2012, Risk and Surveillance - Cyber Security Informer

Faulty DoD Cybersecurity Leaves U.S. At Risk of Missile Attacks

Adam Levin

DECEMBER 18, 2018

exposed to greater risks unless actions are taken to improve security and reduce the. weapons systems developed between 2012 and 2017 are vulnerable to cyberattacks, despite regular warnings from government watchdogs. . At Risk of Missile Attacks appeared first on Adam Levin. The post Faulty DoD Cybersecurity Leaves U.S.

Risk

Risk Cybersecurity Surveillance Government

Identifying People Using Cell Phone Location Data

Schneier on Security

JANUARY 9, 2023

But way back in 2012, the Canadian CSEC—that’s their NSA—did some top-secret work on this kind of thing. He is based in a rural area, so he can’t risk making his ransom calls from that area. There’s a whole lot of surveillance you can do if you can follow everyone, everywhere, all the time.

Surveillance

Surveillance Internet Internet Risk

On Chinese "Spy Trains"

Schneier on Security

SEPTEMBER 26, 2019

There is definitely a national security risk in buying computer infrastructure from a country you don't trust. The reason these threats are so real is that it's not difficult to hide surveillance or control infrastructure in computer components, and if they're not turned on, they're very difficult to find. This is a complicated topic.

Surveillance

Surveillance Wireless Government Internet

US pharmacy Rite Aid banned from operating facial recognition systems

Malwarebytes

DECEMBER 21, 2023

The regulator found so many flaws in the retailer’s surveillance program that it concluded Rite Aid had failed to implement reasonable procedures and prevent harm to consumers in its use of facial recognition technology in hundreds of stores. Notify consumers when their biometric information is used.

Surveillance

Surveillance Technology Retail Artificial Intelligence

Snowden Ten Years Later

Schneier on Security

JUNE 6, 2023

In 2013 and 2014, I wrote extensively about new revelations regarding NSA surveillance based on the documents provided by Edward Snowden. This was before David Miranda, Greenwald’s partner, was detained at Heathrow airport by the UK authorities; but even without that, I knew there was a risk. And Edward Snowden?

Surveillance

Surveillance Computers and Electronics Encryption Government

Attorney General William Barr on Encryption Policy

Schneier on Security

JULY 24, 2019

But, in the world of cybersecurity, we do not deal in absolute guarantees but in relative risks. All systems fall short of optimality and have some residual risk of vulnerability a point which the tech community acknowledges when they propose that law enforcement can satisfy its requirements by exploiting vulnerabilities in their products.

Encryption

Encryption Telecommunications Risk Government

Attorney General Barr and Encryption

Schneier on Security

AUGUST 14, 2019

But, in the world of cybersecurity, we do not deal in absolute guarantees but in relative risks. All systems fall short of optimality and have some residual risk of vulnerability -- a point which the tech community acknowledges when they propose that law enforcement can satisfy its requirements by exploiting vulnerabilities in their products.

Encryption

Encryption Telecommunications Risk Government

Cybersecurity Report: June 29, 2015

SiteLock

AUGUST 27, 2021

LOT stated that no ongoing flights or other airport computer systems were affected and the flights already in the air to scheduled to land at Warsaw were at no risk. These files were said to derive from directly targeted NSA surveillance of the communications of multiple French leaders.

Cybersecurity

Cybersecurity Surveillance Government Consumer Protection

Malicious app exploiting CVE-2019-2215 zero-day available in Google Play since March

Security Affairs

JANUARY 7, 2020

According to Stone, the CVE-2019-2215 vulnerability was being used or sold by the controversial surveillance firm NSO Group , it was exploited by its surveillance software Pegasus. SideWinder, a group that has been active since 2012, is a known threat and has reportedly targeted military entities’ Windows machines.

Surveillance

Surveillance Advertising Marketing Encryption

AI and Trust

Schneier on Security

DECEMBER 4, 2023

I wrote about this in 2012 in a book called Liars and Outliers. We are both under constant surveillance and are competing for star rankings. A lot has been written about AIs as existential risk. Surveillance is the business model of the Internet. And the incentives of surveillance capitalism are just too much to resist.

Government

Government Surveillance Artificial Intelligence Marketing

Microsoft alerts United States on Volt Typhoon Cyber Attack campaign

CyberSecurity Insiders

MAY 24, 2023

Adding to the concerns, the Five Eyes intelligence alliance has also issued an alert regarding a stealth surveillance campaign backed by China. It is important to note that while Western nations often attribute such incidents to countries like China and Russia, they remain relatively silent about their own surveillance campaigns.

Cyber Attacks

Cyber Attacks Surveillance Wireless Cybersecurity

LLMs and Phishing

Schneier on Security

APRIL 10, 2023

But while it’s an easy experiment to run, it misses the real risk of large language models (LLMs) writing scam emails. In 2012, researcher Cormac Herley offered an answer : It weeded out all but the most gullible. Today’s human-run scams aren’t limited by the number of people who respond to the initial email contact.

Phishing

Phishing Scams Surveillance Data collection

CISSPs from Around the Globe: An Interview with James Wright

CyberSecurity Insiders

SEPTEMBER 8, 2021

The mission of the service is to provide our risk management program with a robust dataset for policy-making and incident handling. I also work with my team on leading risk assessments, authoring position papers, security architecture evaluations, and associated risk discovery activities. As a Unitarian Universalist or U.U.,

Computers and Electronics

Computers and Electronics Architecture Education Cybersecurity

Here’s what data the FBI can get from WhatsApp, iMessage, Signal, Telegram, and more

Malwarebytes

DECEMBER 1, 2021

User activity on WeChat has been known to be analyzed, tracked and shared with Chinese authorities upon request as part of the mass surveillance network in China. Wickr was founded in 2012 by a group of security experts and privacy advocates but was acquired by Amazon Web Services. The FBI notes: No message content.

Encryption

Encryption Computers and Electronics Backups Accountability

Inside Mirai the infamous IoT Botnet: A Retrospective Analysis

Elie

DECEMBER 2, 2017

What’s remarkable about these record-breaking attacks is they were carried out via small, innocuous Internet-of-Things (IoT) devices like home routers, air-quality monitors, and personal surveillance cameras. his blog suffered 269 DDOS attacks between July 2012 and September 2016.

IoT

IoT DDOS Internet Internet

Russia’s SolarWinds Attack

Schneier on Security

DECEMBER 28, 2020

And since this Russian operation isn’t at all targeted, the entire world is at risk — and not just from Russia. In the interests of surveillance, the NSA has pushed for an insecure cell phone encryption standard and a backdoor in random number generators (important for secure encryption). North Korea attacked Sony in 2014.

Hacking

Hacking Government Internet Internet

FireEye and Microsoft execs, senators dissect mandatory breach disclosure in wake of SolarWinds

SC Magazine

FEBRUARY 24, 2021

in 2012 to smooth the process of notifying government. A second thread through the hearing was lawmakers suggesting that, given the National Security Agency is unable to do domestic surveillance, that some other agency should be able to step up. Joe Lieberman, I-Conn., Though the hackers used U.S.

Surveillance

Surveillance Government Hacking Software

Top VC Firms in Cybersecurity of 2022

eSecurity Planet

APRIL 26, 2022

Company Sector Year Status Vicarius Vulnerability management 2022 Private Dragos ICS and OT security 2021 Private Safeguard Cyber Risk management 2021 Private CyberGRX Risk management 2019 Private Signifyd Fraud protection 2018 Private RedOwl Security analytics 2015 Acquired: Forcepoint. AllegisCyber Investments. a16z Investments.

Cybersecurity

Cybersecurity Technology Marketing Healthcare

Highlights from the New U.S. Cybersecurity Strategy

Krebs on Security

MARCH 2, 2023

. “Any such legislation should prevent manufacturers and software publishers with market power from fully disclaiming liability by contract, and establish higher standards of care for software in specific high-risk scenarios,” the strategy explains. ” Many of the U.S. When the Bush administration released the first U.S.

Cybersecurity

Cybersecurity Insurance Cyber Insurance Government

Cyber Security Informer

Faulty DoD Cybersecurity Leaves U.S. At Risk of Missile Attacks

Identifying People Using Cell Phone Location Data

Trending Sources

On Chinese "Spy Trains"

US pharmacy Rite Aid banned from operating facial recognition systems

Snowden Ten Years Later

Attorney General William Barr on Encryption Policy

Attorney General Barr and Encryption

Cybersecurity Report: June 29, 2015

Malicious app exploiting CVE-2019-2215 zero-day available in Google Play since March

AI and Trust

Microsoft alerts United States on Volt Typhoon Cyber Attack campaign

LLMs and Phishing

CISSPs from Around the Globe: An Interview with James Wright

Here’s what data the FBI can get from WhatsApp, iMessage, Signal, Telegram, and more

Inside Mirai the infamous IoT Botnet: A Retrospective Analysis

Russia’s SolarWinds Attack

FireEye and Microsoft execs, senators dissect mandatory breach disclosure in wake of SolarWinds

Top VC Firms in Cybersecurity of 2022

Highlights from the New U.S. Cybersecurity Strategy

Stay Connected