Blog, Surveillance and Technology - Cyber Security Informer

Report from the Cambridge Cybercrime Conference

Schneier on Security

JULY 14, 2025

Schneier on Security Menu Blog Newsletter Books Essays News Talks Academic About Me Search Powered by DuckDuckGo Blog Essays Whole site Subscribe Home Blog Report from the Cambridge Cybercrime Conference The Cambridge Cybercrime Conference was held on 23 June. Summaries of the presentations are here.

Cybercrime

Cybercrime Adware Antivirus Surveillance

Targeted spyware and why it’s a concern to us

Malwarebytes

MARCH 20, 2025

Paragon Solutions is an Israeli company which sells high-end surveillance technology primarily to government clients, positioning its products as essential for combating crime and national security. Which is why we, on this blog, and through Malwarebytes Trusted Advisor , always urge people to keep their devices up-to-date.

Spyware

Spyware Surveillance Mobile Government

Do you actually need a VPN? Your guide to staying safe online!

Webroot

NOVEMBER 21, 2024

VPN: Encrypts your internet connection, hiding your online activities from ISPs, hackers, and even government surveillance. Cybersecurity is only going to get more important as technology—and cyberthreats—advance. appeared first on Webroot Blog. Keeps your browsing history and personal data private and anonymous.

VPN

VPN Antivirus Internet Internet

The Real Cost of Decentralising Cybersecurity in a Fragmented Regulatory World

Jane Frankland

JULY 17, 2025

The beers were cold, the banter flowing, but one comment cut through the noise: “Cybersecurity’s no longer about technology. In this blog, I’m unpacking how the global regulatory landscape is fragmenting—and why decentralising cybersecurity, while expensive and complex, has become a strategic necessity. It’s about sovereignty.”

Cybersecurity

Cybersecurity Risk Marketing Government

Privacy Roundup: Week 13 of Year 2025

Security Boulevard

MARCH 31, 2025

Surveillance Tech in the News This section covers surveillance technology and methods in the news. Privacy Services Ente Photos v1 ente blog Ente has released version 1.0 Private search engines generally avoid connecting users to their searches. The browser also recently released version 33.6.1, of its photos app.

VPN

VPN Surveillance Malware Data breaches

Key Cybersecurity Trends for 2025. My Predictions

Jane Frankland

JANUARY 12, 2025

Cybersecurity is on the brink of significant transformation as we approach 2025, grappling with escalating complexities driven by advancements in technology, increasing geopolitical tensions, and the rapid adoption of AI and IoT. Ethics The ethical challenges posed by advancing AI technologies will demand urgent attention in 2025.

Cybersecurity

Cybersecurity CISO Insurance IoT

Zero Trust Security Model: Key Strategies, Benefits, and Implementation Best Practices

Centraleyes

JUNE 23, 2025

So, in this blog, we’re not here to sell you the dream. Continuous Monitoring Zero Trust methodology relies on ongoing surveillance of behavior, activity patterns, and access requests. You’ll need the right technology stack—Identity and Access Management, endpoint protection, and continuous monitoring tools.

Encryption

Encryption VPN Risk Authentication

Security Roundup January 2025

BH Consulting

JANUARY 30, 2025

Cyber risk remains top of mind for business leaders A regular January fixture, the World Economic Forums Global Risk Report 2025 features two technology-related threats among the top five risks for the year ahead and beyond. The Electronic Frontier Federation has a good explainer of the surveillance mechanism behind the world of online ads.

Cyber Risk

Cyber Risk Computers and Electronics Risk CISO

The Ultimate ISO 27001 Checklist: Step-by-Step Guide to Simplify Your Compliance Journey

Centraleyes

MAY 5, 2025

This is where policies become practice: Create a Resource Plan: Allocate the necessary personnel, technology, and budget to support the ISMS. Implement Controls: Deploy both physical (access control, surveillance) and logical (encryption, firewalls) measures, mapping them directly to identified risks.

Risk

Risk Information Security Firewall Education

How New U.S. Legislation Changes Global Digital Sovereignty as We Know It

Thales Cloud Protection & Licensing

MAY 28, 2025

Foreign Intelligence Surveillance Act (FISA) 702 and Clarifying Lawful Overseas Use of Data (CLOUD) Act in detail FISA 702 FISA Section 702 now authorizes U.S. But what I want to call attention to in this blog, is how this actually impacts identity infrastructurebecause a lot of those types of solutions reside in the U.S.,

Authentication

Authentication Digital transformation Software Surveillance

CBP Wants New Tech to Search for Hidden Data on Seized Phones

WIRED Threat Level

JULY 3, 2025

A blog on Cellebrite’s website about the January 6 insurrection cites a Washington Post report claiming that Cellebrite produced “more than 12,000 pages of data,” “2,600 pages of Facebook records,” and 800 photos and videos from a single person. Cellebrite said in February it would limit the use of some of its technology in Serbia.

Surveillance

Surveillance Retail Accountability Technology

ISO 42001 Certification: Step-by-Step Guide to Achieve

Centraleyes

JULY 3, 2025

Traditional governance models have proven insufficient in addressing the dynamic and high-impact nature of AI technologies. Continuous monitoring of the AIMS should lead to iterative improvements in governance processes, ensuring adaptability to evolving technologies and risks. Full recertification is required every three years.

Government

Government Risk Accountability Artificial Intelligence

On Surveillance in the Workplace

Schneier on Security

MARCH 12, 2019

Technology can take on management functions, such as sending workers automated "nudges" or adjusting performance benchmarks based on a worker's real-time progress, while gamification renders work activities into competitive, game-like dynamics driven by performance metrics. I don't agree with the ordering, but the sentiment is correct.

Surveillance

Surveillance Data collection Technology Risk

EU officials were targeted with Israeli surveillance software

Security Affairs

APRIL 13, 2022

According to a report published by Reuters, an Israeli surveillance software was used to spy on senior officials in the European Commission. ” NSO sent a statement to Reuters to exclude the involvement of its surveillance tools in the attacks reported by the agency. To nominate, please visit:? Pierluigi Paganini.

Surveillance

Surveillance Software Spyware Hacking

Experts link Hermit spyware to Italian surveillance firm RCS Lab and a front company

Security Affairs

JUNE 17, 2022

Experts uncovered an enterprise-grade surveillance malware dubbed Hermit used to target individuals in Kazakhstan, Syria, and Italy since 2019. Lookout Threat Lab researchers uncovered enterprise-grade Android surveillance spyware, named Hermit, used by the government of Kazakhstan to track individuals within the country.

Spyware

Spyware Surveillance Telecommunications Mobile

Senators Urge FTC to Probe ID.me Over Selfie Data

Krebs on Security

MAY 18, 2022

In a letter to FTC Chair Lina Khan , the Senators charge that ID.me’s CEO Blake Hall has offered conflicting statements about how his company uses the facial scan data it collects on behalf of the federal government and many states that use the ID proofing technology to screen applicants for unemployment insurance.

Government

Government Accountability Surveillance Data collection

QuaDream surveillance firm’s spyware targeted iPhones with zero-click exploit

Security Affairs

APRIL 12, 2023

At least five members of civil society worldwide have been targeted with spyware and exploits developed by surveillance firm QuaDream. Citizen Lab researchers reported that at least five civil society members were victims of spyware and exploits developed by the Israeli surveillance firm QuaDream. ” concludes Citizen Lab.

Spyware

Spyware Surveillance Government Malware

WhatsApp sued Israeli surveillance firm NSO Group and its parent Q Cyber Technologies

Security Affairs

OCTOBER 30, 2019

WhatsApp sued Israeli surveillance firm NSO Group, accusing it of using a flaw in its messaging service to conduct cyberespionage on journalists and activists. WhatsApp sued the Israeli surveillance firm NSO Group accusing it of carrying out malicious attacks against its users. The lawsuit filed by WhatsApp in U.S.

Surveillance

Surveillance Technology Spyware Mobile

White House seeks information on tools used for automated employee surveillance

CSO Magazine

MAY 2, 2023

The White House Office of Science and Technology Policy (OSTP) would soon be releasing a public request for information (RFI) to learn more about the automated tools employers use to surveil, monitor, evaluate, and manage workers, OSTP announced on Monday. To read this article in full, please click here

Surveillance

Surveillance Technology Risk

AI Risks

Schneier on Security

OCTOBER 9, 2023

Reading the headlines, one would hope that the rapid gains in AI technology have also brought forth a unifying realization of the risks—and the steps we need to take to mitigate them. The technology historian David C. This group’s concerns are well documented and urgent—and far older than modern AI technologies.

Risk

Risk Technology Artificial Intelligence Surveillance

Public-Interest Tech at the RSA Conference

Schneier on Security

FEBRUARY 1, 2019

One blog post described public-interest technologists as "technology practitioners who focus on social justice, the common good, and/or the public interest." Public-interest technology isn't one thing; it's many things. I maintain a resources page for public-interest technology. Defining this term is difficult.

Artificial Intelligence

Artificial Intelligence Technology Government Surveillance

Zoom Can Spy on Your Calls and Use the Conversation to Train AI, But Says That It Won’t

Schneier on Security

AUGUST 15, 2023

On Monday, the company said in a blog post that there’s no need to worry about that. It’s a stupid way to run a technological revolution. This is why we need regulation: Zoom updated its Terms of Service in March, spelling out that the company reserves the right to train AI on user data with no mention of a way to opt out.

Technology

Technology Artificial Intelligence Surveillance

GUEST ESSAY: Steps to leveraging ‘Robotic Process Automation’ (RPA) in cybersecurity

The Last Watchdog

NOVEMBER 27, 2023

This technology promises to simplify tasks, boost accuracy and quicken responses. Automation works 24/7, ensuring constant surveillance and quick responses even when humans are off the clock. The synergy between human expertise and RPA technology will be crucial in defending against cyber adversaries. They can happen anytime.

Cybersecurity

Cybersecurity Surveillance Data breaches Technology

GUEST ESSAY: The privacy implications of facial recognition systems rising to the fore

The Last Watchdog

NOVEMBER 19, 2018

Tech advances are accelerating the use of facial recognition as a reliable and ubiquitous mass surveillance tool, privacy advocates warn. Adoption of facial recognition technology is fast gaining momentum, with law enforcement and security use cases leading the way. Like any technology, facial recognition is a double edged sword.

Surveillance

Surveillance Marketing Technology Authentication

GUEST ESSAY: The many ways your supply chain is exposing your company to a cyber attack

The Last Watchdog

MAY 16, 2022

The same technologies that make supply chains faster and more effective also threaten their cybersecurity,” writes David Lukic , a privacy, security, and compliance consultant. The inherent complexity of the supply chain for modern technology is a reason why so many cybercrime attempts have been successful. Threat detection.

Cyber Attacks

Cyber Attacks Firmware Manufacturing Threat Detection

3.5m IP cameras exposed, with US in the lead

Security Affairs

DECEMBER 14, 2022

Businesses and homeowners increasingly rely on internet protocol (IP) cameras for surveillance. And while cosmetic security measures are in place, security leaders have long warned that technologies produced by Chinese companies can be exploited by China’s government. Surge in internet-facing cameras. Most insecure brands.

Surveillance

Surveillance Manufacturing Internet Internet

MY TAKE: Technologists, privacy advocates point to flaws in the Apple-Google COVID-19 tracing app

The Last Watchdog

MAY 29, 2020

Apple and Google are partnering up to bring technology to bear on COVID-19 contact tracing efforts. Apple and Google are partnering up to bring technology to bear on COVID-19 contact tracing efforts. In general, many companies and government agencies do not have great security. One or the other seems certain to unfold.

Surveillance

Surveillance Healthcare Government Data privacy

GUEST ESSAY: Has shielding and blocking electromagnetic energy become the new normal?

The Last Watchdog

OCTOBER 2, 2023

Surrounded by the invisible hum of electromagnetic energy, we’ve harnessed its power to fuel our technological marvels for decades. Often overlooked, the SIM card —short for Subscriber Identification Module—acts as the nexus between our identity and technology, illuminating the thin line between connection and surveillance.

Mobile

Mobile Technology Surveillance Education

Evaluating the GCHQ Exceptional Access Proposal

Schneier on Security

JANUARY 18, 2019

In a blog post, cryptographer Matthew Green summarized the technical problems with this GCHQ proposal. They reduce our reliance on security technologies we know how to do well -- cryptography -- to computer security technologies we are much less good at. This is especially true in the new world of physically capable computers.

Encryption

Encryption Government Surveillance Hacking

Zero-day vulnerabilities in Chrome and Android exploited by commercial spyware

Malwarebytes

MAY 24, 2022

The Google Threat Analysis Group (TAG) has revealed that of the nine zero-day vulnerabilities affecting Chrome, Android, Apple and Microsoft that it reported in 2021, five were in use by a single commercial surveillance company. Patches for the five vulnerabilities TAG mentions in its blog are available. Vulnerabilities.

Spyware

Spyware Surveillance Government Marketing

Russian cyberspies target cloud services providers and resellers to abuse delegated access

CSO Magazine

OCTOBER 27, 2021

In a new report this week, Microsoft warns that since May, the group known as Nobelium has targeted over 140 cloud service resellers and technology providers and has succeeded to compromise as many as 14. Nobelium, also known as APT29 or Cozy Bear, is considered the hacking arm of Russia's foreign intelligence service, the SVR.

Surveillance

Surveillance Technology Government Hacking

Proton Technologies makes the code of ProtonMail iOS App open source

Security Affairs

NOVEMBER 2, 2019

Proton Technologies announced this week that it has made available the source code of its popular ProtonMail iOS App. The Proton Technologies firm continues to propose initiatives aimed at ensuring the transparency of its ProtonMail applications, this week it announced the availability of the source code of its popular ProtonMail iOS App.

Technology

Technology Mobile Surveillance Advertising

GUEST ESSAY: Robust data management can prevent theft, guard intellectual property

The Last Watchdog

SEPTEMBER 11, 2023

In some cases, insiders with malintent attempt to circumvent internal processes and policies by stealing innovation through a variety of methods, including gathering human intelligence from other employees and contractors, conducting digital and even physical surveillance operations, among other strategies.

Technology

Technology Risk Surveillance Cyber threats

GUEST ESSAY: As cyber risks rise in 2020, as they surely will, don’t overlook physical security

The Last Watchdog

DECEMBER 31, 2019

Muthukrishnan Access control, surveillance , and testing are the three major components that comprise the physical security of a system. Surveillance includes monitoring and detecting intruders into the network. Access control is the restricting of access to a system. There are several types of access control methods used.

Cyber Risk

Cyber Risk Risk Firewall Surveillance

GUEST ESSAY: Going beyond watermarks to protect sensitive documents from illegal access

The Last Watchdog

JANUARY 6, 2022

As a result, The majority of businesses (55 percent) are using some sort of a tool to monitor for insider threats; including data leak prevention (DLP) software (54 percent), user behavior analytics (UBA) software (50 percent), and employee monitoring and surveillance (47 percent). The technology uses the steganography method.

Marketing

Marketing Software Surveillance Information Security

Defending Against IoT Security Camera Hacks Like Verkada

Security Boulevard

MARCH 12, 2021

Verkada was the target of a successful cyberattack that allowed the perpetrators unfettered access to the live video feeds of 150,000 surveillance cameras. Network monitoring technology could have alerted them to the attack - and helped them contain and mitigate its impact.

IoT

IoT Hacking Surveillance Technology

How security vendors are aiding Ukraine

CSO Magazine

MARCH 2, 2022

These include scanning of Microsoft Azure Active Directory (AD), Microsoft 365 and AWS environments for signs of attack, surveillance of network infrastructure both in the cloud and on-premises and supporting the retention of historical metadata to aid incident response investigations based on indicators of compromise for specific attack variants.

Threat Detection

Threat Detection Surveillance Technology Government

Why Edward Snowden is urging users to stop using ExpressVPN?

Security Affairs

SEPTEMBER 19, 2021

Last week the Israeli cybersecurity firm Kape Technologies has acquired the industry’s leading virtual private networks ExpressVPN, as part of a $936 million deal. The surveillance it represents is completely antithetical to our mission.” ” reads the response. and its ally, the U.A.E., and finally with a U.A.E.

Surveillance

Surveillance VPN Hacking Cybersecurity

GUEST ESSAY: Top 5 cyber exposures tied to the rising use of international remote workforces

The Last Watchdog

AUGUST 23, 2021

Surveillance gives cybercriminals another potential point of entry to see or steal your data. While she enjoys tackling topics across the technology space, she’s most passionate about educating readers on cybersecurity and Big Data. In some countries, government agencies may monitor your employees’ web activity.

Government

Government Internet Internet Risk

MY TAKE: Why consumers are destined to play a big role in securing the Internet of Things

The Last Watchdog

MARCH 13, 2019

Mirai and Reaper are examples of a new generation of IoT botnets comprised of millions of infected home routers and surveillance cams. National Institute of Standards and Technology (NIST) spent four years hammering out a framework for arriving at an appropriate level of IoT security, issuing NIST Special Publication 800–160 , in late 2016.

Internet

Internet Internet IoT Energy and Utilities

Vice Society ransomware gang adds the Italian City of Palermo to its data leak site

Security Affairs

JUNE 10, 2022

The attack impacted the municipal police, surveillance cameras and ZTL traffic control systems, the authorities confirmed that the problems can last for days. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”) To nominate, please visit:? Pierluigi Paganini.

Ransomware

Ransomware Data breaches Cyber Attacks Surveillance

Privacy issues in smart cities – Lessons learned from the Waterfront Toronto – Sidewalks project

Privacy and Cybersecurity Law

JUNE 29, 2020

Risk #1: Surveillance both from the State and surveillance capitalism. Capitalist surveillance particularly arose around the Quayside project because of the link to Alphabet and Google. Receive our latest blog posts by email. Digital solutions generally create the risk of law enforcement access to the data they collect.

Surveillance

Surveillance Data collection Data breaches Risk

Face search engine PimEyes stops searches of children’s faces

Malwarebytes

OCTOBER 25, 2023

.” PimEyes is a search service that uses facial recognition technology to find online photos of people. Facial recognition technology already represents an invasion of privacy. Because of the privacy implications, some tech giants have backed away from the technology, and halted their development.

Engineering

Engineering Identity Theft Surveillance Technology

Coinbase CEO confirms that Ex-Hacking Team members will ‘Transition Out’ of Neutrino

Security Affairs

MARCH 6, 2019

The US company has experienced some controversy due to the acquisition, the heated debate surrounding Neutrino comes from the involvement of Valleri and Ornaghi, who were both executives of surveillance firm Hacking Team. ” reads the blog post. “However, we had a gap in our diligence process.

Hacking

Hacking Surveillance Cryptocurrency Advertising

Report from the Cambridge Cybercrime Conference

Targeted spyware and why it’s a concern to us

Trending Sources

Do you actually need a VPN? Your guide to staying safe online!

The Real Cost of Decentralising Cybersecurity in a Fragmented Regulatory World

Privacy Roundup: Week 13 of Year 2025

Key Cybersecurity Trends for 2025. My Predictions

Zero Trust Security Model: Key Strategies, Benefits, and Implementation Best Practices

Security Roundup January 2025

The Ultimate ISO 27001 Checklist: Step-by-Step Guide to Simplify Your Compliance Journey

How New U.S. Legislation Changes Global Digital Sovereignty as We Know It

CBP Wants New Tech to Search for Hidden Data on Seized Phones

ISO 42001 Certification: Step-by-Step Guide to Achieve

On Surveillance in the Workplace

EU officials were targeted with Israeli surveillance software

Experts link Hermit spyware to Italian surveillance firm RCS Lab and a front company

Senators Urge FTC to Probe ID.me Over Selfie Data

QuaDream surveillance firm’s spyware targeted iPhones with zero-click exploit

WhatsApp sued Israeli surveillance firm NSO Group and its parent Q Cyber Technologies

White House seeks information on tools used for automated employee surveillance

AI Risks

Public-Interest Tech at the RSA Conference

Zoom Can Spy on Your Calls and Use the Conversation to Train AI, But Says That It Won’t

GUEST ESSAY: Steps to leveraging ‘Robotic Process Automation’ (RPA) in cybersecurity

GUEST ESSAY: The privacy implications of facial recognition systems rising to the fore

GUEST ESSAY: The many ways your supply chain is exposing your company to a cyber attack

3.5m IP cameras exposed, with US in the lead

MY TAKE: Technologists, privacy advocates point to flaws in the Apple-Google COVID-19 tracing app

GUEST ESSAY: Has shielding and blocking electromagnetic energy become the new normal?

Evaluating the GCHQ Exceptional Access Proposal

Zero-day vulnerabilities in Chrome and Android exploited by commercial spyware

Russian cyberspies target cloud services providers and resellers to abuse delegated access

Proton Technologies makes the code of ProtonMail iOS App open source

GUEST ESSAY: Robust data management can prevent theft, guard intellectual property

GUEST ESSAY: As cyber risks rise in 2020, as they surely will, don’t overlook physical security

GUEST ESSAY: Going beyond watermarks to protect sensitive documents from illegal access

Defending Against IoT Security Camera Hacks Like Verkada

How security vendors are aiding Ukraine

Why Edward Snowden is urging users to stop using ExpressVPN?

GUEST ESSAY: Top 5 cyber exposures tied to the rising use of international remote workforces

MY TAKE: Why consumers are destined to play a big role in securing the Internet of Things

Vice Society ransomware gang adds the Italian City of Palermo to its data leak site

Privacy issues in smart cities – Lessons learned from the Waterfront Toronto – Sidewalks project

Face search engine PimEyes stops searches of children’s faces

Coinbase CEO confirms that Ex-Hacking Team members will ‘Transition Out’ of Neutrino

Stay Connected