Hacking Team Founder: ‘Hacking Team is Dead’

The founder and former CEO of the infamous surveillance technology company Hacking Team wrote a bizarre obituary for his old company on its official LinkedIn account.

David Vincenzetti posted a short message saying “Hacking Team is dead” on Tuesday, more than a year after the Italian company was acquired by another cybersecurity firm and rebranded as Memento Labs. As Motherboard reported earlier this year, Memento Labs is struggling to take off after several key Hacking Team employees have left, slowing down the development of new products that it would need to compete with companies such as NSO Group.

https://www.thinkingport.com/2020/05/26/news-94365/

https://t3n.de/news/spionagesoftware-hacking-team-tot-1284946

#HackingTeam #MementoLabs #nso #finfisher #surveillance #cybersecurity #Vincenzetti
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv

Real-Time Passive Sound Recovery from Light Bulb Vibrations

Spies Can Listen to Your Conversations by Watching a Light Bulb in the Room

You might not believe it, but it's possible to spy on secret conversations happening in a room from a nearby remote location just by observing a light bulb hanging in there—visible from a window—and measuring the amount of light it emits.

A team of cybersecurity researchers has developed and demonstrated a novel side-channel attacking technique that can be applied by eavesdroppers to recover full sound from a victim's room that contains an overhead hanging bulb.

The findings were published in a new paper by a team of academics—Ben Nassi, Yaron Pirutin, Adi Shamir, Yuval Elovici and Boris Zadov—from the Israeli's Ben-Gurion University of the Negev and the Weizmann Institute of Science, which will also be presented at the Black Hat USA 2020 conference later this August.

The technique for long-distance eavesdropping, called "Lamphone," works by capturing minuscule sound waves optically through an electro-optical sensor directed at the bulb and using it to recover speech and recognize music.

https://www.nassiben.com/lamphone

PDF:
https://ad447342-c927-414a-bbae-d287bde39ced.filesusr.com/ugd/a53494_443addc922e048d89a664c2423bf43fd.pdf

👉🏼 Read more:
https://thehackernews.com/2020/06/lamphone-light-bulb-spy.html

#spy #cybersecurity #lightbulb #blackhat #sidechannel #attack
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv

National Security Agency |Cybersecurity Information

Securing IPsec Virtual Private Networks

Many organizations currently utilizeIP Security (IPsec) Virtual Private Networks (VPNs) to connect remote sites andenable telework capabilities. These connections use cryptographytoprotect sensitive information that traversesuntrusted networks. To protect this trafficand ensure data confidentiality, it is critical that these VPNs use strong cryptography.This guidance identifiescommon VPN misconfigurations andvulnerabilities.

👀 PDF:
https://media.defense.gov/2020/Jul/02/2002355625/-1/-1/0/SECURING_IPSEC_VIRTUAL_PRIVATE_NETWORKS_EXECUTIVE_SUMMARY_2020_07_01_FINAL_RELEASE.PDF

#nsa #cybersecurity #IPsec #vpn #information #guide #pdf
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@NoGoolag
📡@BlackBox

Report: No-Log VPNs Exposed Users’ Logs and Personal Details for All to See

A group of free VPN (virtual private network) apps left their server completely open and accessible, exposing private user data for anyone to see. This lack of basic security measures in an essential part of a cybersecurity product is not just shocking. It also shows a total disregard for standard VPN practices that put their users at risk.

The vpnMentor research team, led by Noam Rotem, uncovered the server and found Personally Identifiable Information (PII) data for potentially over 20 million VPN users, according to claims of user numbers made by the VPNs.

Each of these VPNs claims that their services are “no-log” VPNs, which means that they don’t record any user activity on their respective apps. However, we found multiple instances of internet activity logs on their shared server. This was in addition to the PII data, which included email addresses, clear text passwords, IP addresses, home addresses, phone models, device ID, and other technical details.

The VPNs affected are UFO VPN, FAST VPN, Free VPN, Super VPN, Flash VPN, Secure VPN, and Rabbit VPN – all of which appear to be connected by a common app developer and white-labeled for other companies.

👀 👉🏼 https://www.vpnmentor.com/blog/report-free-vpns-leak/

#vpn #breach #leak #cybersecurity
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

PM Modi: India will soon have a new cyber security policy

During today's Independence Day speech, PM Modi announced India will soon introduce a new cyber security policy.

During today’s Independence Day speech, Prime Minister Narendra Modi said that technology will play a big role in developing the country. PM also made a crucial announcement related to the importance of cyber security. Modi announced India will soon introduce a new cyber security policy.

