video #wifi #passwords #smartphones
🎥@cRyPtHoN_INFOSEC_FR
🎥@cRyPtHoN_INFOSEC_EN
🎥@cRyPtHoN_INFOSEC_DE
🎥@BlackBox_Archiv

"Incognito Mode is not a great method of ensuring privacy, because it's still very easy to track what you're doing online."

Yep. Want real browsing privacy and tracking protection?

It's possible with Tor Browser. 👉🏽 https://torproject.org/download.

https://nitter.pussthecat.org/torproject/status/1423688216184426496

via Twitter

💡 Read as well:
Your Google and Safari Incognito mode is EXPOSING you online – here’s how
https://www.the-sun.com/tech/3410416/google-chrome-incognito-mode-safari-exposing-data-online/

#online #privacy #tor
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Connect-app (CDU) Version: 3.8 - Cross Site Scripting

app: connect-app (cdu) (version: 3.8)

cross-site scripting in the registration form name variables. Remote attackers can inject js payloads as name variables to exploit the frontend in the profile view and potentially execute in the backend via the preview. Uncertainty in validating object names in outbound emails, causing the context to be validated insecurely. This allows reflected execution in the message body of the email where the name variable is visible. You can see in the main validation how the developers have tried to parse and encode the content with backslashes and other characters. In this way, the type of validation can easily be bypassed by using simple frames with a source that points to a external link.

We have tested this in the portal where the code is executed, we have tested it in the outgoing service emails that insert the name variably in the email body, and we have also tested the stored content that was submitted via the API. All contents was transmitted insecurely and can be manipulated to trigger simple cross-site scripting payloads, hijack user session credentials or manipulate outbound emails with reflected malicious content on the application side.

We decided to bring the issue directly to the public after the CDU opened a court case to criminalise a German hacker following a Whitehat report. Normally we wanted to report the vulnerabilities directly via Responsible Disclosure, but were deterred by incidents mentioned above. These did not stop us but we therefore chose another way to make noise.

👉🏽 ref: https://www.golem.de/news/connect-app-cdu-verklagt-offenbar-hackerin-nach-melden-von-luecken-2108-158647.html

👉🏽 ref: https://www.golem.de/news/connect-app-cdu-nimmt-wahlkampf-app-nach-datenleck-offline-2105-156471.html

greetz to cdu
by team smackback

https://seclists.org/fulldisclosure/2021/Aug/4

#cdu #germany #disclosure
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

No matter how well-intentioned, @Apple is rolling out mass surveillance to the entire world with this. Make no mistake: if they can scan for kiddie porn today, they can scan for anything tomorrow.

They turned a trillion dollars of devices into iNarcs—*without asking.*

https://nitter.pussthecat.org/Snowden/status/1423469854347169798

via Twitter

#usa #apple #iphones #childabuse #surveillance #snowden
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

How to keep your smartphone safe from spying

This post discusses four personas, the technical threats to them and their information via their smartphone, and some theory on how to defend against an increasingly capable and focused threat actors.

If you find yourself matching one of these personas, following the recommendations below may serve you well if you feel that is proportionate to your individual threat profile.

If you provide IT or cybersecurity services to other people who may fit these personas, double check that what you offer and how you offer it is proportionate to the threats you’re helping to protect them from. Hopefully you have all of our recommendations covered!

💡 This is definitely not an exhaustive guide and is developed based on article(s) linked and our combined years working in technology and cyber security.

👉🏽 Greg, your average internet user using a modern smartphone for online banking, internet browsing and social media

👉🏽 Jane, an IT consultant, worried about keeping their client/organisational information safe

👉🏽 Emma, a management consultant who travels regularly for work. Emma’s company works with governments and large financial institutions

👉🏽 Roberto, an investigative journalist working on a big negative story about a nation state and it’s top leadership

The capability of threat actors and the probability of targeting varies enormously from indiscriminate sms/email phishing through to individual targeting using commercial spyware such as NSO Group’s Pegasus, ‘zero day’ exploits and physical tampering of the device. The level of effort and complexity rapidly increases, as do the inconveniences of trying to deter, defend and limit the impact of such attacks.

https://joelgsamuel.medium.com/how-to-keep-your-smartphone-safe-from-spying-d7d50fbed817

#smartphone #security
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

NixNet - Away from prying eyes…

We host a variety of services that are available for anyone to use free of charge. Below is a list with descriptions of each.

