German IT security watchdog: No evidence of censorship function in Xiaomi phones

BERLIN, Jan 13 (Reuters) - Germany's federal cybersecurity watchdog, the BSI, did not find any evidence of censorship functions in mobile phones manufactured by China's Xiaomi Corp (1810.HK), a spokesperson said on Thursday.

Lithuania's state cybersecurity body had said in September that Xiaomi phones had a built-in ability to detect and censor terms such as "Free Tibet", "Long live Taiwan independence" or "democracy movement". The BSI started an examination following these accusations, which lasted several months. read more

"As a result, the BSI was unable to identify any anomalies that would require further investigation or other measures," the BSI spokesperson said.

https://www.reuters.com/technology/german-it-security-watchdog-no-evidence-censorship-function-xiaomi-phones-2022-01-13/

#germany #bsi #it #security #watchdog #censorship #xiaomi
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

North Korea kicked off internet by suspected DDOS attack

Crucial servers inside DPRK offline for hours, taking down websites and email servers

North Korea disappeared from the internet for several hours as crucial servers inside the country were unreachable on Friday morning, log files and domain records obtained by NK News show.

The patterns of failing connectivity suggest that North Korea’s IT infrastructure may have been hit by a distributed denial-of-service (DDOS) attack, said cybersecurity researcher Junade Ali.

“The intermittent connection issues, coming in waves, alongside the complete router failure, indicate this may be a DDOS attack,” Ali told NK News. He explained that all email, web and Domain Name System (DNS) servers in the country were affected by the loss in connectivity. “North Korea suffered a total internet outage.”

According to log files collected by Ali and reviewed by NK News, North Korea’s servers and the websites hosted on them disappeared from the internet around 7:40 a.m. KST and remained virtually inaccessible for about four hours. Web domains affected by the disruption included airkoryo.com.kp, cooks.org.kp, friend.com.kp, gnu.rep.kp, kass.org.kp, and kcna.kp.

“If it was an electricity outage, I think the routes would have gone immediately as the router lost power,” Ali explained. “There were connection timeouts issues, high data loss — then the routers dropped. That would suggest to me that some form of network stress caused this to happen,” he said, adding that DDOS attacks are a common way to stress a network.

https://archive.ph/D6vo7

#nk #internet #outage
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Russian FSB busts ransomware group REvil at U.S. request

On Friday, January 14, the Russian FSB reported that it had carried out a special operation to shut down the ransomware group REvil in response to a request from the United States. According to the FSB, its operatives detained and charged the group’s members after conducting raids on 25 addresses in Russia.

If convicted, the suspects could face up to seven years in prison. The FSB’s announcement coincided with Ukraine reporting a major cyberattack that shut down dozens of government websites overnight. As yet, there is no indication that the two events are related and the Ukrainian government has not confirmed who is behind the attack.

Russia has shut down the infamous ransomware group REvil, the Federal Security Service (FSB) announced on Friday, January 14.

“As a result of the joint actions of the FSB and Russia’s Interior Ministry the organized criminal group ceased to exist and the information infrastructure used for criminal purposes was neutralized,” reported the FSB’s Public Relations Center.

https://meduza.io/en/feature/2022/01/14/russian-fsb-busts-ransomware-group-revil-at-u-s-request

www.fsb.ru/fsb/press/message/single.htm%21id%3D10439388%40fsbMessage.html

#revil #fsb #bust #russia #usa #ransomware
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

China’s Surveillance State Will Test The West

Digital surveillance could allow China’s leaders to succeed where previous authoritarian regimes have failed.

When foreign athletes and select visitors arrive in China for the upcoming Winter Olympics, they will have the option of using China’s new central bank digital currency (CBDC). The e-RMB, or e-CNY, is as a convenient alternative to the familiar paper redback, the RMB. The move is part of a long running effort to internationalize China’s currency, but it is also central to a broader campaign for control that has rapidly moved from the analog to the digital realm, the subject of my recent book “Retrofitting Leninism.”

China’s rulers have long sought to optimize authoritarian control. These aspirations have typically manifested in coercion of the physical world, from labor camps to closed borders to mismanagement in the economic realm, where crises and shortfalls abound. In today’s China, control is increasingly exercised in the digital domain, where over one billion internet users — and nearly as many surveillance cameras — are networked into a sprawling system of monitoring and intimidation.

https://www.noemamag.com/chinas-surveillance-state-will-test-the-west/

#china #digital #surveillance
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

A gigantic data leak from the military. Over 1.7 million items on the Internet

Data on the material resources of the Polish army appeared on the web on Sunday, January 9, according to Onet’s sources. The military was to find out about it a day later. According to our sources, the leak was traced by the military National Cyberspace Security Centerwhich the military services informed about him.

