Ep 51: The Indo-Pak Conflict
Darknet Diaries: The Indo-Pak Conflict
#Kashmir is a region right in between #India, #Pakistan, and #China. For the last 70 years Pakistan and India have fought over this region of the world, both wanting to take #control of it. Tensions sometimes heat up which can result in people being killed. When tensions get high in the real world, some people take to the #internet and #hack their rivals as a form of protest. In this episode weโll explore some of the #hacking that goes on between India and Pakistan.
๐ป #DarknetDiaries #podcast
https://darknetdiaries.com/episode/51/
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_ES
๐ก@FLOSSb0xIN
#Kashmir is a region right in between #India, #Pakistan, and #China. For the last 70 years Pakistan and India have fought over this region of the world, both wanting to take #control of it. Tensions sometimes heat up which can result in people being killed. When tensions get high in the real world, some people take to the #internet and #hack their rivals as a form of protest. In this episode weโll explore some of the #hacking that goes on between India and Pakistan.
๐ป #DarknetDiaries #podcast
https://darknetdiaries.com/episode/51/
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_ES
๐ก@FLOSSb0xIN
CNAME Cloaking, the dangerous disguise of third-party trackers
How come AdBlock, Adblock Plus, uBlock Origin, Ghostery, Brave and Firefox are letting a third-party tracker from Eulerian, a leading tracking company, execute their script freely on fortuneo.fr, one of the biggest online bank in France?
How come the same thing is happening on thousands of other popular websites worldwide?
What has started to happen in the last few months in the world of third-party tracking is having a major impact on peopleโs privacy, and it all stayed pretty much under the radar.
๐๐ผ Read more ๐ฌ๐ง:
https://medium.com/nextdns/cname-cloaking-the-dangerous-disguise-of-third-party-trackers-195205dc522a
๐๐ผ Read more ๐ฉ๐ช:
https://www.kuketz-blog.de/vorsicht-neue-art-des-trackings-via-cname-cloaking/
#CNAME #Cloaking #tracker #dns #AdBlock #AdblockPlus #uBlock #Ghostery #Brave #Firefox #Eulerian
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_ES
๐ก@FLOSSb0xIN
How come AdBlock, Adblock Plus, uBlock Origin, Ghostery, Brave and Firefox are letting a third-party tracker from Eulerian, a leading tracking company, execute their script freely on fortuneo.fr, one of the biggest online bank in France?
How come the same thing is happening on thousands of other popular websites worldwide?
What has started to happen in the last few months in the world of third-party tracking is having a major impact on peopleโs privacy, and it all stayed pretty much under the radar.
๐๐ผ Read more ๐ฌ๐ง:
https://medium.com/nextdns/cname-cloaking-the-dangerous-disguise-of-third-party-trackers-195205dc522a
๐๐ผ Read more ๐ฉ๐ช:
https://www.kuketz-blog.de/vorsicht-neue-art-des-trackings-via-cname-cloaking/
#CNAME #Cloaking #tracker #dns #AdBlock #AdblockPlus #uBlock #Ghostery #Brave #Firefox #Eulerian
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_ES
๐ก@FLOSSb0xIN
RIPE is now out of IPv4. This is no testing!
Dear colleagues, Today, at 15:35 UTC+1 on 25 November 2019, we made our final /22 IPv4 allocation from the last remaining addresses in our available pool. We have now run out of IPv4 addresses.
https://mobile.twitter.com/maxischieder/status/1198975161631940608
#RIPE #IPv4 #ipv6
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_ES
๐ก@FLOSSb0xIN
Dear colleagues, Today, at 15:35 UTC+1 on 25 November 2019, we made our final /22 IPv4 allocation from the last remaining addresses in our available pool. We have now run out of IPv4 addresses.
https://mobile.twitter.com/maxischieder/status/1198975161631940608
#RIPE #IPv4 #ipv6
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_ES
๐ก@FLOSSb0xIN
Hidden Cam Above Bluetooth Pump Skimmer
Tiny #hidden #spy #cameras are a common sight at #ATMs that have been tampered with by crooks who specialize in retrofitting the machines with #card #skimmers. But until this past week Iโd never heard of #hidden cameras being used at gas pumps in tandem with #Bluetooth-based #card #skimming #devices.
Apparently, Iโm not alone.
โI believe this is the first time Iโve seen a camera on a gas pump with a Bluetooth card skimmer,โ said Detective Matt Jogodka of the Las Vegas #Police Department, referring to the compromised fuel pump pictured below.
๐๐ผ Read more:
https://krebsonsecurity.com/
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_ES
๐ก@FLOSSb0xIN
Tiny #hidden #spy #cameras are a common sight at #ATMs that have been tampered with by crooks who specialize in retrofitting the machines with #card #skimmers. But until this past week Iโd never heard of #hidden cameras being used at gas pumps in tandem with #Bluetooth-based #card #skimming #devices.
Apparently, Iโm not alone.
โI believe this is the first time Iโve seen a camera on a gas pump with a Bluetooth card skimmer,โ said Detective Matt Jogodka of the Las Vegas #Police Department, referring to the compromised fuel pump pictured below.
๐๐ผ Read more:
https://krebsonsecurity.com/
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_ES
๐ก@FLOSSb0xIN
Sale of 4 Million Stolen Cards Tied to Breaches at 4 Restaurant Chains
On Nov. 23, one of the #cybercrime undergroundโs largest #bazaars for buying and selling stolen #payment #card #data announced the immediate availability of some four million freshly-#hacked debit and credit cards. #KrebsOnSecurity has learned this latest batch of cards was #siphoned from four different #compromised restaurant chains that are most prevalent across the midwest and eastern #UnitedStates.
๐๐ผ Read more:
https://krebsonsecurity.com/2019/11/sale-of-4-million-stolen-cards-tied-to-breaches-at-4-restaurant-chains/
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_ES
๐ก@FLOSSb0xIN
On Nov. 23, one of the #cybercrime undergroundโs largest #bazaars for buying and selling stolen #payment #card #data announced the immediate availability of some four million freshly-#hacked debit and credit cards. #KrebsOnSecurity has learned this latest batch of cards was #siphoned from four different #compromised restaurant chains that are most prevalent across the midwest and eastern #UnitedStates.
๐๐ผ Read more:
https://krebsonsecurity.com/2019/11/sale-of-4-million-stolen-cards-tied-to-breaches-at-4-restaurant-chains/
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_ES
๐ก@FLOSSb0xIN
WeChat users in the US say the app is censoring their messages about Hong Kong
#Chinese #Americans who use the Chinese app #WeChat say they are being #censored for writing #messages in support of #HongKong.
