Mullvad VPN has received high praise after independent auditors confirmed its robust security in their latest audit! 🔒✨ With only minor vulnerabilities found and swiftly addressed, Mullvad continues to prove it's a top choice for privacy-conscious users. Check out the full report for more details! 📊🔍 #MullvadVPN #PrivacyMatters #CyberSecurity #VPN #newz
Read more here: https://www.techradar.com/vpn/vpn-services/independent-auditors-confirm-mullvad-vpn-as-secure

Ransomware defenses are at risk! 🛡️ TechRadar highlights how outdated backup tech, limited data encryption, and failed backups are weakening our defenses. It's time to upgrade and secure our data! 💾🔒 Read more here: https://www.techradar.com/pro/Ransomware-defenses-are-being-weakened-by-outdated-backup-technology-limited-backup-data-encryption-and-failed-data-backups #CyberSecurity #DataProtection #Ransomware #newz

Want To Make The Most Of Tails Amnesiac Linux OS "Pull Out" Feature?

💡 Try My Idea: USBSTICK "Pull The Plug" Bracelet (ideal for Tails)

This idea allows you to attach yourself to the inserted Tails disk, by bracelet (on demand)

If your arm ever gets too far from the computer: *POOF* there goes forensics! 😁

#HumanRights #Journalism #Tails #Linux #privacy #forensics #ideas #tech #GNU #fun #bracelet #jewelry #RAM #coldbootattack #infosec #cybersecurity #TorProject

https://tube.tchncs.de/w/q2Vdv11aTrmgAjKrrAULw2

"The collective shrug around Salt Typhoon can also be seen across the news industry, where headlines about Salt Typhoon are making the rounds in the cybersecurity community, but generally aren’t splashed across front pages. In fairness, the news cycle at the moment is exhausting for reporters and readers alike — there’s a new administration forming, major global conflicts rage on and people are looking to take a break from it all over the holidays. Worrying about a massive and likely devastating global hack does not feel very merry.

And many details about the hack — when it happened, who was impacted, the extent of the damage — are slowly emerging and are still not totally clear, making it difficult for the layperson to follow.

But Beijing is taking notes on the sluggish U.S. response. At the one Senate Commerce hearing on the topic held Wednesday, JAMES LEWIS, director of the Strategic Technologies Program at the Center for Strategic and International Studies, testified about the need for the U.S. to counter Chinese hacking operations by giving Beijing a taste of its own medicine through U.S. offensive hacking. Otherwise, he warned, China would just keep going."

https://www.politico.com/newsletters/national-security-daily/2024/12/12/we-need-to-talk-about-salt-typhoon-00183727

#CyberSecurity #China #USA #SaltTyphoon #StateHacking

New #IOCONTROL #malware used in critical infrastructure attacks

https://www.bleepingcomputer.com/news/security/new-iocontrol-malware-used-in-critical-infrastructure-attacks/

#cybersecurity #IoT #SCADA #Israel #US

Iranian Hackers Use IOCONTROL Malware to Target OT, IoT Devices in US, Israel
https://www.securityweek.com/iranian-hackers-use-iocontrol-malware-to-target-ot-iot-devices-in-us-israel/

#Infosec #Security #Cybersecurity #CeptBiro #IranianHackers #IOCONTROL #Malware #OT #IoTDevices #US #Israel

Stay informed! 📢 Phishing is a major threat lurking online, often disguised as legitimate messages to trick users into revealing sensitive information. 🛑💻 Learn how to protect yourself from these scams and keep your data safe! 🔒 Check out this insightful article on the dangers of phishing: https://www.techradar.com/news/what-is-phishing-and-how-dangerous-is-it #Phishing #CyberSecurity #StaySafeOnline #newz

Akamai's latest discovery reveals a devious malware technique that hijacks Windows' UI Automation feature to evade detection! This malicious method can execute commands stealthily, making it hard for antivirus programs to catch. 🦠💻 Admins are urged to monitor suspicious activity involving UIAutomationCore.dll. Stay alert! 🔍 #CyberSecurity #Malware #newz #WindowsSecurity https://www.techradar.com/pro/security/this-devious-new-malware-technique-looks-to-hijack-windows-itself-to-avoid-detection

Pro-Palestine extremists are targeting India 🇮🇳 with cyber attacks due to it's perceived stance against Hamas terrorism and support for Israel 🇮🇱
About 50 cyber attacks motivated by geopolitics were recorded each day in India during 2024.

https://timesofindia.indiatimes.com/city/hyderabad/pro-palestine-hacktivist-groups-target-india-amid-gaza-conflict/articleshow/116184519.cms

#palestine #gaza #hamas #israel #cyberattack #cybersecurity #terrorism #india #news #war

I'm SURE there are Specialists who do this.

