Media is too big
VIEW IN TELEGRAM
What is Pastejacking? | Exploiting machine using pastejacking
What is Pastejacking?
Nearly all browsers allow websites to run commands on the users’ computers. This feature can allow malicious websites to take over your computers’ clipboard. That is, when you copy something and paste it to your clipboard, the website can run one or more commands using your browser. The method can be used to change the Clipboard contents. While it may not be much dangerous if you are just copying to Notepad or Word etc. , it could be a problem for your computer if you paste something directly to the Command Prompt.
https://invidio.us/watch?v=4KNKGLS0nx0&feature=youtu.be&local=true
https://www.thewindowsclub.com/what-is-pastejacking
#pastejacking #exploiting #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
What is Pastejacking?
Nearly all browsers allow websites to run commands on the users’ computers. This feature can allow malicious websites to take over your computers’ clipboard. That is, when you copy something and paste it to your clipboard, the website can run one or more commands using your browser. The method can be used to change the Clipboard contents. While it may not be much dangerous if you are just copying to Notepad or Word etc. , it could be a problem for your computer if you paste something directly to the Command Prompt.
https://invidio.us/watch?v=4KNKGLS0nx0&feature=youtu.be&local=true
https://www.thewindowsclub.com/what-is-pastejacking
#pastejacking #exploiting #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Crypto money for watching commercials: That's what's behind the Microsoft idea
Microsoft has patented a new approach for cryptomining. According to this approach, users are to be rewarded with digital currency, for example, for watching advertisements.
Mining crypto-currencies requires powerful hardware and requires a corresponding amount of energy. No wonder that professional miners join together to form large pools or farms and operate in countries where electricity is cheap. For private users it is usually not very lucrative to mine. This could change if Microsoft were to put its patent-pending cryptomining solution into practice.
https://patentscope.wipo.int/search/en/detail.jsf?docId=WO2020060606&tab=PCTDESCRIPTION
https://t3n.de/news/kryptogeld-werbung-microsoft-1269724/
#crypto #microsoft #mining #advertising #patent
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Microsoft has patented a new approach for cryptomining. According to this approach, users are to be rewarded with digital currency, for example, for watching advertisements.
Mining crypto-currencies requires powerful hardware and requires a corresponding amount of energy. No wonder that professional miners join together to form large pools or farms and operate in countries where electricity is cheap. For private users it is usually not very lucrative to mine. This could change if Microsoft were to put its patent-pending cryptomining solution into practice.
https://patentscope.wipo.int/search/en/detail.jsf?docId=WO2020060606&tab=PCTDESCRIPTION
https://t3n.de/news/kryptogeld-werbung-microsoft-1269724/
#crypto #microsoft #mining #advertising #patent
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
The Far-Right Helped Create The World's Most Powerful Facial Recognition Technology
Clearview AI, which has alarmed privacy experts, hired several far-right employees, a HuffPost investigation found.
Advanced facial recognition technology poses a mortal threat to privacy. It could grant the government, corporations and even average citizens the ability to capture a photo of anybody and, with a few keystrokes, uncover all kinds of personal details. So when The New York Times published an exposé about a shadowy facial recognition firm called Clearview AI in January, it seemed like the worst nightmare of privacy advocates had arrived.
Clearview is the most powerful form of facial recognition technology ever created, according to the Times. With more than 3 billion photos scraped surreptitiously from social media profiles and websites, its image database is almost seven times the size of the FBI’s. Its mobile app can match names to faces with a tap of a touchscreen. The technology is already being integrated into augmented reality glasses so people can identify almost anyone they look at.
Clearview has contracts with Immigration and Customs Enforcement and the U.S. Attorney’s Office for the Southern District of New York, BuzzFeed reported earlier this year, and FBI agents, members of Customs and Border Protection, and hundreds of police officers at departments nationwide are among its users.
With the coronavirus pandemic increasingly throwing the country into chaos and President Donald Trump moving to expand domestic surveillance powers ― in theory, to better map disease spread ― Clearview has sought deeper inroads into government infrastructure and is now in discussions with state agencies to use its technology to track infected people, according to The Wall Street Journal.
Read more:
https://www.huffpost.com/entry/clearview-ai-facial-recognition-alt-right_n_5e7d028bc5b6cb08a92a5c48
https://www.nytimes.com/2020/01/18/technology/clearview-privacy-facial-recognition.html
#clearview #facial #recognition #technology #privacy #thinkabout #why
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Clearview AI, which has alarmed privacy experts, hired several far-right employees, a HuffPost investigation found.
Advanced facial recognition technology poses a mortal threat to privacy. It could grant the government, corporations and even average citizens the ability to capture a photo of anybody and, with a few keystrokes, uncover all kinds of personal details. So when The New York Times published an exposé about a shadowy facial recognition firm called Clearview AI in January, it seemed like the worst nightmare of privacy advocates had arrived.
