CCC analyses Munich's state trojan FinSpy
The technical #analysis of copies of the #FinSpy #malware substantiates the reasons for the criminal complaint against the Munich manufacturer of the #StateTrojan. The #CCC publishes its report as well as several variants of FinSpy and a complete documentation of the analysis.
#Security researchers of the Chaos Computer Club (CCC) have analyzed a total of 28 copies of the #spy-#software FinSpy for #Android from 2012 to 2019. The main focus of the investigation was the origin of the malware and the date of its production. The reason for the investigation is the criminal complaint of the Gesellschaft für Freiheitsrechte (GFF) and other organizations against the German group of companies #FinFisher because of the deliberate violation of licensing requirements for dual-use software according to § 18 para. 2 No. 1 and § 18 para. 5 No. 1 Foreign Trade Act (AWG).
The CCC today publishes its comprehensive report: Evolution of a private sector malware for governmental players
💡 The result of the analysis is that a copy of malware, which according to the GFF was used against the Turkish opposition movement in 2016, was clearly created after the EU export control regulations for surveillance software came into force.
💡 By comparing it with over twenty other copies from a seven-year period, the CCC shows continuity in the further development into which this copy fits. This is seen as a strong indication that it is a variant of the state Trojan "FinSpy". FinSpy is a product of the FinFisher group of companies, which has branches in Munich and elsewhere.
💡 In its report, the CCC also documents references to German-speaking developers that can be found in the source code.
"Our analysis shows that surveillance software originally from Germany was apparently used against democratic dissidents," said Linus Neumann, one of the authors of the analysis. "How this could have come about, the public prosecutor's office and the customs criminal office must now clarify."
https://github.com/linuzifer/FinSpy-Dokumentation
https://github.com/devio/FinSpy-Tools
👉🏼 Read more:
https://www.ccc.de/de/updates/2019/finspy
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
The technical #analysis of copies of the #FinSpy #malware substantiates the reasons for the criminal complaint against the Munich manufacturer of the #StateTrojan. The #CCC publishes its report as well as several variants of FinSpy and a complete documentation of the analysis.
#Security researchers of the Chaos Computer Club (CCC) have analyzed a total of 28 copies of the #spy-#software FinSpy for #Android from 2012 to 2019. The main focus of the investigation was the origin of the malware and the date of its production. The reason for the investigation is the criminal complaint of the Gesellschaft für Freiheitsrechte (GFF) and other organizations against the German group of companies #FinFisher because of the deliberate violation of licensing requirements for dual-use software according to § 18 para. 2 No. 1 and § 18 para. 5 No. 1 Foreign Trade Act (AWG).
The CCC today publishes its comprehensive report: Evolution of a private sector malware for governmental players
💡 The result of the analysis is that a copy of malware, which according to the GFF was used against the Turkish opposition movement in 2016, was clearly created after the EU export control regulations for surveillance software came into force.
💡 By comparing it with over twenty other copies from a seven-year period, the CCC shows continuity in the further development into which this copy fits. This is seen as a strong indication that it is a variant of the state Trojan "FinSpy". FinSpy is a product of the FinFisher group of companies, which has branches in Munich and elsewhere.
💡 In its report, the CCC also documents references to German-speaking developers that can be found in the source code.
"Our analysis shows that surveillance software originally from Germany was apparently used against democratic dissidents," said Linus Neumann, one of the authors of the analysis. "How this could have come about, the public prosecutor's office and the customs criminal office must now clarify."
https://github.com/linuzifer/FinSpy-Dokumentation
https://github.com/devio/FinSpy-Tools
👉🏼 Read more:
https://www.ccc.de/de/updates/2019/finspy
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Media is too big
VIEW IN TELEGRAM
No roborders, no nation, or: smile for a European surveillance propagation
How an agency implements Fortress Europe by degrading Non-Europeans to second-rate people
Robots, Satellites and biometrical traps - more than a Billion Euro will be spent in 2021 for what they call "Border Security." The European Border and Coastguard, formerly Frontex, dreams of a fully automomus border surveillance system.
⚠️ This Talk was translated into multiple languages. The files available for download contain all languages as separate audio-tracks. Most desktop video players allow you to choose between them. Please look for "audio tracks" in your desktop video player.
https://media.ccc.de/v/36c3-10994-no_roborders_no_nation_or_smile_for_a_european_surveillance_propagation
#video #CCC #36c3 #surveillance
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
How an agency implements Fortress Europe by degrading Non-Europeans to second-rate people
Robots, Satellites and biometrical traps - more than a Billion Euro will be spent in 2021 for what they call "Border Security." The European Border and Coastguard, formerly Frontex, dreams of a fully automomus border surveillance system.