1960s edition here: https://auntieimperial.tumblr.com/post/147731249619 (includes the complete secret plan to levitate the pentagon ...😎)

"I spend a nontrivial amount of time wondering if spies spend a much time juggling .csv spreadsheets as marketing people do." #Altoona #unitedhealthcare #DeadCEOGoodCEO #CyberSec #CyberSecurity #CyberStalking

FWIW, folks I follow used these hashtags today: #scotus (22) #law (22) #tech (22) #autosum (22) #legaltech (21) #syria (8) #lawfedi (4) #humanrights (4) #privacy (4) #dailystats (3) #News (3) #sednaya (3) #TechLaw (3) #Cybersecurity (3) #canada (2) #space (2) #badvacationpostcards (2) #hashtaggames (2) #assad (2) #whitehelmets (2) #toodles (2) #israel (2) [#DailyStats]

This is a reminder to the #cybersecurity world that your security tooling is likely bathed in the blood of Palestinians murdered by the Israeli's.

These companies include CyberArk, Crowdstrike, CyberReason, Noname Security, Claroty, Cato Networks, Zero Networks, etc. There are a lot. What will you do about it?

#gaza #genocide

The list goes on.

"U.S. government agencies legally hack into cell phones or emails all the time: think of the FBI wiretapping a suspected drug lord or the NSA monitoring emails for terrorism plots.

But now there’s rising interest in hacking other kinds of devices people use, like Wi-Fi-connected security cameras and other IoT products.

Toka, an Israeli startup backed by Andreessen Horowitz, specializes in this type of work. It previously gained attention for a 2022 Haaretz article detailing its claims about being able to obtain and even delete security camera footage.

The company is now looking to hire a “Client Director USA” to “support new business growth within the US government market.” The position requires a “strong history of technology sales within DoD and national security agencies.”"

https://techcrunch.com/2024/12/06/a16z-backed-toka-wants-to-help-us-agencies-hack-into-security-cameras-and-other-iot-devices/

#USA #Surveillance #PoliceState #StateHacking #Hacking #CyberSecurity #IoT

"- This joint investigation with First Department, a legal assistance organization, found spyware covertly implanted on a phone returned to a Russian programmer accused of sending money to Ukraine after he was released from custody.

- He describes being subjected to beatings and an intense effort to recruit him as an informant for the Russian Federal Security Service (FSB).

- Our analysis finds that the spyware placed on his device allows the operator to track a target device’s location, record phone calls, keystrokes, and read messages from encrypted messaging apps, among other capabilities.

- The spyware bears many similarities to the Monokle family of spyware, previously reported on by Lookout Mobile Security, which they attribute to the “Special Technology Center,” a contractor to the Russian government.

- Our analysis also finds certain differences from previously-reported samples of Monokle spyware, suggesting that it is either an updated version of Monokle or new software created by reusing much of the same code."

https://citizenlab.ca/2024/12/device-confiscated-by-russian-authorities-returned-with-monokle-type-spyware-installed/

#CyberSecurity #Russia #Spyware #Monokle

"The company’s Mobile Threat Hunting feature uses a combination of malware signature-based detection, heuristics, and machine learning to look for anomalies in iOS and Android device activity or telltale signs of spyware infection. For paying iVerify customers, the tool regularly checks devices for potential compromise. But the company also offers a free version of the feature for anyone who downloads the iVerify Basics app for $1. These users can walk through steps to generate and send a special diagnostic utility file to iVerify and receive analysis within hours. Free users can use the tool once a month. iVerify's infrastructure is built to be privacy-preserving, but to run the Mobile Threat Hunting feature, users must enter an email address so the company has a way to contact them if a scan turns up spyware—as it did in the seven recent Pegasus discoveries."

https://arstechnica.com/security/2024/12/1-phone-scanner-finds-seven-pegasus-spyware-infections/

#CyberSecurity #Spyware #iVerify #iOS #Android #Pegasus

"End-to-end encryption means that the information is scrambled in transit and only the sender and recipient can access it. Regular text messages (SMS messages) and voice calls are usually not encrypted, and can be intercepted in transit or stored on a carrier’s server for extended periods of time.