The data disclosed in the military network amount to 1 million 757 thousand. 390 entries. To show the scale of the leak, it is enough to say that the firearms up to 30 mm caliber, their parts and instrumentation alone amount to 2,000. 800 items. Each item, i.e. a record, is the reported demand of each unit for equipment – from the entire F-16, through heavy weapons, their parts, ammunition for them, spare parts, uniforms, underwear, blankets and computer equipment, and even banners and diplomas. From the more than 1.7 million disclosed records, a detailed state of possession of the entire Polish army, as well as its equipment shortages, emerges. From the census it is possible to determine, for example, which equipment is not operational or what the Polish army is missing.

Currently, the services are checking how this data found its way to the Internet. Our informant claims that most likely one of the IT specialists from the Armed Forces Support Inspectorate in Bydgoszcz – the institution responsible for purchasing for the army and storing equipment and spare parts – created a proprietary program to which he copied data from classified military systems.

These are data from the Uniform Material Index combined with selected databases from the Integrated Multilevel IT System of the Ministry of National Defense ZWSI RON.

https://www.diglogs.com/poland/a-gigantic-data-leak-from-the-military-over-1-7-million-items-on-the-internet/

💡 Read as well:
Poland: huge military data leak has only public information
https://abcnews.go.com/International/wireStory/poland-huge-military-data-leak-public-information-82264214

#poland #dataleak #leak #military
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Disaster Recovery - A practical guide (Part 1)

What is Disaster Recovery anyway?

While dealing with Terrabytes of data every day, it is not uncommon for critical infrastructure components to run into situations that might cause data corruption and are not easy to recover from. There are many reasons or scenarios that can force an application to an inconsistent state. These might include but are not limited to:

— Natural disasters like hurricanes or earthquakes leading to the entire data centre going down

— A bug in the application code leading to incorrect or corrupted data

— Infrastructure failure due to power outages

— Cyber attacks leading to loss of data or partial data

These scenarios are commonly referred to as disasters, and the ability to recover from these disasters to a consistent state is called disaster recovery.

https://ambar.dev/disaster-recovery-a-practical-guide-part-1

#disaster #recovery #guide
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

VPN Provider Agrees to Block Torrent Traffic and The Pirate Bay on U.S. Servers

VPN Unlimited has settled a copyright lawsuit filed by several movie companies. The VPN provider stood accused of failing to take action against subscribers who were pirating films. As part of the settlement, the company agreed to block BitTorrent traffic and prominent pirate sites including 'Pirate Bay,' 'YTS', and 'RARBG' on U.S. servers.

https://torrentfreak.com/vpn-provider-agrees-to-block-torrent-traffic-and-the-pirate-bay-on-u-s-servers-220117/

#vpn #torrent #blocking #thepiratebay #usa
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Adblocking Does Not Constitute Copyright Infringement, Court Rules

Axel Springer has lost its copyright infringement lawsuit against Eyeo GmbH, the company behind Adblock Plus. The German publishing house, which owns the Bild and Die Welt brands, among others, claimed that adblockers interfere with the presentation of websites in browsers, thus breaching copyright. In a victory for Eyeo, the Hamburg District Court has dismissed the case.

In order to finance their operations, millions of websites rely on advertising to generate revenue. For some readers, however, excessive or obtrusive advertising is something to be combatted, often through the use of adblocking tools.

Developed by German company Eyeo GmbH and available on Firefox, Chrome, Safari, Android and iOS, one of the most popular tools is AdBlock Plus. It’s able to drastically reduce the volume of advertising seen by its users but that didn’t sit well with publishing giant Axel Springer.

The publisher, which owns Bild and Die Welt, among others, claimed that AdBlock Plus and its users interfere with its business model so in response took legal action to bring that to an end. However, after trips through regional courts and eventually Germany’s Supreme Court, in April 2018 Adblock Plus and Eyeo came out on top having been found not in breach of competition law.

https://torrentfreak.com/adblocking-does-not-constitute-copyright-infringement-court-rules-220118/

#springer #court #germany #adblock #adblockplus #copyright #infringement
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Israel police uses NSO’s Pegasus to spy on citizens

Mayors, leaders of political protests against former Prime Minister Benjamin Netanyahu, and former governmental employees, were among those tracked by police without a search or bugging warrant authorizing the surveillance

Israel police uses NSO’s Pegasus spyware to remotely hack phones of Israeli citizens, control them and extract information from them, Calcalist has revealed. Among those who had their phones broken into by police are mayors, leaders of political protests against former Prime Minister Benjamin Netanyahu, former governmental employees, and a person close to a senior politician. Calcalist learned that the hacking wasn’t done under court supervision, and police didn’t request a search or bugging warrant to conduct the surveillance. There is also no supervision on the data being collected, the way police use it, and how it distributes it to other investigative agencies, like the Israel Securities Authority and the Tax Authority.