WeChat is ubiquitous in China, so for Chinese Americans with family there it is a major blow to be kicked off the app.
This is the latest in a pattern of Chinese #censorship extending into the #US.
Chinese American users of the messaging app WeChat are finding their messages containing political criticism of China โ particularly those aimed at the protests in Hong Kong โ are being censored, The Verge reports.
In one instance an American information security analyst named Bin Xie had his account taken down after writing "The pro-China candidates totally lost," referring to Hong Kong's recent election in which pro-democracy candidates gained huge ground against pro-China candidates.
"If you have censorship in China, fine," he told The Verge. "But in this country? I'm a Republican, but on WeChat I suffer the same as Democrats โ we are all censored."
Xie then joined a WhatsApp group full of Chinese Americans who had similarly been kicked off WeChat for expressing political views.
For Chinese Americans with family in China, being kicked off WeChat is a major problem. The WeChat app is more or less ubiquitous in China, where it covers a broad range of uses. It acts as a messaging app, a dominant payment platform, a social network, and a platform for accomplishing everyday tasks like paying utility bills and booking doctor's appointments. WeChat and its rival Alipay's payment systems have become so everyday that even street vendors and buskers use QR codes rather than accept cash.
๐๐ผ Read more:
https://www.businessinsider.com/us-wechat-users-censored-messages-hong-kong-china-2019-11
๐๐ผ Read more:
https://www.theverge.com/2019/11/25/20976964/chinese-americans-censorship-wechat-hong-kong-elections-tiktok
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_ES
๐ก@FLOSSb0xIN
#Chinese #Americans who use the Chinese app #WeChat say they are being #censored for writing #messages in support of #HongKong.
WeChat is ubiquitous in China, so for Chinese Americans with family there it is a major blow to be kicked off the app.
This is the latest in a pattern of Chinese #censorship extending into the #US.
Chinese American users of the messaging app WeChat are finding their messages containing political criticism of China โ particularly those aimed at the protests in Hong Kong โ are being censored, The Verge reports.
In one instance an American information security analyst named Bin Xie had his account taken down after writing "The pro-China candidates totally lost," referring to Hong Kong's recent election in which pro-democracy candidates gained huge ground against pro-China candidates.
"If you have censorship in China, fine," he told The Verge. "But in this country? I'm a Republican, but on WeChat I suffer the same as Democrats โ we are all censored."
Xie then joined a WhatsApp group full of Chinese Americans who had similarly been kicked off WeChat for expressing political views.
For Chinese Americans with family in China, being kicked off WeChat is a major problem. The WeChat app is more or less ubiquitous in China, where it covers a broad range of uses. It acts as a messaging app, a dominant payment platform, a social network, and a platform for accomplishing everyday tasks like paying utility bills and booking doctor's appointments. WeChat and its rival Alipay's payment systems have become so everyday that even street vendors and buskers use QR codes rather than accept cash.
๐๐ผ Read more:
https://www.businessinsider.com/us-wechat-users-censored-messages-hong-kong-china-2019-11
๐๐ผ Read more:
https://www.theverge.com/2019/11/25/20976964/chinese-americans-censorship-wechat-hong-kong-elections-tiktok
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_ES
๐ก@FLOSSb0xIN
This media is not supported in your browser
VIEW IN TELEGRAM
'Suspension won't silence me': Teen speaks out after embedding message about Xinjiang Uyghurs in TikTok make-up vid
A teenager who spoke out about the plight of #Uyghurs in #Xinjiang has challenged the #Chinese-owned social media app #TikTok over its decision to block her from posting new content. #video
๐บ https://www.hongkongfp.com/2019/11/27/suspension-wont-silence-teen-speaks-embedding-message-xinjiang-uyghurs-tiktok-make-vid/
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_ES
๐ก@FLOSSb0xIN
A teenager who spoke out about the plight of #Uyghurs in #Xinjiang has challenged the #Chinese-owned social media app #TikTok over its decision to block her from posting new content. #video
๐บ https://www.hongkongfp.com/2019/11/27/suspension-wont-silence-teen-speaks-embedding-message-xinjiang-uyghurs-tiktok-make-vid/
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_ES
๐ก@FLOSSb0xIN
Pavel Durov must make a statement to the New York District Court
According to an order of judge P. Kevin Castel, Pavel #Durov, the founder and CEO of #Telegram, will testify before a New York district court in January. The #US regulatory authority #SEC stopped the issue of the #Gram #Token almost at the last minute with its temporary injunction. The defendants have already responded with their complaint in court. A total of three Telegram executives have to endure an interrogation.
The United States Securities and Exchange Commission (SEC) stopped the launch of the Telegram Open Network (#TON) and the issue of the Token Gram. TON Issuer Inc. and the operating company of Telegram are now trying to defend themselves legally.
Soon to be headquartered in Switzerland?
According to local media reports, the operating company is planning to move to the #Swiss town of #Zug in the near future. The company plans to gradually relocate its headquarters and research and development to #Switzerland. The #Libra Association, which wants to publish the #crypto #currency for #Facebook, has also opted for Switzerland as its headquarters. The financial supervisory authority Finma has already confirmed that it is in negotiations with Telegram. However, the authority paused its negotiations after the SEC's injunction became known.
๐๐ผ Read more:
https://tarnkappe.info/pavel-durov-muss-vor-new-yorker-bezirksgericht-eine-aussage-machen/
๐๐ผ Read more:
https://www.luzernerzeitung.ch/wirtschaft/chat-app-telegram-will-nach-zug-ziehen-das-sagt-platzhirsch-threema-dazu-ld.1168724
๐๐ผ Read more:
https://www.bitcoininsider.org/article/78628/telegram-founder-pavel-durov-give-deposition-gram-token-case
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_ES
๐ก@FLOSSb0xIN
According to an order of judge P. Kevin Castel, Pavel #Durov, the founder and CEO of #Telegram, will testify before a New York district court in January. The #US regulatory authority #SEC stopped the issue of the #Gram #Token almost at the last minute with its temporary injunction. The defendants have already responded with their complaint in court. A total of three Telegram executives have to endure an interrogation.
The United States Securities and Exchange Commission (SEC) stopped the launch of the Telegram Open Network (#TON) and the issue of the Token Gram. TON Issuer Inc. and the operating company of Telegram are now trying to defend themselves legally.