Email services such as Gmail and Outlook generally offer encryption in transit, which means they can be read on the companies’ servers and by the end users. Messages that are encrypted in transit can’t be nabbed from a telecom network in an accessible format, but they could be accessed through an email service provider or a law enforcement request to that company.

End-to-end encryption—the kind offered by services like WhatsApp and Signal—is considered the best bet for privacy, particularly when paired with the option to auto-delete messages after a set period of time, says Mullin."

https://www.inc.com/jennifer-conrad/why-you-should-start-using-encrypted-communications-today/91034632

#CyberSecurity #Privacy #Encryption #E2EEncryption #Signal

"Security firm iVerify said a leader of a big company was among several individuals whose iPhones were recently targeted with the Pegasus spyware.

While journalists, human rights defenders, lawmakers, and political officials are frequent targets of state surveillance, reports of spyware compromising the phones of business leaders are rare, but not unheard of. The findings come as a fresh warning that spyware typically used by governments under the guise of preventing serious crime and terrorism can also be misused for commercial espionage.

In a call with TechCrunch this week, iVerify chief executive Rocky Cole declined to name who was targeted, but said that the spyware targeted a business “that you’ve heard about.” Cole, a former analyst at the National Security Agency, said the business leader, who iVerify is in contact with, was “completely surprised” by the attempt to compromise their phone."

https://techcrunch.com/2024/12/04/business-leaders-among-pegasus-spyware-victims-says-security-firm/

#CyberSecurity #NSOGroup #Spyware #Pegasus #iPhone

Memory safety problems are a huge #cybersecurity problem for the Internet, but it doesn’t have to be.

Make a transition to memory safety part of your #CyberCivilDefense plan.

Read about orgs doing that today: https://www.memorysafety.org/blog/rustls-adoption-grows/

Argentina, Israel Plan Defense Collaboration on UAVs, Small Arms:

https://defensemirror.com/news/38303/Argentina__Israel_Plan_Defense_Collaboration_on_UAVs__Small_Arms…

#Argentina #Israel #UAV #smallarms #ammunition #cybersecurity #drone #loiteringmunition #satcom #borderprotection #ammo #cyberdefense

Argentina, Israel Plan Defense Collaboration on UAVs, Small Arms:

https://defensemirror.com/news/38303/Argentina__Israel_Plan_Defense_Collaboration_on_UAVs__Small_Arms…

#Argentina #Israel #UAV #smallarms #ammunition #cybersecurity #drone #loiteringmunition #satcom #borderprotection #ammo #cyberdefense

#Cybersecurity 101: A Guide to Staying Safe Online

https://blog.thenewoil.org/cybersecurity-101-a-guide-to-staying-safe-online

#blog

Cybercriminals exploit #ProjectSend flaw to #backdoor exposed servers

https://www.bleepingcomputer.com/news/security/hackers-exploit-projectsend-flaw-to-backdoor-exposed-servers/

#cybersecurity

"While the Executive Branch pushes agencies to leverage private AI expertise, our concern is that more and more information on how those AI models work will be cloaked in the nigh-impenetrable veil of government secrecy. Because AI operates by collecting and processing a tremendous amount of data, understanding what information it retains and how it arrives at conclusions will all become incredibly central to how the national security state thinks about issues. This means not only will the state likely make the argument that the AI’s training data may need to be classified, but they may also argue that companies need to, under penalty of law, keep the governing algorithms secret as well.

As the memo says, “AI has emerged as an era-defining technology and has demonstrated significant and growing relevance to national security. The United States must lead the world in the responsible application of AI to appropriate national security functions.” As the US national security state attempts to leverage powerful commercial AI to give it an edge, there are a number of questions that remain unanswered about how much that ever-tightening relationship will impact much needed transparency and accountability for private AI and for-profit automated decision making systems."

https://www.eff.org/deeplinks/2024/11/us-national-security-state-here-make-ai-even-less-transparent-and-accountable

#USA #CyberSecurity #Surveillance #AI #AlgorithmicTransparency

"Hackers weren’t able to monitor or intercept anything encrypted, according to the Times, which means that conversations over apps like Signal and Apple’s iMessage were probably protected. But end-to-end encryption over texts between Apple devices and Android devices, for instance, aren’t encrypted in the same way, meaning they were vulnerable to interception by Salt Typhoon, according to the Times.
(...)
As for the targets, the Post reports fewer than 150 people have been identified as having their text messages or phone calls monitored and the FBI has been in contact with them. Most of the people are in the Washington DC area, which makes sense if the hackers were interested in political targets. But 150 people can communicate with a lot of people, even in a short period, so the number of targets could be in the “millions,” according to Warner. You get the sense U.S. authorities have no real idea how many people have been impacted, given the scope of the intrusion.

The details about how the hackers were able to push so deeply into U.S. systems are still scarce, but it has something to do with the ways in which U.S. authorities wiretap suspects in this country with a court order. The monitoring of phone calls wasn’t 24/7, according to Warner, but he didn’t seem to elaborate on what that meant to the Times."

https://gizmodo.com/china-wiretaps-americans-in-worst-hack-in-our-nations-history-2000528424

#USA #CyberSecurity #StateHacking #Surveillance #PoliceState #China

"Cape runs its own mobile core, all of the software necessary to route messages, authenticate users, and basically be a telecom. Ultimately, this gives Cape the control to do more privacy-enhancing things, such as periodically give its phones a new IMEI—a unique identifier for the phone—and new IMSI—a similar identifier but one attached to the SIM card (or eSIM in Cape’s case). The phone can also give itself a new mobile advertising identifier (MAID), which is an identifier advertising ecosystems and apps use to track peoples’ web browsing activity and is sometimes linked to their physical movement data. Cape said the IMEI and MAID rotation is handled by the custom Cape handset, which runs standard up-to-date Android.

Cape lets users create bundles of these identifiers, called “personas,” then cycle through them at different points. This means that during some attacks, a Cape phone may look like a different phone each time. The device can do this in a few ways. In the first, users can set geofences around a particular area, meaning that when they enter that location—such as their home, place of work, or commute—the device automatically switches to a particular IMSI, IMEI, and MAID. Secondly, users can set it to switch between these sets of identifiers after an approximate period of time has passed, between one hour and one day, with an option to add some percentage of variation between each rotation."

https://www.404media.co/i-dont-own-a-cellphone-can-this-privacy-focused-network-change-that/

#CyberSecurity #Mobile #Privacy #Cellphones #MobileSecurity #Cape

Keymous+ has launched a new operation against the United States with the support of other active pro-palestine hacktivists.

#cybersecurity #Israel #Palestine #USA #Ukraine https://t.co/P4SF5aRycq
https://twitter.com/Cyberknow20/status/1859547448248762400
#CyberKnow #cysec

Keymous+ has launched a new operation against Israel, with the support of other active pro-palestine hacktivists.

#cybersecurity #Israel #Palestine https://t.co/EFEeXymtm5
https://twitter.com/Cyberknow20/status/1859544430572921051
#CyberKnow #cysec

The US Library of Congress reports breach of email communications
#cybersecurity #infosec #incident #databreach
https://beyondmachines.net/event_details/the-us-library-of-congress-reports-breach-of-email-communications-r-3-3-c-6/gD2P6Ple2L

RansomHub gang claims breach of Mexican government's official federal website
#cybersecurity #infosec #incident #databreach
https://beyondmachines.net/event_details/ransomhub-gang-claims-breach-of-mexican-government-s-official-federal-website-m-3-n-k-0/gD2P6Ple2L

FWIW, folks I follow used these hashtags today: #scotus (150) #law (43) #tech (37) #legaltech (37) #autosum (37) #trump (6) #mattgaetz (3) #dailystats (3) #currentevents (3) #cop29 (3) #contracts (3) #opensource (3) #democracy (3) #justicesystem (3) #Climate (3) #Cybersecurity (3) #legaldrama (3) #lawfedi (3) #education (3) #singapore (2) #privacy (2) #academia (2) #fedilaw (2) #media (2) #surveillance (2) #uspolitics (2) #economy (2) #bluesky (2) [#DailyStats]

