Madaidan's insecurities
This website contains a lot of information on certain security-related topics and aims to dispell common misinformation. I was requested by various people to create a website with all my opinions so here it is.
ππΌ Android
ππΌ Linux
ππΌ Linux Phones
ππΌ Firefox and Chromium Security
ππΌ OpenBSD
ππΌ VPNs
ππΌ About
https://madaidans-insecurities.github.io/
#madaidan #insecurities #information #android #linux #ff #chrome #bsd #vpn #thinkabout
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π‘@NoGoolag
This website contains a lot of information on certain security-related topics and aims to dispell common misinformation. I was requested by various people to create a website with all my opinions so here it is.
ππΌ Android
ππΌ Linux
ππΌ Linux Phones
ππΌ Firefox and Chromium Security
ππΌ OpenBSD
ππΌ VPNs
ππΌ About
https://madaidans-insecurities.github.io/
#madaidan #insecurities #information #android #linux #ff #chrome #bsd #vpn #thinkabout
π‘@cRyPtHoN_INFOSEC_FR
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_DE
π‘@BlackBox_Archiv
π‘@NoGoolag
Ransomware scumbags leak Boeing, Lockheed Martin, SpaceX documents after contractor refuses to pay
Anti-mortar system specs, legal paperwork, payment forms, and more, dumped online from infected PCs
Internal confidential documents belonging to some of the largest aerospace companies in the world have been stolen from an industrial contractor and leaked online.
The data was pilfered and dumped on the internet by the criminals behind the DoppelPaymer Windows ransomware, in retaliation for an unpaid extortion demand. The sensitive documents include details of Lockheed-Martin-designed military equipment β such as the specifications for an antenna in an anti-mortar defense system β according to a Register source who alerted us to the blueprints.
Other documents in the cache include billing and payment forms, supplier information, data analysis reports, and legal paperwork. There are also documents outlining SpaceX's manufacturing partner program.
The files were siphoned from Visser Precision by the DoppelPaymer crew, which infected the contractor's PCs and scrambled its files. When the company failed to pay the ransom by their March deadline, the gang β which tends to demand hundreds of thousands to millions of dollars to restore encrypted files β uploaded a selection of the documents to a website that remains online and publicly accessible.
ππΌ Read more:
https://www.theregister.co.uk/2020/04/10/lockheed_martin_spacex_ransomware_leak/
#ransomware #leak #DoppelPaymer
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@FLOSSb0xIN
Anti-mortar system specs, legal paperwork, payment forms, and more, dumped online from infected PCs
Internal confidential documents belonging to some of the largest aerospace companies in the world have been stolen from an industrial contractor and leaked online.
The data was pilfered and dumped on the internet by the criminals behind the DoppelPaymer Windows ransomware, in retaliation for an unpaid extortion demand. The sensitive documents include details of Lockheed-Martin-designed military equipment β such as the specifications for an antenna in an anti-mortar defense system β according to a Register source who alerted us to the blueprints.
Other documents in the cache include billing and payment forms, supplier information, data analysis reports, and legal paperwork. There are also documents outlining SpaceX's manufacturing partner program.
The files were siphoned from Visser Precision by the DoppelPaymer crew, which infected the contractor's PCs and scrambled its files. When the company failed to pay the ransom by their March deadline, the gang β which tends to demand hundreds of thousands to millions of dollars to restore encrypted files β uploaded a selection of the documents to a website that remains online and publicly accessible.
ππΌ Read more:
https://www.theregister.co.uk/2020/04/10/lockheed_martin_spacex_ransomware_leak/
#ransomware #leak #DoppelPaymer
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@FLOSSb0xIN
"Dopamine": Miniseries about the addiction mechanisms of Tinder, Facebook and Co. (RePost)
"They'll do anything to make you an addict," they say about #Tinder, #Facebook, #CandyCrush, #Instagram, #YouTube, #Snapchat, #Uber and #Twitter in the miniseries of #Arte. Eight episodes explain in detail which mechanisms are triggered in our brain to keep us engaged
πΊ Dopamine - Tinder
πΊ Dopamine - Facebook
πΊ Dopamine - Candy Crush
πΊ Dopamine - Instagram
πΊ Dopamine - YouTube
πΊ Dopamine - Snapchat
πΊ Dopamine - Uber
πΊ Dopamine - Twitter
π‘ Actually, we have known this for a long time:
Candy Crush, Tinder, Facebook and others are above all one thing - time wasters. Nevertheless, it's extremely difficult for us to leave the #Smartphone on the shelf and not check out what's new every few minutes. Especially since what is then presented to us as news only rarely has news value or really gets us ahead. Nevertheless, we check out pages and pages of Aunt Monika's pictures from Paris, swear to complete "only one more level" at Candy Crush, let ourselves be carried away by the autoplay function into ever more abstruse depths of Youtube and simply can't get enough of cute cat photos on Instagram. What's wrong with us?