NixNet is a network of websites and services hosted by the pseudonymous Amolith (me) and a close friend of his, Manton. The main reason we run these sites is because we like to be in control of our own data where feasible. The easiest way to accomplish that is to host the services we use. We make them public and maintain them simply because we want to; the Linux and FLOSS community has completely changed ours lives and we feel like this is a small way we can do our part and give back.

https://nixnet.services/

#nixnet
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

One Bad Apple

My in-box has been flooded over the last few days about Apple's CSAM announcement. Everyone seems to want my opinion since I've been deep into photo analysis technologies and the reporting of child exploitation materials. In this blog entry, I'm going to go over what Apple announced, existing technologies, and the impact to end users. Moreover, I'm going to call out some of Apple's questionable claims.

💡 Disclaimer: I'm not an attorney and this is not legal advice. This blog entry includes my non-attorney understanding of these laws.

The Announcement:
In an announcement titled "Expanded Protections for Children", Apple explains their focus on preventing child exploitation.

The article starts with Apple pointing out that the spread of Child Sexual Abuse Material (CSAM) is a problem. I agree, it is a problem. At my FotoForensics service, I typically submit a few CSAM reports (or "CP" -- photo of child pornography) per day to the National Center for Missing and Exploited Children (NCMEC). (It's actually written into Federal law: 18 U.S.C. § 2258A. Only NMCEC can receive CP reports, and 18 USC § 2258A(e) makes it a felony for a service provider to fail to report CP.) I don't permit porn or nudity on my site because sites that permit that kind of content attract CP. By banning users and blocking content, I currently keep porn to about 2-3% of the uploaded content, and CP at less than 0.06%.

According to NCMEC, I submitted 608 reports to NCMEC in 2019, and 523 reports in 2020. In those same years, Apple submitted 205 and 265 reports (respectively). It isn't that Apple doesn't receive more picture than my service, or that they don't have more CP that I receive. Rather, it's that they don't seem to notice and therefore, don't report.

Apple's devices rename pictures in a way that is very distinct. (Filename ballistics spots it really well.) Based on the number of reports that I've submitted to NCMEC, where the image appears to have touched Apple's devices or services, I think that Apple has a very large CP/CSAM problem.

[Revised; thanks CW!] Apple's iCloud service encrypts all data, but Apple has the decryption keys and can use them if there is a warrant. However, nothing in the iCloud terms of service grants Apple access to your pictures for use in research projects, such as developing a CSAM scanner. (Apple can deploy new beta features, but Apple cannot arbitrarily use your data.) In effect, they don't have access to your content for testing their CSAM system.

If Apple wants to crack down on CSAM, then they have to do it on your Apple device. This is what Apple announced: Beginning with iOS 15, Apple will be deploying a CSAM scanner that will run on your device. If it encounters any CSAM content, it will send the file to Apple for confirmation and then they will report it to NCMEC. (Apple wrote in their announcement that their staff "manually reviews each report to confirm there is a match". They cannot manually review it unless they have a copy.)

While I understand the reason for Apple's proposed CSAM solution, there are some serious problems with their implementation.

https://www.hackerfactor.com/blog/index.php?/archives/929-One-Bad-Apple.html

#usa #apple #iphones #childabuse #surveillance
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

The Pirate Bay Switches to a Brand New V3 Onion Domain

The Pirate Bay has moved to a new onion domain as the old one will cease to be supported by the official Tor client in a few weeks. The new v3 domain is more secure and the TPB-team encourages users to make the switch. Bookmarking the domain may be wise as well, as v3 onion domains have 56 characters.

When The Pirate Bay first came online during the summer of 2003, its main point of access was thepiratebay.org.

