🚨 🕵🏽 :apple_inc: :google: Once again proud of my US Senator, who is blowing the whistle on government #surveillance of people through mobile push notifications typically sent through #Apple or #Google servers.
Yet another reason to use @fdroidorg to avoid corporate #spyware. And to use something like @ntfy for your push notifications instead.
'The founder of the infamous and now-defunct spyware maker Hacking Team was arrested on Saturday after allegedly stabbing and attempting to murder a relative, according to multiple news reports. David Vincenzetti, who launched Hacking Team in 2003, was arrested when police showed up to his apartment after his cousin called the police, local media reported, because he couldn’t reach his wife on the phone.'
🚨 Access Now, SHARE Fondacija, CitizenLab and Amnesty International have uncovered that two members of civil society in Serbia were targeted with #spyware earlier this year.
The use of surveillance tech to silence & suppress civil society must stop!
Diese Software für Eltern zum Verfolgen ihrer Kinder ist oft dieselbe, die als #Stalkerware bezeichnet wird und für die Überwachung innerhalb von Partnerschaften vermarktet wird. Eine Art #Pegasus#Spyware für das Privatleben.
Ich diskutiere darüber allerdings häufiger mit Vätern als mit Müttern. 'Big Mother' trifft's nicht so richtig.
The Israeli government appears to be turning to controversial spyware maker NSO Group to help track those kidnapped and murdered by Hamas in the last month.
📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #45/2023 is out! It includes the following and much more:
➝ 🔓 ✈️ #Boeing breach: LockBit leaks 50 GB of data
➝ 🇨🇳 World’s largest commercial bank #ICBC confirms #ransomware attack
➝ 🔓 ☁️ Sumo Logic alerts customers about #securityincident; advises rotate Sumo Logic API access keys
➝ 🔓 🇮🇪 Electric Ireland admits data breach that could see customer financial data compromised
➝ 🔓 🇨🇦 #TransForm says ransomware data breach affects 267,000 patients
➝ 🔓 🇸🇬 #Singapore Marina Bay Sands reward members data breached, over 650k people exposed
➝ 🇮🇱 🇵🇸 🇮🇷 Cyber ops linked to #Israel-#Hamas conflict largely improvised, researchers say
➝ 🧨 🤖 #OpenAI confirms #DDoS attacks behind ongoing #ChatGPT outages
➝ 🛍️ 💸 Fake Ledger Live app in #Microsoft Store steals $768,000 in #crypto
➝ 🔓 🐰 ‘Looney Tunables’ #Glibc Vulnerability Exploited in #Cloud Attacks
➝ 🇺🇸 🇷🇺 US Sanctions Russian National for Helping Ransomware Groups Launder Money
➝ 🇮🇷 🇮🇱 Iranian Hackers Launch Destructive Cyber Attacks on Israeli #Tech and #Education Sectors
➝ 🇫🇷 🇬🇧 #France, #UK Seek Greater Regulation of Commercial #Spyware
➝ 🇪🇺 🤐 #Europe is trading security for digital #sovereignty
➝ 🇷🇺 🇺🇦 Russian Hackers Used #OT Attack to Disrupt Power in #Ukraine Amid Mass Missile Strikes
➝ 🦠 🚪 Highly invasive #backdoor snuck into #opensource packages targets developers
➝ 🦠 🇰🇵 N. Korea's #BlueNoroff Blamed for Hacking #macOS Machines with ObjCShellz #Malware
➝ 🫣 #Signal tests usernames that keep your phone number private
➝ 🔐 Microsoft Authenticator now blocks suspicious #MFA alerts by default
➝ ☁️ 💰 Researchers Uncover Undetectable #CryptoMining Technique on #Azure Automation
➝ 👥 💰 Data Brokers Expose Sensitive US Military Member Info to Foreign Threat Actors: Study
➝ 🩹 Microsoft Says Exchange ‘Zero Days’ Disclosed by #ZDI Already Patched or Not Urgent
➝ 🐛 Veeam warns of critical bugs in #Veeam ONE monitoring platform
📚 This week's recommended reading is: "How the F*ck Did This Happen?: A guide for executives who need to understand Cyber Security in plain, actionable language" by Dr Darryl Carlton
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️
🚨 #Microsoft#Outlook wants to snatch your e-mail login data (user name AND password) as part of a shady "synchronize" feature. The user has to confirm this, but it is hidden behind confusing technobabble.
And people wonder why I hate #proprietary software. 🤮
heise+ | Wie Überwachungsprogramme Mitarbeiter minutiös ausspionieren
In der EU sind Überwachungsprogramme (noch) verboten. Doch Hersteller entwickeln neue Systeme zur Leistungskontrolle, die Datenschutzbedenken umgehen sollen.
Lot's of people asking me why I filed a complaint against #YouTube for their illegal deployment of #spyware to detect #adblockers instead of simply paying for YouTube Premium.
The answer is simple - YouTube Premium has no ads but Google still use it to profile you for advertising on their other products.
I refuse to pay for any service which doesn't respect my fundamental rights.
And so should everyone else, because until they do, Alphabet will continue with their illegal #surveillance.
Note that, they even disclose on the Play Store, they save and share voice recordings of you with their partners. These spywares run on your phone all the time. Oh, and it's all unencrypted.
You can also take a quiz to determine your own privacy footprint.
From the link below, select which popular products you own. We’ll weigh their privacy features and flaws, then show how well or poorly your devices and apps protect your personal information.
Senior Researcher Bill Marczak explains how mercenary #spyware has evolved over the past few years and how one is able to protect themselves at a recent iMEdD conference. He draws from our recent study that revealed how former Egyptian MP Ahmed Eltantawy was targeted with #Predator spyware. https://www.youtube.com/watch?v=OZZbh67c6qc
#EU#USA#Cybersecurity#Spyware#Predator#PredatorFiles#Intellexa: "Shocking spyware attacks have been attempted against civil society, journalists, politicians and academics in the European Union (EU), USA and Asia, according to a major new investigation by Amnesty International. Among the targets of Predator spyware are United Nations (UN) officials, a Senator and Congressman in the USA and even the Presidents of the European Parliament and Taiwan. The investigation is part of the ‘Predator Files’ project, in partnership with the European Investigative Collaborations (EIC) and backed by additional in-depth reporting by Mediapart and Der Spiegel.
Between February and June 2023, social media platforms X (formerly Twitter) and Facebook were used to publicly target at least 50 accounts belonging to 27 individuals and 23 institutions. The cyber-surveillance weapon used for targeting was an invasive spyware tool called Predator, which was developed and sold by the Intellexa alliance. This alliance, which has advertised itself as “EU based and regulated”, is a complex and often changing group of companies that develops and sells surveillance products, including Predator spyware.
Predator is a type of highly invasive spyware. This means that once it has infiltrated a device it has unfettered access to its microphone and camera and all its data such as contacts, messages, photos and videos, while the user is entirely unaware. Such spyware cannot, at present, be independently audited or limited in its functionality to only those functions that are necessary and proportionate to a specific use. "