#Tinder #Facebook #CandyCrush #Instagram #YouTube #Snapchat #Uber #Twitter #Dopamine #video #thinkabout
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
π‘@FLOSSb0xIN
"They'll do anything to make you an addict," they say about #Tinder, #Facebook, #CandyCrush, #Instagram, #YouTube, #Snapchat, #Uber and #Twitter in the miniseries of #Arte. Eight episodes explain in detail which mechanisms are triggered in our brain to keep us engaged
πΊ Dopamine - Tinder
πΊ Dopamine - Facebook
πΊ Dopamine - Candy Crush
πΊ Dopamine - Instagram
πΊ Dopamine - YouTube
πΊ Dopamine - Snapchat
πΊ Dopamine - Uber
πΊ Dopamine - Twitter
π‘ Actually, we have known this for a long time:
Candy Crush, Tinder, Facebook and others are above all one thing - time wasters. Nevertheless, it's extremely difficult for us to leave the #Smartphone on the shelf and not check out what's new every few minutes. Especially since what is then presented to us as news only rarely has news value or really gets us ahead. Nevertheless, we check out pages and pages of Aunt Monika's pictures from Paris, swear to complete "only one more level" at Candy Crush, let ourselves be carried away by the autoplay function into ever more abstruse depths of Youtube and simply can't get enough of cute cat photos on Instagram. What's wrong with us?
#Tinder #Facebook #CandyCrush #Instagram #YouTube #Snapchat #Uber #Twitter #Dopamine #video #thinkabout
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@cRyPtHoN_INFOSEC_ES
π‘@FLOSSb0xIN
Apple, Google team up to track Coronavirus spread as some official Govt apps are already doing it
Apple and Google announced Friday an unusual collaboration to leverage smartphone technology to help trace and contain the spread of coronavirus.
The collaboration will open up their mobile operating systems to allow for the creation of advanced βcontact-tracingβ apps, which will run on iPhones and Android phones alike.
So how will Bluetooth tracing work on Android and iOS phones ?
Both Apple and Google have put out details on the Bluetooth technical specifications and how this technology will work with contact tracing. The technology will work on both Android and iOS.
First, the user will have to give explicit and clear permission that they are opting-in for this kind of contact tracing, according to the companies. Exactly how this permission will be taken is not clear, but it could be within the app they use.
If this is at the software level, pushing out the iOS update will be easier given most phones are on the latest version and Apple has tighter control over the ecosystem. But in the fragmented Android universe, it is not clear how this update will reach all smartphones.
ππΌ Read more:
https://telegra.ph/Apple-Google-team-up-to-track-coronavirus-spread-as-already-some-official-Govt-apps-doing-04-11
#apple #google #coronavirus #tracking #privacy
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@FLOSSb0xIN
Apple and Google announced Friday an unusual collaboration to leverage smartphone technology to help trace and contain the spread of coronavirus.
The collaboration will open up their mobile operating systems to allow for the creation of advanced βcontact-tracingβ apps, which will run on iPhones and Android phones alike.
So how will Bluetooth tracing work on Android and iOS phones ?
Both Apple and Google have put out details on the Bluetooth technical specifications and how this technology will work with contact tracing. The technology will work on both Android and iOS.
First, the user will have to give explicit and clear permission that they are opting-in for this kind of contact tracing, according to the companies. Exactly how this permission will be taken is not clear, but it could be within the app they use.
If this is at the software level, pushing out the iOS update will be easier given most phones are on the latest version and Apple has tighter control over the ecosystem. But in the fragmented Android universe, it is not clear how this update will reach all smartphones.
ππΌ Read more:
https://telegra.ph/Apple-Google-team-up-to-track-coronavirus-spread-as-already-some-official-Govt-apps-doing-04-11
#apple #google #coronavirus #tracking #privacy
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@FLOSSb0xIN
Zuckerberg's personal security costs Facebook millions of dollars
Facebook reports rising costs for Mark Zuckerberg's bodyguards and private jets.
Facebook has spent more than $23 million in 2019 on personal security and flights in private jets of its CEO Mark Zuckerberg. This is the result of a mandatory disclosure of the company to the US Securities and Exchange Commission (SEC).
In 2018, Facebook paid about $20 million for these purposes; in 2017, it paid $9.1 million. Zuckerberg's annual salary remains $1. Expenditures include "$10.46 million related to personal security for Zuckerberg at home and travel.
An additional $10 million was required to protect Zuckerberg and his family. For comparison, Facebook spent $9.95 million on personal protection in 2018 and $7.5 million in 2017.
π‘ https://www.sec.gov/Archives/edgar/data/1326801/000132680120000037/facebook2020definitiveprox.htm#sF199B9027C8357DCA91270FD24840CBA
#DeleteFacebook #thinkabout #why
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@FLOSSb0xIN
Facebook reports rising costs for Mark Zuckerberg's bodyguards and private jets.
