surveillance – Page 21 – WindowsTechs.com

China’s Olympics App Is Horribly Insecure

Posted on January 21, 2022 by Bruce Schneier

China is mandating that athletes download and use a health and travel app when they attend the Winter Olympics next month. Citizen Lab examined the app and found it riddled with security holes.

Key Findings:

MY2022, an app mandated for use by all attendees of the 2022 Olympic Games in Beijing, has a simple but devastating flaw where encryption protecting users’ voice audio and file transfers can be trivially sidestepped. Health customs forms which transmit passport details, demographic information, and medical and travel history are also vulnerable. Server responses can also be spoofed, allowing an attacker to display fake instructions to users.
…

Continue reading China’s Olympics App Is Horribly Insecure→

San Francisco Police Illegally Spying on Protesters

Posted on January 20, 2022 by Bruce Schneier

Last summer, the San Francisco police illegally used surveillance cameras at the George Floyd protests. The EFF is suing the police:

This surveillance invaded the privacy of protesters, targeted people of color, and chills and deters participation and organizing for future protests. The SFPD also violated San Francisco’s new Surveillance Technology Ordinance. It prohibits city agencies like the SFPD from acquiring, borrowing, or using surveillance technology, without prior approval from the city’s Board of Supervisors, following an open process that includes public participation. Here, the SFPD went through no such process before spying on protesters with this network of surveillance cameras…

Continue reading San Francisco Police Illegally Spying on Protesters→

Trends that will shape the security industry in 2022

Posted on January 19, 2022 by Helga Labus

Entering 2022, the world continues to endure the pandemic. But the security industry has, no doubt, continued to shift, adapt, and develop in spite of things. Several trends have even accelerated. Beyond traditional “physical security,” a h… Continue reading Trends that will shape the security industry in 2022→

Belarus: Cyber upstart, or Russian staging ground?

Posted on January 13, 2022 by Tim Starks

As the prospect of further Russian aggression in Ukraine looms, the Biden administration is concerned about Russian cyber operations against the U.S. and its allies. Yet as the White House engages with Moscow and builds out plans around these risks, it must watch an overlooked development in Russia’s near-abroad: growing cyber integration between Belarus and the Kremlin. In November 2021, Mandiant published a report assessing with “high confidence” that the UNC1151 cyber group, which assisted the longstanding “Ghostwriter” campaign — stealing government credentials and spreading disinformation in Europe — is linked to the Belarusian government. It also assessed with “moderate confidence” that Belarus “is also likely at least partially responsible for the Ghostwriter campaign.” Significantly, the report’s authors added: “We cannot rule out Russian contributions to either UNC1151 or Ghostwriter.” The report raises the prospect that Belarus is engaged in cyber-enabled influence operations abroad, and the authors explicitly say that Moscow’s […]

The post Belarus: Cyber upstart, or Russian staging ground? appeared first on CyberScoop.

Continue reading Belarus: Cyber upstart, or Russian staging ground?→

Using Foreign Nationals to Bypass US Surveillance Restrictions

Posted on January 13, 2022 by Bruce Schneier

Remember when the US and Australian police surreptitiously owned and operated the encrypted cell phone app ANOM? They arrested 800 people in 2021 based on that operation.

New documents received by Motherboard show that over 100 of those phones were shipped to users in the US, far more than previously believed.

What’s most interesting to me about this new information is how the US used the Australians to get around domestic spying laws:

For legal reasons, the FBI did not monitor outgoing messages from Anom devices determined to be inside the U.S. Instead, the Australian Federal Police (AFP) monitored them on behalf of the FBI, according to previously published court records. …

Continue reading Using Foreign Nationals to Bypass US Surveillance Restrictions→

Video surveillance systems market to grow steadily by 2026

Posted on January 11, 2022 by Help Net Security

The video surveillance systems market is expected to grow at a CAGR of 10.06% over the forecast period 2021 to 2026, according to ResearchAndMarkets. Commercial segment is to dominate the video surveillance systems market The infrastructure segment inc… Continue reading Video surveillance systems market to grow steadily by 2026→

Apple AirTags Are Being Used to Track People and Cars

Posted on December 31, 2021 by Bruce Schneier

This development suprises no one who has been paying attention:

Researchers now believe AirTags, which are equipped with Bluetooth technology, could be revealing a more widespread problem of tech-enabled tracking. They emit a digital signal that can be detected by devices running Apple’s mobile operating system. Those devices then report where an AirTag has last been seen. Unlike similar tracking products from competitors such as Tile, Apple added features to prevent abuse, including notifications like the one Ms. Estrada received and automatic beeping. (Tile plans to release …

Continue reading Apple AirTags Are Being Used to Track People and Cars→

Meta takes down 7 hacking-for-hire operations that targeted 50,000 users

Posted on December 16, 2021 by Tonya Riley

Meta removed seven “surveillance-for-hire” organizations that used Facebook to target at least 50,000 individuals across 100 countries for surveillance operations, some of which included the deployment of spyware, the company announced in a report Thursday. The operation marked a major step in efforts by the social media company against a sprawling surveillance industry that Facebook security experts warn is becoming more “democratized” and easily accessible to spy on not just high-profile targets, but ordinary users. The company removed hundreds of accounts belonging to firms known as Israeli Cobwebs Technologies, Cognyte, Black Cube, Bluehawk CI, India-based BellTroX, Macedonia-based Cytrox, and an unknown entity in China. Of the seven firms, only Cobwebs and Cognyte did not engage in what it called “exploitation” phase activities, or actually delivering malware to hack victims. Facebook sent cease and desist letters to the six named companies. Facebook has clashed with the growing spyware market for years. […]

The post Meta takes down 7 hacking-for-hire operations that targeted 50,000 users appeared first on CyberScoop.

Continue reading Meta takes down 7 hacking-for-hire operations that targeted 50,000 users→

iPhones of 9 State Dept officials hijacked by NSO Pegasus spyware

Posted on December 6, 2021 by Deeba Ahmed

By Deeba Ahmed
It has been revealed that NSO Group’s Pegasus malware was used to spy on U.S. government officials over the past few months.
This is a post from HackRead.com Read the original post: iPhones of 9 State Dept officials hijacked by NSO Pegas… Continue reading iPhones of 9 State Dept officials hijacked by NSO Pegasus spyware→

Clearview AI face-matching service set to be fined over $20m

Posted on November 30, 2021 by Paul Ducklin

Scraping data for a facial recognition service? “That’s unlawful”, concluded both the British and the Australians. Continue reading Clearview AI face-matching service set to be fined over $20m→