Soon to be headquartered in Switzerland?
According to local media reports, the operating company is planning to move to the #Swiss town of #Zug in the near future. The company plans to gradually relocate its headquarters and research and development to #Switzerland. The #Libra Association, which wants to publish the #crypto #currency for #Facebook, has also opted for Switzerland as its headquarters. The financial supervisory authority Finma has already confirmed that it is in negotiations with Telegram. However, the authority paused its negotiations after the SEC's injunction became known.
๐๐ผ Read more:
https://tarnkappe.info/pavel-durov-muss-vor-new-yorker-bezirksgericht-eine-aussage-machen/
๐๐ผ Read more:
https://www.luzernerzeitung.ch/wirtschaft/chat-app-telegram-will-nach-zug-ziehen-das-sagt-platzhirsch-threema-dazu-ld.1168724
๐๐ผ Read more:
https://www.bitcoininsider.org/article/78628/telegram-founder-pavel-durov-give-deposition-gram-token-case
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_ES
๐ก@FLOSSb0xIN
Stop complaining about us! - TikTokโs Criticism and Competition Guidelines
Those who complained about the video platform got demoted. We publish excerpts from the moderation rules of #TikTok. They show that not only political content made the video #platform nervous. The naming of #competitors and #criticism of the company were also punished.
โI think TikTok is stupid because it #censors content.โ Until recently, such a sentence in a TikTok video could lead to a situation where it would never reach a large audience. The same was true for clips that contained a screenshot from a #WhatsApp chat. Until at least September of this year, the video platform was demoting content that criticized the company or when somebody mentioned the name of a direct competitor of TikTok. This is documented by the moderation rules that netzpolitik.org was able to see.
For this #research netzpolitik.org spoke with a #source at TikTok, as well as examining moderation criteria and communications. In the article โTikTok: Cheerfulness and censorshipโ we examined the moderation processes and the political implications of information control on the Chinese video platform. Now we focus on how the company has dealt with criticism and how it deals with its competitors (PDF). ๐๐ผ https://cdn.netzpolitik.org/wp-upload/2019/11/TikTok-Competitors-Attack-on-TikTok.pdf
Criticism of TikTok was unwelcome
One of the rules netzpolitik.org was able to see was โcontent depicting an attack on TikTokโ. It said that โconstructive criticismโ and โfeedbackโ were allowed. For content โattacking, condemning or criticizing TikTokโ, the moderators were advised to mark the videos as โNot Recommendโ. A classification of โNot Recommendโ greatly limits the possible viewership of a video. It then no longer appears in the algorithmically selected โFor Youโ feed, which the user sees when opening the app.
๐๐ผ Read more:
https://netzpolitik.org/2019/complaints-and-competition-throttling-the-tiktok-feed/
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_ES
๐ก@FLOSSb0xIN
Those who complained about the video platform got demoted. We publish excerpts from the moderation rules of #TikTok. They show that not only political content made the video #platform nervous. The naming of #competitors and #criticism of the company were also punished.
โI think TikTok is stupid because it #censors content.โ Until recently, such a sentence in a TikTok video could lead to a situation where it would never reach a large audience. The same was true for clips that contained a screenshot from a #WhatsApp chat. Until at least September of this year, the video platform was demoting content that criticized the company or when somebody mentioned the name of a direct competitor of TikTok. This is documented by the moderation rules that netzpolitik.org was able to see.
For this #research netzpolitik.org spoke with a #source at TikTok, as well as examining moderation criteria and communications. In the article โTikTok: Cheerfulness and censorshipโ we examined the moderation processes and the political implications of information control on the Chinese video platform. Now we focus on how the company has dealt with criticism and how it deals with its competitors (PDF). ๐๐ผ https://cdn.netzpolitik.org/wp-upload/2019/11/TikTok-Competitors-Attack-on-TikTok.pdf
Criticism of TikTok was unwelcome
One of the rules netzpolitik.org was able to see was โcontent depicting an attack on TikTokโ. It said that โconstructive criticismโ and โfeedbackโ were allowed. For content โattacking, condemning or criticizing TikTokโ, the moderators were advised to mark the videos as โNot Recommendโ. A classification of โNot Recommendโ greatly limits the possible viewership of a video. It then no longer appears in the algorithmically selected โFor Youโ feed, which the user sees when opening the app.
๐๐ผ Read more:
https://netzpolitik.org/2019/complaints-and-competition-throttling-the-tiktok-feed/
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@cRyPtHoN_INFOSEC_ES
๐ก@FLOSSb0xIN
China due to introduce face scans for mobile users
People in China are now required to have their faces scanned when registering new mobile phone services, as the authorities seek to verify the identities of the country's hundreds of millions of internet users.
The #regulation, announced in September, was due to come into effect on Sunday.
The #government says it wants to "protect the legitimate rights and interest of #citizens in #cyberspace".
#China already uses #facial #recognition #technology to #survey its #population.
It is a world leader in such technologies, but their intensifying use across the country in recent years has sparked debate.
What are the new rules?
When signing up for new mobile or mobile data contracts, people are already required to show their national identification card (as required in many countries) and have their photos taken.
But now, they will also have their faces scanned in order to verify that they are a genuine match for the ID provided.
China has for years been trying to enforce rules to ensure that everyone using the internet does so under their "real-name" identities.
In 2017, for example, new rules required internet platforms to verify a user's true identity before letting them post online content.
The new regulation for telecom operators was framed by the Ministry of Industry and Information Technology as a way to "strengthen" this system and ensure that the government can identify all mobile phone users. Most Chinese internet users access the web via their phones.
๐๐ผ Read more:
https://www.bbc.com/news/world-asia-china-50587098
๐๐ผ Read as well:
https://gizmodo.com/chinese-citizens-will-have-to-scan-their-faces-to-get-i-1838936778
#surveillance #thinkabout #why
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@BlackBox_Archiv
๐ก@FLOSSb0xIN
People in China are now required to have their faces scanned when registering new mobile phone services, as the authorities seek to verify the identities of the country's hundreds of millions of internet users.
The #regulation, announced in September, was due to come into effect on Sunday.
The #government says it wants to "protect the legitimate rights and interest of #citizens in #cyberspace".
#China already uses #facial #recognition #technology to #survey its #population.
It is a world leader in such technologies, but their intensifying use across the country in recent years has sparked debate.
What are the new rules?
