Privacy advocates are claiming in court that an FBI hacking operation to take down a child pornography site was unconstitutional and violated international law.That’s because the operation involved the FBI hacking 8,700 computers in 120 countries, based on a single warrant, they said.“How will other countries react to the FBI hacking in their jurisdictions without prior consent?” wrote Scarlet Kim, a legal officer with U.K.-based Privacy International.On Friday, that group, along with the Electronic Frontier Foundation (EFF) and the American Civil Liberties Union of Massachusetts, filed briefs in a lawsuit involving the FBI’s hacking operation against Playpen. The child pornography site was accessible through Tor, a browser designed for anonymous web surfing. But in 2014, the FBI managed to take it over.To read this article in full or to leave a comment, please click here
Privacy advocates are claiming in court that an FBI hacking operation to take down a child pornography site was unconstitutional and violated international law.That’s because the operation involved the FBI hacking 8,700 computers in 120 countries, based on a single warrant, they said.“How will other countries react to the FBI hacking in their jurisdictions without prior consent?” wrote Scarlet Kim, a legal officer with U.K.-based Privacy International.On Friday, that group, along with the Electronic Frontier Foundation (EFF) and the American Civil Liberties Union of Massachusetts, filed briefs in a lawsuit involving the FBI’s hacking operation against Playpen. The child pornography site was accessible through Tor, a browser designed for anonymous web surfing. But in 2014, the FBI managed to take it over.To read this article in full or to leave a comment, please click here
Apple’s iCloud appears to have been holding on to users’ deleted internet browsing histories, including records over a year old.Moscow-based forensics firm Elcomsoft noticed it was able to pull supposedly deleted Safari browser histories from iCloud accounts, such as the date and time the site was visited and when the record was deleted.“In fact, we were able to access records dated more than one year back,” wrote Elcomsoft’s CEO Vladimir Katalov in a Thursday blog post.Users can set iCloud to store their browsing history so that it's available from all connected devices. The researchers found that when a user deletes that history, iCloud doesn't actually erase it but keeps it in a format invisible to the user.To read this article in full or to leave a comment, please click here
Apple’s iCloud appears to have been holding on to users’ deleted internet browsing histories, including records over a year old.Moscow-based forensics firm Elcomsoft noticed it was able to pull supposedly deleted Safari browser histories from iCloud accounts, such as the date and time the site was visited and when the record was deleted.“In fact, we were able to access records dated more than one year back,” wrote Elcomsoft’s CEO Vladimir Katalov in a Thursday blog post.Users can set iCloud to store their browsing history so that it's available from all connected devices. The researchers found that when a user deletes that history, iCloud doesn't actually erase it but keeps it in a format invisible to the user.To read this article in full or to leave a comment, please click here
Not sure what your phone is collecting about you? A free Android app is promising to simplify the privacy settings on your smartphone, and stop any unwanted data collection.The English language app, called Privacy Assistant, comes from a team at Carnegie Mellon University, who’ve built it after six years of research studying digital privacy. “It’s very clear that a large percentage of people are not willing to give their data to any random app,” said CMU professor Norman Sadeh. “They want to be more selective with their data, so this assistant will help them do that.”To read this article in full or to leave a comment, please click here
Not sure what your phone is collecting about you? A free Android app is promising to simplify the privacy settings on your smartphone, and stop any unwanted data collection.The English language app, called Privacy Assistant, comes from a team at Carnegie Mellon University, who’ve built it after six years of research studying digital privacy. “It’s very clear that a large percentage of people are not willing to give their data to any random app,” said CMU professor Norman Sadeh. “They want to be more selective with their data, so this assistant will help them do that.”To read this article in full or to leave a comment, please click here
To better vet foreign travelers, the U.S. might demand that some visa applicants hand over the passwords to their social media accounts, a proposal that’s alarming privacy experts.“If they don’t want to give us the information, then they don’t come,” said John Kelly, the head of the Department of Homeland Security, on Tuesday.Kelly mentioned the proposal in a congressional hearing when he was asked what his department was doing to look at visa applicants’ social media activity.He said it was “very hard to truly vet” the visa applicants from the seven Muslim-majority countries covered by the Trump administration's travel ban, which is now in legal limbo. Many of the countries are failed states with little internal infrastructure, he said.To read this article in full or to leave a comment, please click here
To better vet foreign travelers, the U.S. might demand that some visa applicants hand over the passwords to their social media accounts, a proposal that’s alarming privacy experts.“If they don’t want to give us the information, then they don’t come,” said John Kelly, the head of the Department of Homeland Security, on Tuesday.Kelly mentioned the proposal in a congressional hearing when he was asked what his department was doing to look at visa applicants’ social media activity.He said it was “very hard to truly vet” the visa applicants from the seven Muslim-majority countries covered by the Trump administration's travel ban, which is now in legal limbo. Many of the countries are failed states with little internal infrastructure, he said.To read this article in full or to leave a comment, please click here
Just because you’re using a Mac doesn’t mean you’re safe from hackers. That’s what two security researchers are warning, after finding a Mac-based malware that may be an attempt by Iranian hackers to target the U.S. defense industry.The malware, called MacDownloader, was found on a website impersonating the U.S. aerospace firm United Technologies, according to a report from Claudio Guarnieri and Collin Anderson, who are researching Iranian cyberespionage threats.The fake site was previously used in a spear phishing email attack to spread Windows malware and is believed to be maintained by Iranian hackers, the researchers claimed.To read this article in full or to leave a comment, please click here
Just because you’re using a Mac doesn’t mean you’re safe from hackers. That’s what two security researchers are warning, after finding a Mac-based malware that may be an attempt by Iranian hackers to target the U.S. defense industry.The malware, called MacDownloader, was found on a website impersonating the U.S. aerospace firm United Technologies, according to a report from Claudio Guarnieri and Collin Anderson, who are researching Iranian cyberespionage threats.The fake site was previously used in a spear phishing email attack to spread Windows malware and is believed to be maintained by Iranian hackers, the researchers claimed.To read this article in full or to leave a comment, please click here
Dozens of iOS apps that are supposed to be encrypting their users' data don't do it properly, according to a security researcher.Will Strafach, CEO of Sudo Security Group, said he found 76 iOS apps that are vulnerable to an attack that can intercept protected data.The developers of the apps have accidentally misconfigured the networking-related code so it will accept an invalid Transport Layer Security (TLS) certificate, Strafach claimed in a Monday blog post. TLS is used to secure an app’s communication over an internet connection. Without it, a hacker can essentially eavesdrop over a network to spy on whatever data the app sends, such as login information. To read this article in full or to leave a comment, please click here
Dozens of iOS apps that are supposed to be encrypting their users' data don't do it properly, according to a security researcher.Will Strafach, CEO of Sudo Security Group, said he found 76 iOS apps that are vulnerable to an attack that can intercept protected data.The developers of the apps have accidentally misconfigured the networking-related code so it will accept an invalid Transport Layer Security (TLS) certificate, Strafach claimed in a Monday blog post. TLS is used to secure an app’s communication over an internet connection. Without it, a hacker can essentially eavesdrop over a network to spy on whatever data the app sends, such as login information. To read this article in full or to leave a comment, please click here
A hacker is proving that sites on the dark web, shrouded in anonymity, can easily be compromised.
On Friday, the unnamed hacker began dumping a sizable database stolen from Freedom Hosting II onto the internet, potentially exposing its users.
The hosting service, Freedom Hosting II, was known for operating thousands of sites that were accessible through the Tor browser; the "dark web" is essentially the encrypted network comprising Tor servers and browsers. But on Friday, the service appeared to be down. Its main landing page was replaced with a message saying that it had been hacked.
Allegedly, Freedom Hosting II had been hosting child pornography sites, though its anonymous operator claimed to have a zero-tolerance policy toward such content, according to the hacker behind the breach.To read this article in full or to leave a comment, please click here
A hacker is proving that sites on the dark web, shrouded in anonymity, can easily be compromised.
On Friday, the unnamed hacker began dumping a sizable database stolen from Freedom Hosting II onto the internet, potentially exposing its users.
The hosting service, Freedom Hosting II, was known for operating thousands of sites that were accessible through the Tor browser; the "dark web" is essentially the encrypted network comprising Tor servers and browsers. But on Friday, the service appeared to be down. Its main landing page was replaced with a message saying that it had been hacked.
Allegedly, Freedom Hosting II had been hosting child pornography sites, though its anonymous operator claimed to have a zero-tolerance policy toward such content, according to the hacker behind the breach.To read this article in full or to leave a comment, please click here
The U.K.’s defense secretary is accusing Russia of using cyber attacks to “disable” democratic processes across the West, and he's demanding that NATO fight back.“NATO must defend itself as effectively in the cyber sphere as it does in the air, on land, and at sea,” Defense Secretary Michael Fallon said. “So adversaries know there is a price to pay if they use cyber weapons.”Fallon made the comments in a Thursday speech about the threat of “Russia’s military resurgence.”He pointed to the Kremlin’s suspected role in influencing last year’s presidential election in the U.S., as part of growing number of alleged cyber attacks that have targeted Western governments. To read this article in full or to leave a comment, please click here
The U.K.’s defense secretary is accusing Russia of using cyber attacks to “disable” democratic processes across the West, and he's demanding that NATO fight back.“NATO must defend itself as effectively in the cyber sphere as it does in the air, on land, and at sea,” Defense Secretary Michael Fallon said. “So adversaries know there is a price to pay if they use cyber weapons.”Fallon made the comments in a Thursday speech about the threat of “Russia’s military resurgence.”He pointed to the Kremlin’s suspected role in influencing last year’s presidential election in the U.S., as part of growing number of alleged cyber attacks that have targeted Western governments. To read this article in full or to leave a comment, please click here
Sanctions imposed by former President Obama on Russia for hacking during the U.S. election had an unintended side effect: they essentially barred U.S. tech firms from selling new IT products in the country.Part of last month's sanction order was designed to block U.S. companies from doing business with Russia’s Federal Security Service, also known as the FSB, because of its suspected role in influencing last year’s election.But the FSB isn’t just an intelligence agency. It’s also a crucial regulator in Russia that clears new IT products, including smartphones and tablets, for sale in the country.To read this article in full or to leave a comment, please click here
Sanctions imposed by former President Obama on Russia for hacking during the U.S. election had an unintended side effect: they essentially barred U.S. tech firms from selling new IT products in the country.Part of last month's sanction order was designed to block U.S. companies from doing business with Russia’s Federal Security Service, also known as the FSB, because of its suspected role in influencing last year’s election.But the FSB isn’t just an intelligence agency. It’s also a crucial regulator in Russia that clears new IT products, including smartphones and tablets, for sale in the country.To read this article in full or to leave a comment, please click here
If you’re the CEO of a company, here’s another threat you need to worry about: hackers trying to recruit your employees for insider-related crimes.Researchers at security firms RedOwl and IntSights have noticed growing activity from online black market dealers trying to recruit company employees for insider trading and cashing out stolen credit card numbers. These dealers are appearing on underground forums located on the dark web, which are accessible through Tor, a browser designed for anonymous web surfing, according to the researchers, who published their findings on Tuesday. To read this article in full or to leave a comment, please click here
If you’re the CEO of a company, here’s another threat you need to worry about: hackers trying to recruit your employees for insider-related crimes.Researchers at security firms RedOwl and IntSights have noticed growing activity from online black market dealers trying to recruit company employees for insider trading and cashing out stolen credit card numbers. These dealers are appearing on underground forums located on the dark web, which are accessible through Tor, a browser designed for anonymous web surfing, according to the researchers, who published their findings on Tuesday. To read this article in full or to leave a comment, please click here
Michael Kan