Facebook has spent more than $23 million in 2019 on personal security and flights in private jets of its CEO Mark Zuckerberg. This is the result of a mandatory disclosure of the company to the US Securities and Exchange Commission (SEC).
In 2018, Facebook paid about $20 million for these purposes; in 2017, it paid $9.1 million. Zuckerberg's annual salary remains $1. Expenditures include "$10.46 million related to personal security for Zuckerberg at home and travel.
An additional $10 million was required to protect Zuckerberg and his family. For comparison, Facebook spent $9.95 million on personal protection in 2018 and $7.5 million in 2017.
π‘ https://www.sec.gov/Archives/edgar/data/1326801/000132680120000037/facebook2020definitiveprox.htm#sF199B9027C8357DCA91270FD24840CBA
#DeleteFacebook #thinkabout #why
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@FLOSSb0xIN
Media is too big
VIEW IN TELEGRAM
Corona World Order
Some are suggesting that the current crisis is the end of globalization, or that it will wipe out the New World Order altogether . . . but they are wrong. In fact, this crisis is the globalistsβ dream, and what we are witnessing is the birth of a totalitarian control grid the likes of which could scarcely have been imagined before this pandemic panic kicked off. Welcome to the Corona World Order.
πΊ Watch this video on BitChute / LBRY / Minds.com / YouTube
https://www.corbettreport.com/corona-world-order/
#corbettreport #coronavirus #video
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@FLOSSb0xIN
Some are suggesting that the current crisis is the end of globalization, or that it will wipe out the New World Order altogether . . . but they are wrong. In fact, this crisis is the globalistsβ dream, and what we are witnessing is the birth of a totalitarian control grid the likes of which could scarcely have been imagined before this pandemic panic kicked off. Welcome to the Corona World Order.
πΊ Watch this video on BitChute / LBRY / Minds.com / YouTube
https://www.corbettreport.com/corona-world-order/
#corbettreport #coronavirus #video
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@FLOSSb0xIN
Reasons not to use the Discord communications system
The Discord communications system requires running a nonfree client program. That alone is reason to refuse to use it.
βοΈ The program reportedly collects lots of data about users.
βοΈ The developer denies the claim that Discord reports which processes are running on the user's machine. I have no way of determining the facts about this specific point. Whether it collects those particular data is a minor detail; I mention it only to avoid appearing to assert a criticism that might not be true.
βοΈ For the same reason, I mention that selling personal data is not the sole way that the company makes money.
βοΈ I don't think that question how it makes money really matters. What matters, ethically, is what the software does to users.
βοΈ The developers' motives for making it do those things are pertinent to understanding the situation but should not affect our moral judgment of mistreatment of users.
βοΈ One user quit using Discord because it demanded she fill out a Google reCAPTCHA, apparently because she was connecting through Tor.
βοΈ Google CAPTCHAs didn't work for me, because they required running nonfree Javascript code.
βοΈ Discord insists on tracking users. If a user connects through a VPN, Discord demands that user provide a phone number.
βοΈ Discord locks accounts that don't have associated phone numbers. When an account is locked, also called "deactivated", the user is not allowed to make real use of it until person adds a phone number.
Discord may demand to talk with you by phone if it decides you are suspicious β for instance, if you contact it via Tor.
βοΈ If I understand right, if you use Discord regularly via Tor you would need to carry that phone with you all the time. A burner phone, one what you possess only for a short time, would not be allowed to do the job.
βοΈ Thus, whoever uses Discord gets tracked either by the Discord server (and anyone looking at where the packets are coming from) or by the phone.
βοΈ Users report that Discord shut off their accounts and won't tell them why.
The Discord web site also offers application nonfree programs. You shouldn't use them, naturally, but they are a separate issue from using the communications system itself.
π‘ Reasons not to use the Discord communications system
https://stallman.org/discord.html
#stallman #discord
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@FLOSSb0xIN
The Discord communications system requires running a nonfree client program. That alone is reason to refuse to use it.
βοΈ The program reportedly collects lots of data about users.
βοΈ The developer denies the claim that Discord reports which processes are running on the user's machine. I have no way of determining the facts about this specific point. Whether it collects those particular data is a minor detail; I mention it only to avoid appearing to assert a criticism that might not be true.
βοΈ For the same reason, I mention that selling personal data is not the sole way that the company makes money.
βοΈ I don't think that question how it makes money really matters. What matters, ethically, is what the software does to users.
βοΈ The developers' motives for making it do those things are pertinent to understanding the situation but should not affect our moral judgment of mistreatment of users.
βοΈ One user quit using Discord because it demanded she fill out a Google reCAPTCHA, apparently because she was connecting through Tor.
βοΈ Google CAPTCHAs didn't work for me, because they required running nonfree Javascript code.