Addressing the nation from New Delhi’s Red Fort, PM Modi talked about threats from cyber space that can harm the country’s society, economy and development. He said, “threats from cyber space can endanger all these aspects of Indian life.” “The government is alert on this,” PM Modi said added and said the government of India will soon come out with a policy on this. The details related to the cyber security policy will be revealed in the days to come.

https://indianexpress.com/article/technology/tech-news-technology/pm-modi-india-will-have-a-new-cybersecurity-policy-soon-6555565/

#Asia #India #cybersecurity #policy

Budding cyber crims can now enrol at ‘hacker university’

For a one-off fee of $125, you too can become one of those scumbags who preys on elderly Internet users and small online businesses.

Cybersecurity software provider Armor this week revealed in its latest annual threat report that it has found a so-called ‘hacker university’ offering online courses that teach students how to commit various cyber crimes. These include how to access a router’s admin software; deploying ransomware; locating targets on compromised networks; and trafficking stolen credit card information, among others.

According to Armor, the ‘university’ also plans to sell its own range of ransomware, keyloggers password stealers, and trojans.

All of this is accessible for the low price of $125, paid in Bitcoin or Monero – a cryptocurrency that prides itself in offering anonymous payments.

“Creators of the site advertise that they want to ‘teach people about cybercrime and how to become a professional cybercriminal. By taking the course offered you will gain the knowledge and skills needed to hack an individual or company successfully with whatever malware you have at your disposal’,” said Armor, in its threat report.

Charming. Presumably the university doesn’t offer a course on ethics, where students are encouraged to try and reconcile their idealised image of hackers as modern-day outlaws with the reality that all they are really doing is stealing old peoples’ pensions.

Among the other findings in Armor’s report is an a la carte menu of various dark-Web products and services and their prices.

These include but are not limited to perennial favourites like an individual’s credit card information ($5-$35 depending on nationality and type of card) or DDoS attack ($100-$250 depending on the size of Website), to something a little more exotic, like personal identifiable information – street-name ‘fullz’ – or a white-label turnkey e-commerce platform that enables anyone to set up their own darkweb online store. There is even a service that offers to destroy a rival small business by bombarding it with spam and unwanted items ($185).

👀 👉🏼 https://telecoms.com/506692/budding-cyber-crims-can-now-enrol-at-hacker-university/

#cyber #crims #crime #hacker #university #cybersecurity #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Suspected Russian hack is much worse than first feared: Here's what you need to know

👉🏼 The U.S. Cybersecurity and Infrastructure Security Agency said the threat "poses a grave risk to the federal government."

👉🏼 CISA has not said who it thinks is the "advanced persistent threat actor" behind the "significant and ongoing" campaign, but many experts are pointing to Russia.

👉🏼 It's not clear exactly what the hackers have done beyond accessing top-secret U.S. government networks and monitoring data.

The scale of a sophisticated cyberattack on the U.S. government that was unearthed this week is much bigger than first anticipated.

The Cybersecurity and Infrastructure Security Agency said in a summary Thursday that the threat "poses a grave risk to the federal government."

It added that "state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations" are also at risk.

CISA believes the attack began at least as early as March. Since then, multiple government agencies have reportedly been targeted by the hackers, with confirmation from the Energy and Commerce departments so far.

"This threat actor has demonstrated sophistication and complex tradecraft in these intrusions," CISA said. "Removing the threat actor from compromised environments will be highly complex and challenging."

https://telegra.ph/Suspected-Russian-hack-is-much-worse-than-first-feared-Heres-what-you-need-to-know-12-18

via www.cnbc.com

#hacker #hacked #usa #russia #cybersecurity #cyberattack #compromised #cisa
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@NoGoolag
📡@BlackBox

Login To HELL: The nightmares of an infosec professional in South America

"In 2014, Alberto Daniel Hill, an expert in cybersecurity, found a security issue in a medical provider’s website. In reporting the issue, it led him to become the first person imprisoned in Uruguay for a computer-related crime—a crime he didn’t commit, and one that probably never even happened.

Alberto, a hacker, was the perfect target for a judicial system that doesn’t understand cybersecurity or cybercrimes. Through police misconduct and incompetence, his life was thrown into upheaval, and he is still recovering from a system where there are no guarantees of a fair trial.

https://media.ccc.de/v/rc3-625023-login_to_hell

🎙Darknetdiaries - EP 25: Alberto
https://t.me/BlackBox_Archiv/1678

#alberto #truecrime #darknetdiaries #rc3 #ccc #cybersecurity #cybercrime #podcast #video
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Apple Tracks Every Tap On Its App Store
@takebackourtech | SOURCE

iOS developers & privacy researchers at Mysk have recently found that the Apple App Store sends every tap you make to Apple.

