Stop general data retention in the EU – current plans for mass surveillance

In this joint talk, four internet freedom advocates will expose and criticize current plans for general mass collection of everyone's communication data. 2022 will bring threats to Internet freedoms but also opportunities for civil society to act.

We need to get back to basics: Let's set the default to zero mass surveillance.

⚠️ This Talk was translated into multiple languages (english/german). The files available for download contain all languages as separate audio-tracks. Most desktop video players allow you to choose between them. Please look for "audio tracks" in your desktop video player.

https://media.ccc.de/v/rc3-2021-cwtv-879-stop-general-data-rete

#ccc #rc3 #surveillance #video
🎥@cRyPtHoN_INFOSEC_FR
🎥@cRyPtHoN_INFOSEC_EN
🎥@cRyPtHoN_INFOSEC_DE
🎥@BlackBox_Archiv

LogMePwn

LogMePwn is a fully automated, multi-protocol, reliable, super-fast scanning and validation toolkit for the Log4J RCE CVE-2021-44228 vulnerability.

💡 Tool Highlights:

- Inherent support for automatic Canary Tokens generation using emails or webhooks.
- Multi-protocol support: HTTP, IMAP, SSH, FTP, etc.
- Support for multiple HTTP methods (GET, POST, PUT, DELETE, PATCH, etc)
- Customized HTTP request body fuzzing (JSON, XML, etc).
- Custom callback server and payload support.
- CIDR range scanning.
- Everything is multi-threaded and super fast (its written in Go).
- ...and many more. Checkout the documentation and the tool below!

https://github.com/0xInfection/LogMePwn

#LogMePwn #log4j #log4shell #vulnerability #toolkit
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

The Current State Of Play In Autonomous Cars

Bluster around the advent of self-driving cars has become a constant in the automotive world in recent years. Much is promised by all comers, but real-world results – and customer-ready technologies – remain scarce on the street.

Today, we’ll dive in and take a look at the current state of play. What makes a self-driving car, how close are the main players, and what can we expect to come around the corner?

https://hackaday.com/2021/12/29/the-current-state-of-play-in-autonomous-cars/

#hackaday #autonomous #cars
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Big Data May Not Know Your Name. But It Knows Everything Else

Data brokers claim that deidentified data on millions of Americans is risk-free. Lawmakers need to know that “anonymity” is an abstraction.

Companies like Acxiom, LexisNexis, and others argue that there’s nothing to worry about collecting and sharing Americans’ sensitive data, as long as their names and a few other identifiers aren’t attached. After all, their reasoning goes, this “anonymized” data can’t be linked to individuals, and is therefore harmless.

But as I testified to the Senate last week, you can basically reidentify anything. “Anonymity” is an abstraction. Even if a company doesn’t have your name (which they probably do), they can still acquire your address, internet search history, smartphone GPS logs, and other data to pin you down. Yet this flawed, dangerous narrative persists and continues to persuade lawmakers, to the detriment of strong privacy regulation.

Data on hundreds of millions of Americans’ races, genders, ethnicities, religions, sexual orientations, political beliefs, internet searches, drug prescriptions, and GPS location histories (to name a few) are for sale on the open market, and there are far too many advertisers, insurance firms, predatory loan companies, US law enforcement agencies, scammers, and abusive domestic and foreign individuals (to name a few) willing to pay for it. There is virtually no regulation of the data brokerage circus.

Many brokers claim there’s no need for regulation, because the data they buy and sell “isn’t linked to individuals” simply because there isn’t, say, a “name” column in their spreadsheet detailing millions of Americans’ mental illnesses. The consumer credit reporting company Experian, for example, says its wide sharing of data with third parties includes information that is “non-personal, de-identified, or anonymous.” Yodlee, the largest financial data broker in the US, has claimed that all the data it sells on Americans is “anonymous.” But corporations saying that such "anonymity" protects individuals from harm is patently false.

https://www.wired.com/story/big-data-may-not-know-your-name-but-it-knows-everything-else/

#bigdata #BigData #databrokers #privacy #ourdata
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

BIG DATA - 3.0 - "L1ZY"

Introducing the most advanced artificial intelligence platform in modern history...BIG DATA - 3.0 - "L1ZY"

https://www.youtube.com/watch?v=RfqM63CAC8g

#BigData #L1ZY #video #thinkabout #why
🎥@cRyPtHoN_INFOSEC_FR
🎥@cRyPtHoN_INFOSEC_EN
🎥@cRyPtHoN_INFOSEC_DE
🎥@BlackBox_Archiv

Happy new year to all of you 😊
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

When Wikileaks bumped into the CIA: Operation Kudo exposed

This talk is about the experience of the Wikileaks project when it bumped into a small problem with the CIA. While it builds up on my last years talk 'CIA vs. WL' I am now able to provide a detailed report about how the operations unfolded and what it triggered; with refreshing material from various sources.

https://media.ccc.de/v/rc3-2021-chaoszone-409-when-wikileaks-bu

⚠️ This Talk was translated into multiple languages (en/ger/fr). The files available for download contain all languages as separate audio-tracks. Most desktop video players allow you to choose between them. Please look for "audio tracks" in your desktop video player.