βοΈ Discord insists on tracking users. If a user connects through a VPN, Discord demands that user provide a phone number.
βοΈ Discord locks accounts that don't have associated phone numbers. When an account is locked, also called "deactivated", the user is not allowed to make real use of it until person adds a phone number.
Discord may demand to talk with you by phone if it decides you are suspicious β for instance, if you contact it via Tor.
βοΈ If I understand right, if you use Discord regularly via Tor you would need to carry that phone with you all the time. A burner phone, one what you possess only for a short time, would not be allowed to do the job.
βοΈ Thus, whoever uses Discord gets tracked either by the Discord server (and anyone looking at where the packets are coming from) or by the phone.
βοΈ Users report that Discord shut off their accounts and won't tell them why.
The Discord web site also offers application nonfree programs. You shouldn't use them, naturally, but they are a separate issue from using the communications system itself.
π‘ Reasons not to use the Discord communications system
https://stallman.org/discord.html
#stallman #discord
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@FLOSSb0xIN
Media is too big
VIEW IN TELEGRAM
Interview with Edward Snowden (Vice) - 11 april 2020
https://vid.lelux.fi/videos/watch/dddf5797-d013-4cd7-9766-578ef76a3efa
#snowden #interview #video
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@FLOSSb0xIN
https://vid.lelux.fi/videos/watch/dddf5797-d013-4cd7-9766-578ef76a3efa
#snowden #interview #video
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@FLOSSb0xIN
Media is too big
VIEW IN TELEGRAM
Simulating Cyberattacks on Nuclear Command and Control
During the height of the Cold War, the biggest fear involved the possibility of mutually assured destruction (MAD) from nuclear warfare. However, in todayβs digital world, we find that military and strategic systems are under constant siege from cyber attacks. Within the nuclear realm, the threat of cyber attacks is relatively high due to advanced persistent threats (APTs) from both nation state adversaries as well as non-state actors. The subject paper and corresponding podcast explores the utilization of simulation technology to evaluate cyber attack scenarios on a nuclear command and control (NC2) facility.
https://www.csiac.org/podcast/simulating-cyberattacks-on-nuclear-command-and-control/
#military #cyberattack #simulation #NC2 #podcast #video
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@FLOSSb0xIN
During the height of the Cold War, the biggest fear involved the possibility of mutually assured destruction (MAD) from nuclear warfare. However, in todayβs digital world, we find that military and strategic systems are under constant siege from cyber attacks. Within the nuclear realm, the threat of cyber attacks is relatively high due to advanced persistent threats (APTs) from both nation state adversaries as well as non-state actors. The subject paper and corresponding podcast explores the utilization of simulation technology to evaluate cyber attack scenarios on a nuclear command and control (NC2) facility.
https://www.csiac.org/podcast/simulating-cyberattacks-on-nuclear-command-and-control/
#military #cyberattack #simulation #NC2 #podcast #video
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@FLOSSb0xIN
Palantir - UK government using confidential patient data in coronavirus response
Documents seen by Guardian show tech firms using information to build βCovid-19 datastoreβ
Technology firms are processing large volumes of confidential UK patient information in a data-mining operation that is part of the governmentβs response to the coronavirus outbreak, according to documents seen by the Guardian.
Palantir, the US big data firm founded by the rightwing billionaire Peter Thiel, is working with Faculty, a British artificial intelligence startup, to consolidate government databases and help ministers and officials respond to the pandemic.
Data is also being used by Faculty to build predictive computer models around the Covid-19 outbreak. One NHS document suggests that, two weeks ago, Faculty considered running a computer simulation to assess the impact of a policy of βtargeted herd immunityβ. Lawyers for Faculty said the proposed herd immunity simulation never took place.
NHSX, the digital transformation arm of the National Health Service that has contracted the tech companies to help build the βCovid-19 datastoreβ, said the technology would give ministers and officials βreal-time information about health services, showing where demand is rising and where critical equipment needs to be deployedβ.
βThe companies involved do not control the data and are not permitted to use or share it for their own purposes,β a spokesperson said. Facultyβs lawyers said the firm only had access to aggregated or anonymised data via NHS systems.
The government had previously said it would use Faculty and Palantir in a Covid-19 data project. But the full scope of that operation, and the sensitive nature of patient-level data being used, is revealed in the documents seen by the Guardian.
ππΌ Read more:
https://www.theguardian.com/world/2020/apr/12/uk-government-using-confidential-patient-data-in-coronavirus-response
#palantir #thiel #BigData #uk #coronavirus #datastore
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@FLOSSb0xIN
Documents seen by Guardian show tech firms using information to build βCovid-19 datastoreβ
Technology firms are processing large volumes of confidential UK patient information in a data-mining operation that is part of the governmentβs response to the coronavirus outbreak, according to documents seen by the Guardian.
Palantir, the US big data firm founded by the rightwing billionaire Peter Thiel, is working with Faculty, a British artificial intelligence startup, to consolidate government databases and help ministers and officials respond to the pandemic.