When signing up for new mobile or mobile data contracts, people are already required to show their national identification card (as required in many countries) and have their photos taken.
But now, they will also have their faces scanned in order to verify that they are a genuine match for the ID provided.
China has for years been trying to enforce rules to ensure that everyone using the internet does so under their "real-name" identities.
In 2017, for example, new rules required internet platforms to verify a user's true identity before letting them post online content.
The new regulation for telecom operators was framed by the Ministry of Industry and Information Technology as a way to "strengthen" this system and ensure that the government can identify all mobile phone users. Most Chinese internet users access the web via their phones.
๐๐ผ Read more:
https://www.bbc.com/news/world-asia-china-50587098
๐๐ผ Read as well:
https://gizmodo.com/chinese-citizens-will-have-to-scan-their-faces-to-get-i-1838936778
#surveillance #thinkabout #why
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@BlackBox_Archiv
๐ก@FLOSSb0xIN
30 506 internet domain names shut down for intellectual property infringement
Law enforcement #authorities from 18 #EU Member States1 and third parties in a joint investigation with #Europol and the US National Intellectual Property Rights Coordination Centre 2, facilitated by #Eurojust and #INTERPOL, have #seized over 30 506 #domain names that distributed #counterfeit and #pirated items over the internet during operation #IOSX. These included counterfeit #pharmaceuticals and pirated #movies, illegal #television #streaming, #music, #software, #electronics, and other bogus products.
3 arrests and 26 000 luxury products seized
During the investigation, officials arrested 3 suspects, seized 26 000 luxury products (clothes, perfumes), 363 litres of alcoholic beverages, and many hardware devices. They identified and froze more than โฌ150 000 in several bank accounts and online payment platforms.
Europol โs Intellectual Property Crime Coordinated Coalition (IPCยณ) supported the investigation on the ground by deploying experts with a mobile office. Europol officers carried out real-time information exchange and cross-checks of the data gathered during the course of the action against Europolโs databases. In addition, #IPC3 experts organised several online investigation techniques training courses in intellectual property infringements in 2019 with law enforcement authorities all over #Europe.
๐๐ผ Read more:
https://www.europol.europa.eu/newsroom/news/30-506-internet-domain-names-shut-down-for-intellectual-property-infringement
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@BlackBox_Archiv
๐ก@FLOSSb0xIN
Law enforcement #authorities from 18 #EU Member States1 and third parties in a joint investigation with #Europol and the US National Intellectual Property Rights Coordination Centre 2, facilitated by #Eurojust and #INTERPOL, have #seized over 30 506 #domain names that distributed #counterfeit and #pirated items over the internet during operation #IOSX. These included counterfeit #pharmaceuticals and pirated #movies, illegal #television #streaming, #music, #software, #electronics, and other bogus products.
3 arrests and 26 000 luxury products seized
During the investigation, officials arrested 3 suspects, seized 26 000 luxury products (clothes, perfumes), 363 litres of alcoholic beverages, and many hardware devices. They identified and froze more than โฌ150 000 in several bank accounts and online payment platforms.
Europol โs Intellectual Property Crime Coordinated Coalition (IPCยณ) supported the investigation on the ground by deploying experts with a mobile office. Europol officers carried out real-time information exchange and cross-checks of the data gathered during the course of the action against Europolโs databases. In addition, #IPC3 experts organised several online investigation techniques training courses in intellectual property infringements in 2019 with law enforcement authorities all over #Europe.
๐๐ผ Read more:
https://www.europol.europa.eu/newsroom/news/30-506-internet-domain-names-shut-down-for-intellectual-property-infringement
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@BlackBox_Archiv
๐ก@FLOSSb0xIN
TikTok curbed reach for people with disabilities
Leaked documents reveal how TikTok hid videos of people with disabilities. Queer and fat users were also pushed out of view. The Chinese company says the rules were meant to protect vulnerable users.
#TikTok, the fast-growing social network from #China, has used unusual measures to protect supposedly vulnerable users. The #platform instructed its moderators to mark #videos of people with #disabilities and limit their reach. #Queer and #fat people also ended up on a list of โspecial usersโ whose videos were regarded as a #bullying risk by default and capped in their reach โ regardless of the content.
#Documents obtained by netzpolitik.org detail TikTokโs moderation #guidelines. In addition we spoke with a source at TikTok who has knowledge of content moderation policies at the video-sharing platform.
The new #revelations show how #ByteDance, the #Beijing-based Chinese #technology company behind TikTok, deals with #bullying on its platform โ and the controversial measures it took against it.
Previously, we examined how TikTok limits reach for political content and how its moderation policies work. We also looked at how the service deals with criticism and competition.
Vulnerable only visible in home country
The relevant section in the moderation rules is called โImagery depicting a subject highly vulnerable to #cyberbullyingโ. In the explanations it says that this covers users who are โsusceptible to #harassment or cyberbullying based on their physical or mental conditionโ.
According to the memo, mobbing has negative consequences for those affected. Therefore, videos of such users should always be considered as a risk and their reach on the platform should be limited.
TikTok uses its moderation toolbox to limit the visibility of such users. Moderators were instructed to mark people with disabilities as โRisk 4โ. This means that a video is only visible in the country where it was uploaded.
For people with an actual or assumed disability, this means that instead of reaching a global audience of one billion, their videos reached a maximum of 5.5 million people. These are the user numbers TikTok currently has in Germany and globally, according to AdAge magazine.
๐๐ผ Read more:
https://netzpolitik.org/2019/discrimination-tiktok-curbed-reach-for-people-with-disabilities/
๐๐ผ Read as well:
https://t.iss.one/BlackBox_Archiv/739
#why #thinkabout
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@BlackBox_Archiv
๐ก@FLOSSb0xIN
Leaked documents reveal how TikTok hid videos of people with disabilities. Queer and fat users were also pushed out of view. The Chinese company says the rules were meant to protect vulnerable users.
#TikTok, the fast-growing social network from #China, has used unusual measures to protect supposedly vulnerable users. The #platform instructed its moderators to mark #videos of people with #disabilities and limit their reach. #Queer and #fat people also ended up on a list of โspecial usersโ whose videos were regarded as a #bullying risk by default and capped in their reach โ regardless of the content.
#Documents obtained by netzpolitik.org detail TikTokโs moderation #guidelines. In addition we spoke with a source at TikTok who has knowledge of content moderation policies at the video-sharing platform.
The new #revelations show how #ByteDance, the #Beijing-based Chinese #technology company behind TikTok, deals with #bullying on its platform โ and the controversial measures it took against it.