Since then the site has burnt through more than a dozen domains, trying to evade seizures or other legal threats.

The torrent site eventually returned to the .org domain which remains the official home today. While there are hundreds of Pirate Bay proxies online, none of these are operated by the TPB-team.

https://torrentfreak.com/the-pirate-bay-switches-to-a-brand-new-v3-onion-domain-210809/

#piratebay #onion #tor
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Anti-Piracy Firm Asks Google to Block 127.0.0.1

Ukrainian TV channel TRK has sent a rather bizarre takedown request to Google. The company's anti-piracy partner Vindex asked the search engine to remove a search result that points to 127.0.0.1. Tech-savvy people will immediately recognize that the anti-piracy company apparently found copyright-infringing content on its own server.

While search engines are extremely helpful for the average Internet user, copyright holders also see a massive downside.

The fact that “infringing sites” show up in search results has become a source of frustration. As a result, Google and other search engines are facing a steady stream of DMCA takedown notices.

Google alone has processed more than five billion takedown requests and millions of new URLs are reported every week. While the majority of these correctly point to problematic links, there are plenty of mistakes too.

Some copyright holders flag perfectly legitimate websites as piracy havens, which others shoot themselves in the foot by targeting their own websites. The latter happened to the webtoon subscription service Toomics just recently.

‼️Please Take 127.0.0.1 Offline

This week we saw yet another problematic DMCA notice, which is perhaps even worse. TV channel TRK Ukraine asked Google to remove content hosted on the IP-address 127.0.0.1, which is the localhost of a device or server.

https://torrentfreak.com/anti-piracy-firm-asks-google-to-block-127-0-0-1-210808/

#trk #ukraine #dmca #takedown #google
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

DEFCON 29 - Uncomfortable Networking

https://y.com.cm/watch?v=jmShE38mqNY

#defcon #video
🎥@cRyPtHoN_INFOSEC_FR
🎥@cRyPtHoN_INFOSEC_EN
🎥@cRyPtHoN_INFOSEC_DE
🎥@BlackBox_Archiv

Apple Open to Expanding New Child Safety Features to Third-Party Apps

Apple today held a questions-and-answers session with reporters regarding its new child safety features, and during the briefing, Apple confirmed that it would be open to expanding the features to third-party apps in the future.

Apple's New Child Safety Features

First, an optional Communication Safety feature in the Messages app on iPhone, iPad, and Mac can warn children and their parents when receiving or sending sexually explicit photos. When the feature is enabled, Apple said the Messages app will use on-device machine learning to analyze image attachments, and if a photo is determined to be sexually explicit, the photo will be automatically blurred and the child will be warned.

Second, Apple will be able to detect known Child Sexual Abuse Material (CSAM) images stored in iCloud Photos, enabling Apple to report these instances to the National Center for Missing and Exploited Children (NCMEC), a non-profit organization that works in collaboration with U.S. law enforcement agencies. Apple confirmed today that the process will only apply to photos being uploaded to iCloud Photos and not videos.

Third, Apple will be expanding guidance in Siri and Spotlight Search across devices by providing additional resources to help children and parents stay safe online and get help with unsafe situations. For example, users who ask Siri how they can report CSAM or child exploitation will be pointed to resources for where and how to file a report.

Expansion to Third-Party Apps

Apple said that while it does not have anything to share today in terms of an announcement, expanding the child safety features to third parties so that users are even more broadly protected would be a desirable goal. Apple did not provide any specific examples, but one possibility could be the Communication Safety feature being made available to apps like Snapchat, Instagram, or WhatsApp so that sexually explicit photos received by a child are blurred.

Another possibility is that Apple's known CSAM detection system could be expanded to third-party apps that upload photos elsewhere than iCloud Photos.

https://www.macrumors.com/2021/08/09/apple-child-safety-features-third-party-apps/

#usa #apple #iphones #childabuse #surveillance
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Phishing Sites Targeting Scammers and Thieves

I was preparing to knock off work for the week on a recent Friday evening when a curious and annoying email came in via the contact form on this site:

“Hello I go by the username Nuclear27 on your site Briansclub[.]com,” wrote “Mitch,” confusing me with the proprietor of perhaps the underground’s largest bazaar for stolen credit and identity data. “I made a deposit to my wallet on the site but nothing has shown up yet and I would like to know why.”