Clearview is the most powerful form of facial recognition technology ever created, according to the Times. With more than 3 billion photos scraped surreptitiously from social media profiles and websites, its image database is almost seven times the size of the FBI’s. Its mobile app can match names to faces with a tap of a touchscreen. The technology is already being integrated into augmented reality glasses so people can identify almost anyone they look at.
Clearview has contracts with Immigration and Customs Enforcement and the U.S. Attorney’s Office for the Southern District of New York, BuzzFeed reported earlier this year, and FBI agents, members of Customs and Border Protection, and hundreds of police officers at departments nationwide are among its users.
With the coronavirus pandemic increasingly throwing the country into chaos and President Donald Trump moving to expand domestic surveillance powers ― in theory, to better map disease spread ― Clearview has sought deeper inroads into government infrastructure and is now in discussions with state agencies to use its technology to track infected people, according to The Wall Street Journal.
Read more:
https://www.huffpost.com/entry/clearview-ai-facial-recognition-alt-right_n_5e7d028bc5b6cb08a92a5c48
https://www.nytimes.com/2020/01/18/technology/clearview-privacy-facial-recognition.html
#clearview #facial #recognition #technology #privacy #thinkabout #why
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Media is too big
VIEW IN TELEGRAM
Your car is stealing your data. Here’s how ... 👀
We all know that social media apps collect our data to sell to advertisers. You web browser and websites use algorithms to tailor content and advertisements to you. But is you car doing that too? Join Nolan as he explores the sketchy world of automotive data collection. The answer may surprise you.
https://invidio.us/watch?v=SpbpD0qDSho
#data #collection #privacy #surveillance #thinkabout #why
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
We all know that social media apps collect our data to sell to advertisers. You web browser and websites use algorithms to tailor content and advertisements to you. But is you car doing that too? Join Nolan as he explores the sketchy world of automotive data collection. The answer may surprise you.
https://invidio.us/watch?v=SpbpD0qDSho
#data #collection #privacy #surveillance #thinkabout #why
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Madaidan's insecurities
This website contains a lot of information on certain security-related topics and aims to dispell common misinformation. I was requested by various people to create a website with all my opinions so here it is.
👉🏼 Android
👉🏼 Linux
👉🏼 Linux Phones
👉🏼 Firefox and Chromium Security
👉🏼 OpenBSD
👉🏼 VPNs
👉🏼 About
https://madaidans-insecurities.github.io/
#madaidan #insecurities #information #android #linux #ff #chrome #bsd #vpn #thinkabout
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag
This website contains a lot of information on certain security-related topics and aims to dispell common misinformation. I was requested by various people to create a website with all my opinions so here it is.
👉🏼 Android
👉🏼 Linux
👉🏼 Linux Phones
👉🏼 Firefox and Chromium Security
👉🏼 OpenBSD
👉🏼 VPNs
👉🏼 About
https://madaidans-insecurities.github.io/
#madaidan #insecurities #information #android #linux #ff #chrome #bsd #vpn #thinkabout
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
📡@NoGoolag
Ransomware scumbags leak Boeing, Lockheed Martin, SpaceX documents after contractor refuses to pay
Anti-mortar system specs, legal paperwork, payment forms, and more, dumped online from infected PCs
Internal confidential documents belonging to some of the largest aerospace companies in the world have been stolen from an industrial contractor and leaked online.
The data was pilfered and dumped on the internet by the criminals behind the DoppelPaymer Windows ransomware, in retaliation for an unpaid extortion demand. The sensitive documents include details of Lockheed-Martin-designed military equipment – such as the specifications for an antenna in an anti-mortar defense system – according to a Register source who alerted us to the blueprints.
Other documents in the cache include billing and payment forms, supplier information, data analysis reports, and legal paperwork. There are also documents outlining SpaceX's manufacturing partner program.
The files were siphoned from Visser Precision by the DoppelPaymer crew, which infected the contractor's PCs and scrambled its files. When the company failed to pay the ransom by their March deadline, the gang – which tends to demand hundreds of thousands to millions of dollars to restore encrypted files – uploaded a selection of the documents to a website that remains online and publicly accessible.
👉🏼 Read more:
https://www.theregister.co.uk/2020/04/10/lockheed_martin_spacex_ransomware_leak/
#ransomware #leak #DoppelPaymer
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Anti-mortar system specs, legal paperwork, payment forms, and more, dumped online from infected PCs
Internal confidential documents belonging to some of the largest aerospace companies in the world have been stolen from an industrial contractor and leaked online.
The data was pilfered and dumped on the internet by the criminals behind the DoppelPaymer Windows ransomware, in retaliation for an unpaid extortion demand. The sensitive documents include details of Lockheed-Martin-designed military equipment – such as the specifications for an antenna in an anti-mortar defense system – according to a Register source who alerted us to the blueprints.
Other documents in the cache include billing and payment forms, supplier information, data analysis reports, and legal paperwork. There are also documents outlining SpaceX's manufacturing partner program.