#ccc #rc3 #wikileaks #cia #surveillance #video
🎥@cRyPtHoN_INFOSEC_FR
🎥@cRyPtHoN_INFOSEC_EN
🎥@cRyPtHoN_INFOSEC_DE
🎥@BlackBox_Archiv

Huge New Global Anti-Piracy Coalition Will Tackle Manga & Anime Piracy

Japan-based anti-piracy group CODA is building a huge coalition dedicated to tackling illegal online distribution of anime, manga and similar copyrighted content. The International Anti-Piracy Organisation will be compromised of 32 local companies including publisher Kodansha, Hollywood studios plus Netflix, and around 450 companies in China.

In the summer of 2017, some of the world’s largest entertainment groups formed a huge coalition with a mission to reduce online piracy.

Comprised of more than 30 companies, the Alliance for Creativity is now at the forefront of global anti-piracy enforcement. By combining its members’ resources to tackle infringement wherever it may occur in the world, the cross-border nature of piracy is now being addressed more effectively.

A new anti-piracy group set to launch this April appears to have similar goals in mind.

https://torrentfreak.com/huge-new-global-anti-piracy-coalition-will-tackle-manga-anime-piracy-220103/

#piracy #antipiracy #manga #anime
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Hacker Factor on Snowflake Pluggable Transports

I missed this from earlier when Dr. Neal Krawetz posted his entry titled “Tor 0day: Snowflake.” I will include the relevant part about detecting snowflake below. The other parts of his article cover the other issues with Tor covered in his previous blog posts as well as Nusenu’s discovery of an entity running hundreds of malicious Tor relays.

I also included a bit about Snowflake for those who are unaware.

https://darknetlive.com/post/hacker-factor-on-snowflake-pluggable-transports/

https://www.hackerfactor.com/blog/index.php?/archives/944-Tor-0day-Snowflake.html

💡 Read as well:
Is “KAX17” performing de-anonymization Attacks against Tor Users?
https://nusenu.medium.com/is-kax17-performing-de-anonymization-attacks-against-tor-users-42e566defce8

#tor #snowflake
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

PrivChat #6 - Privacy is a human right

If you missed the latest PrivChat - Privacy is a Human Right, you should absolutely catch the event now. This conversation about privacy, and how its central to the fight for human rights, is a great way to start the new year.

In this edition of PrivChat, we're bringing together a group of panelists with direct experience as activists or working with activist groups who will talk about their experiences with surveillance and privacy

https://nitter.pussthecat.org/torproject/status/1477749539842842625

via Twitter

https://www.youtube.com/watch?v=ttQiA_GfI6s&t

#tor #privacy #PrivChat #video
🎥@cRyPtHoN_INFOSEC_FR
🎥@cRyPtHoN_INFOSEC_EN
🎥@cRyPtHoN_INFOSEC_DE
🎥@BlackBox_Archiv

The Spy Next Door

The Danger of Neighborhood Surveillance Apps

https://www.stopspying.org/thespynextdoor

https://static1.squarespace.com/static/5c1bfc7eee175995a4ceb638/t/61a782ef437ba078b4a9732a/1638367984374/2021.12.1_The+Spy+Next+Door_FINAL.pdf

#stopspying #thespynextdoor #surveillance #pdf
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Unmicrosofted Edge - block tracking in Microsoft Edge

Microsoft Edge is one of the worst web browsers privacy-wise, it tracks users, collects their data and sends it to Microsoft servers. But can we make Unmicrosofted Edge even though it is closed source? It seems that it could be (somewhat) possible.

If we cannot modify the closed source Microsoft Edge code to prevent sending requests, we can at least build a wall around it to block them. Therefore I have extracted Microsoft domains from the msedge.dll file using strings command. It is a long list of domains. I combined it with some other Microsoft tracking domains and made the /etc/hosts file for blocking Microsoft Edge tracking domains, which you should download and append to your system /etc/hosts file (on Windows it is %WinDir%\System32\drivers\etc\hosts).

And Voila! Here we have (sort of) Unmicrosofted Edge - no Microsoft, no Bing.