Data is also being used by Faculty to build predictive computer models around the Covid-19 outbreak. One NHS document suggests that, two weeks ago, Faculty considered running a computer simulation to assess the impact of a policy of βtargeted herd immunityβ. Lawyers for Faculty said the proposed herd immunity simulation never took place.
NHSX, the digital transformation arm of the National Health Service that has contracted the tech companies to help build the βCovid-19 datastoreβ, said the technology would give ministers and officials βreal-time information about health services, showing where demand is rising and where critical equipment needs to be deployedβ.
βThe companies involved do not control the data and are not permitted to use or share it for their own purposes,β a spokesperson said. Facultyβs lawyers said the firm only had access to aggregated or anonymised data via NHS systems.
The government had previously said it would use Faculty and Palantir in a Covid-19 data project. But the full scope of that operation, and the sensitive nature of patient-level data being used, is revealed in the documents seen by the Guardian.
ππΌ Read more:
https://www.theguardian.com/world/2020/apr/12/uk-government-using-confidential-patient-data-in-coronavirus-response
#palantir #thiel #BigData #uk #coronavirus #datastore
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@FLOSSb0xIN
Want to dodge AIβs prying eyes?
Hereβs how, and how not, to evade facial recognition.
Around the world, governments and corporations are rolling out technology that scans faces for unique features and allows them to identify individuals based on that. As facial recognition technology spreads, it seems thereβs no hiding from it. Or is there?
We teamed up with a photographer and a makeup artist to try to camouflage POLITICOβs AI correspondent, Janosch Delcker, from the all-seeing eyes of a facial recognition system, with disguises ranging from an old-school balaclava to makeup designed to distort his key facial features. Then we used a free version of Amazon Web Servicesβ facial recognition software, Rekognition, to compare the photos to a reference.
ππΌ Read more:
https://www.politico.eu/article/how-to-evade-ai-facial-recognition-surveillance/
#facial #recognition #surveillance
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@FLOSSb0xIN
Hereβs how, and how not, to evade facial recognition.
Around the world, governments and corporations are rolling out technology that scans faces for unique features and allows them to identify individuals based on that. As facial recognition technology spreads, it seems thereβs no hiding from it. Or is there?
We teamed up with a photographer and a makeup artist to try to camouflage POLITICOβs AI correspondent, Janosch Delcker, from the all-seeing eyes of a facial recognition system, with disguises ranging from an old-school balaclava to makeup designed to distort his key facial features. Then we used a free version of Amazon Web Servicesβ facial recognition software, Rekognition, to compare the photos to a reference.
ππΌ Read more:
https://www.politico.eu/article/how-to-evade-ai-facial-recognition-surveillance/
#facial #recognition #surveillance
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@FLOSSb0xIN
Drones take Italians' temperature and issue fines
The hovering drone emits a mechanical buzz reminiscent of a wasp and shouts down instructions in a tinny voice.
"Attention! You are in a prohibited area. Get out immediately," commands the drone, about the size of a loaf of bread.
A heat sensor takes the offender's temperature and sends the information to a drone operator, who stares at a thermal map on his hand-held screen -- shining orange and purple blobs.
"Violations of the regulations result in administrative and criminal penalties," the drone says.
Italy's coronavirus epicentre in the northern province of Bergamo, in Lombardy region, has had enough of people spreading COVID-19.
"Once a person's temperature is read by the drone, you must still stop that person and measure their temperature with a normal thermometer," Matteo Copia, police commander in Treviolo, near Bergamo, told AFP.
"But drones are useful for controlling the territory."
ππΌ Read more:
https://www.france24.com/en/20200410-drones-take-italians-temperature-and-issue-fines
#italy #police #drones #coronavirus
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@FLOSSb0xIN
The hovering drone emits a mechanical buzz reminiscent of a wasp and shouts down instructions in a tinny voice.
"Attention! You are in a prohibited area. Get out immediately," commands the drone, about the size of a loaf of bread.
A heat sensor takes the offender's temperature and sends the information to a drone operator, who stares at a thermal map on his hand-held screen -- shining orange and purple blobs.
"Violations of the regulations result in administrative and criminal penalties," the drone says.
Italy's coronavirus epicentre in the northern province of Bergamo, in Lombardy region, has had enough of people spreading COVID-19.
"Once a person's temperature is read by the drone, you must still stop that person and measure their temperature with a normal thermometer," Matteo Copia, police commander in Treviolo, near Bergamo, told AFP.
"But drones are useful for controlling the territory."
ππΌ Read more:
https://www.france24.com/en/20200410-drones-take-italians-temperature-and-issue-fines
#italy #police #drones #coronavirus
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@FLOSSb0xIN
Over 500,000 Zoom accounts sold on hacker forums, the dark web
Over 500,000 Zoom accounts are being sold on the dark web and hacker forums for less than a penny each, and in some cases, given away for free.