https://nitter.takebackourtech.org/mysk_co/status/1588308341780262912

—
⚡️ Follow us
🗣 Discuss
📩 Newsletter

0xor0ne@infosec.exchange - Beginners introduction to stack buffer overflows by Stefano Lanaro

https://steflan-security.com/complete-guide-to-stack-buffer-overflow-oscp/

#infosec #cybersecurity #beginners #learning #BufferOverflow

KeePassXC Vulnerability CVE-2023-35866 allows attackers to change the master password and second-factor authentication settings
BY DO SON · JUNE 19, 2023

KeePassXC, a modern and secure password manager, is the bulwark of choice for many who demand the utmost security in managing their personal data. However, every fortress has its weakness. A recent vulnerability was discovered in KeePassXC: CVE-2023-35866.

mttaggart@infosec.exchange - Right so, in KeePassXC, if you have an unlocked session, the change password flow does not require you to enter the current database password.

That means someone who accesses the machine locally (Or via RDP? Maybe?) would be able to change those settings. But then, they'd also be able to just read the passwords so ¯\_(ツ)_/¯

#CVE202335866 #ThreatIntel #InfoSec #CyberSecurity


#KeepassXC

Leveraging Android Permissions: A Solver Approach – Thalium - 2022

The logic of the rules behind this system are mostly implemented in two framework services: PermissionManagerService and PackageManagerService.

Recently, those components have suffered from several vulnerabilities that were found through fuzzing. They led to critical privilege escalation without user consent.

In this blog post, we first present a case study of a permission management vulnerability. Then, we describe the solver approach we followed to help in the vulnerability research. Eventually, we explain a new vulnerability that was discovered thanks to the solver, and which was reported to Google.

#Cybersecurity #Vulnerabilities #ApplicationPermissions #Android

0xor0ne@infosec.exchange - Very cool series about persistence in Linux environments

Persistence map: https://pberba.github.io/assets/posts/common/20220201-linux-persistence.pdf

Auditd, Sysmon, Osquery: https://pberba.github.io/security/2021/11/22/linux-threat-hunting-for-persistence-sysmon-auditd-webshell/

Account Creation and Manipulation: https://pberba.github.io/security/2021/11/23/linux-threat-hunting-for-persistence-account-creation-manipulation/

Systemd, Timers, and Cron: https://pberba.github.io/security/2022/01/30/linux-threat-hunting-for-persistence-systemd-timers-cron/

Initialization Scripts and Shell Configuration: https://pberba.github.io/security/2022/02/06/linux-threat-hunting-for-persistence-initialization-scripts-and-shell-configuration/

Systemd Generators: https://pberba.github.io/security/2022/02/07/linux-threat-hunting-for-persistence-systemd-generators/

#Linux #kernel #malware #cybersecurity #infosec

France’s browser-based website blocking proposal will set a disastrous precedent for the open internet –Mozzila Blog

"In a well-intentioned yet dangerous move to fight online fraud, France is on the verge of forcing browsers to create a dystopian technical capability. It would force browser providers to create the means to mandatorily block websites present on a government provided list. Such a move will overturn decades of established content moderation norms and provide a playbook for authoritarian governments"

#censorship
#france #browser #cybersecurity #mozilla #security #surveillance

Privacy Companies Push Back Against EU Plot To End Online Privacy

An urgent appeal has been relayed to ministers across the #EU by a consortium of tech companies, exacting a grave warning against backing a proposed regulation focusing on child sexual abuse as a pretense to jeopardize the security integrity of internet services relying on end-to-end encryption and end privacy for all citizens.

In a open letter a total of 18 organizations – predominantly comprising providers of encrypted email and messaging services – have voiced concerns about the potential experimental regulation by the European Commission (EC), singling out the “detrimental” effects on children’s #privacy and #security and the possible dire repercussions for #cybersecurity.

#BigBrother #EUChatControl
#ChatControl #Encryption

Know Thy Enemy: The Taxonomies That Meta Uses to Map the Offensive Privacy Space

This talk introduces and examines privacy-inclusive taxonomies Meta has developed and uses to track privacy weaknesses, enumerate privacy adversarial TTPs, deconflict privacy and security efforts, and scale detection and remediation efforts. Taxonomies, such as #MITRE's #CVE, #CAPEC, and #ATT&CK® #frameworks, have long been used to track and understand cybersecurity weaknesses and the tactics of cyber adversaries. These taxonomies help #organizations stay abreast of trends, guide software development best practices, and pinpoint the most effective remediation and detection strategies to common #cybersecurity issues. As the field of offensive privacy matures, organizations require similar taxonomies to understand #privacy threats and align efforts across #security and privacy teams....

By: Zach Miller , David Renardy

Full Abstract and Presentation Materials