One of the problematic instances that has been uncovered is the tracking of activists in the protests against former Prime Minister Benjamin Netanyahu while he was still in office. The protests against Netanyahu gathered momentum during 2020 as the Covid-19 pandemic hit the country and the first lockdowns were imposed on Israelis. With the level of anxiety in the Netanyahu government continually rising, efforts were made to reduce the magnitude of the protests through the use of judicial and procedural tools, with police increasing the force and violence against protesters, the leaders in particular.

https://archive.ph/yt1E0

via calcalistech.com

#israel #nso #surveillance
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Safari and iOS users: Your browsing activity is being leaked in real time

Unfixed bug violating the Internet's most foundational rules is easy to exploit.

For the past four months, Apple’s iOS and iPadOS devices and Safari browser have violated one of the Internet’s most sacrosanct security policies. The violation results from a bug that leaks user identities and browsing activity in real time.

The same-origin policy is a foundational security mechanism that forbids documents, scripts, or other content loaded from one origin—meaning the protocol, domain name, and port of a given webpage or app—from interacting with resources from other origins. Without this policy, malicious sites—say, badguy.example.com—could access login credentials for Google or another trusted site when it’s open in a different browser window or tab.

https://arstechnica.com/information-technology/2022/01/safari-and-ios-bug-reveals-your-browsing-activity-and-id-in-real-time/

#safari #ios #iPadOS #exploit
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

The EU Wants Its Own DNS Resolver that Can Block ‘Unlawful’ Traffic

The EU is planning to develop its own government-run DNS resolver. The project dubbed DNS4EU is meant to offer a counterweight to the popular resolvers that are mostly based in the U.S. Aside from offering privacy and security to users, the DNS solution will also be able to block "illegal" websites, including pirate sites.

https://torrentfreak.com/the-eu-wants-its-own-dns-resolver-that-can-block-unlawful-traffic-220119/

#eu #dns
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Ads may be coming to KDE, the popular Linux desktop

Qt, the framework that powers the KDE desktop, is announcing support for ads in client-side applications. This means that application developers will now be able to serve ads in traditional desktop applications like KdenLive. Windows users have been dealing with this in Metro UI apps since Windows 8 and it’s something that’s never gone over well on the desktop.

While it’s doubtful you’ll see ads in KDE’s core applications, it would be possible for distributions that wish to further monetize their work to fork these applications, placing ads in them. From the press release:

"Our focus is to fill an existing gap in the Qt framework for developers using Qt for mobile and desktop applications. We want to enable the easy integration of advertising. Our offering aims to disrupt the IoT industry, enabling new business models and business cases that before were not possible. We enable Qt users to insert advertising as a native component to complex user interfaces."

https://www.neowin.net/news/ads-may-be-coming-to-kde-the-popular-linux-desktop/

#kde #linux #advertising
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Meet the NSA spies shaping the future

In his first interview as leader of the NSA's Research Directorate, Gil Herrera lays out challenges in quantum computing, cybersecurity, and the technology American intelligence needs to master to secure and spy into the future.

For someone with a deeply scientific job, Gil Herrera has a nearly mystical mandate: Look into the future and then shape it, at the level of strange quantum physics and inextricable math theorems, to the advantage of the United States.

Herrera is the newly minted leader of the National Security Agency’s Research Directorate. The directorate, like the rest of the NSA, has a dual mission: secure American systems and spy on the rest of the world. The budget is classified, a secret among secrets, but the NSA is one of the world’s largest spy agencies by any measure and Herrera’s directorate is the entire US intelligence community’s biggest in-house research and development arm. The directorate must come up with solutions to problems that are not yet real, in a world that doesn’t yet exist.

https://www.technologyreview.com/2022/02/01/1044561/meet-the-nsa-spies-shaping-the-future/

#nsa #research
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Study: Using Stylometry to Detect Cross-Market Vendor Profiles

Researchers analyzed the literary style of darkweb vendors to identify vendors using different identities.