⚠️ This Talk was translated into multiple languages. The files available for download contain all languages as separate audio-tracks. Most desktop video players allow you to choose between them. Please look for "audio tracks" in your desktop video player.
https://media.ccc.de/v/36c3-10994-no_roborders_no_nation_or_smile_for_a_european_surveillance_propagation
#video #CCC #36c3 #surveillance
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Media is too big
VIEW IN TELEGRAM
Cryptography demystified - An introduction without maths
This talk will explain the basic building blocks of cryptography in a manner that will (hopefully) be understandable by everyone. The talk will not require any understanding of maths or computer science.
In particular, the talk will explain encryption, what it is and what it does, what it is not and what it doesn't do, and what other tools cryptography can offer.
⚠️ This Talk was translated into multiple languages. The files available for download contain all languages as separate audio-tracks. Most desktop video players allow you to choose between them. Please look for "audio tracks" in your desktop video player.
https://media.ccc.de/v/36c3-10627-cryptography_demystified
#video #CCC #36c3 #cryptography
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
This talk will explain the basic building blocks of cryptography in a manner that will (hopefully) be understandable by everyone. The talk will not require any understanding of maths or computer science.
In particular, the talk will explain encryption, what it is and what it does, what it is not and what it doesn't do, and what other tools cryptography can offer.
⚠️ This Talk was translated into multiple languages. The files available for download contain all languages as separate audio-tracks. Most desktop video players allow you to choose between them. Please look for "audio tracks" in your desktop video player.
https://media.ccc.de/v/36c3-10627-cryptography_demystified
#video #CCC #36c3 #cryptography
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Media is too big
VIEW IN TELEGRAM
What the World can learn from Hongkong - From Unanimity to Anonymity
The people of Hong Kong have been using unique tactics, novel uses of technology, and a constantly adapting toolset in their fight to maintain their distinctiveness from China since early June. Numerous anonymous interviews with protesters from front liners to middle class supporters and left wing activists reveal a movement that has been unfairly simplified in international reporting.
⚠️ This Talk was translated into multiple languages. The files available for download contain all languages as separate audio-tracks. Most desktop video players allow you to choose between them. Please look for "audio tracks" in your desktop video player.
https://media.ccc.de/v/36c3-10933-what_the_world_can_learn_from_hongkong
#video #CCC #36c3 #Hongkong #Anonymity
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
The people of Hong Kong have been using unique tactics, novel uses of technology, and a constantly adapting toolset in their fight to maintain their distinctiveness from China since early June. Numerous anonymous interviews with protesters from front liners to middle class supporters and left wing activists reveal a movement that has been unfairly simplified in international reporting.
⚠️ This Talk was translated into multiple languages. The files available for download contain all languages as separate audio-tracks. Most desktop video players allow you to choose between them. Please look for "audio tracks" in your desktop video player.
https://media.ccc.de/v/36c3-10933-what_the_world_can_learn_from_hongkong
#video #CCC #36c3 #Hongkong #Anonymity
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Media is too big
VIEW IN TELEGRAM
The Eye on the Nile - Egypt's Civil Society Under Attack
What happens when we come across a surveillance operation targeting Egypt’s civil society? And what happens when the attackers expose all of their backend code by mistake? This is The Eye on the Nile.
Egyptian activists and journalists report and fight against human rights violations, only to face human rights violations themselves: they are often silenced, detained, tortured and imprisoned.
⚠️ This Talk was translated into multiple languages. The files available for download contain all languages as separate audio-tracks. Most desktop video players allow you to choose between them. Please look for "audio tracks" in your desktop video player.
#video #CCC #36c3 #surveillance #Egypt
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
What happens when we come across a surveillance operation targeting Egypt’s civil society? And what happens when the attackers expose all of their backend code by mistake? This is The Eye on the Nile.
Egyptian activists and journalists report and fight against human rights violations, only to face human rights violations themselves: they are often silenced, detained, tortured and imprisoned.
⚠️ This Talk was translated into multiple languages. The files available for download contain all languages as separate audio-tracks. Most desktop video players allow you to choose between them. Please look for "audio tracks" in your desktop video player.
#video #CCC #36c3 #surveillance #Egypt
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Media is too big
VIEW IN TELEGRAM
Technical aspects of the surveillance in and around the Ecuadorian embassy in London - Details about the man hunt for Julian Assange and Wikileaks
The talk explains and illustrates the procedural and technical details of the surveillance in and around the Ecuadorian embassy in London during the time Julian Assange stayed in there from June 2012 until April 2019.
⚠️ This Talk was translated into multiple languages. The files available for download contain all languages as separate audio-tracks. Most desktop video players allow you to choose between them. Please look for "audio tracks" in your desktop video player.
https://media.ccc.de/v/36c3-11247-technical_aspects_of_the_surveillance_in_and_around_the_ecuadorian_embassy_in_london
#video #CCC #36c3 #surveillance #Assange
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
The talk explains and illustrates the procedural and technical details of the surveillance in and around the Ecuadorian embassy in London during the time Julian Assange stayed in there from June 2012 until April 2019.
⚠️ This Talk was translated into multiple languages. The files available for download contain all languages as separate audio-tracks. Most desktop video players allow you to choose between them. Please look for "audio tracks" in your desktop video player.
https://media.ccc.de/v/36c3-11247-technical_aspects_of_the_surveillance_in_and_around_the_ecuadorian_embassy_in_london
#video #CCC #36c3 #surveillance #Assange
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Listening Back Browser Add-On Tranlates Cookies Into Sound
‘Listening Back’ is an add-on for the Chrome and Firefox browsers that sonifies internet cookies in real time as one browses online. Utilising digital waveform synthesis, ‘Listening Back’ provides an audible presence for hidden infrastructures that collect personal and identifying data by storing a file on one’s computer. By directing the listener’s attention to hidden processes of online data collection, Listening Back functions to expose real-time digital surveillance and consequently the ways in which our everyday relationships to being surveilled have become normalised.
Our access to the World Wide Web is mediated by screen devices and ‘Listening Back’ enables users to go beyond the event on the screen and experience some of the algorithmic surveillance processes that underlie our Web experience. This project therefore explores how sound can help us engage with complex phenomena beyond the visual interface of our smart devices by highlighting a disconnect between the graphical interface of the Web, and the socio-political implications of background mechanisms of data capture.
By sonifying a largely invisible tracking technology ‘Listening Back’ critiques a lack of transparency inherent to online monitoring technologies and the broader context of opt in / default cultures intrinsic to contemporary modes of online connectivity. By providing a sonic experiential platform for the real-time activity of Internet cookies this project engages listening as a mode of examination and asks what is the potential of sound as a tool for transparent questioning?
👉🏼 Chrome:
https://chrome.google.com/webstore/detail/listening-back/gdkmphlncmoloepkpifnhneogcliiiah
👉🏼 Firefox:
https://addons.mozilla.org/en-GB/firefox/addon/listening-back/
💡 Read more:
https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10855.html
#addon #chrome #firefox #CCC #36c3 #cookies #ListeningBack
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
‘Listening Back’ is an add-on for the Chrome and Firefox browsers that sonifies internet cookies in real time as one browses online. Utilising digital waveform synthesis, ‘Listening Back’ provides an audible presence for hidden infrastructures that collect personal and identifying data by storing a file on one’s computer. By directing the listener’s attention to hidden processes of online data collection, Listening Back functions to expose real-time digital surveillance and consequently the ways in which our everyday relationships to being surveilled have become normalised.
Our access to the World Wide Web is mediated by screen devices and ‘Listening Back’ enables users to go beyond the event on the screen and experience some of the algorithmic surveillance processes that underlie our Web experience. This project therefore explores how sound can help us engage with complex phenomena beyond the visual interface of our smart devices by highlighting a disconnect between the graphical interface of the Web, and the socio-political implications of background mechanisms of data capture.
By sonifying a largely invisible tracking technology ‘Listening Back’ critiques a lack of transparency inherent to online monitoring technologies and the broader context of opt in / default cultures intrinsic to contemporary modes of online connectivity. By providing a sonic experiential platform for the real-time activity of Internet cookies this project engages listening as a mode of examination and asks what is the potential of sound as a tool for transparent questioning?
👉🏼 Chrome:
https://chrome.google.com/webstore/detail/listening-back/gdkmphlncmoloepkpifnhneogcliiiah
👉🏼 Firefox:
https://addons.mozilla.org/en-GB/firefox/addon/listening-back/
💡 Read more:
https://fahrplan.events.ccc.de/congress/2019/Fahrplan/events/10855.html
#addon #chrome #firefox #CCC #36c3 #cookies #ListeningBack
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Media is too big
VIEW IN TELEGRAM
Listening Back Browser Add-On Tranlates Cookies Into Sound
https://mirror.netcologne.de/CCC/congress/2019/h264-hd/36c3-10855-eng-Listening_Back_Browser_Add-On_Tranlates_Cookies_Into_Sound.mp4
👉🏼 Read more:
https://news.1rj.ru/str/BlackBox_Archiv/779
#addon #chrome #firefox #CCC #36c3 #cookies #ListeningBack #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
https://mirror.netcologne.de/CCC/congress/2019/h264-hd/36c3-10855-eng-Listening_Back_Browser_Add-On_Tranlates_Cookies_Into_Sound.mp4
👉🏼 Read more:
https://news.1rj.ru/str/BlackBox_Archiv/779
#addon #chrome #firefox #CCC #36c3 #cookies #ListeningBack #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
This media is not supported in your browser
VIEW IN TELEGRAM
Vincent Canfield - 36C3 Staff Brutally Assaulted Me for Political Reasons
On Saturday night (Sunday morning) at around 4:30AM my friend and I were the victim of a brutal assault that was started, escalated, and carried out by the most senior members of the Orga group of the Chaos Communication Congress. If it were not for the evidence we collected, you would think I was crazy. But these abuses are very real.
https://vc.gg/blog/36c3-staff-assaulted-me-for-political-reasons.html
https://twitter.com/gexcolo/status/1211268694741061632?s=19
#CCC #36c3 #Canfield #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
On Saturday night (Sunday morning) at around 4:30AM my friend and I were the victim of a brutal assault that was started, escalated, and carried out by the most senior members of the Orga group of the Chaos Communication Congress. If it were not for the evidence we collected, you would think I was crazy. But these abuses are very real.
https://vc.gg/blog/36c3-staff-assaulted-me-for-political-reasons.html
https://twitter.com/gexcolo/status/1211268694741061632?s=19
#CCC #36c3 #Canfield #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Media is too big
VIEW IN TELEGRAM
The KGB Hack: 30 Years Later
The 36C3 seems an excellent opportunity to take a look back at the instance of hacking which, even more so than previous events like the BTX and NASA Hacks, brought the CCC into the focus of the (West-)German public – and, additionally, the Federal Office for the Protection of the Constitution (Verfassungsschutz) and the Federal Intelligence Service (Bundesnachrichtendienst).
⚠️ This Talk was translated into multiple languages. The files available for download contain all languages as separate audio-tracks. Most desktop video players allow you to choose between them. Please look for "audio tracks" in your desktop video player.
https://media.ccc.de/v/36c3-11031-the_kgb_hack_30_years_later
#video #CCC #36c3 #KGB #hacking
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
The 36C3 seems an excellent opportunity to take a look back at the instance of hacking which, even more so than previous events like the BTX and NASA Hacks, brought the CCC into the focus of the (West-)German public – and, additionally, the Federal Office for the Protection of the Constitution (Verfassungsschutz) and the Federal Intelligence Service (Bundesnachrichtendienst).
⚠️ This Talk was translated into multiple languages. The files available for download contain all languages as separate audio-tracks. Most desktop video players allow you to choose between them. Please look for "audio tracks" in your desktop video player.
https://media.ccc.de/v/36c3-11031-the_kgb_hack_30_years_later
#video #CCC #36c3 #KGB #hacking
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Septor 2020
Septor Linux is a operating system that provides users with a perfect computing environment for surfing the Internet anonymously. Septor providing users with a stable and reliable distribution that is based on Debian GNU/Linux and works on a wide range of computers. Distribution featuring a customised KDE Plasma deskop and Tor technologies.
Linux Kernel 5.3 Plasma 5.14.5
Software Management: Synaptic, GDebi
Internet: Tor Browser, Thunderbird, Ricochet IM, HexChat, QuiteRSS, OnionShare
Utilities: Gufw, Konsole, Ark, Image Writer, Bootiso, Sweeper, KGpg, Kleopatra, MAT, KWallet, VeraCrypt
Graphics / Multimedia: GIMP, Gwenview. VLC, K3b, Guvcview
Office: LibreOffice, Kontact, КOrganizer, Okular, Kwrite, Kate, Eqonomize
https://septor.sourceforge.io/
#Septor #Linux #Debian
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Septor Linux is a operating system that provides users with a perfect computing environment for surfing the Internet anonymously. Septor providing users with a stable and reliable distribution that is based on Debian GNU/Linux and works on a wide range of computers. Distribution featuring a customised KDE Plasma deskop and Tor technologies.
Linux Kernel 5.3 Plasma 5.14.5
Software Management: Synaptic, GDebi
Internet: Tor Browser, Thunderbird, Ricochet IM, HexChat, QuiteRSS, OnionShare
Utilities: Gufw, Konsole, Ark, Image Writer, Bootiso, Sweeper, KGpg, Kleopatra, MAT, KWallet, VeraCrypt
Graphics / Multimedia: GIMP, Gwenview. VLC, K3b, Guvcview
Office: LibreOffice, Kontact, КOrganizer, Okular, Kwrite, Kate, Eqonomize
https://septor.sourceforge.io/
#Septor #Linux #Debian
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Obscurix: Linux Live System for privacy, security and anonymity
#Obscurix is a new open source #Live operating system based on #Arch #Linux. Obscurix attaches great importance to your #privacy, #security and #anonymity on the net. The live operating system routes all your traffic quite securely through the #Tor# network and also supports many other networks like #I2P and #Freenet.
Privacy, Security and Anonymity
To get it straight up front: Obscurix does not want to be a Linux operating system for pentesters. Even if you mainly want to play games on your computer, you better find something else. Obscurix is simply a secure and easy to use live operating system. In addition, the developers have done a lot to make it resistant against various forms of tracking and #surveillance. As a user you don't have to configure much, which makes it easy to get started.
One of the big differences between this and other Linux operating systems is the special focus on privacy, security and anonymity. Therefore Obscurix is not an operating system that you should install on your hard disk. As a pure live operating system it runs only in the memory of your computer. During shutdown the #OS automatically deletes all digital "traces" that third parties could otherwise evaluate later.
Continue on:
https://tarnkappe.info/obscurix-linux-live-system-fuer-privatsphaere-sicherheit-und-anonymitaet/
👉🏼 Obscurix:
https://obscurix.github.io/
👉🏼 ObscurixOS TG support group:
https://news.1rj.ru/str/Obscurix_OS
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
#Obscurix is a new open source #Live operating system based on #Arch #Linux. Obscurix attaches great importance to your #privacy, #security and #anonymity on the net. The live operating system routes all your traffic quite securely through the #Tor# network and also supports many other networks like #I2P and #Freenet.
Privacy, Security and Anonymity
To get it straight up front: Obscurix does not want to be a Linux operating system for pentesters. Even if you mainly want to play games on your computer, you better find something else. Obscurix is simply a secure and easy to use live operating system. In addition, the developers have done a lot to make it resistant against various forms of tracking and #surveillance. As a user you don't have to configure much, which makes it easy to get started.
One of the big differences between this and other Linux operating systems is the special focus on privacy, security and anonymity. Therefore Obscurix is not an operating system that you should install on your hard disk. As a pure live operating system it runs only in the memory of your computer. During shutdown the #OS automatically deletes all digital "traces" that third parties could otherwise evaluate later.
Continue on:
https://tarnkappe.info/obscurix-linux-live-system-fuer-privatsphaere-sicherheit-und-anonymitaet/
👉🏼 Obscurix:
https://obscurix.github.io/
👉🏼 ObscurixOS TG support group:
https://news.1rj.ru/str/Obscurix_OS
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Fresh Cambridge Analytica leak ‘shows global manipulation is out of control’
Company’s work in 68 countries laid bare with release of more than 100,000 documents
An explosive #leak of tens of thousands of documents from the defunct data firm #CambridgeAnalytica is set to expose the inner workings of the company that collapsed after the Observer revealed it had misappropriated 87 million #Facebook profiles.
More than 100,000 documents relating to work in 68 countries that will lay bare the global infrastructure of an operation used to manipulate voters on “an industrial scale” is set to be released over the next months.
It comes as Christopher Steele, the ex-head of MI6’s Russia desk and the intelligence expert behind the so-called “Steele dossier” into Trump’s relationship with Russia, said that while the company had closed down, the failure to properly punish bad actors meant that the prospects for manipulation of the US election this year were even worse.
The release of documents began on New Year’s Day on an anonymous Twitter account, @HindsightFiles, with links to material on elections in Malaysia, Kenya and Brazil. The documents were revealed to have come from Brittany Kaiser, an ex-Cambridge Analytica employee turned whistleblower, and to be the same ones subpoeaned by Robert Mueller’s investigation into Russian interference in the 2016 presidential election.
Kaiser, who starred in the Oscar-shortlisted Netflix documentary The Great Hack, decided to go public after last month’s election in Britain. “It’s so abundantly clear our electoral systems are wide open to abuse,” she said. “I’m very fearful about what is going to happen in the US election later this year, and I think one of the few ways of protecting ourselves is to get as much information out there as possible.”
Read more:
https://www.theguardian.com/uk-news/2020/jan/04/cambridge-analytica-data-leak-global-election-manipulation
#DeleteFacebook
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Company’s work in 68 countries laid bare with release of more than 100,000 documents
An explosive #leak of tens of thousands of documents from the defunct data firm #CambridgeAnalytica is set to expose the inner workings of the company that collapsed after the Observer revealed it had misappropriated 87 million #Facebook profiles.
More than 100,000 documents relating to work in 68 countries that will lay bare the global infrastructure of an operation used to manipulate voters on “an industrial scale” is set to be released over the next months.
It comes as Christopher Steele, the ex-head of MI6’s Russia desk and the intelligence expert behind the so-called “Steele dossier” into Trump’s relationship with Russia, said that while the company had closed down, the failure to properly punish bad actors meant that the prospects for manipulation of the US election this year were even worse.
The release of documents began on New Year’s Day on an anonymous Twitter account, @HindsightFiles, with links to material on elections in Malaysia, Kenya and Brazil. The documents were revealed to have come from Brittany Kaiser, an ex-Cambridge Analytica employee turned whistleblower, and to be the same ones subpoeaned by Robert Mueller’s investigation into Russian interference in the 2016 presidential election.
Kaiser, who starred in the Oscar-shortlisted Netflix documentary The Great Hack, decided to go public after last month’s election in Britain. “It’s so abundantly clear our electoral systems are wide open to abuse,” she said. “I’m very fearful about what is going to happen in the US election later this year, and I think one of the few ways of protecting ourselves is to get as much information out there as possible.”
Read more:
https://www.theguardian.com/uk-news/2020/jan/04/cambridge-analytica-data-leak-global-election-manipulation
#DeleteFacebook
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
🔥1
Serious cyber-attack on Austria's foreign ministry
Austria's foreign ministry has been targeted by a cyber-attack that is suspected to have been conducted by another country.
The ministry said the seriousness of the attack suggested it might have been carried out by a "state actor".
The hack started on Saturday night and experts warn it could continue for several days.
The breach occurred on the same day Austria's Green party backed forming a coalition with conservatives .
It was recognised very quickly and countermeasures taken immediately, the foreign ministry said in a statement.
"Despite all intensive security measures, there is never 100% protection against cyber-attacks," the ministry said.
https://www.bbc.com/news/world-europe-50997773
https://www.rte.ie/news/world/2020/0105/1104411-austria-cyber-attack/
#austria #cyberattack #stateactor #hacker #breach
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Austria's foreign ministry has been targeted by a cyber-attack that is suspected to have been conducted by another country.
The ministry said the seriousness of the attack suggested it might have been carried out by a "state actor".
The hack started on Saturday night and experts warn it could continue for several days.
The breach occurred on the same day Austria's Green party backed forming a coalition with conservatives .
It was recognised very quickly and countermeasures taken immediately, the foreign ministry said in a statement.
"Despite all intensive security measures, there is never 100% protection against cyber-attacks," the ministry said.
https://www.bbc.com/news/world-europe-50997773
https://www.rte.ie/news/world/2020/0105/1104411-austria-cyber-attack/
#austria #cyberattack #stateactor #hacker #breach
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Interview: Vincent Canfield from cock.li comments on his expulsion from the 36C3
In our conversation Vincent Canfield tells us how the violent expulsion from 36C3 happened from his point of view. Vincent is not exactly an undisputed personality, to put it objectively. He tells us how he came up with the idea of founding his e-mail service cock.li. We also learn about Vincent’s political view of the world or how seriously he thinks cock.li should be taken. Of course we also talk to him about the „unpleasant“ moments he unfortunately had to experience at this year’s Chaos Communication Congress (36C3) in Leipzig. The man from the National.Shitposting.Agency (NSA?)had to face some questions in our interview.
Vincent Canfield: a topic about which people elsewhere prefer to remain silent?
No year should end without the annual Chaos Communication Congress (36C3). Also this year, one headline quickly followed the next. As has been the case for many years, the media have taken up the topics of the Chaos Communication Congress. Whether it’s about hacking in general, data protection or autonomous driving, 5G networks or the final proof that Deutsche Bahn is indeed unpunctual. As every year, everything was reported in detail. Apparently, (almost) nobody wanted to report on just one topic until today: Vincent Canfield, the head of cock.li, has obviously been thrown out of this year’s 36C3 congress in a rather unpleasant way.
👉🏼 The interview in english:
https://tarnkappe.info/vincent-canfield-from-cock-li-comments-on-his-expulsion-from-the-36c3/
👉🏼 The interview in german:
https://tarnkappe.info/interview-vincent-canfields-meinung-zu-cock-li-und-ueber-den-ccc/
https://twitter.com/gexcolo/status/1214261610338037761
#Vincent #cockli #CCC #interview
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
In our conversation Vincent Canfield tells us how the violent expulsion from 36C3 happened from his point of view. Vincent is not exactly an undisputed personality, to put it objectively. He tells us how he came up with the idea of founding his e-mail service cock.li. We also learn about Vincent’s political view of the world or how seriously he thinks cock.li should be taken. Of course we also talk to him about the „unpleasant“ moments he unfortunately had to experience at this year’s Chaos Communication Congress (36C3) in Leipzig. The man from the National.Shitposting.Agency (NSA?)had to face some questions in our interview.
Vincent Canfield: a topic about which people elsewhere prefer to remain silent?
No year should end without the annual Chaos Communication Congress (36C3). Also this year, one headline quickly followed the next. As has been the case for many years, the media have taken up the topics of the Chaos Communication Congress. Whether it’s about hacking in general, data protection or autonomous driving, 5G networks or the final proof that Deutsche Bahn is indeed unpunctual. As every year, everything was reported in detail. Apparently, (almost) nobody wanted to report on just one topic until today: Vincent Canfield, the head of cock.li, has obviously been thrown out of this year’s 36C3 congress in a rather unpleasant way.
👉🏼 The interview in english:
https://tarnkappe.info/vincent-canfield-from-cock-li-comments-on-his-expulsion-from-the-36c3/
👉🏼 The interview in german:
https://tarnkappe.info/interview-vincent-canfields-meinung-zu-cock-li-und-ueber-den-ccc/
https://twitter.com/gexcolo/status/1214261610338037761
#Vincent #cockli #CCC #interview
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
The Hidden Cost of Ransomware: Wholesale Password Theft
#Organizations in the throes of cleaning up after a #ransomware outbreak typically will change passwords for all user accounts that have access to any email systems, servers and desktop workstations within their network. But all too often, ransomware victims fail to grasp that the crooks behind these attacks can and frequently do siphon every single password stored on each infected endpoint. The result of this oversight may offer attackers a way back into the affected organization, access to financial and healthcare accounts, or — worse yet — key tools for attacking the victim’s various business partners and clients.
In mid-November 2019, Wisconsin-based Virtual Care Provider Inc. (#VCPI) was hit by the #Ryuk ransomware strain. VCPI manages the #IT #systems for some 110 clients that serve approximately 2,400 nursing homes in 45 U.S. states. VCPI declined to pay the multi-million dollar ransom demanded by their extortionists, and the attack cut off many of those elder care facilities from their patient records, email and telephone service for days or weeks while VCPI rebuilt its network.
👉🏼 Read more:
https://krebsonsecurity.com/2020/01/the-hidden-cost-of-ransomware-wholesale-password-theft/
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
#Organizations in the throes of cleaning up after a #ransomware outbreak typically will change passwords for all user accounts that have access to any email systems, servers and desktop workstations within their network. But all too often, ransomware victims fail to grasp that the crooks behind these attacks can and frequently do siphon every single password stored on each infected endpoint. The result of this oversight may offer attackers a way back into the affected organization, access to financial and healthcare accounts, or — worse yet — key tools for attacking the victim’s various business partners and clients.
In mid-November 2019, Wisconsin-based Virtual Care Provider Inc. (#VCPI) was hit by the #Ryuk ransomware strain. VCPI manages the #IT #systems for some 110 clients that serve approximately 2,400 nursing homes in 45 U.S. states. VCPI declined to pay the multi-million dollar ransom demanded by their extortionists, and the attack cut off many of those elder care facilities from their patient records, email and telephone service for days or weeks while VCPI rebuilt its network.
👉🏼 Read more:
https://krebsonsecurity.com/2020/01/the-hidden-cost-of-ransomware-wholesale-password-theft/
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Project Zero - Google will publish security vulnerabilities later
Google's #cybersecurity team from #ProjectZero has announced that it will change its #disclosure #policy for handling discovered #vulnerabilities. This mainly concerns the time of publication.
https://googleprojectzero.blogspot.com/2020/01/policy-and-disclosure-2020-edition.html
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Google's #cybersecurity team from #ProjectZero has announced that it will change its #disclosure #policy for handling discovered #vulnerabilities. This mainly concerns the time of publication.
https://googleprojectzero.blogspot.com/2020/01/policy-and-disclosure-2020-edition.html
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Media is too big
VIEW IN TELEGRAM
Cyber war: 9 things to do now before a cyberattack hits
📺 How social media is escalating tensions with Iran
http://video.foxnews.com/v/6120650076001
👉🏼 Read as well:
9 things to do now before a cyberattack hits
https://www.foxnews.com/tech/9-things-to-do-now-before-a-cyberattack-hits
👉🏼 Read as well (🇩🇪):
https://tarnkappe.info/cyber-krieg-wie-iranische-hacker-gegen-die-usa-vorgehen/
#video #cyberwar #iran #usa #why #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
📺 How social media is escalating tensions with Iran
http://video.foxnews.com/v/6120650076001
👉🏼 Read as well:
9 things to do now before a cyberattack hits
https://www.foxnews.com/tech/9-things-to-do-now-before-a-cyberattack-hits
👉🏼 Read as well (🇩🇪):
https://tarnkappe.info/cyber-krieg-wie-iranische-hacker-gegen-die-usa-vorgehen/
#video #cyberwar #iran #usa #why #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
Forwarded from NoGoolag
Media is too big
VIEW IN TELEGRAM
buchanan_webreadypdf.pdf
1.9 MB
Nobody but us - The rIse and fall of the golden age of signals intelligence
The United States’ National Cryptologic Museum in Fort Meade, Maryland, displays versions of two important encryption machines. The first is the Enigma machine, the most famous cryptographic apparatus ever built. The second machine, less well known, is called SIGABA. These devices are similar in certain important respects. Each employs an electromechanical rotor-based design. Each was used during World War II; the Nazis deployed Enigma while US forces relied on SIGABA. It is no exaggeration to say that, during the conflict, these machines protected—or tried to protect—some of the most important messages in the world.
👉🏼 #PDF:
https://www.hoover.org/sites/default/files/research/docs/buchanan_webreadypdf.pdf
💡 More info on #NOBUS:
https://en.wikipedia.org/wiki/NOBUS
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
The United States’ National Cryptologic Museum in Fort Meade, Maryland, displays versions of two important encryption machines. The first is the Enigma machine, the most famous cryptographic apparatus ever built. The second machine, less well known, is called SIGABA. These devices are similar in certain important respects. Each employs an electromechanical rotor-based design. Each was used during World War II; the Nazis deployed Enigma while US forces relied on SIGABA. It is no exaggeration to say that, during the conflict, these machines protected—or tried to protect—some of the most important messages in the world.
👉🏼 #PDF:
https://www.hoover.org/sites/default/files/research/docs/buchanan_webreadypdf.pdf
💡 More info on #NOBUS:
https://en.wikipedia.org/wiki/NOBUS
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
microG: Android (almost) without Google – our interview with the developer
The use of microG means that on smartphones, you can enjoy the comfort of Android without being spied on from front to back. It’s a sort of „castrated“ Android, where hardly any data are transferred to the Google servers. How does Google manage to enforce control over the mobile operating system Android with all its might? What does it take to stand up against Google? That and much more, we will find out in our interview with the inventor of microG, Marvin Wißfeld.
👉🏼 👉🏼 Read more:
https://tarnkappe.info/microg-android-almost-without-google-our-interview-with-the-developer/
#interview #microG #android #google #DeleteGoogle #Marvin
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN
The use of microG means that on smartphones, you can enjoy the comfort of Android without being spied on from front to back. It’s a sort of „castrated“ Android, where hardly any data are transferred to the Google servers. How does Google manage to enforce control over the mobile operating system Android with all its might? What does it take to stand up against Google? That and much more, we will find out in our interview with the inventor of microG, Marvin Wißfeld.
👉🏼 👉🏼 Read more:
https://tarnkappe.info/microg-android-almost-without-google-our-interview-with-the-developer/
#interview #microG #android #google #DeleteGoogle #Marvin
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@FLOSSb0xIN