Accountability, Hacking and Surveillance

SEC X account hacked to hawk crypto-scams

Malwarebytes

JANUARY 10, 2024

We have seen several high-profile accounts that were taken over on X (formerly Twitter) only to be used for cryptocurrency related promotional activities, like expressing the approval of exchange-traded funds (ETFs). The @SECGov X account was compromised, and an unauthorized post was posted. You’re all set.

Accountability

Accountability Scams Hacking Cryptocurrency

Threat actors hacked the X account of the Securities and Exchange Commission (SEC) and announced fake Bitcoin ETF approval

Security Affairs

JANUARY 10, 2024

Threat actors hacked the X account of the US Securities and Exchange Commission (SEC) and used it to publish the fake news on the Bitcoin ETF approval. Hackers hijacked the X account of the US Securities and Exchange Commission (SEC) and used it to publish fake news on the Bitcoin ETF approval. ” Gensler wrote.

Accountability

Accountability Hacking Cryptocurrency Surveillance

White hat hackers gained access more than 150,000 surveillance cameras

Security Affairs

MARCH 10, 2021

A group of hackers claimed to have compromised more than 150,000 surveillance cameras at banks, jails, schools, and prominent companies like Tesla and Equinox. Hackers also posted images captured from the hacked surveillance video on Twitter with an #OperationPanopticon hashtag. SecurityAffairs – hacking, surveillance cameras).

Surveillance

Surveillance Hacking Banking Firmware

Israeli surveillance firm QuaDream is shutting down amidst spyware accusations

Security Affairs

APRIL 17, 2023

The Israeli surveillance firm QuaDream is allegedly shutting down its operations after Citizen Lab and Microsoft uncovered their spyware. Last week Citizen Lab researchers reported that at least five civil society members were victims of spyware and exploits developed by the Israeli surveillance firm QuaDream. and 14.4.2,

Surveillance

Surveillance Spyware Education Media

EU officials were targeted with Israeli surveillance software

Security Affairs

APRIL 13, 2022

According to a report published by Reuters, an Israeli surveillance software was used to spy on senior officials in the European Commission. 26 email reviewed by Reuters, a senior tech staffer sent a message to colleagues with background about Israeli hacking tools and a request to be on the lookout for additional warnings from Apple.”

Surveillance

Surveillance Software Spyware Hacking

Iranian govt uses BouldSpy Android malware for internal surveillance operations

Security Affairs

MAY 1, 2023

Researchers at the Lookout Threat Lab have discovered a new Android surveillance spyware, dubbed BouldSpy, that was used by the Law Enforcement Command of the Islamic Republic of Iran (FARAJA). However, much of the victim data points to its broader usage, which indicates targeted surveillance efforts towards minorities within Iran.”

Surveillance

Surveillance Malware Spyware Education

Thai Officials confirmed the hack of prison surveillance cameras and the video broadcast

Security Affairs

DECEMBER 27, 2019

Authorities in Thailand are investigating a cyber attack that resulted in the broadcast of surveillance video from inside a prison in the country’s south. The video was published on Tuesday by an account named “ BigBrother’s Gaze,” the images from several cameras showed prisoners’ operations.

Surveillance

Surveillance Hacking Advertising IoT

On Executive Order 12333

Schneier on Security

SEPTEMBER 28, 2020

Although electronic surveillance programs authorized by EO 12333 generally target foreign intelligence from foreign targets, its permissive targeting standards allow for the substantial collection of Americans’ communications containing little to no foreign intelligence value.

Surveillance

Surveillance Telecommunications Internet Internet

Long-running surveillance campaigns target Uyghurs with BadBazaar and MOONSHINE spyware

Security Affairs

NOVEMBER 11, 2022

Lookout researchers discovered two long-running surveillance campaigns targeting the ethnic minority Uyghurs. Researchers from mobile security firm Lookout uncovered two long-running surveillance campaigns targeting the Uyghurs minority. List of installed packages. Call logs and geocoded location associated with the call.

Surveillance

Surveillance Spyware Malware Mobile

Google TAG argues surveillance firm RCS Labs was helped by ISPs to infect mobile users

Security Affairs

JUNE 24, 2022

Researchers from Google’s Threat Analysis Group (TAG) revealed that the Italian surveillance firm RCS Labs was helped by some Internet service providers (ISPs) in Italy and Kazakhstan to infect Android and iOS users with their spyware. SecurityAffairs – hacking, RCS Labs). Follow me on Twitter: @securityaffairs and Facebook.

Surveillance

Surveillance Mobile Spyware Telecommunications

Google updates policies to ban any ads for surveillance solutions and services

Security Affairs

JULY 12, 2020

Google announced that starting from August it will update its policies to reject ads proposed by organizations offering surveillance software. The move aims at fighting the advertising of any form of surveillance. SecurityAffairs – hacking, ads). access their messages, phone calls, or tracking their position).

Surveillance

Surveillance Spyware Advertising Marketing

CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog

Security Affairs

APRIL 1, 2023

Five of the issues added by CISA to its catalog are part of the exploits used by surveillance vendors to target mobile devices with their commercial spyware: CVE-2021-30900 – Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability.

Spyware

Spyware Surveillance Mobile Education

Remcos RAT campaign targets US accounting and tax return preparation firms

Security Affairs

APRIL 16, 2023

Microsoft warns of a new Remcos RAT campaign targeting US accounting and tax return preparation firms ahead of Tax Day. Tax Day, Microsoft has observed a new Remcos RAT campaign targeting US accounting and tax return preparation firms. Ahead of the U.S. The phishing attacks began in February 2023, the IT giant reported. LNK) files.

Accountability

Accountability Phishing Financial Services Surveillance

Critical flaw affects Cisco Video Surveillance Manager

Security Affairs

SEPTEMBER 24, 2018

Cisco has patched a critical vulnerability in the Cisco Video Surveillance Manager (VSM) could be exploited by an unauthenticated remote attacker to gain root access. Cisco has fixed a critical vulnerability in the Cisco Video Surveillance Manager software running on some Connected Safety and Security Unified Computing System (UCS) platforms.

Surveillance

Surveillance Accountability Software Advertising

Finland confirms that hackers breached MPs’ emails accounts

Security Affairs

DECEMBER 28, 2020

The Parliament of Finland confirmed that threat actors had access to email accounts of multiple members of parliament (MPs). . The attack was discovered by parliament technical surveillance. Some parliament e-mail accounts may have been compromised as a result of the attack, among them e-mail accounts that belong to MPs.”

Accountability

Accountability Surveillance Cyber Attacks Hacking

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature

Security Affairs

OCTOBER 10, 2018

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature, a gift for APT groups and cyber crime syndicates. Xiongmai hereinafter) that are open to hack. Security Affairs – Xiongmai, hacking ). The flaws could be exploited to spy on camera feeds of unaware users. Pierluigi Paganini.

Surveillance

Surveillance Hacking Firmware Manufacturing

150,000 Verkada security cameras hacked—to make a point

Malwarebytes

MARCH 12, 2021

Hackers were able to gain access to camera feeds from Verkada, a tech company that specializes in video security and physical access control, to demonstrate how prevalent surveillance is, reports say. Swiss hacker and member of the hacking collective “APT-69420 Arson Cats,” Tillie Kottmann, claimed credit for the Verkada hack.

Hacking

Hacking Surveillance Computers and Electronics Accountability

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Krebs on Security

OCTOBER 28, 2020

In August, Gunnebo said it had successfully thwarted a ransomware attack, but this week it emerged that the intruders stole and published online tens of thousands of sensitive documents — including schematics of client bank vaults and surveillance systems.

Hacking

Hacking Ransomware Banking Accountability

How to say your webcam on laptop or smartphone has been hacked

CyberSecurity Insiders

JANUARY 17, 2023

Therefore, the next time when you see your webcam light blinking and device battery exhausting faster than usual, you must quickly put the device under surveillance. A recent study made by VPNOverview says that one in every three Americans does not know that their webcams can be hacked and their privacy can be breached.

Hacking

Hacking Surveillance Software Cybersecurity

NSO CEO claims Facebook wanted NSO surveillance tool to spy on users

Security Affairs

APRIL 8, 2020

In October 2019, WhatsApp sued the Israeli surveillance firm NSO Group accusing it of carrying out malicious attacks against its users. According to the NSO CEO, Facebook was interested in improving surveillance capabilities on iOS devices of the Onavo Protect. ” Who will win? Facebook or NSO Group? Pierluigi Paganini.

Surveillance

Surveillance Spyware Advertising Government

China Says U.S. Hacking Huawei Since 2009

SecureWorld News

SEPTEMBER 28, 2023

In a tale as old as the computer, China has once again pointed fingers at the United States, accusing it of hacking into one of its technology companies. Of course, this comes about a month after the U.S. accused China of targeting its government organizations with cyberattacks.

Hacking

Hacking Artificial Intelligence Telecommunications Cyber Attacks

Aussie Parliament Just Leveled Up Police Hacking Powers

SecureWorld News

AUGUST 27, 2021

Australian Parliament passed the controversial Surveillance Legislation Amendment Bill 2020, also known as the Identify and Disrupt Bill and to a few the “hacking” bill, on August 25. Account activity warrant —Allows the takeover of an individual’s online account(s) for the purpose of gathering criminal evidence.

Hacking

Hacking Computers and Electronics Surveillance Cybercrime

Facebook blocks Chinese state hackers targeting Uyghur activists

Bleeping Computer

MARCH 24, 2021

Facebook took down accounts used by a Chinese-sponsored hacking group to deploy surveillance malware on devices used by Uyghurs activists, journalists, and dissidents living outside China. [.].

Surveillance

Surveillance Accountability Malware Hacking

Facebook Helped Develop a Tails Exploit

Schneier on Security

JUNE 12, 2020

This is a weird story : Hernandez was able to evade capture for so long because he used Tails, a version of Linux designed for users at high risk of surveillance and which routes all inbound and outbound connections through the open-source Tor network to anonymize it. I'm fine with the FBI using vulnerabilities: lawful hacking , it's called.

Surveillance

Surveillance Accountability Media Hacking

Hacked: Verkada Security Camera Company

SecureWorld News

MARCH 10, 2021

Founded in 2016, Verkada is a security company that focuses on surveillance and facial recognition through the use of sophisticated software in security cameras. Now a hacking group says they accessed thousands of live feeds from Verkada's cameras around the world. The Verkada camera hack: what happened?

Hacking

Hacking Surveillance Passwords Internet

Security Affairs newsletter Round 453 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JANUARY 7, 2024

Experts spotted a new macOS Backdoor named SpectralBlur linked to North Korea Merck settles with insurers regarding a $1.4

Artificial Intelligence

Artificial Intelligence Data breaches Scams Insurance

Turkish Sea Turtle APT targets Dutch IT and Telecom firms

Security Affairs

JANUARY 7, 2024

“The stolen information is likely to be exploited for surveillance or intelligence gathering on specific groups and or individuals.” Sea Turtle also used code from a publicly accessible GitHub account, which is likely under the control of the threat actor. Enable 2FA on all externally exposed accounts.

Media

Media Accountability Telecommunications Government

Apple sues NSO Group for abusing state-sponsored Pegasus spyware

Security Affairs

NOVEMBER 24, 2021

Apple has filed suit to ban the Israeli surveillance firm NSO Group and parent company Q Cyber Technologies from using its product and services. federal court for illegally targeting its customers with the surveillance spyware Pegasus. SecurityAffairs – hacking, Pegasus). ” reads the announcement published by Apple.

Spyware

Spyware Surveillance Software Hacking

Hikvision fixed a critical flaw in Hybrid SAN and cluster storage products?

Security Affairs

APRIL 13, 2023

Chinese video surveillance giant Hikvision addressed a critical vulnerability in its Hybrid SAN and cluster storage products. Chinese video surveillance giant Hikvision addressed an access control vulnerability, tracked as CVE-2023-28808, affecting its Hybrid SAN and cluster storage products.

Surveillance

Surveillance Education Media Hacking

Fake Emergency Search Warrants Draw Scrutiny from Capitol Hill

Krebs on Security

MARCH 31, 2022

On Tuesday, KrebsOnSecurity warned that hackers increasingly are using compromised government and police department email accounts to obtain sensitive customer data from mobile providers, ISPs and social media companies. co saying he could be hired to perform fake EDRs on targets at will, provided the account was recently active.

Government

Government Accountability Education Media

One million cracked Poshmark accounts being sold online

Security Affairs

SEPTEMBER 2, 2019

Login details of more than 36 million Poshmark accounts are available for sale in the cybercrime underground. “In mid-2018, social commerce marketplace Poshmark suffered a data breach that exposed 36M user accounts. Now Scott told BleepingComputer that a set of one million cracked Poshmark accounts is circulating online.

Accountability

Accountability Data breaches Passwords Advertising

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

Security Affairs

SEPTEMBER 23, 2023

The City of Dallas revealed that the Royal ransomware gang that hit the city system in May used a stolen account. The Royal group began reconnaissance activity in April 2023, and the analysis of system log data dates the beginning of the surveillance operations on April 7, 2023. ” reads the report. ” reads the report.

Ransomware

Ransomware Surveillance Healthcare Accountability

Security Affairs newsletter Round 377

Security Affairs

AUGUST 7, 2022

Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports Slack resets passwords for about 0.5% Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports Slack resets passwords for about 0.5% SecurityAffairs – hacking, newsletter). Pierluigi Paganini.

Spyware

Spyware Manufacturing Small Business Surveillance

Eken camera doorbells allow ill-intentioned individuals to spy on you

Security Affairs

MARCH 3, 2024

An attacker can exploit the flaws to create an account on the app and gain access to a nearby doorbell camera by pairing it with another device. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, camera doorbells)

Manufacturing

Manufacturing Wireless Retail Surveillance

Pegasus Project – how governments use Pegasus spyware against journalists

Security Affairs

JULY 19, 2021

Pegasus Project investigation into the leak of 50,000 phone numbers of potential surveillance targets revealed the abuse of NSO Group’s spyware. Pegasus Project is the name of a large-scale investigation into the leak of 50,000 phone numbers of potential surveillance targets that revealed the abuse of NSO Group’s spyware.

Spyware

Spyware Government Surveillance Media

A flaw in Dahua IP Cameras allows full take over of the devices

Security Affairs

JULY 31, 2022

. “We’re publishing the details of a new vulnerability (tracked under CVE-2022-30563) affecting the implementation of the Open Network Video Interface Forum (ONVIF) WS-UsernameToken authentication mechanism in some IP cameras developed by Dahua, a very popular manufacturer of IP-based surveillance solutions.” Pierluigi Paganini.

Surveillance

Surveillance Authentication Telecommunications Manufacturing

Donot Team targets a Togo prominent activist with Indian-made spyware

Security Affairs

OCTOBER 11, 2021

” Threat actors used WhatsApp messages to spread the malware, the account was associated with an Indian phone number that’s registered in the state of Jammu and Kashmir.Once installed, the spyware would allow attackers to take over the device, controlling camera and microphone, access to sensitive information stored on the devices (i.e.

Spyware

Spyware Surveillance Accountability Mobile

Snowden Ten Years Later

Schneier on Security

JUNE 6, 2023

In 2013 and 2014, I wrote extensively about new revelations regarding NSA surveillance based on the documents provided by Edward Snowden. Reading about the NSA’s hacking abilities will do that to you. Many have written about how being under constant surveillance changes a person. I wrote the essay below in September 2013.

Surveillance

Surveillance Computers and Electronics Encryption Government

Facebook took action against China-linked APT targeting Uyghur activists

Security Affairs

MARCH 25, 2021

Facebook has closed accounts used by a China-linked APT to distribute malware to spy on Uyghurs activists, journalists, and dissidents living outside China. This group used various cyber-espionage tactics to identify its targets and infect their devices with malware to enable surveillance.” SecurityAffairs – hacking, Facebook).

Surveillance

Surveillance Social Engineering Malware Spyware

Swiss expert Till Kottmann indicted for conspiracy, wire fraud, and aggravated identity theft

Security Affairs

MARCH 21, 2021

Hackers also posted images captured from the hacked surveillance video on Twitter with an #OperationPanopticon hashtag, published images show that they have gained root shell access to the surveillance cameras used by Telsa and Cloudflare. SecurityAffairs – hacking, cybercrime). ” continues the DoJ.

Identity Theft

Identity Theft Computers and Electronics Surveillance Hacking

Understanding and Recognizing Tech Abuse

SecureWorld News

AUGUST 16, 2023

It encompasses various forms of cybercrime and online harm, including cyberstalking, tracking, hacking accounts and intimate image abuse. A common example of this is surveillance. Still, it might not be seen that way due to the normalization of surveillance and the narrative that 'surveillance is love'.

Surveillance

Surveillance Technology Accountability Spyware

FBI warns swatting attacks on owners of smart devices

Security Affairs

JANUARY 2, 2021

According to the alert issued by the FBI, the swatters have been hijacking smart devices such as video and audio capable home surveillance devices. “Recently, offenders have been using victims’ smart devices, including video and audio capable home surveillance devices, to carry out swatting attacks. ” concludes the alert.

Passwords

Passwords Surveillance Manufacturing Accountability

Microsoft disrupts SEABORGIUM ’s ongoing phishing operations

Security Affairs

AUGUST 15, 2022

Microsoft disrupted a hacking operation linked conducted by Russia-linked APT SEABORGIUM aimed at NATO countries. Microsoft has disrupted activity by SEABORGIUM, a Russia-based actor launching persistent phishing, credential and data theft, intrusions, and hack-and-leak campaigns tied to espionage. SecurityAffairs – hacking, NATO).

Phishing

Phishing Accountability Hacking Surveillance

Coinbase CEO confirms that Ex-Hacking Team members will ‘Transition Out’ of Neutrino

Security Affairs

MARCH 6, 2019

Coinbase CEO Brian Armstrong announced that all the three former members of the controversial Hacking Team will “transition out” of Neutrino. On Monday, Coinbase, CEO Brian Armstrong announced in a blog post that all the three former members of the controversial Hacking Team will “transition out” of cryptocurrency firm Coinbase.

Hacking

Hacking Surveillance Cryptocurrency Advertising

SEC X account hacked to hawk crypto-scams

Threat actors hacked the X account of the Securities and Exchange Commission (SEC) and announced fake Bitcoin ETF approval

Trending Sources

White hat hackers gained access more than 150,000 surveillance cameras

Israeli surveillance firm QuaDream is shutting down amidst spyware accusations

EU officials were targeted with Israeli surveillance software

Iranian govt uses BouldSpy Android malware for internal surveillance operations

Thai Officials confirmed the hack of prison surveillance cameras and the video broadcast

On Executive Order 12333

Long-running surveillance campaigns target Uyghurs with BadBazaar and MOONSHINE spyware

Google TAG argues surveillance firm RCS Labs was helped by ISPs to infect mobile users

Google updates policies to ban any ads for surveillance solutions and services

CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog

Remcos RAT campaign targets US accounting and tax return preparation firms

Critical flaw affects Cisco Video Surveillance Manager

Finland confirms that hackers breached MPs’ emails accounts

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature

150,000 Verkada security cameras hacked—to make a point

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

How to say your webcam on laptop or smartphone has been hacked

NSO CEO claims Facebook wanted NSO surveillance tool to spy on users

China Says U.S. Hacking Huawei Since 2009

Aussie Parliament Just Leveled Up Police Hacking Powers

Facebook blocks Chinese state hackers targeting Uyghur activists

Facebook Helped Develop a Tails Exploit

Hacked: Verkada Security Camera Company

Security Affairs newsletter Round 453 by Pierluigi Paganini – INTERNATIONAL EDITION

Turkish Sea Turtle APT targets Dutch IT and Telecom firms

Apple sues NSO Group for abusing state-sponsored Pegasus spyware

Hikvision fixed a critical flaw in Hybrid SAN and cluster storage products?

Fake Emergency Search Warrants Draw Scrutiny from Capitol Hill

One million cracked Poshmark accounts being sold online

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

Security Affairs newsletter Round 377

Eken camera doorbells allow ill-intentioned individuals to spy on you

Pegasus Project – how governments use Pegasus spyware against journalists

A flaw in Dahua IP Cameras allows full take over of the devices

Donot Team targets a Togo prominent activist with Indian-made spyware

Snowden Ten Years Later

Facebook took action against China-linked APT targeting Uyghur activists

Swiss expert Till Kottmann indicted for conspiracy, wire fraud, and aggravated identity theft

Understanding and Recognizing Tech Abuse

FBI warns swatting attacks on owners of smart devices

Microsoft disrupts SEABORGIUM ’s ongoing phishing operations

Coinbase CEO confirms that Ex-Hacking Team members will ‘Transition Out’ of Neutrino

Stay Connected