Previously, we examined how TikTok limits reach for political content and how its moderation policies work. We also looked at how the service deals with criticism and competition.
Vulnerable only visible in home country
The relevant section in the moderation rules is called โImagery depicting a subject highly vulnerable to #cyberbullyingโ. In the explanations it says that this covers users who are โsusceptible to #harassment or cyberbullying based on their physical or mental conditionโ.
According to the memo, mobbing has negative consequences for those affected. Therefore, videos of such users should always be considered as a risk and their reach on the platform should be limited.
TikTok uses its moderation toolbox to limit the visibility of such users. Moderators were instructed to mark people with disabilities as โRisk 4โ. This means that a video is only visible in the country where it was uploaded.
For people with an actual or assumed disability, this means that instead of reaching a global audience of one billion, their videos reached a maximum of 5.5 million people. These are the user numbers TikTok currently has in Germany and globally, according to AdAge magazine.
๐๐ผ Read more:
https://netzpolitik.org/2019/discrimination-tiktok-curbed-reach-for-people-with-disabilities/
๐๐ผ Read as well:
https://t.iss.one/BlackBox_Archiv/739
#why #thinkabout
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@BlackBox_Archiv
๐ก@FLOSSb0xIN
Spanish Congress approves "digital decree" The "gag law" to control the Internet?
The Permanent #Commission of the #Congress has approved with the favorable votes of #PSOE, #PP and #Citizens, the Royal Decree-Law 14/2019 of October 31, of urgent measures for the #digital #administration. A tremendously controversial #rule, unprecedented in #Spanish #democracy and that is raising blisters in all areas, as some #lawyers and #activists believe that it is an unconstitutional rule that violates fundamental rights.
The so-called "#digitaldecree" will allow the #Government to assume (temporarily) the direct management of electronic communications networks and services in certain exceptional cases that may affect public order, public security and national security. In practice, the Government will be able to cut off communications and networks such as the Internet in all or part of the territory without a prior court order, alleging an alteration of 'public order'.
The approval entails the adaptation of section 6 of article 4 of the General Telecommunications Law, the wording of which will literally read as follows: "The Government, on an exceptional and transitory basis, may agree to the assumption by the General State Administration of the direct management or intervention of electronic communications networks and services in certain exceptional cases that may affect public order, public security and national security. This exceptional power [...] may affect any infrastructure, associated resource or element or level of the network or service that is necessary to preserve or restore public order, public security and national security.
๐๐ผ Read more:
https://www.muycomputer.com/2019/11/28/decretazo-digital-control-internet/
#spain #why #thinkabout
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@BlackBox_Archiv
๐ก@FLOSSb0xIN
The Permanent #Commission of the #Congress has approved with the favorable votes of #PSOE, #PP and #Citizens, the Royal Decree-Law 14/2019 of October 31, of urgent measures for the #digital #administration. A tremendously controversial #rule, unprecedented in #Spanish #democracy and that is raising blisters in all areas, as some #lawyers and #activists believe that it is an unconstitutional rule that violates fundamental rights.
The so-called "#digitaldecree" will allow the #Government to assume (temporarily) the direct management of electronic communications networks and services in certain exceptional cases that may affect public order, public security and national security. In practice, the Government will be able to cut off communications and networks such as the Internet in all or part of the territory without a prior court order, alleging an alteration of 'public order'.
The approval entails the adaptation of section 6 of article 4 of the General Telecommunications Law, the wording of which will literally read as follows: "The Government, on an exceptional and transitory basis, may agree to the assumption by the General State Administration of the direct management or intervention of electronic communications networks and services in certain exceptional cases that may affect public order, public security and national security. This exceptional power [...] may affect any infrastructure, associated resource or element or level of the network or service that is necessary to preserve or restore public order, public security and national security.
๐๐ผ Read more:
https://www.muycomputer.com/2019/11/28/decretazo-digital-control-internet/
#spain #why #thinkabout
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@BlackBox_Archiv
๐ก@FLOSSb0xIN
Big Brother is watching: Chinese city with 2.6m cameras is world's most heavily surveilled
Cities around the world are scaling up their use of surveillance cameras and facial recognition systems โ but which ones are watching their citizens most closely?
Qiu Rui, a #policeman in #Chongqing, was on duty this summer when he received an #alert from a #facial #recognition system at a local square. There was a high probability a man caught on camera was a suspect in a 2002 murder case, the system told him.
The cityโs #surveillance #system scans facial features of people on the streets from frames of video footage in real time, creating a virtual map of the face. It can then match this information against scanned faces of suspects in a police database. If there is a match that passes a preset threshold, typically 60% or higher, the system immediately notifies officers. Three days later the police captured the man, who eventually admitted that he was the suspect.
Cases such as this, where facial recognition systems are used to help local police crack crime cases, are not unusual in the south-west #China city, which recently ranked first in an #analysis of the worldโs most surveilled cities compiled by the UK-based technology research firm Comparitech. With 2.58m cameras covering 15.35 million people โ equal to one camera for every six residents โ Chongqing has more surveillance cameras than any other city in the world for its population, beating even Beijing, Shanghai and tech hub Shenzhen.
๐๐ผ Read more:
https://www.theguardian.com/cities/2019/dec/02/big-brother-is-watching-chinese-city-with-26m-cameras-is-worlds-most-heavily-surveilled
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@BlackBox_Archiv
๐ก@FLOSSb0xIN
Cities around the world are scaling up their use of surveillance cameras and facial recognition systems โ but which ones are watching their citizens most closely?
Qiu Rui, a #policeman in #Chongqing, was on duty this summer when he received an #alert from a #facial #recognition system at a local square. There was a high probability a man caught on camera was a suspect in a 2002 murder case, the system told him.
The cityโs #surveillance #system scans facial features of people on the streets from frames of video footage in real time, creating a virtual map of the face. It can then match this information against scanned faces of suspects in a police database. If there is a match that passes a preset threshold, typically 60% or higher, the system immediately notifies officers. Three days later the police captured the man, who eventually admitted that he was the suspect.
Cases such as this, where facial recognition systems are used to help local police crack crime cases, are not unusual in the south-west #China city, which recently ranked first in an #analysis of the worldโs most surveilled cities compiled by the UK-based technology research firm Comparitech. With 2.58m cameras covering 15.35 million people โ equal to one camera for every six residents โ Chongqing has more surveillance cameras than any other city in the world for its population, beating even Beijing, Shanghai and tech hub Shenzhen.
