This site uses cookies to improve your experience. To help us insure we adhere to various privacy regulations, please select your country/region of residence. If you do not select a country, we will assume you are from the United States. Select your Cookie Settings or view our Privacy Policy and Terms of Use.
Cookie Settings
Cookies and similar technologies are used on this website for proper function of the website, for tracking performance analytics and for marketing purposes. We and some of our third-party providers may use cookie data for various purposes. Please review the cookie settings below and choose your preference.
Used for the proper function of the website
Used for monitoring website traffic and interactions
Cookie Settings
Cookies and similar technologies are used on this website for proper function of the website, for tracking performance analytics and for marketing purposes. We and some of our third-party providers may use cookie data for various purposes. Please review the cookie settings below and choose your preference.
Strictly Necessary: Used for the proper function of the website
Performance/Analytics: Used for monitoring website traffic and interactions
Here in 2022, we have a newly declassified 2016 Inspector General report—”Misuse of Sigint Systems”—about a 2013 NSA program that resulted in the unauthorized (that is, illegal) targeting of Americans. Given all we learned from Edward Snowden, this feels like a minor coda.
confirming that there have been 11 cases in 2022 where Ring complied with police “emergency” requests. This raises many concerns about increased police reliance on private surveillance, a practice that has long gone unregulated. The Amazon company responded to an inquiry from US Senator Ed Markey (D-Mass.),
According to rumors, the Polish special services are using surveillance software to spy on government opponents. In June 2022, the controversial Israeli surveillance vendor NSO Group told the European Union lawmakers that its Pegasus spyware was used by at least five countries in the region.
Leaked documents show the surveillance firm Intellexa offering exploits for iOS and Android devices for $8 Million. Intellexa is an Israeli surveillance firm founded by Israeli entrepreneur Tal Dilian, it offers surveillance and hacking solution to law enforcement and intelligence agencies. Pierluigi Paganini.
In 2024, Google tracked 75 exploited zero-day vulnerabilities, down from 98 in 2023 but up from 63 in 2022. The report published by GTIG highlights evolving attacker tactics, better vendor defenses, and growing challenges in detecting commercial surveillance activity. ” continues the report. ” concludes the report.
These are the books that I read in the second quarter, 2022 that are worth your time. Non-fiction The Age of Surveillance Capitalism , Shoshana Zuboff. Books I've read lately that I think you might find enjoyable are the focus of this 100% foreshadowing-free edition of worthwhile books. Cyber Cyber Peace , edited by Scott J.
Key Findings: MY2022, an app mandated for use by all attendees of the 2022 Olympic Games in Beijing, has a simple but devastating flaw where encryption protecting users’ voice audio and file transfers can be trivially sidestepped. Citizen Lab examined the app and found it riddled with security holes.
A new custom-made malware, the Screenshotter, surveils the victims before stealing data. Researchers first spotted the campaign in October 2022, but its activity increased in 2023. The threat actor called TA886 is utilizing this malware to target users from the United States and Germany.
The change marks a direct call-out of companies like NSO Group that develop sophisticated commercial surveillance tools like Pegasus, which have been abused by authoritarian regimes to pull off "individually targeted attacks of such exceptional cost and complexity." Just last month, the U.S.
The European Data Protection Supervisor recommended an EU ban on the technology in 2022, although this has not yet happened. The ruling drew praise from Amnesty International, which had filed a court brief as part of the case outlining the human rights implications of the attacks on Meta.
According to a report published by Reuters, an Israeli surveillance software was used to spy on senior officials in the European Commission. ” NSO sent a statement to Reuters to exclude the involvement of its surveillance tools in the attacks reported by the agency. Follow me on Twitter: @securityaffairs and Facebook.
The Israeli surveillance firm QuaDream is allegedly shutting down its operations after Citizen Lab and Microsoft uncovered their spyware. Last week Citizen Lab researchers reported that at least five civil society members were victims of spyware and exploits developed by the Israeli surveillance firm QuaDream. and 14.4.2,
Australia’s Defense Department announced that they will remove surveillance cameras made by Chinese firms linked to the government of Beijing. Australia’s Defense Department is going to replace surveillance cameras made by Chinese firms Hikvision and Dahua, who are linked to the government of Beijing. ” reported The Guardian. “We
At least five members of civil society worldwide have been targeted with spyware and exploits developed by surveillance firm QuaDream. Citizen Lab researchers reported that at least five civil society members were victims of spyware and exploits developed by the Israeli surveillance firm QuaDream. ” concludes Citizen Lab.
Experts uncovered an enterprise-grade surveillance malware dubbed Hermit used to target individuals in Kazakhstan, Syria, and Italy since 2019. Lookout Threat Lab researchers uncovered enterprise-grade Android surveillance spyware, named Hermit, used by the government of Kazakhstan to track individuals within the country.
An interesting article published by The Intercept reveals the secretive business of a US surveillance firm named Anomaly Six. While Russia was invading Ukraine in February, two unknown surveillance startups, Anomaly Six and Zignal Labs joined forces to provide powerful surveillance services.
Days after Meta achieved victory after suing the NSO Group for Computer Fraud and Abuse Act charges, Meta filed a lawsuit against surveillance company Voyager Labs for violations of its Terms and Policies and California law. Court documents show that no later than July 2022, Voyager began using its thousands of fake accounts to scrape data.
Five of the issues added by CISA to its catalog are part of the exploits used by surveillance vendors to target mobile devices with their commercial spyware: CVE-2021-30900 – Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability. CISA orders federal agencies to fix this flaw by April 20, 2023.
Lookout researchers discovered two long-running surveillance campaigns targeting the ethnic minority Uyghurs. Researchers from mobile security firm Lookout uncovered two long-running surveillance campaigns targeting the Uyghurs minority. List of installed packages. Call logs and geocoded location associated with the call.
Researchers at the Lookout Threat Lab have discovered a new Android surveillance spyware, dubbed BouldSpy, that was used by the Law Enforcement Command of the Islamic Republic of Iran (FARAJA). However, much of the victim data points to its broader usage, which indicates targeted surveillance efforts towards minorities within Iran.”
Citizen Lab reported that Israeli surveillance firm NSO Group used at least three iOS zero-click exploits in 2022. A new report from Citizen Lab states that the Israeli surveillance firm NSO Group used at least three zero-click zero-day exploits to deliver its Pegasus spyware. ” reads the report. ” reads the report.
The modular architecture of the malware allows to extend its functionalities for multiple malicious purposes, including surveillance, reconnaissance, information theft, DDoS attacks, and arbitrary code execution.
government added surveillance technology vendors Cytrox and Intellexa to an economic blocklist for trafficking in cyber exploits. Government warns of the key role that surveillance technology plays in surveillance activities that can lead to repression and other human rights abuses. national security or foreign policy interests.
The Microsoft Threat Intelligence Center (MSTIC) and the Microsoft Security Response Center (MSRC) researchers linked a threat group known as Knotweed to an Austrian surveillance firm named DSIRF, known for using multiple Windows and Adobe zero-day exploits. The malicious DLL used in the attacks was signed by ‘DSIRF GmbH’.”
Citizens, for their part, are increasingly concerned with surveillance capitalism , a lack of anonymity and dependence on online services. While we hope 2022 will be the last pandemic year, we do not think the privacy trends will reverse. Here, we present some of our ideas about what key forces will shape the privacy landscape in 2022.
The state of stalkerware in 2022 (PDF) Main findings of 2022 The State of Stalkerware is an annual report by Kaspersky which contributes to a better understanding of how many people in the world are affected by digital stalking. In addition, the data reveals a stable proliferation of stalkerware over the 12 months of 2022.
Also read: Top Single Sign-On (SSO) Solutions for 2022. Best Facial Recognition Software for 2022. It focuses on emotion, behavior, age, voice, and gender recognition to provide surveillance and security solutions. Read next: Best Identity and Access Management (IAM) Solutions for 2022. Amazon Rekognition.
North Korea-linked threat actor ScarCruft (aka APT37 , Reaper, and Group123) is behind a previously undetected Android surveillance tool namedKoSpythat was used to target Korean and English-speaking users. The researchers state that the threat is a relatively new malware family with early samples going back to March 2022.
At the SecTor 2022 conference in Toronto next month, researchers from Lookout will take a deep dive into Hermit and the shadowy world of mobile surveillance tools used by repressive regimes.
We assess the exploits were packaged by a single commercial surveillance company, Cytrox, and sold to different govt-backed actors. link] — Shane Huntley (@ShaneHuntley) May 19, 2022. The attacks aimed at installing the surveillance spyware Predator, developed by the North Macedonian firm Cytrox.
Google Thursday released an emergency patch for Chrome 107 to address the actively exploited zero-day vulnerability CVE-2022-3723. Google released an emergency update for the Chrome 107 to address an actively exploited zero-day vulnerability tracked as CVE-2022-3723. šek, Milánek, and Przemek Gmerek of Avast on October 25, 2022.
Mandiant tracked 55 zero-day vulnerabilities that were actively exploited in 2022. Overall, the proportion of financially motivated zero-day exploitation decreased in 2022. Far more of the 16 cases with a clear motive were state-sponsored – 13 of the zero-days tracked in 2022 appear to have been leveraged by cyber espionage groups.
Chinese-made surveillance cameras find themselves in a spot of controversy, after a BBC investigation uncovered flaws in devices during several brand tests. Surveillance and webcam vulnerabilities are common, and we’ve covered them many times on our blog.
A vulnerability, tracked as CVE-2022-30563, impacting Dahua IP Camera can allow attackers to seize control of IP cameras. The CVE-2022-30563 vulnerability impacting Dahua IP Camera can allow attackers to seize control of IP cameras. The issue affects Dahua’s implementation of the Open Network Video Interface Forum ( ONVIF ).
Tech advances are accelerating the use of facial recognition as a reliable and ubiquitous mass surveillance tool, privacy advocates warn. According to Allied Market Research, the facial recognition systems market is in the midst of rising at a compounded annual growth rate of 21% between 2016 to 2022. billion by 2022.
In a 2022 survey , Americans blamed social media for the coarsening of our political discourse, the spread of misinformation, and the increase in partisan polarization. 2: Surveillance Social media’s reliance on advertising as the primary way to monetize websites led to personalization, which led to ever-increasing surveillance.
Google’s Threat Analysis Group (TAG) linked three exploitation frameworks to a Spanish surveillance spyware vendor named Variston. The vulnerabilities in Google, Microsoft and Mozilla exploited by the company were fixed in 2021 and early 2022. Heliconia Files framework delivers a Firefox exploit chain for Windows and Linux.
On August 11, 2022, the Federal Trade Commission (FTC) announced a Notice of Proposed Rulemaking regarding the collection, sharing and use of certain information which it refers to as “commercial surveillance data” and whether the use of that data constitutes a violation of the provisions of the Federal Trade Commission Act.
CVE-2022-22071 was included in our May 2022 public bulletin. Google Threat Analysis Group and Google Project Zero first reported that the CVE-2023-33106, CVE-2023-33107, CVE-2022-22071 and CVE-2023-33063 were actively exploited in targeted attacks.
Related: The crucial role of ‘Digital Trust’ After numerous delays and course changes, the Matter protocol, is set to roll out this fall, in time for the 2022 holiday shopping season. If all goes smoothly, surveillance cams, smart doorbells and robot vacuums would soon follow.
Synesis Surveillance System – Anonymous claims to have hacked the Synesis and Kipod surveillance systems. OpRussia #StandWithUkraine #FckPutin [link] — Anonymous TV (@YourAnonTV) April 19, 2022. OpRussia #FckPutin #StandWithUkraine pic.twitter.com/ps95L7gWeN — Anonymous TV (@YourAnonTV) April 19, 2022.
In early December, Ukraine’s SBU announced they shut down two surveillance cameras that were allegedly hacked by the Russian intelligence services to spy on air defense forces and critical infrastructure in Kyiv. The surveillance cameras were located in residential buildings and were used to monitor the surrounding area and a parking lot.
We organize all of the trending information in your field so you don't have to. Join 28,000+ users and stay up to date on the latest articles your peers are reading.
You know about us, now we want to get to know you!
Let's personalize your content
Let's get even more personalized
We recognize your account from another site in our network, please click 'Send Email' below to continue with verifying your account and setting a password.
Let's personalize your content