Collaborate Disseminate
Leading out the news this week is a report of “BlackTech”, an Advanced Persistent Threat (APT) group that appears to be based out of China, that has been installing malicious …read more Continue reading This Week in Security: Magic Packets, GPU.zip, and Enter the Sandman
Citizen Lab just published an excellent report on the stalkerware industry…. Continue reading Report on the Stalkerware Industry
An expansive and ongoing computer espionage campaign spread across Egypt, Turkey and Syria has been powered by technology developed by a Canadian-American networking company, SandVine, and an infamous spyware maker known as GammaGroup or Lench IT Solutions, security researchers say. New research by human rights advocacy organization Citizen Lab shows how products made by two Western technology contractors facilitated nationwide surveillance in multiple developing countries under authoritarian rule. The findings piggyback on prior reporting by a Slovakian cybersecurity company, which also discovered similar “man-in-the-middle” cyberattacks at the internet service provider (ISP) level in September and December. People getting online through local ISPs in Egypt, Turkey and Syria were tricked into installing highly intrusive spyware that allows the attacker to gain full access of an infected device, including its microphone and camera. Whenever targeted users in Turkey attempted to access certain websites to install free software, they were instead covertly served up a nearly identical but boobytrapped […]
The post ISPs inside Turkey and Egypt spread FinFisher spyware in massive espionage campaign appeared first on Cyberscoop.
Continue reading ISPs inside Turkey and Egypt spread FinFisher spyware in massive espionage campaign
FBI Director Christopher Wray did something Wednesday few of his recent predecessors have done: He finally provided what the bureau believes is a model for how private U.S. technology companies can comply with law enforcement requests to access encrypted data. Wray, who spoke Wednesday at a FBI conference in Boston, claimed that it’s still possible to develop a workaround for law enforcement to collect evidence on encrypted systems that is “consistent with both the rule of law and strong cybersecurity.” In prepared remarks, the FBI director specifically named Palo Alto, Calif.-based Symphony, the creator of an encrypted messaging platform that’s popular in the banking industry, as an example for how other technology companies could one day work with the FBI. “Some of you may know about the chat and messaging platform called Symphony,” Wray said Wednesday. “This was used by a group of major banks, and marketed as offering something called ‘guaranteed […]
The post The FBI Director thinks this company found an answer to ‘Going Dark’ appeared first on Cyberscoop.
Continue reading The FBI Director thinks this company found an answer to ‘Going Dark’
Security Planner is a custom security advice tool from Citizen Lab. Answer a few questions, and it gives you a few simple things you can do to improve your security. It’s not meant to be comprehensive, but instead to give people things they can actually do to immediately improve their security. I don’t see it replacing any of the good… Continue reading Security Planner
Security researchers recently found a hacking group with suspected ties to the Chinese government engaged in what appears to be corporate espionage against multiple U.S. companies. The findings underscore an emerging, albeit opaque trend in which hackers linked to Beijing are conducting economic, cyber-enabled espionage, despite the Chinese Communist Party agreeing to stop such activity against the U.S. as part of a 2015 agreement between Chinese President Xi Jinping and U.S President Barack Obama. Experts say the 2015 truce resulted in a noticeable downturn in economic espionage. But there are signs the agreement may be deteriorating under the Trump administration. According to recent research by multinational services giant PwC, a hacking group known as “KeyBoy” has returned to the fold with a data theft campaign aimed primarily at Western organizations. The operation, PwC Threat Intelligence Analyst Bart Parys told CyberScoop, shows the continued technical development of a previously reported group that has apparently […]
The post Chinese hackers starting to return focus to U.S. corporations appeared first on Cyberscoop.
Continue reading Chinese hackers starting to return focus to U.S. corporations
Here’s a nice profile of Citizen Lab and its director, Ron Diebert. Citizen Lab is a jewel. There should be more of them…. Continue reading Profile of Citizen Lab and Ron Diebert
President Barack Obama’s public accusation of Russia as the source of the hacks in the US presidential election and the leaking of sensitive e-mails through WikiLeaks and other sources has opened up a debate on what constitutes sufficient evidence to attribute an attack in cyberspace. The answer is both complicated and inherently tied up in political considerations. The administration is… Continue reading Attributing the DNC Hacks to Russia
Citizen Lab has analyzed how censorship works in the Chinese chat app WeChat: Key Findings: Keyword filtering on WeChat is only enabled for users with accounts registered to mainland China phone numbers, and persists even if these users later link the account to an International number. Keyword censorship is no longer transparent. In the past, users received notification when their… Continue reading Analyzing WeChat
Interesting paper. John Scott-Railton on securing the high-risk user…. Continue reading "Security for the High-Risk User"