💡 Hosts file:
https://gist.github.com/niutech/1f1c1518ce0eba7e8d429c812d39493d

💡 Microsoft Edge is one of the worst web browsers privacy-wise:
https://www.kuketz-blog.de/microsoft-edge-datensendeverhalten-desktop-version-browser-check-teil4/

https://old.reddit.com/r/edge/comments/rvumg1/unmicrosofted_edge_block_tracking_in_microsoft/

#unmicrosofted #browser #edge #microsoft #tracking #privacy
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

The Thales security group attacked by Lockbit ransomware

The Lockbit ransomware gang’s website states that it has infiltrated the Thales group and offers the company around 13 days to pay ransom before exposing the data it has exfiltrated to the public.

While ransomware had a busy year in 2021, the new 2022 is unlikely to offer a break. Among the first targets of the year is Thales Group – a French multinational company headquartered in Paris’ business district, that provides services for the defense, aerospace, transportation, and security markets.

A cyberattack against the electronics company has just been claimed by the gang behind the Lockbit ransomware. There have been no details on the attack, but on their website, the cybercriminals have given a countdown of about 13 days to allow the Thales Group to negotiate a ransom before its data gets publicly released.

The Thales Group has commented on the case, noting that they are aware of an alleged “Lockbit ransomware” attack targeting data belonging to the Thales group.

The company has made it clear that they are taking this still unfounded allegation – and whatever source it comes from – seriously, despite the fact that they have not received any direct ransom notification from anyone.

The matter is presently being investigated by a committed team of security experts. At the time of this writing, Thales claims that there is no concrete evidence of this incident, however, they are continuing their investigation with an extreme focus on the protection of their data as a top concern.

https://howtoremove.guide/thales-ransomware/

#thales #ransomware #lockbit
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Call of Duty Cheat Maker ‘EngineOwning’ Sued By Activision Under The DMCA

Activision has filed a copyright infringement lawsuit against business entities and individuals allegedly offering cheats for its Call of Duty games. According to the complaint, the defendants supply tools via EngineOwning.to that violate the anti-circumvention provisions of the DMCA, spoil the gaming experience for legitimate players, and damage Activision's reputation.

...(...)... Lawsuit Filed in the United States

Filed in a California district court yesterday, the complaint targets EngineOwning UG, CMN Holdings S.A, six named individuals (Valentin Rick, Leonard Bugla, Leon Frisch, Ignacio Gayduchenko, Marc-Alexander Richts, Alexander Kleeman) and 50 ‘Doe’ defendants.

“By this lawsuit, Activision seeks to put a stop to unlawful conduct by an organization that is distributing and selling for profit numerous malicious software products designed to enable members of the public to gain unfair competitive advantages (i.e., to cheat) in the COD Games. These ongoing activities damage Activision’s games, its overall business, and the experience of the COD player community,” the lawsuit begins.

The defendants allegedly develop and distribute (via the website at EngineOwning.to) a portfolio of cheats and hacks for popular online games, including those in the Call of Duty series. According to Activision, the defendants are also preparing new cheating software for Overwatch, which is published by its affiliate Blizzard Entertainment.

“The Cheating Software enables players to manipulate the COD Games to their personal advantage, such as by automatically aiming weapons, revealing the locations of opponents, and allowing the player to see information that is not normally available to players because it would give them an unfair advantage within the game,” Activision adds.

https://torrentfreak.com/call-of-duty-cheat-maker-engineowning-sued-by-activision-under-the-dmca-210106/

💡 Lawsuit (PDF)

#engineowning #dmca #activision #pdf
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

IP spoofing bug leaves Django REST applications open to DDoS, password-cracking attacks

Security researcher discovers how to send unlimited HTTP requests with the same client

An IP spoofing vulnerability in Django REST allowed attackers to circumvent the framework’s throttling feature, which is supposed to protect applications against mass requests.

Django REST is a popular toolkit for developing web APIs and is used by Mozilla, Red Hat, and Heroku among others. It has a throttling feature that controls the rates of requests a client can make to the API.

This feature is meant to protect applications against bot activity, denial-of-service attacks, and malicious activities such as brute-force attempts on login pages, one-time passwords, and password reset pages.

https://portswigger.net/daily-swig/ip-spoofing-bug-leaves-django-rest-applications-open-to-ddos-password-cracking-attacks

#ip #spoofing #bug #django #rest #ddos #attacks
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

GitHub Takes Down “Widevine Dump” Forks Following MPA Complaint

The Motion Picture Association has asked GitHub to remove a collection of scripts that allow people to rip content from popular streaming services such as Netflix, Disney+, and Amazon Prime. The tools in question bypass the Widevine copy protection, violating the DMCA, the group argues. Hundreds of forks of the "Widevine Dump" code were also targeted and removed by GitHub.

https://torrentfreak.com/github-takes-down-widevine-dump-forks-following-mpa-complaint-220112/