Several things stood out in Mitch’s message. For starters, that is not the actual domain for BriansClub. And it’s easy to see why Mitch got snookered: The real BriansClub site is currently not at the top of search results when one queries that shop name at Google.

Also, this greenhorn criminal clearly had bought into BriansClub’s advertising, which uses my name and likeness in a series of ads that run on all the top cybercrime forums. In those ads, a crab with my head on it zigs and zags on the sand. This is all meant to be a big joke: Krebs means “crab” or “cancer” in German, but a “crab” is sometimes used in Russian hacker slang to refer to a “carder,” or a person who regularly engages in street-level credit card fraud. Like Mitch.

In late 2019, BriansClub changed its homepage to include doctored images of my Social Security and passport cards, credit report and mobile phone bill information. That was right after KrebsOnSecurity broke the news that someone had hacked BriansClub and siphoned information on 26 million stolen debit and credit accounts. The hacked BriansClub database had an estimated collective street value of $566 million, and that data was subsequently shared with thousands of financial institutions.

Mitch said he’d just made a deposit of $240 worth of bitcoin at BriansClub[.]com, and was wondering when the funds would be reflected in the balance of his account on the shop.

https://krebsonsecurity.com/2021/08/phishing-sites-targeting-scammers-and-thieves/

#phishing #scammer
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Elementary OS 6 Odin Available Now

It’s finally here, and it’s the biggest update to the platform yet

It’s been a long road to elementary OS 6—what with a whole global pandemic dropped on us in the middle of development—but it’s finally here. elementary OS 6 Odin is available to download now. And it’s the biggest update to the platform yet!

https://blog.elementary.io/elementary-os-6-odin-released/

#elementary #os #odin #linux
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Flaws in John Deere Systems Show Agriculture's Cyber Risk

John Deere, Researchers Spar Over Impact of Vulnerabilities

An Australian researcher who goes by the nickname Sick Codes remotely presented his latest findings on Sunday at the Def Con security conference in Las Vegas. He's part of an independent security research group called Sakura Samurai, which hunts and responsibly discloses security vulnerabilities.

The findings are serious. A combination of issues enabled root access to John Deere's Operations Center, a comprehensive platform for monitoring and managing farm equipment.

https://www.bankinfosecurity.com/flaws-in-john-deere-systems-show-agricultures-cyber-risk-a-17240

https://www.youtube.com/watch?v=zpouLO-GXLo

#JohnDeere #vulnerabilities #defcon #video
🎥@cRyPtHoN_INFOSEC_FR
🎥@cRyPtHoN_INFOSEC_EN
🎥@cRyPtHoN_INFOSEC_DE
🎥@BlackBox_Archiv

Did America just lose Afghanistan because of WhatsApp?

In the middle of a conflict, good analysis is hard to come by. Because adversaries do not telegraph their plans to one another, plans depend greatly on the fact patterns surrounding their execution, and no human mind can possibly observe, much less comprehend, the movements of all players on the battlefield, the course of a war, no matter how meticulously planned and no matter how eminently credentialed the planners, frequently defies the plan.

This phenomenon is known as the “Fog of War,” a phrase which originated with Prussian military theorist Carl von Clausewitz in his magnum opus, On War:

"War is the realm of uncertainty; three quarters of the factors on which action in war is based are wrapped in a fog of greater or lesser uncertainty. A sensitive and discriminating judgment is called for; a skilled intelligence to scent out the truth."

...(....)

So what the hell happened?

I’m a tech guy, not a military guy. And in terms of the kind of tech I’m into it’s that weird decentralized crypto tech like Bitcoin, not SaaS.

