Uncategorized – Page 77 – SSL and internet security news

Critical Vulnerabilities in GPS Trackers

July 21, 2022 infossl

china, gps, Security technology, tracking, Uncategorized, vulnerabilities

This is a dangerous vulnerability: An assessment from security firm BitSight found six vulnerabilities in the Micodus MV720, a GPS tracker that sells for about $20 and is widely available. The researchers who performed the assessment believe the same critical vulnerabilities are present in other Micodus tracker models. The China-based manufacturer says 1.5 million of … Read More “Critical Vulnerabilities in GPS Trackers” »

Russia Creates Malware False-Flag App

July 20, 2022 infossl

hacking, malware, russia, Security technology, ukraine, Uncategorized

The Russian hacking group Turla released an Android app that seems to aid Ukrainian hackers in their attacks against Russian networks. It’s actually malware, and provides information back to the Russians: The hackers pretended to be a “community of free people around the world who are fighting russia’s aggression”—much like the IT Army. But the … Read More “Russia Creates Malware False-Flag App” »

NSO Group’s Pegasus Spyware Used against Thailand Pro-Democracy Activists and Leaders

July 19, 2022 infossl

Citizen Lab, hacking, human rights, Security technology, spyware, Thailand, Uncategorized

Yet another basic human rights violation, courtesy of NSO Group: Citizen Lab has the details: Key Findings We discovered an extensive espionage campaign targeting Thai pro-democracy protesters, and activists calling for reforms to the monarchy. We forensically confirmed that at least 30 individuals were infected with NSO Group’s Pegasus spyware. The observed infections took place … Read More “NSO Group’s Pegasus Spyware Used against Thailand Pro-Democracy Activists and Leaders” »

Facebook Is Now Encrypting Links to Prevent URL Stripping

July 18, 2022 infossl

browsers, encryption, facebook, Security technology, tracking, Uncategorized

Some sites, including Facebook, add parameters to the web address for tracking purposes. These parameters have no functionality that is relevant to the user, but sites rely on them to track users across pages and properties. Mozilla introduced support for URL stripping in Firefox 102, which it launched in June 2022. Firefox removes tracking parameters … Read More “Facebook Is Now Encrypting Links to Prevent URL Stripping” »

Friday Squid Blogging: Squid Inks Fisherman

July 15, 2022 infossl

Security technology, squid, Uncategorized, video

Short video. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. Powered by WPeMatico

San Francisco Police Want Real-Time Access to Private Surveillance Cameras

July 15, 2022 infossl

cameras, police, privacy, Security technology, surveillance, Uncategorized

Surely no one could have predicted this: The new proposal—championed by Mayor London Breed after November’s wild weekend of orchestrated burglaries and theft in the San Francisco Bay Area—would authorize the police department to use non-city-owned security cameras and camera networks to live monitor “significant events with public safety concerns” and ongoing felony or misdemeanor … Read More “San Francisco Police Want Real-Time Access to Private Surveillance Cameras” »

Post-Roe Privacy

July 13, 2022 infossl

medicine, privacy, Security technology, surveillance, Uncategorized

This is an excellent essay outlining the post-Roe privacy threat model. (Summary: period tracking apps are largely a red herring.) Taken together, this means the primary digital threat for people who take abortion pills is the actual evidence of intention stored on your phone, in the form of texts, emails, and search/web history. Cynthia Conti-Cook’s … Read More “Post-Roe Privacy” »

Security Vulnerabilities in Honda’s Keyless Entry System

July 12, 2022 infossl

cars, keys, locks, reports, Security technology, Uncategorized

Honda vehicles from 2021 to 2022 are vulnerable to this attack: On Thursday, a security researcher who goes by Kevin2600 published a technical report and videos on a vulnerability that he claims allows anyone armed with a simple hardware device to steal the code to unlock Honda vehicles. Kevin2600, who works for cybersecurity firm Star-V … Read More “Security Vulnerabilities in Honda’s Keyless Entry System” »

Nigerian Prison Break

July 11, 2022 infossl

Nigeria, prison escapes, prisons, Security technology, Uncategorized

There was a massive prison break in Abuja, Nigeria: Armed with bombs, Rocket Propelled Grenade (RPGs) and General Purpose Machine Guns (GPMG), the attackers, who arrived at about 10:05 p.m. local time, gained access through the back of the prison, using dynamites to destroy the heavily fortified facility, freeing 600 out of the prison’s 994 … Read More “Nigerian Prison Break” »

Ubiquitous Surveillance by ICE

July 7, 2022 infossl

privacy, reports, Security technology, surveillance, Uncategorized

Report by Georgetown’s Center on Privacy and Technology published a comprehensive report on the surprising amount of mass surveillance conducted by Immigration and Customs Enforcement (ICE). Our two-year investigation, including hundreds of Freedom of Information Act requests and a comprehensive review of ICE’s contracting and procurement records, reveals that ICE now operates as a domestic … Read More “Ubiquitous Surveillance by ICE” »