These credentials are gathered through credential stuffing attacks where threat actors attempt to login to Zoom using accounts leaked in older data breaches. The successful logins are then compiled into lists that are sold to other hackers.
Some of these Zoom accounts are offered for free on hacker forums so that hackers can use them in zoom-bombing pranks and malicious activities. Others are sold for less than a penny each.
Cybersecurity intelligence firm Cyble told BleepingComputer that around April 1st, 2020, they began to see free Zoom accounts being posted on hacker forums to gain an increased reputation in the hacker community.
ππΌ Read more:
https://www.bleepingcomputer.com/news/security/over-500-000-zoom-accounts-sold-on-hacker-forums-the-dark-web/
#zoom #leak #hacker #hacked #breach
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@FLOSSb0xIN
Over 500,000 Zoom accounts are being sold on the dark web and hacker forums for less than a penny each, and in some cases, given away for free.
These credentials are gathered through credential stuffing attacks where threat actors attempt to login to Zoom using accounts leaked in older data breaches. The successful logins are then compiled into lists that are sold to other hackers.
Some of these Zoom accounts are offered for free on hacker forums so that hackers can use them in zoom-bombing pranks and malicious activities. Others are sold for less than a penny each.
Cybersecurity intelligence firm Cyble told BleepingComputer that around April 1st, 2020, they began to see free Zoom accounts being posted on hacker forums to gain an increased reputation in the hacker community.
ππΌ Read more:
https://www.bleepingcomputer.com/news/security/over-500-000-zoom-accounts-sold-on-hacker-forums-the-dark-web/
#zoom #leak #hacker #hacked #breach
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@FLOSSb0xIN
Hackers bring multi-boot support to newer iPhones and iPads
Apple makes it easy to upgrade an iPhone or iPad to a new version of iOS and often boasts about the high-percentages of users running the latest version of the operating system.
A few things the company doesnβt make easy? Downgrading to an earlier version of iOS, installing an alternate operating system, or dual-booting. Or multi-booting, actually, since itβs possible to load more than two operating systems.
But folks have been finding unofficial ways to do those things for years. In March we learned about a project to bring Android to the iPhone 7 and iPhone 7+. Now a team of developers have released a guide for dual-booting multiple operating systems on iPhones and iPads with 64-bit processors.
So far the guide is designed to let you run multiple versions of iOS. But theoretically it could open the door to dual-booting Linux and/or Android on an iPhone or iPad.
π‘ Dual Booting 64 Bit devices
https://dualbootfun.github.io/dualboot/
https://liliputing.com/2020/04/hackers-bring-multi-boot-support-to-newer-iphones-and-ipads.html
#multiboot #iphones #ipads #guide
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@FLOSSb0xIN
Apple makes it easy to upgrade an iPhone or iPad to a new version of iOS and often boasts about the high-percentages of users running the latest version of the operating system.
A few things the company doesnβt make easy? Downgrading to an earlier version of iOS, installing an alternate operating system, or dual-booting. Or multi-booting, actually, since itβs possible to load more than two operating systems.
But folks have been finding unofficial ways to do those things for years. In March we learned about a project to bring Android to the iPhone 7 and iPhone 7+. Now a team of developers have released a guide for dual-booting multiple operating systems on iPhones and iPads with 64-bit processors.
So far the guide is designed to let you run multiple versions of iOS. But theoretically it could open the door to dual-booting Linux and/or Android on an iPhone or iPad.
π‘ Dual Booting 64 Bit devices
https://dualbootfun.github.io/dualboot/
https://liliputing.com/2020/04/hackers-bring-multi-boot-support-to-newer-iphones-and-ipads.html
#multiboot #iphones #ipads #guide
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@FLOSSb0xIN
49 New Google Chrome Extensions Caught Hijacking Cryptocurrency Wallets
Discovering Fake Browser Extensions That Target Users of Ledger, Trezor, MEW, Metamask, and More
Using a familiar phishing method to target new brands.
The 49 browser add-ons, potentially the work of Russian threat actors, were identified (find the list here) by researchers from MyCrypto and PhishFort.
"Essentially, the extensions are phishing for secrets β mnemonic phrases, private keys, and keystore files," explained Harry Denley, director of security at MyCrypto. "Once the user has entered them, the extension sends an HTTP POST request to its backend, where the bad actors receive the secrets and empty the accounts."
Motivation and Purpose
We keep an eye on the type of attacks that come to cryptocurrency users on a daily basis and often write about our findings to help educate the community. Weβve seen various types of attacks on users, ranging from simple trust-trading scams to SIM hijacking to compromising and stealing funds from exchange accounts.
Google has ousted 49 Chrome browser extensions from its Web Store that masqueraded as cryptocurrency wallets but contained malicious code to siphon off sensitive information and empty the digital currencies.
