Security News

The UK's spy agency auditor has given public sector snoopers a clean bill of health - except for domestic surveillance specialists MI5, whose cloud data storage blunder is still under investigation. In its annual report for 2018, published this week, the Investigatory Powers Commissioner's Office concluded once again that all is broadly well in the murky world of British state surveillance, where everyone from eavesdropping agency GCHQ to council binmen is legally allowed to spy on you.

It looks like Switchzilla is moving swiftly to clear up the Krook bug discovered by ESET. Just hours after the researchers delivered their findings in a report, Cisco gave its own advisory on the Wi-Fi data snooping flaw. Missing C++ update opens security hole in Ubuntu 16.04.

Now an app developer called Mysk has discovered pasteboard's dark side - malicious apps could exploit it to work out a user's location even when that user has locked down app location sharing. In the simplest scenario, an iPhone user would take a photo, copy it between apps using the pasteboard, from which a malicious app could extract location metadata while comparing it with timestamps to determine whether it was current or taken in the past.

According to the analysis, Fox Kitten's objective has been to develop and maintain access routes to the targeted organizations, establishing persistent footholds within them; stealing information; and pivoting from within to additional targets via supply-chain attacks. The APT34 connection stems from the fact that part of the attack infrastructure used by the group in previous campaigns has been reused for Fox Kitten.

Haurus charged 100 to 300 euros or more for fake identification cards, driver's licences or birth certificates, as well as bank documents, phone records or GPS coordinates for tracking specific individuals. "You provide the identity/registration number to copy, or your own requests, and I'll find what you need," read one message from Haurus on the Blackhand v2 forum, according to details of the investigation seen by AFP. Haurus even touted a "Starter pack" of a French driver's licence, an ID card and six blank cheques, for 500 euros instead of 680 euros.

Mobile application ToTok has been reinstated to the Google Play app ecosystem, after it was removed last month due to claims that it was being used for government espionage. Despite the app's popularity, it was quickly take down from Google Play and the Apple App Store after a report from the New York Times in December claimed that the app is actually being used by the government of the United Arab Emirates as a spy tool used to track users' conversations and location.

The United Arab Emirates on Saturday denied reports that a popular mobile application developed in the country was used for government spying. read more

They're not 'immune', they just have the 'power' to not be punished It’s perfectly legal for British spies to break the law, Britain’s secretive spy court has ruled – making a mockery of other...

Cyprus on Thursday arrested three people in connection with an alleged Israeli-owned "spy van" equipped with sophisticated surveillance technology capable of hacking communications, police said. read more

The spyware gave complete control of victimized computers, sold for as little as$25, and was bought by 14,500 hackers worldwide.