The files were siphoned from Visser Precision by the DoppelPaymer crew, which infected the contractor's PCs and scrambled its files. When the company failed to pay the ransom by their March deadline, the gang – which tends to demand hundreds of thousands to millions of dollars to restore encrypted files – uploaded a selection of the documents to a website that remains online and publicly accessible.
👉🏼 Read more:
https://www.theregister.co.uk/2020/04/10/lockheed_martin_spacex_ransomware_leak/
#ransomware #leak #DoppelPaymer
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
"Dopamine": Miniseries about the addiction mechanisms of Tinder, Facebook and Co. (RePost)
"They'll do anything to make you an addict," they say about #Tinder, #Facebook, #CandyCrush, #Instagram, #YouTube, #Snapchat, #Uber and #Twitter in the miniseries of #Arte. Eight episodes explain in detail which mechanisms are triggered in our brain to keep us engaged
📺 Dopamine - Tinder
📺 Dopamine - Facebook
📺 Dopamine - Candy Crush
📺 Dopamine - Instagram
📺 Dopamine - YouTube
📺 Dopamine - Snapchat
📺 Dopamine - Uber
📺 Dopamine - Twitter
💡 Actually, we have known this for a long time:
Candy Crush, Tinder, Facebook and others are above all one thing - time wasters. Nevertheless, it's extremely difficult for us to leave the #Smartphone on the shelf and not check out what's new every few minutes. Especially since what is then presented to us as news only rarely has news value or really gets us ahead. Nevertheless, we check out pages and pages of Aunt Monika's pictures from Paris, swear to complete "only one more level" at Candy Crush, let ourselves be carried away by the autoplay function into ever more abstruse depths of Youtube and simply can't get enough of cute cat photos on Instagram. What's wrong with us?
#Tinder #Facebook #CandyCrush #Instagram #YouTube #Snapchat #Uber #Twitter #Dopamine #video #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
"They'll do anything to make you an addict," they say about #Tinder, #Facebook, #CandyCrush, #Instagram, #YouTube, #Snapchat, #Uber and #Twitter in the miniseries of #Arte. Eight episodes explain in detail which mechanisms are triggered in our brain to keep us engaged
📺 Dopamine - Tinder
📺 Dopamine - Facebook
📺 Dopamine - Candy Crush
📺 Dopamine - Instagram
📺 Dopamine - YouTube
📺 Dopamine - Snapchat
📺 Dopamine - Uber
📺 Dopamine - Twitter
💡 Actually, we have known this for a long time:
Candy Crush, Tinder, Facebook and others are above all one thing - time wasters. Nevertheless, it's extremely difficult for us to leave the #Smartphone on the shelf and not check out what's new every few minutes. Especially since what is then presented to us as news only rarely has news value or really gets us ahead. Nevertheless, we check out pages and pages of Aunt Monika's pictures from Paris, swear to complete "only one more level" at Candy Crush, let ourselves be carried away by the autoplay function into ever more abstruse depths of Youtube and simply can't get enough of cute cat photos on Instagram. What's wrong with us?
#Tinder #Facebook #CandyCrush #Instagram #YouTube #Snapchat #Uber #Twitter #Dopamine #video #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES
📡@FLOSSb0xIN
Apple, Google team up to track Coronavirus spread as some official Govt apps are already doing it
Apple and Google announced Friday an unusual collaboration to leverage smartphone technology to help trace and contain the spread of coronavirus.
The collaboration will open up their mobile operating systems to allow for the creation of advanced “contact-tracing” apps, which will run on iPhones and Android phones alike.
So how will Bluetooth tracing work on Android and iOS phones ?
Both Apple and Google have put out details on the Bluetooth technical specifications and how this technology will work with contact tracing. The technology will work on both Android and iOS.
First, the user will have to give explicit and clear permission that they are opting-in for this kind of contact tracing, according to the companies. Exactly how this permission will be taken is not clear, but it could be within the app they use.
If this is at the software level, pushing out the iOS update will be easier given most phones are on the latest version and Apple has tighter control over the ecosystem. But in the fragmented Android universe, it is not clear how this update will reach all smartphones.
👉🏼 Read more:
https://telegra.ph/Apple-Google-team-up-to-track-coronavirus-spread-as-already-some-official-Govt-apps-doing-04-11
#apple #google #coronavirus #tracking #privacy
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Apple and Google announced Friday an unusual collaboration to leverage smartphone technology to help trace and contain the spread of coronavirus.
The collaboration will open up their mobile operating systems to allow for the creation of advanced “contact-tracing” apps, which will run on iPhones and Android phones alike.
So how will Bluetooth tracing work on Android and iOS phones ?
Both Apple and Google have put out details on the Bluetooth technical specifications and how this technology will work with contact tracing. The technology will work on both Android and iOS.
First, the user will have to give explicit and clear permission that they are opting-in for this kind of contact tracing, according to the companies. Exactly how this permission will be taken is not clear, but it could be within the app they use.
If this is at the software level, pushing out the iOS update will be easier given most phones are on the latest version and Apple has tighter control over the ecosystem. But in the fragmented Android universe, it is not clear how this update will reach all smartphones.