I do know enough about the war to know that when the Taliban went toe to toe with American and NATO soldiers, the Taliban got its ass kicked basically every single time. No air force, no navy, and no artillery meant that whenever the Taliban revealed themselves on the battlefield they were guaranteed to be cut to pieces by various pieces of intimidating American hardware like A-10 Warthogs or .50-caliber rifles.

It appears the Taliban tried something different this time around. Open source reporting shows that rather than rocking up and going toe to toe with the Afghan national army, they appear to have simply called everyone in the entire country, instead, told them they were in control, and began assuming the functions of government as they went:

https://prestonbyrne.com/2021/08/15/did-america-just-lose-afghanistan-because-of-whatsapp/

#usa #afghanistan #taliban #whatsapp
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Hospitals hamstrung by ransomware are turning away patients

The ransomware epidemic continues to grow.

Dozens of hospitals and clinics in West Virginia and Ohio are canceling surgeries and diverting ambulances following a ransomware attack that has knocked out staff access to IT systems across virtually all of their operations.

The facilities are owned by Memorial Health System, a nonprofit network of services that represents 64 clinics, including hospitals Marietta Memorial, Selby, and Sistersville General in the Marietta, West Virginia, metropolitan area. Early on Sunday, the chain experienced a ransomware attack that hampered the three hospitals’ ability to operate normally.

Beginning at midnight on Sunday, the three hospitals started diverting emergency patients to Camden Clark Medical Center. The facility is an hour's drive from Selby, which has 25 beds. Camden Clark is about a 25-minute drive from the other two Memorial Health System hospitals hit by the breach. Another affected facility providing critical care includes a freestanding emergency room at Belpre Medical Campus in Belpre, Ohio.

Most of the Memorial Health System facilities have also canceled all urgent surgeries and radiology exams for Monday and are advising patients who have an appointment with a surgeon or specialist on Monday to call ahead.

“We will continue to accept: STEMI, STROKE, and TRAUMA patients at Marietta Memorial Hospital,” officials said in a statement. “Belpre and Selby are on diversion for all patients due to radiology availability. It is in the best interest of all other patients to be taken to the nearest accepting facility. If all area hospitals are [on] diversion, patients will be transported to the emergency department closest to where the emergency occurred. This diversion will be ongoing until IT systems are restored.”

https://arstechnica.com/gadgets/2021/08/hospitals-hamstrung-by-ransomware-are-turning-away-patients/

#usa #ransomware #healthsystem #hospitals
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

America's secret terrorist watchlist exposed on the web without a password

On July 19, 2021 I discovered a terrorist watchlist containing 1.9 million records online without a password or any other authentication required to access it.

The watchlist came from the Terrorist Screening Center, a multi-agency group administered by the FBI. The TSC maintains the country's no-fly list, which is a subset of the larger watchlist. A typical record in the list contains a full name, citizenship, gender, date of birth, passport number, no-fly indicator, and more.

I immediately reported it to Department of Homeland Security officials, who acknowledged the incident and thanked me for my work. The DHS did not provide any further official comment, though.

💡 Timeline of the exposure

On July 19, 2021, The exposed server was indexed by search engines Censys and ZoomEye. I discovered the exposed data on the same day and reported it to the DHS.

The exposed server was taken down about three weeks later, on August 9, 2021. It's not clear why it took so long, and I don't know for sure whether any unauthorized parties accessed it.
What data was exposed?

The exposed Elasticsearch cluster contained 1.9 million records. I do not know how much of the full TSC Watchlist it stored, but it seems plausible that the entire list was exposed.

💡 Each record in the watchlist contained some or all of the following info:

Full name
TSC watchlist ID
Citizenship
Gender
Date of birth
Passport number
Country of issuance
No-fly indicator

The data also included a couple of categorical fields that I was unable to identify, including "tag," "nomination type," and "selectee indicator".

https://www.linkedin.com/pulse/americas-secret-terrorist-watchlist-exposed-web-report-diachenko/

#leak #exposed #terrorist #watchlist
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

US social media firms face new challenge in Afghanistan

Social media firms are split on how to treat content posted by the Taliban as only some of them consider it a rebel group.