๐๐ผ Read more:
https://www.theguardian.com/cities/2019/dec/02/big-brother-is-watching-chinese-city-with-26m-cameras-is-worlds-most-heavily-surveilled
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@BlackBox_Archiv
๐ก@FLOSSb0xIN
A decade of hacking: The most notable cyber-security events of the 2010s
The 2010s decade is drawing to a close and ZDNet is looking back at the most important cyber-security events that have taken place during the past ten years.
Over the past decade, we've seen it all. We've had monstrous #data #breaches, years of prolific #hacktivism, plenty of nation-state #cyber-#espionage operations, almost non-stop financially-motivated #cybercrime, and destructive #malware that has rendered systems unusable.
Below is a summary of the most important events of the 2010s, ordered by year. We didn't necessarily look at the biggest breaches or the most extensive hacking operations but instead focused on hacks and techniques that gave birth to a new cyber-security trend or were a paradigm shift in how experts looked at the entire field of cyber-security.
From the #Stuxnet attacks of 2010 to #China's extensive #mass-#surveillance of the #Uyghur #minority, we selected the most relevant events and explained why they were important.
๐๐ผ Read more:
https://www.zdnet.com/article/a-decade-of-hacking-the-most-notable-cyber-security-events-of-the-2010s/
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@BlackBox_Archiv
๐ก@FLOSSb0xIN
The 2010s decade is drawing to a close and ZDNet is looking back at the most important cyber-security events that have taken place during the past ten years.
Over the past decade, we've seen it all. We've had monstrous #data #breaches, years of prolific #hacktivism, plenty of nation-state #cyber-#espionage operations, almost non-stop financially-motivated #cybercrime, and destructive #malware that has rendered systems unusable.
Below is a summary of the most important events of the 2010s, ordered by year. We didn't necessarily look at the biggest breaches or the most extensive hacking operations but instead focused on hacks and techniques that gave birth to a new cyber-security trend or were a paradigm shift in how experts looked at the entire field of cyber-security.
From the #Stuxnet attacks of 2010 to #China's extensive #mass-#surveillance of the #Uyghur #minority, we selected the most relevant events and explained why they were important.
๐๐ผ Read more:
https://www.zdnet.com/article/a-decade-of-hacking-the-most-notable-cyber-security-events-of-the-2010s/
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@BlackBox_Archiv
๐ก@FLOSSb0xIN
China Uses DNA to Map Faces, With Help From the West
Beijingโs pursuit of control over a Muslim ethnic group pushes the rules of science and raises questions about consent.
TUMXUK, #China โ In a dusty city in the #Xinjiang region on Chinaโs western frontier, the #authorities are testing the #rules of #science.
With a million or more #ethnic #Uighurs and others from predominantly #Muslim #minority groups swept up in detentions across Xinjiang, officials in Tumxuk have gathered blood samples from hundreds of Uighurs โ part of a mass #DNA collection effort dogged by questions about consent and how the data will be used.
In #Tumxuk, at least, there is a partial answer: Chinese #scientists are trying to find a way to use a DNA sample to create an image of a personโs face.
The #technology, which is also being developed in the #UnitedStates and elsewhere, is in the early stages of #development and can produce rough pictures good enough only to narrow a #manhunt or perhaps eliminate #suspects. But given the crackdown in Xinjiang, experts on ethics in science worry that China is building a #tool that could be used to justify and intensify #racial #profiling and other state #discrimination against Uighurs.
In the long term, experts say, it may even be possible for the Communist government to feed images produced from a DNA sample into the mass surveillance and facial recognition systems that it is building, tightening its grip on society by improving its ability to track dissidents and protesters as well as criminals.
Some of this research is taking place in labs run by Chinaโs Ministry of Public Security, and at least two Chinese scientists working with the ministry on the technology have received funding from respected institutions in Europe. International scientific journals have published their findings without examining the origin of the DNA used in the studies or vetting the ethical questions raised by collecting such samples in Xinjiang.
In papers, the Chinese scientists said they followed norms set by international associations of scientists, which would require that the men in Tumxuk (pronounced TUM-shook) gave their blood willingly. But in Xinjiang, many people have no choice. The government collects samples under the veneer of a mandatory health checkup program, according to Uighurs who have fled the country. Those placed in internment camps โ two of which are in Tumxuk โ also have little choice.
๐๐ผ Read more:
https://www.nytimes.com/2019/12/03/business/china-dna-uighurs-xinjiang.html
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@BlackBox_Archiv
๐ก@FLOSSb0xIN
Beijingโs pursuit of control over a Muslim ethnic group pushes the rules of science and raises questions about consent.
TUMXUK, #China โ In a dusty city in the #Xinjiang region on Chinaโs western frontier, the #authorities are testing the #rules of #science.
With a million or more #ethnic #Uighurs and others from predominantly #Muslim #minority groups swept up in detentions across Xinjiang, officials in Tumxuk have gathered blood samples from hundreds of Uighurs โ part of a mass #DNA collection effort dogged by questions about consent and how the data will be used.
In #Tumxuk, at least, there is a partial answer: Chinese #scientists are trying to find a way to use a DNA sample to create an image of a personโs face.
The #technology, which is also being developed in the #UnitedStates and elsewhere, is in the early stages of #development and can produce rough pictures good enough only to narrow a #manhunt or perhaps eliminate #suspects. But given the crackdown in Xinjiang, experts on ethics in science worry that China is building a #tool that could be used to justify and intensify #racial #profiling and other state #discrimination against Uighurs.
In the long term, experts say, it may even be possible for the Communist government to feed images produced from a DNA sample into the mass surveillance and facial recognition systems that it is building, tightening its grip on society by improving its ability to track dissidents and protesters as well as criminals.
Some of this research is taking place in labs run by Chinaโs Ministry of Public Security, and at least two Chinese scientists working with the ministry on the technology have received funding from respected institutions in Europe. International scientific journals have published their findings without examining the origin of the DNA used in the studies or vetting the ethical questions raised by collecting such samples in Xinjiang.
In papers, the Chinese scientists said they followed norms set by international associations of scientists, which would require that the men in Tumxuk (pronounced TUM-shook) gave their blood willingly. But in Xinjiang, many people have no choice. The government collects samples under the veneer of a mandatory health checkup program, according to Uighurs who have fled the country. Those placed in internment camps โ two of which are in Tumxuk โ also have little choice.