Cybercrime is a growing threat in our increasingly digital world. Cybercronals, or organized criminal gangs operating in the digital realm, are becoming more sophisticated in their methods and causing significant damage. Let's prioritize cybersecurity and work together to combat cybercrime and protect our digital infrastructure. #Cybercrime #Cybersecurity ##github mastadon #microsoft #siliconvalley #foia #journalism #nyc #boston #nft #digitalart #michaelpaulino #michaelpaulinostudios

Earlier this year, we reported on how a former employee said #Microsoft dismissed his warnings about a critical flaw because it feared losing #government business. #Russian hackers later used the weakness to breach the National Nuclear Security Administration, among others.

https://www.propublica.org/article/microsoft-solarwinds-golden-saml-data-breach-russian-hackers

#Tech #News #Cybersecurity #Hacking #Data #Technology

"A lawyer who was allegedly hacked with government-grade spyware made by the infamous surveillance tech maker NSO Group has filed a complaint in court against two of the company’s founders and one executive. It appears to be the first attempt to hold the people behind a spyware company accountable for hacking crimes, rather than just the company itself.

On Wednesday, the Barcelona-based human rights nonprofit Iridia announced that it had filed a complaint in a Catalan court earlier this week accusing NSO’s founders Omri Lavie and Shalev Hulio, as well as Yuval Somekh, an executive of two affiliate companies, of hacking crimes.

Iridia represents lawyer Andreu Van den Eynde, an attorney and university professor who specializes in cybersecurity. According to a 2022 investigation by Citizen Lab, a nonprofit that has been investigating government spyware for more than a decade, Van den Eynde was among the victims of a wide-ranging hacking campaign against at least 65 Catalans linked to the region’s attempts to become independent from Spain, which was carried out using NSO’s Pegasus software. Amnesty International independently confirmed Citizen Lab’s findings."

https://techcrunch.com/2024/11/13/lawyer-allegedly-hacked-with-spyware-names-nso-founders-in-lawsuit/

#CyberSecurity #NSOGroup #Pegasus #Spyware #Spain #Hacking

Pro-Palestinian hacktivists claim to have targeted Israel's Ministry of National Security.

#Palestine #hack #Israel #dataleak #CyberSecurity

https://cnews.link/israel-ministry-national-security-alleged-breach-1/

"On Monday Amazon confirmed a breach of employee data which was published on a crime-focused forum, according to a statement from Amazon to 404 Media.

The data includes the employees’ name, work contact information, and what location they work at, and has more than 2.8 million lines of data, according to the post on Breach Forums. The post says the source of the data was MOVEit, which is suite of cloud data management tools.

“Amazon and AWS systems remain secure, and we have not experienced a security event. We were notified about [a] security event at one of our property management vendors that impacted several of its customers including Amazon. The only Amazon information involved was employee work contact information, for example work email addresses, desk phone numbers, and building locations,” an Amazon spokesperson told 404 Media in an email."

https://www.404media.co/amazon-confirms-breach-of-employee-data/

#Amazon #DataBreach #DataProtection #Privacy #Hacking #CyberSecurity

For the next 24 hours, I will donate 1 flash drive to flash drives for freedom, an organization that smuggles outside information into North Korea for every follower I get, up to 400 followers. (I’m not rich and that’s about what I can fit into my budget)
#northkorea #flashdrivesforfreedom #tech #linux #media #follow #boost #social #mastodon #peace #help #donate #cybersecurity #trending #freedom

#MiddleEast #Hactivism 💥

The #Iranian #Hanzala #hackers group has #hacked the personal phone of Major General Ehud Shani, current Commander of the #IDF #Cybersecurity Corps and former Chief of the #Israeli Army's Communications Corps

They released, amongst other things, an image of the him lying naked inside the bath tub, innapropriately touching himself. We have censored the photo.

The hacker group also published Ehud Shani's personal information, including phone number, and threatened to release more sensitive and scandalous information if he does not abide by their demands.

From the Middle_East_Spectator channel on Telegram.

#ThankYouHacktivists
#Terrorist
#FreePalestine
#IsraelIsATerroristState
#IsraelWarCrimes
#RacistIsrael
#IsraelRogueState
#ArmsEmbargoOnIsrael
#USAFundsGenocide
#BoycottIsrael
#BDSMovement
#BoycottIsraeliApartheid
#StopGenocide
#ApartheidIsrael
#SanctionIsrael
#ExposeIsraeliTerrorists
#ZionismIsACult
#FAFO