👉🏼 Read more:
https://telegra.ph/Apple-Google-team-up-to-track-coronavirus-spread-as-already-some-official-Govt-apps-doing-04-11
#apple #google #coronavirus #tracking #privacy
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Zuckerberg's personal security costs Facebook millions of dollars
Facebook reports rising costs for Mark Zuckerberg's bodyguards and private jets.
Facebook has spent more than $23 million in 2019 on personal security and flights in private jets of its CEO Mark Zuckerberg. This is the result of a mandatory disclosure of the company to the US Securities and Exchange Commission (SEC).
In 2018, Facebook paid about $20 million for these purposes; in 2017, it paid $9.1 million. Zuckerberg's annual salary remains $1. Expenditures include "$10.46 million related to personal security for Zuckerberg at home and travel.
An additional $10 million was required to protect Zuckerberg and his family. For comparison, Facebook spent $9.95 million on personal protection in 2018 and $7.5 million in 2017.
💡 https://www.sec.gov/Archives/edgar/data/1326801/000132680120000037/facebook2020definitiveprox.htm#sF199B9027C8357DCA91270FD24840CBA
#DeleteFacebook #thinkabout #why
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Facebook reports rising costs for Mark Zuckerberg's bodyguards and private jets.
Facebook has spent more than $23 million in 2019 on personal security and flights in private jets of its CEO Mark Zuckerberg. This is the result of a mandatory disclosure of the company to the US Securities and Exchange Commission (SEC).
In 2018, Facebook paid about $20 million for these purposes; in 2017, it paid $9.1 million. Zuckerberg's annual salary remains $1. Expenditures include "$10.46 million related to personal security for Zuckerberg at home and travel.
An additional $10 million was required to protect Zuckerberg and his family. For comparison, Facebook spent $9.95 million on personal protection in 2018 and $7.5 million in 2017.
💡 https://www.sec.gov/Archives/edgar/data/1326801/000132680120000037/facebook2020definitiveprox.htm#sF199B9027C8357DCA91270FD24840CBA
#DeleteFacebook #thinkabout #why
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Media is too big
VIEW IN TELEGRAM
Corona World Order
Some are suggesting that the current crisis is the end of globalization, or that it will wipe out the New World Order altogether . . . but they are wrong. In fact, this crisis is the globalists’ dream, and what we are witnessing is the birth of a totalitarian control grid the likes of which could scarcely have been imagined before this pandemic panic kicked off. Welcome to the Corona World Order.
📺 Watch this video on BitChute / LBRY / Minds.com / YouTube
https://www.corbettreport.com/corona-world-order/
#corbettreport #coronavirus #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Some are suggesting that the current crisis is the end of globalization, or that it will wipe out the New World Order altogether . . . but they are wrong. In fact, this crisis is the globalists’ dream, and what we are witnessing is the birth of a totalitarian control grid the likes of which could scarcely have been imagined before this pandemic panic kicked off. Welcome to the Corona World Order.
📺 Watch this video on BitChute / LBRY / Minds.com / YouTube
https://www.corbettreport.com/corona-world-order/
#corbettreport #coronavirus #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Reasons not to use the Discord communications system
The Discord communications system requires running a nonfree client program. That alone is reason to refuse to use it.
❗️ The program reportedly collects lots of data about users.
❗️ The developer denies the claim that Discord reports which processes are running on the user's machine. I have no way of determining the facts about this specific point. Whether it collects those particular data is a minor detail; I mention it only to avoid appearing to assert a criticism that might not be true.
❗️ For the same reason, I mention that selling personal data is not the sole way that the company makes money.
❗️ I don't think that question how it makes money really matters. What matters, ethically, is what the software does to users.
❗️ The developers' motives for making it do those things are pertinent to understanding the situation but should not affect our moral judgment of mistreatment of users.
❗️ One user quit using Discord because it demanded she fill out a Google reCAPTCHA, apparently because she was connecting through Tor.
❗️ Google CAPTCHAs didn't work for me, because they required running nonfree Javascript code.
❗️ Discord insists on tracking users. If a user connects through a VPN, Discord demands that user provide a phone number.
❗️ Discord locks accounts that don't have associated phone numbers. When an account is locked, also called "deactivated", the user is not allowed to make real use of it until person adds a phone number.
Discord may demand to talk with you by phone if it decides you are suspicious — for instance, if you contact it via Tor.
❗️ If I understand right, if you use Discord regularly via Tor you would need to carry that phone with you all the time. A burner phone, one what you possess only for a short time, would not be allowed to do the job.
❗️ Thus, whoever uses Discord gets tracked either by the Discord server (and anyone looking at where the packets are coming from) or by the phone.
❗️ Users report that Discord shut off their accounts and won't tell them why.
The Discord web site also offers application nonfree programs. You shouldn't use them, naturally, but they are a separate issue from using the communications system itself.