The Taliban’s rapid takeover of Afghanistan poses a new challenge for big US tech companies on handling content created by a group considered “terrorists” by some world governments.

Social media giant Facebook confirmed on Monday that it designates the Taliban a terrorist group and bans it and content supporting it from its platforms.

But Taliban members have reportedly continued to use Facebook’s end-to-end encrypted messaging service WhatsApp to communicate directly with Afghans despite the company prohibiting it under rules against dangerous organisations.

A Facebook Inc spokesperson said the company was closely monitoring the situation in the country and that WhatsApp would take action on any accounts found to be linked with sanctioned organisations in Afghanistan, which could include account removal.

The Taliban is on the company’s list of dangerous organisations and therefore any content promoting or representing the group is banned, Adam Mosseri, head of Facebook’s photo-sharing app Instagram, said on Monday during a Bloomberg Television interview.

“We are relying on that policy to proactively take down anything that we can that might be dangerous or that is related to the Taliban in general,” Mosseri said. “Now this situation is evolving rapidly, and with it, I’m sure the risk will evolve as well. We are going to have to modify what we do and how we do it to respond to those changing risks as they happen.”

On Twitter Inc, Taliban spokesmen with hundreds of thousands of followers have tweeted updates during the country’s takeover.

https://www.aljazeera.com/economy/2021/8/17/us-social-media-firms-face-new-challenge-in-afghanistan

💡 Read as well:

Did America just lose Afghanistan because of WhatsApp?
https://t.iss.one/BlackBox_Archiv/2471

#usa #afghanistan #taliban #whatsapp #facebook #socialmedia
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

WhatsApp shuts down Taliban helpline in Kabul

Complaints number meant to act as emergency hotline for civilians to report violence and looting.

WhatsApp has shut down a complaints helpline set up by the Taliban when it took control of Kabul, after the messaging app came under pressure to block the group from using its services.

The complaints number was supposed to act as an emergency hotline for civilians to report violence, looting or other problems. The Taliban advertised the helpline on Sunday when it captured the city, and has used similar WhatsApp hotlines in the past, for example when it took over the city of Kunduz in 2016.

After taking Kabul, the Taliban pledged to create a stable government and not to harm the “life, property and honour” of citizens.

Facebook, the owner of WhatsApp, said it had blocked the number on Tuesday, along with other “official Taliban channels”, and added that it was actively scanning group names, descriptions and profile pictures on the messaging app to try to prevent the Taliban from using it. It added that its team of native Dari and Pashto speakers were “helping to identify and alert us to emerging issues on the platform”.

Critics in the US have attacked WhatsApp, along with other social media platforms, for not taking more action to shut down Taliban communications.

But experts in the region said that shutting down the WhatsApp numbers was “absurd” and “unhelpful” at a time when the military group was in effect governing the country, and citizens in Kabul were facing looting, panic and chaos.

“Preventing communication between people and the Taliban doesn’t help Afghans, it is just grandstanding,” said Ashley Jackson, a former Red Cross and Oxfam aid worker in Afghanistan, and author of a book on the Taliban and its relationship to Afghan civilians.

“If the Taliban all of a sudden can’t use WhatsApp, you’re just isolating Afghans, making it harder for them to communicate in an already panicky situation. [WhatsApp’s actions] are really misguided.”

https://www.ft.com/content/d8e29de8-aebb-4f10-a91e-89d454d4a9f7

#usa #afghanistan #taliban #whatsapp
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

The Biggest Cryptocurrency Hack Ever - Why Did It Happen? - ThreatWire

Is this the biggest crypto hack ever? Print Spooler is an actual Nightmare, and a hacker claims t-mobile data was stolen in a server hack! All that coming up now on ThreatWire.

https://www.youtube.com/watch?v=UW38I60EmX4

#threatwire #hak5 #video
🎥@cRyPtHoN_INFOSEC_FR
🎥@cRyPtHoN_INFOSEC_EN
🎥@cRyPtHoN_INFOSEC_DE
🎥@BlackBox_Archiv