ππΌ Read more:
https://medium.com/mycrypto/discovering-fake-browser-extensions-that-target-users-of-ledger-trezor-mew-metamask-and-more-e281a2b80ff9
https://thehackernews.com/2020/04/chrome-cryptocurrency-extensions.html
#hijacking #cryptocurrency #wallets #google #chrome #browser #extensions
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@FLOSSb0xIN
Discovering Fake Browser Extensions That Target Users of Ledger, Trezor, MEW, Metamask, and More
Using a familiar phishing method to target new brands.
The 49 browser add-ons, potentially the work of Russian threat actors, were identified (find the list here) by researchers from MyCrypto and PhishFort.
"Essentially, the extensions are phishing for secrets β mnemonic phrases, private keys, and keystore files," explained Harry Denley, director of security at MyCrypto. "Once the user has entered them, the extension sends an HTTP POST request to its backend, where the bad actors receive the secrets and empty the accounts."
Motivation and Purpose
We keep an eye on the type of attacks that come to cryptocurrency users on a daily basis and often write about our findings to help educate the community. Weβve seen various types of attacks on users, ranging from simple trust-trading scams to SIM hijacking to compromising and stealing funds from exchange accounts.
Google has ousted 49 Chrome browser extensions from its Web Store that masqueraded as cryptocurrency wallets but contained malicious code to siphon off sensitive information and empty the digital currencies.
ππΌ Read more:
https://medium.com/mycrypto/discovering-fake-browser-extensions-that-target-users-of-ledger-trezor-mew-metamask-and-more-e281a2b80ff9
https://thehackernews.com/2020/04/chrome-cryptocurrency-extensions.html
#hijacking #cryptocurrency #wallets #google #chrome #browser #extensions
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@FLOSSb0xIN
U.S. judge blocks Twitter's bid to reveal government surveillance requests
Twitter Inc will not be able to reveal surveillance requests it received from the U.S. government after a federal judge accepted government arguments that this was likely to harm national security after a near six-year long legal battle.
The social media company had sued the U.S. Department of Justice in 2014 to be allowed to reveal, as part of its βDraft Transparency Reportβ, the surveillance requests it received. It argued its free-speech rights were being violated by not being allowed to reveal the details.
U.S. District Judge Yvonne Gonzalez Rogers granted the governmentβs request to dismiss Twitterβs lawsuit in an eleven page order filed in the U.S. District Court for Northern California.
The judge ruled on Friday that granting Twitterβs request βwould be likely to lead to grave or imminent harm to the national security.β
βThe Governmentβs motion for summary judgment is GRANTED and Twitterβs motion for summary judgment is DENIED,β the judge said in her order.
Twitter had sued the Justice Department in its battle with federal agencies as the internet industryβs self-described champion of free speech seeking the right to reveal the extent of U.S. government surveillance.
ππΌ Read more:
https://www.reuters.com/article/us-usa-twitter-lawsuit/u-s-judge-blocks-twitters-bid-to-reveal-government-surveillance-requests-idUSKBN2200CS
#Twitter #USA #lawsuit #goverment #surveillance
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@FLOSSb0xIN
Twitter Inc will not be able to reveal surveillance requests it received from the U.S. government after a federal judge accepted government arguments that this was likely to harm national security after a near six-year long legal battle.
The social media company had sued the U.S. Department of Justice in 2014 to be allowed to reveal, as part of its βDraft Transparency Reportβ, the surveillance requests it received. It argued its free-speech rights were being violated by not being allowed to reveal the details.
U.S. District Judge Yvonne Gonzalez Rogers granted the governmentβs request to dismiss Twitterβs lawsuit in an eleven page order filed in the U.S. District Court for Northern California.
The judge ruled on Friday that granting Twitterβs request βwould be likely to lead to grave or imminent harm to the national security.β
βThe Governmentβs motion for summary judgment is GRANTED and Twitterβs motion for summary judgment is DENIED,β the judge said in her order.
Twitter had sued the Justice Department in its battle with federal agencies as the internet industryβs self-described champion of free speech seeking the right to reveal the extent of U.S. government surveillance.
ππΌ Read more:
https://www.reuters.com/article/us-usa-twitter-lawsuit/u-s-judge-blocks-twitters-bid-to-reveal-government-surveillance-requests-idUSKBN2200CS
#Twitter #USA #lawsuit #goverment #surveillance
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@FLOSSb0xIN
Access data of the World Health Organization - Bill-Gates Foundation - Wuhan Institute of Virology hacked ... π
βΌοΈ World Health Organization
https://archive.is/JIJ2b
βΌοΈ Bill-Gates Foundation
archive.is/j6sgo
βΌοΈ Wuhan Institute of Virology
https://archive.is/UtQGz#selection-247.0-247.59
#hacked #WHO #BillGates #Wuhan
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@FLOSSb0xIN
βΌοΈ World Health Organization
https://archive.is/JIJ2b
βΌοΈ Bill-Gates Foundation
archive.is/j6sgo
βΌοΈ Wuhan Institute of Virology
https://archive.is/UtQGz#selection-247.0-247.59
#hacked #WHO #BillGates #Wuhan
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@FLOSSb0xIN
PrivacyBreacher
An app built to showcase the privacy issues in Android operating system
PrivacyBreacher is an Android app built as a proof of concept for a research article describing the privacy issues in Android. This app can access the following information from your phone without requesting any permissions:
βΌοΈ Figure out at what time your phone screen turned on/off.