๐๐ผ Read more:
https://www.nytimes.com/2019/12/03/business/china-dna-uighurs-xinjiang.html
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@BlackBox_Archiv
๐ก@FLOSSb0xIN
FBI warns about snoopy smart TVs spying on you
An FBI branch office warns smart TV users that they can be gateways for hackers to come into your home. Meanwhile, the smart TV OEMs are already spying on you
A recent #FBI #report warned #smart #TV users that #hackers can also take control of your unsecured TV. "At the low end of the risk spectrum, they can change channels, play with the volume, and show your kids inappropriate videos. In a worst-case scenario, they can turn on your bedroom TV's camera and microphone and silently #cyberstalk you," explained the FBI.
The risk isn't new. A few years ago, smart TVs from #LG, #Samsung, and #Vizio were #spying and #reporting on your viewing habits to their #manufacturers.
Today, the FBI is warning that "TV manufacturers and #app #developers may be listening and watching you." It added, "[A] television can also be a gateway for hackers to come into your home. A bad cyber actor may not be able to access your locked-down computer directly, but it is possible that your unsecured TV can give him or her an easy way in the #backdoor through your #router."
That's true, but while there have been relatively few cases of hackers invading homes via their smart TVs, it's only a matter of time until they're watching and listening to you.
๐๐ผ Read more:
https://www.zdnet.com/article/fbi-warns-about-snoopy-smart-tvs-spying-on-you/
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@BlackBox_Archiv
๐ก@FLOSSb0xIN
An FBI branch office warns smart TV users that they can be gateways for hackers to come into your home. Meanwhile, the smart TV OEMs are already spying on you
A recent #FBI #report warned #smart #TV users that #hackers can also take control of your unsecured TV. "At the low end of the risk spectrum, they can change channels, play with the volume, and show your kids inappropriate videos. In a worst-case scenario, they can turn on your bedroom TV's camera and microphone and silently #cyberstalk you," explained the FBI.
The risk isn't new. A few years ago, smart TVs from #LG, #Samsung, and #Vizio were #spying and #reporting on your viewing habits to their #manufacturers.
Today, the FBI is warning that "TV manufacturers and #app #developers may be listening and watching you." It added, "[A] television can also be a gateway for hackers to come into your home. A bad cyber actor may not be able to access your locked-down computer directly, but it is possible that your unsecured TV can give him or her an easy way in the #backdoor through your #router."
That's true, but while there have been relatively few cases of hackers invading homes via their smart TVs, it's only a matter of time until they're watching and listening to you.
๐๐ผ Read more:
https://www.zdnet.com/article/fbi-warns-about-snoopy-smart-tvs-spying-on-you/
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@BlackBox_Archiv
๐ก@FLOSSb0xIN
The iPhone 11 Proโs Location Data Puzzler
One of the more curious behaviors of Appleโs new #iPhone 11 Pro is that it intermittently seeks the userโs location information even when all #applications and #system services on the phone are individually set to never request this data. #Apple says this is by design, but that response seems at odds with the companyโs own #privacy #policy.
The privacy policy available from the iPhoneโs #Location #Services screen says, โIf Location Services is on, your iPhone will periodically send the geo-tagged locations of nearby Wi-Fi hotspots and cell towers (where supported by a device) in an anonymous and encrypted form to Apple, to be used for augmenting this #crowd-sourced #database of Wi-Fi hotspot and cell tower locations.โ
The #policy explains users can disable all location services entirely with one swipe (by navigating to Settings > Privacy > Location Services, then switching โLocation Servicesโ to โoffโ). When one does this, the location services indicator โ a small diagonal upward arrow to the left of the battery icon โ no longer appears unless Location Services is re-enabled.
The policy continues: โYou can also disable location-based system services by tapping on System Services and turning off each location-based system service.โ But apparently there are some system services on this model (and possibly other iPhone 11 models) which request location data and cannot be disabled by users without completely turning off location services, as the arrow icon still appears periodically even after individually disabling all system services that use location.
On Nov. 13, #KrebsOnSecurity contacted Apple to report this as a possible privacy bug in the new iPhone Pro and/or in #iOS 13.x, sharing a #video showing how the device still seeks the userโs location when each app and system service is set to โneverโ request location information (but with the main Location Data service still turned on).
๐๐ผ Video:
https://youtu.be/37_3hd_SK24
๐๐ผ Read more:
https://krebsonsecurity.com/2019/12/the-iphone-11-pros-location-data-puzzler/
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@BlackBox_Archiv
๐ก@FLOSSb0xIN
One of the more curious behaviors of Appleโs new #iPhone 11 Pro is that it intermittently seeks the userโs location information even when all #applications and #system services on the phone are individually set to never request this data. #Apple says this is by design, but that response seems at odds with the companyโs own #privacy #policy.
The privacy policy available from the iPhoneโs #Location #Services screen says, โIf Location Services is on, your iPhone will periodically send the geo-tagged locations of nearby Wi-Fi hotspots and cell towers (where supported by a device) in an anonymous and encrypted form to Apple, to be used for augmenting this #crowd-sourced #database of Wi-Fi hotspot and cell tower locations.โ
The #policy explains users can disable all location services entirely with one swipe (by navigating to Settings > Privacy > Location Services, then switching โLocation Servicesโ to โoffโ). When one does this, the location services indicator โ a small diagonal upward arrow to the left of the battery icon โ no longer appears unless Location Services is re-enabled.
The policy continues: โYou can also disable location-based system services by tapping on System Services and turning off each location-based system service.โ But apparently there are some system services on this model (and possibly other iPhone 11 models) which request location data and cannot be disabled by users without completely turning off location services, as the arrow icon still appears periodically even after individually disabling all system services that use location.
On Nov. 13, #KrebsOnSecurity contacted Apple to report this as a possible privacy bug in the new iPhone Pro and/or in #iOS 13.x, sharing a #video showing how the device still seeks the userโs location when each app and system service is set to โneverโ request location information (but with the main Location Data service still turned on).
๐๐ผ Video:
https://youtu.be/37_3hd_SK24
๐๐ผ Read more:
https://krebsonsecurity.com/2019/12/the-iphone-11-pros-location-data-puzzler/
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@BlackBox_Archiv
๐ก@FLOSSb0xIN
Two malicious Python libraries caught stealing SSH and GPG keys
One library was available for only two days, but the second was live for nearly a year.
The #Python #security #team removed two #trojanized #Python #libraries from #PyPI (Python Package Index) that were caught #stealing #SSH and #GPG keys from the projects of infected developers.
