Data collection, Malware and Surveillance

On Executive Order 12333

Schneier on Security

SEPTEMBER 28, 2020

Although electronic surveillance programs authorized by EO 12333 generally target foreign intelligence from foreign targets, its permissive targeting standards allow for the substantial collection of Americans’ communications containing little to no foreign intelligence value.

Surveillance

Surveillance Telecommunications Internet Internet

Baidu Android apps removed from Play Store because caught collecting user details

Security Affairs

NOVEMBER 24, 2020

The code found in both apps allowed to gather device data, including model, MAC address, carrier information, and IMSI (International Mobile Subscriber Identity) number. The data collection code was found in the Baidu Push SDK, used to show real-time notifications inside both apps.

Data collection

Data collection Mobile Spyware Surveillance

A chink in the armor of China-based hacking group Nickel

Malwarebytes

DECEMBER 7, 2021

Nickel’s techniques vary, but in the end the group’s activity has only one objective, namely to implant stealthy malware for getting into networks, stealing data, and spying on government agencies, think tanks, and human rights organizations. Targets, methods, and techniques.

Hacking

Hacking Malware Surveillance Data collection

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Microsoft disrupts China-based hacking group Nickel

Malwarebytes

DECEMBER 7, 2021

Nickel’s techniques vary, but in the end the group’s activity has only one objective, namely to implant stealthy malware for getting into networks, stealing data, and spying on government agencies, think tanks, and human rights organizations. Targets, methods, and techniques.

Hacking

Hacking Malware Surveillance Data collection

Knock, Knock; Who’s There? – IoT Device Identification & Data Integrity Is No Joke

Thales Cloud Protection & Licensing

JULY 12, 2018

They all must have unique identifiers and the ability to collect and transfer data over networks to enable monitoring, surveillance, and execution of decisions based on the collected data with little or no human intervention. Protecting the integrity and confidentiality of data collected by all connected devices.

IoT

IoT Data collection Encryption eCommerce

The State of Stalkerware in 2023–2024

SecureList

MARCH 13, 2024

In most countries around the world, use of stalkerware is currently not prohibited, but installing a surveillance application on another person’s smartphone without their consent is illegal and punishable. Nevertheless, iPhone users fearing surveillance should always keep a close eye on their device.

Mobile

Mobile Passwords Surveillance Technology

The TikTok Ban: Security Experts Weigh in on the App’s Risks

Threatpost

SEPTEMBER 18, 2020

With no hard evidence of abuse, are bans warranted? The real security concerns will likely come after the ban goes into effect, researchers said in our exclusive roundtable.

Risk

Risk Data collection Surveillance Mobile

FinSpy: unseen findings

SecureList

SEPTEMBER 28, 2021

FinSpy, also known as FinFisher or Wingbird , is an infamous surveillance toolset. The Pre-Validator ensures that the victim machine is not used for malware analysis. Each shellcode collects specific system information (e.g. The macOS version of the malware is not as complicated as the Windows one. MacOS Infection.

Encryption

Encryption Malware Spyware Architecture

Security Affairs newsletter Round 223 – News of the week

Security Affairs

JULY 21, 2019

Israel surveillance firm NSO group can mine data from major social media. Poland and Lithuania fear that data collected via FaceApp could be misused. Former NSA contractor sentenced to 9 years for stealing classified data. The Problem With the Small Business Cybersecurity Assistance Act.

Small Business

Small Business Media Spyware DNS

CIA covert operations likely behind attacks against APT34 and FSB

Security Affairs

JULY 15, 2020

” President Trump extended the powers granted to the CIA, which was involved in is offensive cyber operations along with surveillance and data collection activities.

Banking

Banking Hacking Advertising Media

Advanced threat predictions for 2024

SecureList

NOVEMBER 14, 2023

The rise of destructive attacks In December of last year, shortly after we released our predictions for 2023, Russian government agencies were reported to have been targeted by a data wiper called CryWiper. The malware posed as ransomware, demanding money from the victims for “decrypting” their data.

Hacking

Hacking Energy and Utilities Media Malware

Cyber Security Informer

On Executive Order 12333

Baidu Android apps removed from Play Store because caught collecting user details

Webinars

Trending Sources

A chink in the armor of China-based hacking group Nickel

Webinars

Microsoft disrupts China-based hacking group Nickel

Knock, Knock; Who’s There? – IoT Device Identification & Data Integrity Is No Joke

The State of Stalkerware in 2023–2024

The TikTok Ban: Security Experts Weigh in on the App’s Risks

FinSpy: unseen findings

Security Affairs newsletter Round 223 – News of the week

CIA covert operations likely behind attacks against APT34 and FSB

Advanced threat predictions for 2024

Stay Connected