Collaborate Disseminate
Senator Ron Wyden asked, and the NSA didn’t answer:
The NSA has long sought agreements with technology companies under which they would build special access for the spy agency into their products, according to disclosures by former NSA contractor Edwa… Continue reading The NSA is Refusing to Disclose its Policy on Backdooring Commercial Products
When a Chinese bank asked a new client to use a specific kind of tax software as a condition of doing business, the company didn’t know that the tax technology came with a backdoor that would give hackers a new way in, according to research from Trustwave. The Chinese bank had told the U.K.-based defense contractor that the Chinese government required firms to use that specific software tool to pay local taxes. However, findings published Tuesday by the security vendor Trustwave spotlight how the tax software’s developer has relied on a number of subcontractors to build software flaws into other software tools for years. The programs are required to be used through the Chinese government’s Chinese Golden Tax Project, a tax system launched in the 1990s meant to streamline tax administration, according to Trustwave. The security company did not identify the Chinese bank nor the U.K.-based defense contractor. The revelation that Beijing mandates […]
The post Chinese banks require clients to use tax programs laced with backdoors, report says appeared first on CyberScoop.
Continue reading Chinese banks require clients to use tax programs laced with backdoors, report says
The Kazakh native made headlines last year for hacking McAfee, Symantec and Trend Micro; but the Feds say he’s also behind a widespread backdoor operation spanning six continents. Continue reading Notorious Hacker ‘Fxmsp’ Outed After Widespread Access-Dealing
Critics say the amended bill that’s headed for a full Senate hearing still threatens encryption, albeit less blatantly. Continue reading Kinda sorta weakened version of EARN IT Act creeps closer
Even so, backdoors and droppers are rare in the wild. Continue reading Trojans, Backdoors and Droppers: The Most-Analyzed Malware
As we all know by now, it’s impossible to meet the irreconcilable aims of data security and government backdoors.
The post Encryption: Politicians Try to Outlaw Math (Again) appeared first on Security Boulevard.
Continue reading Encryption: Politicians Try to Outlaw Math (Again)
Zoom was doing so well…. And now we have this: Corporate clients will get access to Zoom’s end-to-end encryption service now being developed, but Yuan said free users won’t enjoy that level of privacy, which makes it impossible for third parties to d… Continue reading Zoom’s Commitment to User Security Depends on Whether you Pay It or Not
Zoom was doing so well…. And now we have this: Corporate clients will get access to Zoom’s end-to-end encryption service now being developed, but Yuan said free users won’t enjoy that level of privacy, which makes it impossible for third parties to decipher communications. "Free users for sure we don’t want to give that because we also want to work… Continue reading Zoom’s Commitment to User Security Depends on Whether you Pay It or Not
In episode 123 for June 1st 2020: The controversy continues over fact checking and First Amendment rights on Twitter, and why government mandated encryption backdoors are bad for everyone’s security. ** Show notes and links mentioned on the show … Continue reading First Amendment Rights and Twitter, Encryption Backdoors
For GitHub, not all reports about malicious software on its platform are of equal importance. The company behind the popular software repository, where developers often share code rather than building it from scratch, revealed this week that attackers were trying to exploit the open-source nature of the site to distribute malware. A hacking tool was designed to spread through software projects, then leave a “backdoor” that could offer hackers persistent access to the software. By infiltrating open-source software, hackers could have given themselves a foothold in code that was later included in corporate apps or websites. Open-source websites continue to represent valuable targets for hackers hoping that technology companies will adopt compromised tools to build their own software. (GitHub claims the site has tens of millions of users.) In this case, the malicious code — which spread to 26 different GitHub projects — is an example of the potentially insidious nature of open-source supply chain compromises. Dubbed Octopus Scanner, […]
The post How GitHub untangled itself from the ‘Octopus’ malware that infected 26 software projects appeared first on CyberScoop.