💡 Reasons not to use the Discord communications system
https://stallman.org/discord.html
#stallman #discord
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
The Discord communications system requires running a nonfree client program. That alone is reason to refuse to use it.
❗️ The program reportedly collects lots of data about users.
❗️ The developer denies the claim that Discord reports which processes are running on the user's machine. I have no way of determining the facts about this specific point. Whether it collects those particular data is a minor detail; I mention it only to avoid appearing to assert a criticism that might not be true.
❗️ For the same reason, I mention that selling personal data is not the sole way that the company makes money.
❗️ I don't think that question how it makes money really matters. What matters, ethically, is what the software does to users.
❗️ The developers' motives for making it do those things are pertinent to understanding the situation but should not affect our moral judgment of mistreatment of users.
❗️ One user quit using Discord because it demanded she fill out a Google reCAPTCHA, apparently because she was connecting through Tor.
❗️ Google CAPTCHAs didn't work for me, because they required running nonfree Javascript code.
❗️ Discord insists on tracking users. If a user connects through a VPN, Discord demands that user provide a phone number.
❗️ Discord locks accounts that don't have associated phone numbers. When an account is locked, also called "deactivated", the user is not allowed to make real use of it until person adds a phone number.
Discord may demand to talk with you by phone if it decides you are suspicious — for instance, if you contact it via Tor.
❗️ If I understand right, if you use Discord regularly via Tor you would need to carry that phone with you all the time. A burner phone, one what you possess only for a short time, would not be allowed to do the job.
❗️ Thus, whoever uses Discord gets tracked either by the Discord server (and anyone looking at where the packets are coming from) or by the phone.
❗️ Users report that Discord shut off their accounts and won't tell them why.
The Discord web site also offers application nonfree programs. You shouldn't use them, naturally, but they are a separate issue from using the communications system itself.
💡 Reasons not to use the Discord communications system
https://stallman.org/discord.html
#stallman #discord
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Media is too big
VIEW IN TELEGRAM
Interview with Edward Snowden (Vice) - 11 april 2020
https://vid.lelux.fi/videos/watch/dddf5797-d013-4cd7-9766-578ef76a3efa
#snowden #interview #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
https://vid.lelux.fi/videos/watch/dddf5797-d013-4cd7-9766-578ef76a3efa
#snowden #interview #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Media is too big
VIEW IN TELEGRAM
Simulating Cyberattacks on Nuclear Command and Control
During the height of the Cold War, the biggest fear involved the possibility of mutually assured destruction (MAD) from nuclear warfare. However, in today’s digital world, we find that military and strategic systems are under constant siege from cyber attacks. Within the nuclear realm, the threat of cyber attacks is relatively high due to advanced persistent threats (APTs) from both nation state adversaries as well as non-state actors. The subject paper and corresponding podcast explores the utilization of simulation technology to evaluate cyber attack scenarios on a nuclear command and control (NC2) facility.
https://www.csiac.org/podcast/simulating-cyberattacks-on-nuclear-command-and-control/
#military #cyberattack #simulation #NC2 #podcast #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
During the height of the Cold War, the biggest fear involved the possibility of mutually assured destruction (MAD) from nuclear warfare. However, in today’s digital world, we find that military and strategic systems are under constant siege from cyber attacks. Within the nuclear realm, the threat of cyber attacks is relatively high due to advanced persistent threats (APTs) from both nation state adversaries as well as non-state actors. The subject paper and corresponding podcast explores the utilization of simulation technology to evaluate cyber attack scenarios on a nuclear command and control (NC2) facility.
https://www.csiac.org/podcast/simulating-cyberattacks-on-nuclear-command-and-control/
#military #cyberattack #simulation #NC2 #podcast #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Palantir - UK government using confidential patient data in coronavirus response
Documents seen by Guardian show tech firms using information to build ‘Covid-19 datastore’
Technology firms are processing large volumes of confidential UK patient information in a data-mining operation that is part of the government’s response to the coronavirus outbreak, according to documents seen by the Guardian.
Palantir, the US big data firm founded by the rightwing billionaire Peter Thiel, is working with Faculty, a British artificial intelligence startup, to consolidate government databases and help ministers and officials respond to the pandemic.
Data is also being used by Faculty to build predictive computer models around the Covid-19 outbreak. One NHS document suggests that, two weeks ago, Faculty considered running a computer simulation to assess the impact of a policy of “targeted herd immunity”. Lawyers for Faculty said the proposed herd immunity simulation never took place.
NHSX, the digital transformation arm of the National Health Service that has contracted the tech companies to help build the “Covid-19 datastore”, said the technology would give ministers and officials “real-time information about health services, showing where demand is rising and where critical equipment needs to be deployed”.
“The companies involved do not control the data and are not permitted to use or share it for their own purposes,” a spokesperson said. Faculty’s lawyers said the firm only had access to aggregated or anonymised data via NHS systems.
The government had previously said it would use Faculty and Palantir in a Covid-19 data project. But the full scope of that operation, and the sensitive nature of patient-level data being used, is revealed in the documents seen by the Guardian.