💡 Read as well:
Widevine Dump: Leaked Code Downloads HD Video from Disney+, Amazon, and Netflix
https://t.iss.one/BlackBox_Archiv/2805

#leak #code #disney #amazon #netflix #download
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Zooko

Truly decentralized, immutable and uncensorable microblogging

Zooko is a working-example, proof-of-concept proving that you can have a decentralized, immutable, and uncensorable microblog platform (like "twitter") in a truly decentralized manner without needing any 3rd party APIs and simply relying on cryptography.

https://github.com/publiusfederalist/zooko

#zooko #microblogging
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Ukraine: 'Massive cyber attack' shuts down government websites

Asked whether Russia was suspected as being behind the attack, the spokesman said: "It's too early to draw conclusions, but there is a long record of Russian assaults against Ukraine."

A "massive cyber attack" has hit a number of government websites in Ukraine, including the website of the foreign ministry, a spokesman has said.

"As a result of a massive cyber attack, the websites of the Ministry of Foreign Affairs and a number of other government agencies are temporarily down," the spokesman for the foreign ministry said.

"Our specialists are already working on restoring the work of IT systems, and the cyber police opened an investigation."

The government said the content of the sites had not been changed, and no personal data was leaked.

https://news.sky.com/story/ukraine-says-massive-cyber-attack-has-shut-down-government-websites-12515487

#cyberattack #ukraine
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

German IT security watchdog: No evidence of censorship function in Xiaomi phones

BERLIN, Jan 13 (Reuters) - Germany's federal cybersecurity watchdog, the BSI, did not find any evidence of censorship functions in mobile phones manufactured by China's Xiaomi Corp (1810.HK), a spokesperson said on Thursday.

Lithuania's state cybersecurity body had said in September that Xiaomi phones had a built-in ability to detect and censor terms such as "Free Tibet", "Long live Taiwan independence" or "democracy movement". The BSI started an examination following these accusations, which lasted several months. read more

"As a result, the BSI was unable to identify any anomalies that would require further investigation or other measures," the BSI spokesperson said.

https://www.reuters.com/technology/german-it-security-watchdog-no-evidence-censorship-function-xiaomi-phones-2022-01-13/

#germany #bsi #it #security #watchdog #censorship #xiaomi
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

North Korea kicked off internet by suspected DDOS attack

Crucial servers inside DPRK offline for hours, taking down websites and email servers

North Korea disappeared from the internet for several hours as crucial servers inside the country were unreachable on Friday morning, log files and domain records obtained by NK News show.

The patterns of failing connectivity suggest that North Korea’s IT infrastructure may have been hit by a distributed denial-of-service (DDOS) attack, said cybersecurity researcher Junade Ali.

“The intermittent connection issues, coming in waves, alongside the complete router failure, indicate this may be a DDOS attack,” Ali told NK News. He explained that all email, web and Domain Name System (DNS) servers in the country were affected by the loss in connectivity. “North Korea suffered a total internet outage.”

According to log files collected by Ali and reviewed by NK News, North Korea’s servers and the websites hosted on them disappeared from the internet around 7:40 a.m. KST and remained virtually inaccessible for about four hours. Web domains affected by the disruption included airkoryo.com.kp, cooks.org.kp, friend.com.kp, gnu.rep.kp, kass.org.kp, and kcna.kp.

“If it was an electricity outage, I think the routes would have gone immediately as the router lost power,” Ali explained. “There were connection timeouts issues, high data loss — then the routers dropped. That would suggest to me that some form of network stress caused this to happen,” he said, adding that DDOS attacks are a common way to stress a network.

https://archive.ph/D6vo7

#nk #internet #outage
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Russian FSB busts ransomware group REvil at U.S. request

On Friday, January 14, the Russian FSB reported that it had carried out a special operation to shut down the ransomware group REvil in response to a request from the United States. According to the FSB, its operatives detained and charged the group’s members after conducting raids on 25 addresses in Russia.

If convicted, the suspects could face up to seven years in prison. The FSB’s announcement coincided with Ukraine reporting a major cyberattack that shut down dozens of government websites overnight. As yet, there is no indication that the two events are related and the Ukrainian government has not confirmed who is behind the attack.

Russia has shut down the infamous ransomware group REvil, the Federal Security Service (FSB) announced on Friday, January 14.

“As a result of the joint actions of the FSB and Russia’s Interior Ministry the organized criminal group ceased to exist and the information infrastructure used for criminal purposes was neutralized,” reported the FSB’s Public Relations Center.

https://meduza.io/en/feature/2022/01/14/russian-fsb-busts-ransomware-group-revil-at-u-s-request

www.fsb.ru/fsb/press/message/single.htm%21id%3D10439388%40fsbMessage.html

#revil #fsb #bust #russia #usa #ransomware
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv