SC Magazine

MARCH 10, 2021

A hacking collective compromised roughly 150,000 internet-connected surveillance cameras from Verkada, Inc., Hacktivist Tillie Kottmann is reportedly among those asserting responsibility for the incident, telling Bloomberg that their act helped expose the security holes of modern-day surveillance platforms.

Surveillance 129

Surveillance IoT Accountability Hacking 129

Security Affairs

OCTOBER 10, 2018

Millions of Xiongmai video surveillance devices can be easily hacked via cloud feature, a gift for APT groups and cyber crime syndicates. The flaws reside in a feature named the “XMEye P2P Cloud” that is enabled by default which is used to connect surveillance devices to the cloud infrastructure. Pierluigi Paganini.

Surveillance 108

Surveillance Hacking Firmware Manufacturing 108

Troy Hunt

NOVEMBER 17, 2019

References Scott Helme is running my Hack Yourself First workshop in Amsterdam on Dec 9 & 10 (he's getting awesome reviews on these too) Apparently, FinecoBank in Italy reckons you should Google your password and not use it if it appears 10 times or more (no, just don't) You'll also need to pay FinecoBank € 0.95

VPN 205

VPN Surveillance Passwords Banking 205

Malwarebytes

APRIL 9, 2025

The lawsuit claims that this gave Bathula login credentials for the victims’ personal accounts and systems, including bank accounts, emails, home surveillance systems, Dropbox accounts, Google Drives, dating applications, Google Nests, and iCloud accounts. Don’t reuse passwords. Use a password manager.

Accountability 100

Accountability Spyware Passwords Password Management 100

Threatpost

SEPTEMBER 21, 2020

A new Android malware strain has been uncovered, part of the Rampant Kitten threat group's widespread surveillance campaign that targets Telegram credentials and more.

Malware 120

Malware Passwords Surveillance Authentication 120

SecureList

NOVEMBER 29, 2021

The victim was infected by PowerShell malware and we discovered evidence that the actor had already stolen data from the victim and had been surveilling this victim for several months. It contains a password-protected RAR archive with the password shown in the email body. The RAR file contains a malicious Word document.

Surveillance 144

Surveillance Malware Phishing Encryption 144

Security Boulevard

JUNE 4, 2023

Netflix plans to crack down on the widespread practice of password sharing among households. The post Netflix Cracks Down on Password Sharing, AI Legal Research Gone Wrong, Fake Identities and Surveillance Firms appeared first on Security Boulevard.

Surveillance 64

Surveillance Passwords Data privacy InfoSec 64

Security Affairs

MARCH 20, 2025

The modular architecture of the malware allows to extend its functionalities for multiple malicious purposes, including surveillance, reconnaissance, information theft, DDoS attacks, and arbitrary code execution.

Computers and Electronics 108

Computers and Electronics Telecommunications Malware Surveillance 108

Security Affairs

DECEMBER 7, 2024

Parubets disclosed that his apartment was searched, and he was beaten to force him to reveal his device password. These extended capabilities suggest that the malware aims for comprehensive surveillance of the target device. ” continues the report.

Spyware 126

Spyware Passwords Encryption Surveillance 126

Duo's Security Blog

JULY 1, 2021

Tall Tale #1: PINs Are Just Passwords In Part 1 , we talked about how passwordless authentication is still multi-factor: Possession of a private key, ideally stored on a piece of secure hardware A biometric or PIN the authenticator uses to locally verify the user’s identity Reasoning about a PIN being used as a factor is simpler than a biometric.

Passwords 98

Passwords Surveillance Authentication Risk 98

Krebs on Security

MARCH 22, 2021

An ad for RedTorch’s “Cheetah” counter-surveillance tech. Victims of those breaches lost a lot of private data including passwords, and Frigg will help them secure their private data in the future. The Guy Fawkes mask/Anonymous threat featured prominently and often on RedTorch’s website.

Surveillance 340

Surveillance Computers and Electronics Internet Internet 340

SecureList

JUNE 16, 2021

It is interesting to note that an active Keepass (password manager) process gets killed before starting the keylogger. This is likely intended to force the user to restart the program and enter a master password that is then stolen via the keylogger. argument: path to file to upload. – List files and repositories.

Surveillance 145

Surveillance Malware Password Management Passwords 145

Security Affairs

JULY 28, 2022

The Microsoft Threat Intelligence Center (MSTIC) and the Microsoft Security Response Center (MSRC) researchers linked a threat group known as Knotweed to an Austrian surveillance firm named DSIRF, known for using multiple Windows and Adobe zero-day exploits. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Surveillance 100

Surveillance Malware Authentication Accountability 100

Security Affairs

APRIL 18, 2025

However, the limited, targeted nature of these attacks against iOS users suggests that commercial surveillance vendors or a nation-state actor likely exploited the flaws. Attackers triggered the flaw to leak NTLM hashes or user passwords. As usual, Apple has not shared technical details about the attacks. ” states Check Point.

Authentication 102

Authentication Surveillance Passwords Media 102

Security Boulevard

MARCH 24, 2025

Surveillance Tech in the News This section covers surveillance technology and methods in the news. Specifically, it was fetching account icons and defaulted to opening password reset pages over HTTP. Once bypassed, threat actors had high-level access and could view information such as user passwords and other stored credentials.

Surveillance 75

Surveillance Telecommunications Data breaches Malware 75

SecureWorld News

APRIL 24, 2023

As the frequency of data breaches surges, it becomes increasingly imperative to guarantee the security and adequate encryption of passwords. In this article, I will provide an overview of password encryption, explaining its essence and modus operandi. What is password encryption? Why is password encryption necessary?

Encryption 98

Encryption Passwords Software Password Management 98

Security Affairs

DECEMBER 14, 2022

Some of the most popular brands don’t enforce a strong password policy, meaning anyone can peer into their owners’ lives. Businesses and homeowners increasingly rely on internet protocol (IP) cameras for surveillance. Original post at [link]. After looking at 28 of the most popular manufacturers, our research team found 3.5

Surveillance 145

Surveillance Manufacturing Internet Passwords 145

Security Affairs

APRIL 5, 2025

cell carrier and instantly retrieve a list of its recent incoming callscomplete with timestampswithout compromising the device, guessing a password, or alerting the user.” Call metadata can enable real-time surveillance if misused. . “Imagine if anyone could punch in a phone number from the largest U.S.

Wireless 104

Wireless Surveillance Risk Media 104

Krebs on Security

JUNE 17, 2020

The CIA produced the report in October 2017, roughly seven months after Wikileaks began publishing Vault 7 — reams of classified data detailing the CIA’s capabilities to perform electronic surveillance and cyber warfare. Not allowing multiple users to share administrative-level passwords.

Data breaches 353

Data breaches Security Awareness Surveillance Media 353

Security Affairs

DECEMBER 4, 2024

Disabling unnecessary protocols and services, avoiding default passwords, and verifying software integrity bolster resilience. Organizations should adopt secure password storage, phishing-resistant MFA, session token limits, and Role-Based Access Control (RBAC). “For are essential for protecting data.

Telecommunications 112

Telecommunications Government Mobile Cyber threats 112

Krebs on Security

SEPTEMBER 12, 2023

Citizen Lab says the bug it discovered was being exploited to install spyware made by the Israeli cyber surveillance company NSO Group. “They could also conduct pass-the-hash attacks, where the attacker uses the hashed version of a password to authenticate themselves without needing to decrypt it.” and iPadOS 16.6.1.

Spyware 316

Spyware Software Surveillance Authentication 316

Security Affairs

JANUARY 2, 2021

According to the alert issued by the FBI, the swatters have been hijacking smart devices such as video and audio capable home surveillance devices. Threat actors likely take advantage of customers’ bad habit of re-using email passwords for their smart device. Users should update their passwords on a regular basis.

Passwords 144

Passwords Surveillance Manufacturing Accountability 144

The Security Ledger

AUGUST 21, 2020

In this episode of the Security Ledger Podcast (#188), sponsored* by LastPass, we take a look at the fast-expanding world of crowdsourced surveillance by doing a deep dive on Flock Safety, a start up that sells inexpensive license plate scanners to homeowners and police departments. Flying in Surveillance’s Gray Zone.

Surveillance 52

Surveillance Passwords Technology Internet 52

The Last Watchdog

FEBRUARY 6, 2019

This week civil liberties groups in Europe won the right to challenge the UK’s bulk surveillance activities in the The Grand Chamber of the European Court of Human Rights. Related: Snowden on unrestrained surveillance. Ubiquitous surveillance. It’s a healthy thing that a captain of industry can see this. Advanced use cases.

Surveillance 157

Surveillance Technology Retail Artificial Intelligence 157

WIRED Threat Level

NOVEMBER 24, 2018

A USPS data leak, Windows passwords go bye-bye, and more security news this week.

Surveillance 93

Surveillance Insurance Passwords 93

Schneier on Security

JULY 4, 2019

After I gave him the password to my iPhone, Moncivias spent three hours reviewing hundreds of photos and videos and emails and calls and texts, including encrypted messages on WhatsApp, Signal, and Telegram. Pretty horrible story of a US journalist who had his computer and phone searched at the border when returning to the US from Mexico.

Passwords 278

Passwords Media Encryption Internet 278

SecureWorld News

APRIL 13, 2025

For instance, errors in the password or odd login habits can be tracked using good AI-driven password managers. 1Password is a top-tier password manager that provides secure password storage, multi-device syncing, and simplified sharing. Variations in these behavioral patterns can be identified as possible dangers.

Cybersecurity 98

Cybersecurity Artificial Intelligence Threat Detection Cyber threats 98

Schneier on Security

NOVEMBER 13, 2018

There's just one specific in the law that's not subject to the attorney general's interpretation: Default passwords are not allowed. Once this kind of sorting is possible, companies will, in all likelihood, return to their profitable surveillance capitalism practices on those who are still fair game. This law is not a panacea.

IoT 257

IoT Manufacturing Internet Internet 257

Security Affairs

JUNE 12, 2025

RTSP is popular in professional surveillance for low-latency streaming. Exposed feeds include private residences, retail shops, public transport, and patient areas—revealing a wide-scale risk from improperly configured surveillance systems across all sectors. To capture screenshots, they tested common RTSP URIs (e.g.,

Hacking 52

Hacking Telecommunications Internet Internet 52

The Security Ledger

AUGUST 21, 2020

In this episode of the Security Ledger Podcast (#188), sponsored* by LastPass, we take a look at the fast-expanding world of crowdsourced surveillance by doing a deep dive on Flock Safety, a start up that sells inexpensive license plate scanners to homeowners and police departments. Flying in Surveillance’s Gray Zone.

Surveillance 52

Surveillance Passwords Technology Internet 52

Krebs on Security

OCTOBER 28, 2020

In August, Gunnebo said it had successfully thwarted a ransomware attack, but this week it emerged that the intruders stole and published online tens of thousands of sensitive documents — including schematics of client bank vaults and surveillance systems.

Hacking 358

Hacking Ransomware Banking Accountability 358

Security Affairs

MARCH 23, 2020

Experts observed multiple botnets exploiting zero-day vulnerabilities in DVRs for surveillance systems manufactured by Taiwan-based LILIN. Botnet operators are exploiting several zero-day vulnerabilities in digital video recorders (DVRs) for surveillance systems manufactured by Taiwan-based LILIN-.

Firmware 139

Firmware Surveillance Manufacturing Advertising 139

Security Affairs

MARCH 27, 2025

Compromised data includes usernames, passwords, security details, emails, and Firebase integration data. At this time, the group also listed the company Oregon Surveillance Network on the leak site. The ransomware group steals victims’ data to pressure them into paying a “generous fee.” million accounts.

Hacking 77

Hacking Telecommunications Data breaches Internet 77

Security Boulevard

FEBRUARY 17, 2025

Surveillance Tech in the News This section covers surveillance technology and methods in the news. Introducing Bitwarden Cupid Vault to securely share (and unshare) passwords with loved ones Bitwarden Bitwarden has already had the ability to securely share passwords. Tips for finding old accounts.

Surveillance 52

Surveillance Data breaches VPN Malware 52

Security Boulevard

MARCH 3, 2025

Surveillance Tech in the News This section covers surveillance technology and methods in the news. The surveillance tech waiting for workers as they return to the office ArsTechnica RTO continues to pick up steam. In pursuit of "more productivity," some employers are leaning heavily into surveillance tech.

Surveillance 52

Surveillance Data breaches Firmware Encryption 52

Security Affairs

DECEMBER 29, 2018

A vulnerability in the Guardzilla home video surveillance system could be exploited by users to watch Guardzilla footage of other users. The Guardzilla All-In-One Video Security System is an indoor video surveillance solution. “ The bad news is that the vendor hasn’t yet addressed the flaw.

Firmware 109

Firmware Surveillance IoT Passwords 109

Webroot

MARCH 9, 2021

Pretending to be someone else, these hackers manipulate their victims into opening doors to systems or unwittingly sharing passwords or banking details. However, cybercriminals can also use legal DNS traffic surveillance to their advantage. Today’s cybercriminals are masters at exploiting basic human trust.

Hacking 132

Hacking DNS Surveillance Cybercrime 132