👉🏼 Read more:
https://www.theguardian.com/world/2020/apr/12/uk-government-using-confidential-patient-data-in-coronavirus-response
#palantir #thiel #BigData #uk #coronavirus #datastore
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Documents seen by Guardian show tech firms using information to build ‘Covid-19 datastore’
Technology firms are processing large volumes of confidential UK patient information in a data-mining operation that is part of the government’s response to the coronavirus outbreak, according to documents seen by the Guardian.
Palantir, the US big data firm founded by the rightwing billionaire Peter Thiel, is working with Faculty, a British artificial intelligence startup, to consolidate government databases and help ministers and officials respond to the pandemic.
Data is also being used by Faculty to build predictive computer models around the Covid-19 outbreak. One NHS document suggests that, two weeks ago, Faculty considered running a computer simulation to assess the impact of a policy of “targeted herd immunity”. Lawyers for Faculty said the proposed herd immunity simulation never took place.
NHSX, the digital transformation arm of the National Health Service that has contracted the tech companies to help build the “Covid-19 datastore”, said the technology would give ministers and officials “real-time information about health services, showing where demand is rising and where critical equipment needs to be deployed”.
“The companies involved do not control the data and are not permitted to use or share it for their own purposes,” a spokesperson said. Faculty’s lawyers said the firm only had access to aggregated or anonymised data via NHS systems.
The government had previously said it would use Faculty and Palantir in a Covid-19 data project. But the full scope of that operation, and the sensitive nature of patient-level data being used, is revealed in the documents seen by the Guardian.
👉🏼 Read more:
https://www.theguardian.com/world/2020/apr/12/uk-government-using-confidential-patient-data-in-coronavirus-response
#palantir #thiel #BigData #uk #coronavirus #datastore
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Want to dodge AI’s prying eyes?
Here’s how, and how not, to evade facial recognition.
Around the world, governments and corporations are rolling out technology that scans faces for unique features and allows them to identify individuals based on that. As facial recognition technology spreads, it seems there’s no hiding from it. Or is there?
We teamed up with a photographer and a makeup artist to try to camouflage POLITICO’s AI correspondent, Janosch Delcker, from the all-seeing eyes of a facial recognition system, with disguises ranging from an old-school balaclava to makeup designed to distort his key facial features. Then we used a free version of Amazon Web Services’ facial recognition software, Rekognition, to compare the photos to a reference.
👉🏼 Read more:
https://www.politico.eu/article/how-to-evade-ai-facial-recognition-surveillance/
#facial #recognition #surveillance
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Here’s how, and how not, to evade facial recognition.
Around the world, governments and corporations are rolling out technology that scans faces for unique features and allows them to identify individuals based on that. As facial recognition technology spreads, it seems there’s no hiding from it. Or is there?
We teamed up with a photographer and a makeup artist to try to camouflage POLITICO’s AI correspondent, Janosch Delcker, from the all-seeing eyes of a facial recognition system, with disguises ranging from an old-school balaclava to makeup designed to distort his key facial features. Then we used a free version of Amazon Web Services’ facial recognition software, Rekognition, to compare the photos to a reference.
👉🏼 Read more:
https://www.politico.eu/article/how-to-evade-ai-facial-recognition-surveillance/
#facial #recognition #surveillance
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Drones take Italians' temperature and issue fines
The hovering drone emits a mechanical buzz reminiscent of a wasp and shouts down instructions in a tinny voice.
"Attention! You are in a prohibited area. Get out immediately," commands the drone, about the size of a loaf of bread.
A heat sensor takes the offender's temperature and sends the information to a drone operator, who stares at a thermal map on his hand-held screen -- shining orange and purple blobs.
"Violations of the regulations result in administrative and criminal penalties," the drone says.
Italy's coronavirus epicentre in the northern province of Bergamo, in Lombardy region, has had enough of people spreading COVID-19.
"Once a person's temperature is read by the drone, you must still stop that person and measure their temperature with a normal thermometer," Matteo Copia, police commander in Treviolo, near Bergamo, told AFP.
"But drones are useful for controlling the territory."
👉🏼 Read more:
https://www.france24.com/en/20200410-drones-take-italians-temperature-and-issue-fines
#italy #police #drones #coronavirus
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
The hovering drone emits a mechanical buzz reminiscent of a wasp and shouts down instructions in a tinny voice.
"Attention! You are in a prohibited area. Get out immediately," commands the drone, about the size of a loaf of bread.
A heat sensor takes the offender's temperature and sends the information to a drone operator, who stares at a thermal map on his hand-held screen -- shining orange and purple blobs.
"Violations of the regulations result in administrative and criminal penalties," the drone says.
Italy's coronavirus epicentre in the northern province of Bergamo, in Lombardy region, has had enough of people spreading COVID-19.
"Once a person's temperature is read by the drone, you must still stop that person and measure their temperature with a normal thermometer," Matteo Copia, police commander in Treviolo, near Bergamo, told AFP.
"But drones are useful for controlling the territory."
👉🏼 Read more:
https://www.france24.com/en/20200410-drones-take-italians-temperature-and-issue-fines
#italy #police #drones #coronavirus
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Over 500,000 Zoom accounts sold on hacker forums, the dark web
Over 500,000 Zoom accounts are being sold on the dark web and hacker forums for less than a penny each, and in some cases, given away for free.
These credentials are gathered through credential stuffing attacks where threat actors attempt to login to Zoom using accounts leaked in older data breaches. The successful logins are then compiled into lists that are sold to other hackers.
Some of these Zoom accounts are offered for free on hacker forums so that hackers can use them in zoom-bombing pranks and malicious activities. Others are sold for less than a penny each.
Cybersecurity intelligence firm Cyble told BleepingComputer that around April 1st, 2020, they began to see free Zoom accounts being posted on hacker forums to gain an increased reputation in the hacker community.
👉🏼 Read more:
https://www.bleepingcomputer.com/news/security/over-500-000-zoom-accounts-sold-on-hacker-forums-the-dark-web/
#zoom #leak #hacker #hacked #breach
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Over 500,000 Zoom accounts are being sold on the dark web and hacker forums for less than a penny each, and in some cases, given away for free.
These credentials are gathered through credential stuffing attacks where threat actors attempt to login to Zoom using accounts leaked in older data breaches. The successful logins are then compiled into lists that are sold to other hackers.
Some of these Zoom accounts are offered for free on hacker forums so that hackers can use them in zoom-bombing pranks and malicious activities. Others are sold for less than a penny each.
Cybersecurity intelligence firm Cyble told BleepingComputer that around April 1st, 2020, they began to see free Zoom accounts being posted on hacker forums to gain an increased reputation in the hacker community.
👉🏼 Read more:
https://www.bleepingcomputer.com/news/security/over-500-000-zoom-accounts-sold-on-hacker-forums-the-dark-web/
#zoom #leak #hacker #hacked #breach
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Hackers bring multi-boot support to newer iPhones and iPads
Apple makes it easy to upgrade an iPhone or iPad to a new version of iOS and often boasts about the high-percentages of users running the latest version of the operating system.
A few things the company doesn’t make easy? Downgrading to an earlier version of iOS, installing an alternate operating system, or dual-booting. Or multi-booting, actually, since it’s possible to load more than two operating systems.
But folks have been finding unofficial ways to do those things for years. In March we learned about a project to bring Android to the iPhone 7 and iPhone 7+. Now a team of developers have released a guide for dual-booting multiple operating systems on iPhones and iPads with 64-bit processors.
So far the guide is designed to let you run multiple versions of iOS. But theoretically it could open the door to dual-booting Linux and/or Android on an iPhone or iPad.
💡 Dual Booting 64 Bit devices
https://dualbootfun.github.io/dualboot/
https://liliputing.com/2020/04/hackers-bring-multi-boot-support-to-newer-iphones-and-ipads.html
#multiboot #iphones #ipads #guide
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Apple makes it easy to upgrade an iPhone or iPad to a new version of iOS and often boasts about the high-percentages of users running the latest version of the operating system.
A few things the company doesn’t make easy? Downgrading to an earlier version of iOS, installing an alternate operating system, or dual-booting. Or multi-booting, actually, since it’s possible to load more than two operating systems.
But folks have been finding unofficial ways to do those things for years. In March we learned about a project to bring Android to the iPhone 7 and iPhone 7+. Now a team of developers have released a guide for dual-booting multiple operating systems on iPhones and iPads with 64-bit processors.
So far the guide is designed to let you run multiple versions of iOS. But theoretically it could open the door to dual-booting Linux and/or Android on an iPhone or iPad.
💡 Dual Booting 64 Bit devices
https://dualbootfun.github.io/dualboot/
https://liliputing.com/2020/04/hackers-bring-multi-boot-support-to-newer-iphones-and-ipads.html
#multiboot #iphones #ipads #guide
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
49 New Google Chrome Extensions Caught Hijacking Cryptocurrency Wallets
Discovering Fake Browser Extensions That Target Users of Ledger, Trezor, MEW, Metamask, and More
Using a familiar phishing method to target new brands.
The 49 browser add-ons, potentially the work of Russian threat actors, were identified (find the list here) by researchers from MyCrypto and PhishFort.
"Essentially, the extensions are phishing for secrets — mnemonic phrases, private keys, and keystore files," explained Harry Denley, director of security at MyCrypto. "Once the user has entered them, the extension sends an HTTP POST request to its backend, where the bad actors receive the secrets and empty the accounts."
Motivation and Purpose
We keep an eye on the type of attacks that come to cryptocurrency users on a daily basis and often write about our findings to help educate the community. We’ve seen various types of attacks on users, ranging from simple trust-trading scams to SIM hijacking to compromising and stealing funds from exchange accounts.
Google has ousted 49 Chrome browser extensions from its Web Store that masqueraded as cryptocurrency wallets but contained malicious code to siphon off sensitive information and empty the digital currencies.
