The Global Surveillance Free-for-All in Mobile Ad Data

Not long ago, the ability to remotely track someone’s daily movements just by knowing their home address, employer, or place of worship was considered a powerful surveillance tool that should only be in the purview of nation states. But a new lawsuit in a likely constitutional battle over a New Jersey privacy law shows that anyone can now access this capability, thanks to a proliferation of commercial services that hoover up the digital exhaust emitted by widely-used mobile apps and websites. Continue reading The Global Surveillance Free-for-All in Mobile Ad Data

Who Stole 3.6M Tax Records from South Carolina?

For nearly a dozen years, residents of South Carolina have been kept in the dark by state and federal investigators over who was responsible for hacking into the state’s revenue department in 2012 and stealing tax and bank account information for 3.6 million people. The answer may no longer be a mystery: KrebsOnSecurity found compelling clues suggesting the intrusion was carried out by the same Russian hacking crew that stole of millions of payment card records from big box retailers like Home Depot and Target in the years that followed. Continue reading Who Stole 3.6M Tax Records from South Carolina?

The latest in Facebook’s dragnet: Propaganda from Russian military intelligence

Facebook on Wednesday announced the removal of three networks of accounts it had determined were operating on behalf of foreign governments, including a number of pages that the company tied to Russian intelligence services. Researchers found a network of 78 accounts, 11 Pages, 29 groups and four Instagram pages that often posted about news such as Russia’s involvement in Syria and the downing of the Malaysian airliner MH17 and also had links to Russian military intelligence services, the company said. Sometimes, the account holders misrepresented themselves as citizen journalists, and contacted policymakers, reporters and other known figures in the region who could help amplify their content, Facebook said in a blog post. The other networks originated in Iran, where operators also impersonated journalists, and Vietnam and Myanmar, where the Burmese telecommunications company MyTel, which is indirectly owned by the Burmese and Vietnamese militaries, engaged in “coordinated inauthentic behavior.” These takedowns are […]

The post The latest in Facebook’s dragnet: Propaganda from Russian military intelligence appeared first on CyberScoop.

Continue reading The latest in Facebook’s dragnet: Propaganda from Russian military intelligence

3 Charged In Fatal Kansas ‘Swatting’ Attack

Federal prosecutors have charged three men with carrying out a deadly hoax known as “swatting,” in which perpetrators call or message a target’s local 911 operators claiming a fake hostage situation or a bomb threat in progress at the target’s address — with the expectation that local police may respond to the scene with deadly force. While only one of the three men is accused of making the phony call to police that got an innocent man shot and killed, investigators say the other two men’s efforts to taunt and deceive one another ultimately helped point the gun. Continue reading 3 Charged In Fatal Kansas ‘Swatting’ Attack

Detecting Cloned Cards at the ATM, Register

Much of the fraud involving counterfeit credit, ATM debit and retail gift cards relies on the ability of thieves to use cheap, widely available hardware to encode stolen data onto any card’s magnetic stripe. But new research suggests retailers and ATM operators could reliably detect counterfeit cards using a simple technology that flags cards which appear to have been altered by such tools. Continue reading Detecting Cloned Cards at the ATM, Register

Lawmakers call for action following revelations that APT28 posed as ISIS online

The world got a fresh reminder Tuesday of the difficulties associated with assigning blame for hacking – and of the consequences when a case of mistaken identity takes hold. New evidence reinforces the notion that a group dubbed the CyberCaliphate, which sent death threats to the wives of U.S. military personnel in 2015 under the banner of the Islamic State, is actually an infamous Russian-government-linked hacking group accused of meddling in the 2016 U.S. presidential election, the Associated Press reported. Activity from the CyberCaliphate coincided with attempts by the Russian group, known as APT28 or Fancy Bear, to breach the womens’ email accounts, according to the Associated Press. The episode brings to life established links between the CyberCaliphate and APT28 in a way that no cybersecurity research did. The hacking victims were led to believe that jihadists, and not state-backed Russians, were breaching their accounts and leaving threatening messages. Amy […]

The post Lawmakers call for action following revelations that APT28 posed as ISIS online appeared first on Cyberscoop.

Continue reading Lawmakers call for action following revelations that APT28 posed as ISIS online

The Associated Press’ plan to put hyperlocal data in the hands of reporters

 Since 2013, The Associated Press has been making an intentional effort to put data in the hands of local reporters. In the last few years, this meant assisting with Freedom of Information Act requests and putting a team of four engineers to work … Continue reading The Associated Press’ plan to put hyperlocal data in the hands of reporters