βΌοΈ Figure out at what time you plugged in or removed your phone charger and wired headphones.
βΌοΈ Figure out at what time you switched on/off your phone (i.e., it captures the device uptime and ACTION_SHUTDOWN broadcasts).
βΌοΈ Access most of your device related information like your phone model, manufacturer etc.
βΌοΈ Keep track of your WiFi/Mobile data usage.
βΌοΈ Get a list of all the apps installed on your phone.
βΌοΈ Construct a 3D visualization of your body movements.
π‘ Research Article:
https://github.com/databurn-in/Android-Privacy-Issues
ππΌ PrivacyBreacher:
https://github.com/databurn-in/PrivacyBreacher
#PrivacyBreacher #Android #App #thinkabout
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@FLOSSb0xIN
An app built to showcase the privacy issues in Android operating system
PrivacyBreacher is an Android app built as a proof of concept for a research article describing the privacy issues in Android. This app can access the following information from your phone without requesting any permissions:
βΌοΈ Figure out at what time your phone screen turned on/off.
βΌοΈ Figure out at what time you plugged in or removed your phone charger and wired headphones.
βΌοΈ Figure out at what time you switched on/off your phone (i.e., it captures the device uptime and ACTION_SHUTDOWN broadcasts).
βΌοΈ Access most of your device related information like your phone model, manufacturer etc.
βΌοΈ Keep track of your WiFi/Mobile data usage.
βΌοΈ Get a list of all the apps installed on your phone.
βΌοΈ Construct a 3D visualization of your body movements.
π‘ Research Article:
https://github.com/databurn-in/Android-Privacy-Issues
ππΌ PrivacyBreacher:
https://github.com/databurn-in/PrivacyBreacher
#PrivacyBreacher #Android #App #thinkabout
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@FLOSSb0xIN
This media is not supported in your browser
VIEW IN TELEGRAM
How Facebook Figures Out Everyone You've Ever Met
βΌοΈ Behind the Facebook profile youβve built for yourself is another one, a shadow profile, built from the inboxes and smartphones of other Facebook users.
ππΌ Read more:
https://gizmodo.com/how-facebook-figures-out-everyone-youve-ever-met-1819822691
#DeleteFacebook
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@FLOSSb0xIN
βΌοΈ Behind the Facebook profile youβve built for yourself is another one, a shadow profile, built from the inboxes and smartphones of other Facebook users.
ππΌ Read more:
https://gizmodo.com/how-facebook-figures-out-everyone-youve-ever-met-1819822691
#DeleteFacebook
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@FLOSSb0xIN
Neo-Nazis Are Spreading a List of Emails and Passwords for Gates Foundation and WHO Employees
SITE Intelligence, a private terrorism watchdog based in the U.S., first spotted the data dump and then its migration to a Telegram channel with over 5,000 followers and links to neo-Nazi terrorist organizations Atomwaffen Division and The Base, both of which have been under an extreme, nationwide FBI crackdown in recent months
Access data of the World Health Organization - Bill-Gates Foundation - Wuhan Institute of Virology hacked
ππΌ https://t.iss.one/BlackBox_Archiv/847
ππΌ Read more:
https://www.vice.com/en_us/article/akwxzp/neo-nazis-are-spreading-a-list-of-emails-and-passwords-for-gates-foundation-and-who-employees
#hacked #WHO #BillGates #Wuhan
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@FLOSSb0xIN
SITE Intelligence, a private terrorism watchdog based in the U.S., first spotted the data dump and then its migration to a Telegram channel with over 5,000 followers and links to neo-Nazi terrorist organizations Atomwaffen Division and The Base, both of which have been under an extreme, nationwide FBI crackdown in recent months
Access data of the World Health Organization - Bill-Gates Foundation - Wuhan Institute of Virology hacked
ππΌ https://t.iss.one/BlackBox_Archiv/847
ππΌ Read more:
https://www.vice.com/en_us/article/akwxzp/neo-nazis-are-spreading-a-list-of-emails-and-passwords-for-gates-foundation-and-who-employees
#hacked #WHO #BillGates #Wuhan
π‘@cRyPtHoN_INFOSEC_DE
π‘@cRyPtHoN_INFOSEC_EN
π‘@BlackBox_Archiv
π‘@FLOSSb0xIN