Russian President Vladimir Putin was due to make a speech on Tuesday setting out aims for the second year of his invasion of Ukraine, a day after U.S. President Joe Biden walked central Kyiv promising to stand with Ukraine as long as it takes. Following his surprise visit to Kyiv, Biden flew to Poland and on Tuesday will give a speech on how the United States has helped rally the world to support Ukraine and stress American support for NATO’s eastern flank. Biden, in his trademark aviator sunglasses, and President Volodymyr Zelenskiy, in green battle fatigues, walked side-by-side to a gold-domed cathedral in Kyiv on a bright winter Monday morning pierced by the sound of air raid sirens.
https://spinsafe.com/wp-content/uploads/2023/02/f8491696babe84ddb9dc963c47c1680c.jpeg9001200SecureTechhttps://spinsafe.com/wp-content/uploads/2024/01/SS-Logo.svgSecureTech2023-02-20 23:30:072023-02-20 23:30:07Hackers Start Selling Data Center Logins for Some of World’s Largest Corporations
from the quite-the-cottage-industry-you-got-there dept
Maybe it’s time for the Israeli government to put a moratorium on Mossad-based startups. Israeli intelligence services have been the petri dishes for a particular strain of techbro — ones who have the smarts to create zero-click exploits but none of the common sense needed to cull baddies from their customer lists.
The Israeli government is partly to blame. It worked closely with NSO Group (and presumably others in the same business) to broker deals with human rights abusers: diplomacy via malware sales.
Months of negative press got NSO blacklisted by the US government. It also got it investigated in its homeland, finally resulting in the Israeli government (reluctantly) limiting who the company could sell to.
NSO isn’t the only malware merchant with Israeli roots. Candiru — another recipient of US sanctions — calls Israel home. So does Cytrox, yet another exploit developer with ties to Israeli intelligence services. Cytrox was at the center of a recent domestic spying scandal in Greece, with its malware being used to target opposition leaders and journalists. This culminated in Greek police forces raiding Cytrox’s local office, presumably as part of the ongoing investigation.
Israel’s Cognyte Software Ltd won a tender to sell intercept spyware to a Myanmar state-backed telecommunications firm a month before the Asian nation’s February 2021 military coup, according to documents reviewed by Reuters.
The Federal Trade Commission (FTC) has filed a lawsuit against an Idaho-based data broker called Kochava, alleging that its customized data feeds allow purchasers to track end users at sensitive locations like places of worship and addiction recovery centers.
The lawsuit is the latest move by the FTC around data security and privacy policies under Lina Khan’s administration since she was sworn in as the FTC chair in June 2021. In March, the FTC cracked down on online retailer CafePress after the company allegedly covered a major data breach and failed to secure customers’ sensitive data, while in August the commission announced its intent to scrutinize the surveillance and data collection tactics of big tech and ad tech firms.
“Of the privacy cases that have come out, this is the first one that most clearly reflects Lina Khan’s administration taking a big swing,” said Ben Rossen, special counsel with Baker Botts, who is a former senior attorney at the FTC with experience handling high-profile privacy and data security investigations. He noted that Kochava’s data collection practices here “are not terribly unusual, but it does potentially cause significant harm to consumers when they’re not aware it’s going on.”
Kochava, which was founded in 2011, is a self-described “mobile measurement platform” that collects data for advertising purposes or for clients to be able to analyze foot traffic at their stores.
The company has collected geolocation data from hundreds of millions of mobile devices that is categorized to match unique mobile device identification numbers – which are assigned to consumer mobile devices to assist marketers in advertising – with timestamped latitudinal and longitudinal locations, alleges the FTC. The company has sold this access on publicly accessible online data marketplaces for a monthly subscription fee. The FTC said it examined a data sample with precise location data collected from more than 61 million unique mobile devices in the previous week, for instance.
The FTC said that these measures violate the FTC Act, which prohibits “unfair or deceptive acts or practices in or affecting commerce.” The data collected by…
https://spinsafe.com/wp-content/uploads/2022/08/privacy-decipher.jpg6301200SecureTechhttps://spinsafe.com/wp-content/uploads/2024/01/SS-Logo.svgSecureTech2022-08-29 16:30:182022-08-29 16:30:18FTC Sues Data Broker For Selling Sensitive Location Data
The amount of stolen data on the dark web is so huge that compromised system credentials are selling for under $5, the report says.
Cyber-criminal organizations have become so professionally proficient that they’re now selling malware kits to amateur hackers for less than $10 and compromised system credentials for under $5, according to a new security report released Thursday.
In “The Evolution of Cybercrime,” HP Wolf Security, the new security platform arm of HP Inc., says a team of its investigators, along with researchers from Forensic Pathways, spent more than three months investigating the dark web and the cybercriminals lurking there.
The researchers said they analyzed more than 35 million cybercriminal marketplaces and forum posts to better “understand how cybercriminals operate, gain trust, and build reputation,” HP said in a press release.
In general, researchers found what others have discovered as well: cybercriminal organizations are becoming increasingly more professional and business-like in the way they run their illegal operations, such as actually advertising stolen data and other ill-gotten materials on the dark web..
But HP researchers said they were surprised how professionally proficient cybercriminal organizations have become, such as setting up entire vendor platforms, or marketplaces, to sell an array of “products,” such as malware kits, sensitive stolen data, compromised system credentials and other items.
The cybercriminal world has become so competitive among sellers, with ever more stolen data and information, that some prices have fallen to bargain-basement levels, researchers say.
Researchers found that 76 percent of malware advertisements listed, and 91 percent of exploits (i.e. code that gives attackers control over systems by taking advantage of software…
https://spinsafe.com/wp-content/uploads/2022/07/Cybercriminal-Groups-Now-Selling-Malware-Kits-To-Amateur-Hackers-For.jpg458610SecureTechhttps://spinsafe.com/wp-content/uploads/2024/01/SS-Logo.svgSecureTech2022-07-21 20:00:072022-07-21 20:00:07Cybercriminal Groups Now Selling Malware Kits To Amateur Hackers For Less Than $10: HP Report