The two libraries were created by the same #developer and mimicked other more popular libraries -- using a technique called #typosquatting to register similarly-looking names.
The first is "python3-dateutil," which imitated the popular "dateutil" library. The second is "jeIlyfish" (the first L is an I), which mimicked the "jellyfish" library.
The two malicious clones were discovered on Sunday, December 1, by German software developer Lukas Martini. Both libraries were removed on the same day after Martini notified dateutil developers and the PyPI security team.
While the python3-dateutil was created and uploaded on PyPI two days before, on November 29, the jeIlyfish library had been available for nearly a year, since December 11, 2018.
๐๐ผ Read more:
https://www.zdnet.com/article/two-malicious-python-libraries-removed-from-pypi/
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@BlackBox_Archiv
๐ก@FLOSSb0xIN
One library was available for only two days, but the second was live for nearly a year.
The #Python #security #team removed two #trojanized #Python #libraries from #PyPI (Python Package Index) that were caught #stealing #SSH and #GPG keys from the projects of infected developers.
The two libraries were created by the same #developer and mimicked other more popular libraries -- using a technique called #typosquatting to register similarly-looking names.
The first is "python3-dateutil," which imitated the popular "dateutil" library. The second is "jeIlyfish" (the first L is an I), which mimicked the "jellyfish" library.
The two malicious clones were discovered on Sunday, December 1, by German software developer Lukas Martini. Both libraries were removed on the same day after Martini notified dateutil developers and the PyPI security team.
While the python3-dateutil was created and uploaded on PyPI two days before, on November 29, the jeIlyfish library had been available for nearly a year, since December 11, 2018.
๐๐ผ Read more:
https://www.zdnet.com/article/two-malicious-python-libraries-removed-from-pypi/
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@BlackBox_Archiv
๐ก@FLOSSb0xIN
Media is too big
VIEW IN TELEGRAM
You can hack anything - you just shouldn't get caught - #OpSec for data travellers
In this introductory talk we give an overview of the #risks of the #hacking #hobby: doors that are broken in, house searches and high legal fees obscure the enjoyment of free hacking.
Here it is worthwhile for the #hacking offspring to learn from the mistakes of others. We give classic examples of mistakes in #operational #security so that you don't have to make them.
๐บ ๐ฌ๐ง ๐ซ๐ท ๐ฉ๐ช
https://media.ccc.de/v/35c3-9716-du_kannst_alles_hacken_du_darfst_dich_nur_nicht_erwischen_lassen
#video #CCC #Linus
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@BlackBox_Archiv
๐ก@FLOSSb0xIN
In this introductory talk we give an overview of the #risks of the #hacking #hobby: doors that are broken in, house searches and high legal fees obscure the enjoyment of free hacking.
Here it is worthwhile for the #hacking offspring to learn from the mistakes of others. We give classic examples of mistakes in #operational #security so that you don't have to make them.
๐บ ๐ฌ๐ง ๐ซ๐ท ๐ฉ๐ช
https://media.ccc.de/v/35c3-9716-du_kannst_alles_hacken_du_darfst_dich_nur_nicht_erwischen_lassen
#video #CCC #Linus
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@BlackBox_Archiv
๐ก@FLOSSb0xIN
Kashmiris Are Disappearing From WhatsApp
Kashmiris enduring their region's ongoing internet blackout are losing their WhatsApp accounts because of the platform's policy on inactive accounts.
On Wednesday, #Kashmiris began #disappearing from #WhatsApp โ and no one initially knew why. #Citizens of the disputed geographical territory, whose autonomy the #Indian #government revoked in August, abruptly and inexplicably began departing WhatsApp groups in which they had long participated, leaving behind only a โ[Phone number] leftโ message.
It's been four months since Indiaโs government shut down Kashmirโs internet services, cutting off the region from the rest of the world. Because of this, some observers suspected that the Kashmiris who disappeared from their WhatsApp #groups this week did not do so on their own and may not even know anything has changed.
In a comment provided after this story's publication, a spokesperson for #Facebook, which owns WhatsApp, said the disappearances were the result of the messaging app's policy on inactive accounts.
"To maintain security and limit data retention, WhatsApp accounts generally expire after 120 days of inactivity," they wrote. "When that happens, those accounts automatically exit their WhatsApp groups. People will need to be re-added to groups upon regaining access to the Internet and joining WhatsApp again."
The spokesperson did not respond to questions from BuzzFeed News about how many Kashmiris were affected. Those whose profiles have expired will have to re-register on WhatsApp and recreate their profiles on the platform.
๐๐ผ Read more:
https://www.buzzfeednews.com/article/pranavdixit/hundreds-of-kashmiris-are-disappearing-from-their-whatsapp
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@BlackBox_Archiv
๐ก@FLOSSb0xIN
Kashmiris enduring their region's ongoing internet blackout are losing their WhatsApp accounts because of the platform's policy on inactive accounts.
On Wednesday, #Kashmiris began #disappearing from #WhatsApp โ and no one initially knew why. #Citizens of the disputed geographical territory, whose autonomy the #Indian #government revoked in August, abruptly and inexplicably began departing WhatsApp groups in which they had long participated, leaving behind only a โ[Phone number] leftโ message.
It's been four months since Indiaโs government shut down Kashmirโs internet services, cutting off the region from the rest of the world. Because of this, some observers suspected that the Kashmiris who disappeared from their WhatsApp #groups this week did not do so on their own and may not even know anything has changed.
In a comment provided after this story's publication, a spokesperson for #Facebook, which owns WhatsApp, said the disappearances were the result of the messaging app's policy on inactive accounts.
"To maintain security and limit data retention, WhatsApp accounts generally expire after 120 days of inactivity," they wrote. "When that happens, those accounts automatically exit their WhatsApp groups. People will need to be re-added to groups upon regaining access to the Internet and joining WhatsApp again."
The spokesperson did not respond to questions from BuzzFeed News about how many Kashmiris were affected. Those whose profiles have expired will have to re-register on WhatsApp and recreate their profiles on the platform.
๐๐ผ Read more:
https://www.buzzfeednews.com/article/pranavdixit/hundreds-of-kashmiris-are-disappearing-from-their-whatsapp
๐ก@cRyPtHoN_INFOSEC_DE
๐ก@cRyPtHoN_INFOSEC_EN
๐ก@BlackBox_Archiv
๐ก@FLOSSb0xIN