article thumbnail

NSA Over-surveillance

Schneier on Security

Here in 2022, we have a newly declassified 2016 Inspector General report—”Misuse of Sigint Systems”—about a 2013 NSA program that resulted in the unauthorized (that is, illegal) targeting of Americans. Given all we learned from Edward Snowden, this feels like a minor coda.

article thumbnail

NSA Mass Surveillance Program Is Ruled Illegal

Adam Levin

Information about the widespread data collection was initially brought to the public’s attention in 2013 by Edward Snowden, a government whistleblower who fled to Russia after exposing evidence of the program. . “I The post NSA Mass Surveillance Program Is Ruled Illegal appeared first on Adam Levin. The ruling from the 9th U.S.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

The FBI Identified a Tor User

Schneier on Security

Without the FBI deploying some form of surveillance technique, or Al-Azhari using another method to visit the site which exposed their IP address, this should not have been possible. There are lots of ways to de-anonymize Tor users. Someone at the NSA gave a presentation on this ten years ago. (I

article thumbnail

In Search of… ISO 27001:2013, 27017:2015 & 27018:2019 Certification

Duo's Security Blog

We are proud to announce the Duo has achieved ISO 27001:2013, 27017:2015, and 27018:2019 certification! What is ISO 27001:2013, 27017:2015 and 27018:2019? An ISO 27000 series certification is valid for three years and requires an annual surveillance audit to ensure continued compliance for the lifespan of the certification.

article thumbnail

CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog

Security Affairs

Five of the issues added by CISA to its catalog are part of the exploits used by surveillance vendors to target mobile devices with their commercial spyware: CVE-2021-30900 – Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability. The exploits were used to install commercial spyware and malicious apps on targets’ devices.

Spyware 82
article thumbnail

In Search of… ISO 27001:2013, 27017:27017 & 27018:2019 Certification

Duo's Security Blog

We are proud to announce the Duo has achieved ISO 27001:2013, 27017:2015, and 27018:2019 certification! What is ISO 27001:2013, 27017:27017 and 27018:2019? An ISO 27000 series certification is valid for three years and requires an annual surveillance audit to ensure continued compliance for the lifespan of the certification.

article thumbnail

Cisco to pay $8.6 million fine for selling flawed surveillance technology to the US Gov

Security Affairs

Back in 2008, a whistle-blower identifies a vulnerability in Cisco video surveillance software, but the tech giant continued to sell the software to US agencies until July 2013. Cisco finally addressed the flaws in 2013 and stopped selling Cisco Video Surveillance Manager (VSM) in 2014. Cisco is going to pay $8.6