Using stylometry, researchers analyzed thousands of vendor identities on four darkweb marketplaces and linked more than 700 identities. The study involved the collection of information nodes, which included vendor profiles from four defunct marketplaces, including Valhalla (522), Dream Market (2,547), Evolution (1,650), and Silk Road 2 (681).

https://darknetlive.com/post/study-using-stylometry-to-detect-a-vendors-alternate-profiles/

PDF:
https://darknetlive.com/post/study-using-stylometry-to-detect-a-vendors-alternate-profiles/documents/fingerprints.pdf

#study #stylometry #fingerprints #darkweb #marketplaces #vendors #pdf
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

FBI Admits Purchasing NSO Group's Pegasus Spyware

The FBI purchased the NSO Group’s Pegasus spyware but only for “testing and evaluation,” they claimed.

The Federal Bureau of Investigation confirmed to The Guardian that the Bureau had purchased a license to access Pegasus for “product testing and evaluation only.” NSO Group, an Israeli firm, sells spyware and hacking tools to “government intelligence and law enforcement agencies” across the globe. The company’s products are “classified as a military export by Israel.” Pegasus is “one of the world’s most sophisticated hacking tools.

https://darknetlive.com/post/fbi-admits-purchasing-nso-group-s-pegasus-spyware/

#fbi #pegasus #nso #spyware
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

SentryPeer

A distributed peer to peer list of bad actor IP addresses and phone numbers collected via a SIP Honeypot.

This is basically a fraud detection tool. It lets bad actors try to make phone calls and saves the IP address they came from and number they tried to call. Those details are then used to block them at the service providers network and the next time a user/customer tries to call a collected number, it’s blocked.

Traditionally this data is shipped to a central place, so you don’t own the data you’ve collected. This project is all about Peer to Peer sharing of that data. The user owning the data and various Service Provider / Network Provider related feeds of the data is the key bit for me. I’m sick of all the services out there that keep it and sell it. If you’ve collected it, you should have the choice to keep it and/or opt in to share it with other SentryPeer community members via p2p methods.

https://sentrypeer.org/

#sentrypeer #fraud #detection #tool
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Matrix vs. XMPP

What are XMPP and Matrix and what makes them special?

XMPP and Matrix are two decentralized and federated free software projects for chat, including true end-to-end encrypted chat.

Users can either install the software on their own server if they want, but they can also easily register on any public server—both allow any XMPP or Matrix user to talk to users on their server or on any other one. In essence, it works like email: you might have an email account on a different site than your friend, but all accounts on all sites can communicate.

In a world where most communication is done on centralized proprietary platforms without end-to-end encryption like Facebook, Telegram and Google, Matrix and XMPP both are permanent solutions to communication privacy. Even based boomerware like IRC has to play second fiddle to them.

The only question is, "Which is better? XMPP or Matrix?"

https://lukesmith.xyz/articles/matrix-vs-xmpp

💡 Read as well:
Internet Messaging versus Congested Network

#matrix #xmpp #privacy #amdocs #israel #intelligence
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

"Your account has been deactivated"

I've received that message today. I'm from Belarus.

"We noticed an issue when verifying your account. The legal entity information associated with your account fully matches a restricted party or one or more parties from the United States government's consolidated screening list, another government's sanctions list, or a restricted regions list."

I know nothing about sanctions but I'm 100% sure that's how sanctions should not work by discriminating developers from country which governments appeared in any sanctions list.

https://developer.apple.com/forums/thread/700036

#apple #developers #belarus #sanctions #usa
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Foreign Office target of 'serious cyber incident'

The UK's Foreign, Commonwealth and Development Office (FCDO) was the target of a "serious cyber-security incident", it has emerged.

The details came via a tender document published on a government website, seemingly by mistake.

It revealed that cyber-security firm BAE Systems Applied Intelligence was called on for "urgent support".

The BBC understands unidentified hackers got inside the FCDO systems, but were detected.

https://www.bbc.co.uk/news/technology-60309335

#uk #fcdo #hacked
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Belarusian activists hacked railway servers in order to interfere with Russian troop relocations.

Hackers knows as "Cyber Guerillas" have hacked and encrypted the servers and the database of the Belarus railroad company. The backups were deleted as well. The goal of the attack was to make it harder for the Russian army to move its troops into Belarus.

#Russia has been gathering troops near Ukrainian borders for several months now. Earlier, #Belarus and Russia announced joint military exercises in February.