👉🏼 Read more:
https://medium.com/mycrypto/discovering-fake-browser-extensions-that-target-users-of-ledger-trezor-mew-metamask-and-more-e281a2b80ff9
https://thehackernews.com/2020/04/chrome-cryptocurrency-extensions.html
#hijacking #cryptocurrency #wallets #google #chrome #browser #extensions
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Discovering Fake Browser Extensions That Target Users of Ledger, Trezor, MEW, Metamask, and More
Using a familiar phishing method to target new brands.
The 49 browser add-ons, potentially the work of Russian threat actors, were identified (find the list here) by researchers from MyCrypto and PhishFort.
"Essentially, the extensions are phishing for secrets — mnemonic phrases, private keys, and keystore files," explained Harry Denley, director of security at MyCrypto. "Once the user has entered them, the extension sends an HTTP POST request to its backend, where the bad actors receive the secrets and empty the accounts."
Motivation and Purpose
We keep an eye on the type of attacks that come to cryptocurrency users on a daily basis and often write about our findings to help educate the community. We’ve seen various types of attacks on users, ranging from simple trust-trading scams to SIM hijacking to compromising and stealing funds from exchange accounts.
Google has ousted 49 Chrome browser extensions from its Web Store that masqueraded as cryptocurrency wallets but contained malicious code to siphon off sensitive information and empty the digital currencies.
👉🏼 Read more:
https://medium.com/mycrypto/discovering-fake-browser-extensions-that-target-users-of-ledger-trezor-mew-metamask-and-more-e281a2b80ff9
https://thehackernews.com/2020/04/chrome-cryptocurrency-extensions.html
#hijacking #cryptocurrency #wallets #google #chrome #browser #extensions
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
U.S. judge blocks Twitter's bid to reveal government surveillance requests
Twitter Inc will not be able to reveal surveillance requests it received from the U.S. government after a federal judge accepted government arguments that this was likely to harm national security after a near six-year long legal battle.
The social media company had sued the U.S. Department of Justice in 2014 to be allowed to reveal, as part of its “Draft Transparency Report”, the surveillance requests it received. It argued its free-speech rights were being violated by not being allowed to reveal the details.
U.S. District Judge Yvonne Gonzalez Rogers granted the government’s request to dismiss Twitter’s lawsuit in an eleven page order filed in the U.S. District Court for Northern California.
The judge ruled on Friday that granting Twitter’s request “would be likely to lead to grave or imminent harm to the national security.”
“The Government’s motion for summary judgment is GRANTED and Twitter’s motion for summary judgment is DENIED,” the judge said in her order.
Twitter had sued the Justice Department in its battle with federal agencies as the internet industry’s self-described champion of free speech seeking the right to reveal the extent of U.S. government surveillance.
👉🏼 Read more:
https://www.reuters.com/article/us-usa-twitter-lawsuit/u-s-judge-blocks-twitters-bid-to-reveal-government-surveillance-requests-idUSKBN2200CS
#Twitter #USA #lawsuit #goverment #surveillance
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Twitter Inc will not be able to reveal surveillance requests it received from the U.S. government after a federal judge accepted government arguments that this was likely to harm national security after a near six-year long legal battle.
The social media company had sued the U.S. Department of Justice in 2014 to be allowed to reveal, as part of its “Draft Transparency Report”, the surveillance requests it received. It argued its free-speech rights were being violated by not being allowed to reveal the details.
U.S. District Judge Yvonne Gonzalez Rogers granted the government’s request to dismiss Twitter’s lawsuit in an eleven page order filed in the U.S. District Court for Northern California.
The judge ruled on Friday that granting Twitter’s request “would be likely to lead to grave or imminent harm to the national security.”
“The Government’s motion for summary judgment is GRANTED and Twitter’s motion for summary judgment is DENIED,” the judge said in her order.
Twitter had sued the Justice Department in its battle with federal agencies as the internet industry’s self-described champion of free speech seeking the right to reveal the extent of U.S. government surveillance.
👉🏼 Read more:
https://www.reuters.com/article/us-usa-twitter-lawsuit/u-s-judge-blocks-twitters-bid-to-reveal-government-surveillance-requests-idUSKBN2200CS
#Twitter #USA #lawsuit #goverment #surveillance
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Access data of the World Health Organization - Bill-Gates Foundation - Wuhan Institute of Virology hacked ... 👀
‼️ World Health Organization
https://archive.is/JIJ2b
‼️ Bill-Gates Foundation
archive.is/j6sgo
‼️ Wuhan Institute of Virology
https://archive.is/UtQGz#selection-247.0-247.59
#hacked #WHO #BillGates #Wuhan
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
‼️ World Health Organization
https://archive.is/JIJ2b
‼️ Bill-Gates Foundation
archive.is/j6sgo
‼️ Wuhan Institute of Virology
https://archive.is/UtQGz#selection-247.0-247.59
#hacked #WHO #BillGates #Wuhan
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN