Collaborate Disseminate
Christa: Stalking and domestic violence affect huge proportions of people. The Centers for Disease Control and Prevention estimate that about 7.5 million people are stalked in the United States each year, with about 61% of female victims and 44… Continue reading The EFF’s Eva Galperin on Using DFIR Skills To Help Victims of Stalkerware and Abuse
The Federal Trade Commission is seeking its first ban of a “stalkerware” company, signaling an intent to crack down on surveillance technologies that expose individuals’ real-time activities to snoops, hackers and dangerous people. A complaint released by the agency Wednesday alleges that SpyFone, an app that markets itself as a tool to monitor loved ones’ internet activity, and its CEO Scott Zuckerman sold real-time access to illegally harvested phone data including location and email, enabling surveillance by stalkers and domestic abusers. The FTC also accused SpyFone of failing to enact basic security measures to safeguard the data it collects, leading to a 2018 data breach that exposed the personal data of roughly 2,200 customers. The FTC alleges that the company failed to follow through on promises to customers that it would upgrade its security after the incident. In addition to a ban on any future sales or marketing of surveillance […]
The post FTC proposes first stalkerware ban, promises to toughen stance on abusive apps appeared first on CyberScoop.
Continue reading FTC proposes first stalkerware ban, promises to toughen stance on abusive apps
Cryptography, privacy, stalkerware and how infosec professionals relax. Listen, enjoy and learn! Continue reading S3 Ep 39.5: A conversation with Eva Galperin [Podcast]
A New York City man admitted to accessing more than 300 Snapchat accounts to steal victims’ nude pictures as part of a cyberstalking case that ensnared at least 14 people. David Mondore, 29, pleaded guilty Wednesday to hacking-related charges for orchestrating a scheme in which he would solicit explicit photos from college students by impersonating their friends. The fraud, in which Mondore would dupe Snapchat users into providing their passwords, represents only the latest example of ways that scammers exploit otherwise innocuous social media relationships to harass, abuse and torment unwitting users. “This case should serve as a cautionary reminder that many individuals lurking on social media use those platforms to engage in decidedly anti-social behavior,” U.S. Attorney James Kennedy said in a statement. Unlike advanced cyber-espionage activity or digital extortion, cyberstalking is typically aimed at individual victims who have few obvious solutions. While instances of the problem are difficult […]
The post Snapchat stalker pleads guilty to using stolen passwords to torment college students appeared first on CyberScoop.
SolarWinds attacks, MS Exchange vulnerabilities, fake adblocker distributing miner, malware for Apple Silicon platform and other threats in Q1 2021. Continue reading IT threat evolution Q1 2021
Stalkerware applications, which domestic abusers rely on to monitor their romantic partners’ devices without their consent, often fail to secure the personal information collected during their use, according to ESET research published Monday. Stalkerware, which is frequently advertised as benign parental controls or employee monitoring software, can surveil targets’ geolocation, texts, phone calls, cameras and more, all without obtaining targets’ consent. ESET examined 86 stalkerware applications, only to identify 158 serious security and privacy issues, according to findings presented at the virtual RSA Conference this week. The most common security issue affecting the applications was the insecure transmission of stalkers’ and targets’ personally identifiable information from devices to app servers. This vulnerability could allow outsiders to intercept text messages, call logs, contact lists, keystrokes, browsing histories, recorded phone calls, pictures and screenshots, according to ESET. Other issues included applications storing sensitive information on external media, and exposing data like Facebook […]
The post Stalkers using surveillance software on partners are exposing their own data, research finds appeared first on CyberScoop.
The 2020 data shows that the stalkerware situation has not improved much: the number of affected people is still high. A total of 53,870 unique users were affected globally by stalkerware in 2020. Continue reading The state of stalkerware in 2020
A pro-India hacking group has been using two kinds of invasive Android surveillance software to spy on hundreds of victims’ cell phones for years, according to Lookout research published Thurssday. The malware, which the researchers have dubbed SunBird and Hornbill, are capable of exfiltrating several kinds of sensitive data, including text messages, call logs, contacts, the contents of encrypted messaging applications and target geolocation. The spyware also allows hackers to take pictures with the targets’ cameras or take screenshots of their devices, according to the research. It’s the kind of information that could reveal targets’ most sensitive and secretive day-to-day lives. In order to assess the scope of the operation and its victims, Lookout researchers examined 18GB of data that were incidentally exposed as a result of the hackers insecurely configuring command and control servers. Overall, the attackers targeted 156 victims with phone numbers from India, Pakistan and Kazakhstan over […]
The post Pro-India hacking group expands mobile malware arsenal appeared first on CyberScoop.
Continue reading Pro-India hacking group expands mobile malware arsenal
A bipartisan group of senators introduced legislation on Friday aimed at helping domestic violence and stalking victims safely extricate themselves from shared phone plans that could enable their partners to spy on them. The bill, called the Safe Connections Act, would set up protections for victims of domestic violence by allowing them to leave shared phone plans without being required to pay any penalties or meet burdensome requirements. The bill, if passed, would also require the Federal Communications Commission (FCC) to work on connecting domestic violence victims with federal government resources to help survivors establish alternative methods of communications inaccessible to abusers’ prying eyes. Domestic violence and digital rights advocates have long been calling for Congress to step in and craft legislation that would help survivors safely leave phone plans that could enable an abuser to continue to control and monitor their every move, such as family phone plans. For […]
The post Bipartisan bill would help domestic abuse survivors bypass mobile surveillance appeared first on CyberScoop.
Continue reading Bipartisan bill would help domestic abuse survivors bypass mobile surveillance
In Q3 2020, Kaspersky mobile protective solutions blocked 16,440,264 attacks on mobile devices, an increase of 2.2 million on Q2 2020. Continue reading IT threat evolution Q3 2020 Mobile statistics