nationalsecuritypolicy – SSL and internet security news

UAE Hack and Leak Operations

August 13, 2020 infossl

academicpapers, cybersecurity, hacking, leaks, nationalsecuritypolicy, qatar, saudiarabia, Security technology, unitedarabemirates

Interesting paper on recent hack-and-leak operations attributed to the UAE: Abstract: Four hack-and-leak operations in U.S. politics between 2016 and 2019, publicly attributed to the United Arab Emirates (UAE), Qatar, and Saudi Arabia, should be seen as the “simulation of scandal” – deliberate attempts to direct moral judgement against their target. Although “hacking” tools enable … Read More “UAE Hack and Leak Operations” »

Collecting and Selling Mobile Phone Location Data

August 11, 2020 infossl

geolocation, nationalsecuritypolicy, phones, privacy, Security technology, surveillance

The Wall Street Journal has an article about a company called Anomaly Six LLC that has an SDK that’s used by “more than 500 mobile applications.” Through that SDK, the company collects location data from users, which it then sells. Anomaly Six is a federal contractor that provides global-location-data products to branches of the U.S. … Read More “Collecting and Selling Mobile Phone Location Data” »

On the Twitter Hack

July 20, 2020 infossl

bitcoin, encryption, essays, hacking, nationalsecuritypolicy, scams, Security technology, socialmedia, twitter

Twitter was hacked this week. Not a few people’s Twitter accounts, but all of Twitter. Someone compromised the entire Twitter network, probably by stealing the log-in credentials of one of Twitter’s system administrators. Those are the people trusted to ensure that Twitter functions smoothly. The hacker used that access to send tweets from a variety … Read More “On the Twitter Hack” »

Analyzing IoT Security Best Practices

June 25, 2020 infossl

academicpapers, internetofthings, nationalsecuritypolicy, Security technology, securityengineering

New research: “Best Practices for IoT Security: What Does That Even Mean?” by Christopher Bellman and Paul C. van Oorschot: Abstract: Best practices for Internet of Things (IoT) security have recently attracted considerable attention worldwide from industry and governments, while academic research has highlighted the failure of many IoT product manufacturers to follow accepted practices. … Read More “Analyzing IoT Security Best Practices” »

Examining the US Cyber Budget

June 15, 2020 infossl

cyberattack, cybersecurity, defense, homelandsecurity, nationalsecuritypolicy, Security technology

Jason Healey takes a detailed look at the US federal cybersecurity budget and reaches an important conclusion: the US keeps saying that we need to prioritize defense, but in fact we prioritize attack. To its credit, this budget does reveal an overall growth in cybersecurity funding of about 5 percent above the fiscal 2019 estimate. … Read More “Examining the US Cyber Budget” »

AI and Cybersecurity

May 19, 2020 infossl

artificialintelligence, attribution, cybersecurity, nationalsecuritypolicy, reports, Security technology

Ben Buchanan has written “A National Security Research Agenda for Cybersecurity and Artificial Intelligence.” It’s really good — well worth reading. Powered by WPeMatico

US Government Exposes North Korean Malware

May 14, 2020 infossl

antivirus, malware, nationalsecuritypolicy, northkorea, Security technology

US Cyber Command has uploaded North Korean malware samples to the VirusTotal aggregation repository, adding to the malware samples it uploaded in February. The first of the new malware variants, COPPERHEDGE, is described as a Remote Access Tool (RAT) “used by advanced persistent threat (APT) cyber actors in the targeting of cryptocurrency exchanges and related … Read More “US Government Exposes North Korean Malware” »

Emergency Surveillance During COVID-19 Crisis

March 20, 2020 infossl

china, covid19, datacollection, eff, epidemiology, iran, israel, nationalsecuritypolicy, privacy, Security technology, surveillance

Israel is using emergency surveillance powers to track people who may have COVID-19, joining China and Iran in using mass surveillance in this way. I believe pressure will increase to leverage existing corporate surveillance infrastructure for these purposes in the US and other countries. With that in mind, the EFF has some good thinking on … Read More “Emergency Surveillance During COVID-19 Crisis” »

Security of Health Information

March 5, 2020 infossl

cybersecurity, epidemiology, essays, medicine, nationalsecuritypolicy, privacy, Security technology, securitypolicies, vulnerabilities

The world is racing to contain the new COVID-19 virus that is spreading around the globe with alarming speed. Right now, pandemic disease experts at the World Health Organization (WHO), the US Centers for Disease Control and Prevention (CDC), and other public-health agencies are gathering information to learn how and where the virus is spreading. … Read More “Security of Health Information” »

Newly Declassified Study Demonstrates Uselessness of NSA’s Phone Metadata Program

February 26, 2020 infossl

intelligence, metadata, nationalsecuritypolicy, nsa, phones, Security technology

The New York Times is reporting on the NSA’s phone metadata program, which the NSA shut down last year: A National Security Agency system that analyzed logs of Americans’ domestic phone calls and text messages cost $100 million from 2015 to 2019, but yielded only a single significant investigation, according to a newly declassified study. … Read More “Newly Declassified Study Demonstrates Uselessness of NSA’s Phone Metadata Program” »