Data collection, Encryption and Surveillance

China’s Olympics App Is Horribly Insecure

Schneier on Security

JANUARY 21, 2022

Key Findings: MY2022, an app mandated for use by all attendees of the 2022 Olympic Games in Beijing, has a simple but devastating flaw where encryption protecting users’ voice audio and file transfers can be trivially sidestepped. Citizen Lab examined the app and found it riddled with security holes.

Surveillance

Surveillance Encryption Wireless Government

5G Security

Schneier on Security

JANUARY 14, 2020

These insecurities are a result of market forces that prioritize costs over security and of governments, including the United States, that want to preserve the option of surveillance in 5G networks. Susan Gordon, then-U.S. Indeed, the United States needs to accept 5G's insecurities and build secure systems on top of it. What's more, U.S.

Data collection

Data collection Software Marketing Government

Judging Facebook's Privacy Shift

Schneier on Security

MARCH 13, 2019

And if you read his 3,000-word post carefully, Zuckerberg says nothing about changing Facebook's surveillance capitalism business model. Better data security so Facebook sees less. On the other hand, WhatsApp -- purchased by Facebook in 2014 -- provides users with end-to-end encrypted messaging. How Facebook manages for privacy.

Surveillance

Surveillance Advertising Engineering Encryption

Breaking Down User Activity Monitoring Tools: Security and HR Perspectives

SecureWorld News

JANUARY 4, 2024

From an information security department's perspective, the more data collected on employee actions, the more effectively potential incidents can be investigated. On the flip side, employees often lack access to the data collected by UAM solutions. This is particularly relevant for remote workers.

Data collection

Data collection Artificial Intelligence Surveillance Risk

China’s Olympics App Is Horribly Insecure

Security Boulevard

JANUARY 21, 2022

Key Findings: MY2022, an app mandated for use by all attendees of the 2022 Olympic Games in Beijing, has a simple but devastating flaw where encryption protecting users’ voice audio and file transfers can be trivially sidestepped. Citizen Lab examined the app and found it riddled with security holes.

Encryption

Encryption Data collection Surveillance

Understanding the Different Types of Audit Evidence

Centraleyes

APRIL 18, 2024

This evidence serves multiple purposes, including: Verification of Controls : Auditors rely on evidence to verify the existence and effectiveness of cybersecurity controls, from access management to encryption mechanisms. The audit includes reviewing risk analysis, data access controls, encryption procedures, and physical security controls.

Risk

Risk Penetration Testing Encryption Cybersecurity

Privacy predictions 2022

SecureList

NOVEMBER 23, 2021

Citizens, for their part, are increasingly concerned with surveillance capitalism , a lack of anonymity and dependence on online services. Facebook (now Meta) moved towards more privacy for its users as well, providing end-to-end encrypted backups in WhatsApp and removing the facial recognition system in its entirety from Facebook.

Government

Government Internet Internet Technology

Camera tricks: Privacy concerns raised after massive surveillance cam breach

SC Magazine

MARCH 10, 2021

A hacking collective compromised roughly 150,000 internet-connected surveillance cameras from Verkada, Inc., Hacktivist Tillie Kottmann is reportedly among those asserting responsibility for the incident, telling Bloomberg that their act helped expose the security holes of modern-day surveillance platforms.

Surveillance

Surveillance IoT Accountability Passwords

Knock, Knock; Who’s There? – IoT Device Identification & Data Integrity Is No Joke

Thales Cloud Protection & Licensing

JULY 12, 2018

They all must have unique identifiers and the ability to collect and transfer data over networks to enable monitoring, surveillance, and execution of decisions based on the collected data with little or no human intervention. Maintaining the privacy of sensitive data is imperative in most industries.

IoT

IoT Data collection Encryption eCommerce

Quad9 to move offices to Switzerland, invites other privacy-focused firms to follow

SC Magazine

FEBRUARY 17, 2021

It offers additional privacy and security features, including screening for malicious domains and encryption. The company received a finding of law from the Swiss government that it will not be treated as a telecommunications provider, exempting it from laws that would mandate data collection. and Google Public DNS.

DNS

DNS Telecommunications Surveillance Data collection

Best Wi-Fi Security & Performance Testing Tools for 2022

eSecurity Planet

MAY 20, 2022

Unless security best practices are followed, snoopers can gain access from outside, and hackers can install rogue APIs (application programming interfaces) or crack security encryption with the help of sophisticated hardware sniffers. RF Explorer. Figuring out what causes Wi-Fi to go wrong can be tedious. Wi-Fi Surveyor.

Security Performance

Security Performance Wireless Encryption Penetration Testing

FinSpy: unseen findings

SecureList

SEPTEMBER 28, 2021

FinSpy, also known as FinFisher or Wingbird , is an infamous surveillance toolset. Both of them are encrypted with RC4. All communications between the server are encrypted with RC4. The Trojan’s Cryptography Library to encrypt/decrypt exchanged data. The encrypted VFS file. The Initial Loader.

Encryption

Encryption Malware Spyware Architecture

After Section 702 Reauthorization

Schneier on Security

JANUARY 31, 2018

For over a decade, civil libertarians have been fighting government mass surveillance of innocent Americans over the Internet. On January 18, President Trump signed the renewal of Section 702, domestic mass surveillance became effectively a permanent part of US law. We need to look at US surveillance law more generally.

Surveillance

Surveillance Internet Internet Government

Advanced threat predictions for 2024

SecureList

NOVEMBER 14, 2023

The rise of destructive attacks In December of last year, shortly after we released our predictions for 2023, Russian government agencies were reported to have been targeted by a data wiper called CryWiper. The malware posed as ransomware, demanding money from the victims for “decrypting” their data.

Hacking

Hacking Energy and Utilities Media Malware

Top VC Firms in Cybersecurity of 2022

eSecurity Planet

APRIL 26, 2022

Company Sector Year Status Beyond Identity Identity management 2020 Private Expel Managed security service 2016 Private Tigera Zero trust for K8s 2016 Private Intrinsic Application security 2016 Acquired: VMware HackerOne Penetration testing 2015 Private Virtru Data encryption 2014 Private Cloudflare Cloud infrastructure 2010 NYSE: NET.

Cybersecurity

Cybersecurity Technology Marketing Healthcare

Cyber Security Informer

China’s Olympics App Is Horribly Insecure

5G Security

Trending Sources

Judging Facebook's Privacy Shift

Breaking Down User Activity Monitoring Tools: Security and HR Perspectives

China’s Olympics App Is Horribly Insecure

Understanding the Different Types of Audit Evidence

Privacy predictions 2022

Camera tricks: Privacy concerns raised after massive surveillance cam breach

Knock, Knock; Who’s There? – IoT Device Identification & Data Integrity Is No Joke

Quad9 to move offices to Switzerland, invites other privacy-focused firms to follow

Best Wi-Fi Security & Performance Testing Tools for 2022

FinSpy: unseen findings

After Section 702 Reauthorization

Advanced threat predictions for 2024

Top VC Firms in Cybersecurity of 2022

Stay Connected