Security News
In a speech delivered yesterday, Mike Burgess noted that countering Soviet sabotage plots was a significant reason ASIO was created. "Nationalists and racists are probably just mouthing off. But the spy chief indicated that ASIO"is aware of one nation-state conducting multiple attempts to scan critical infrastructure in Australia and other countries, targeting water, transport and energy networks.
High-profile individuals working on Middle Eastern affairs at universities and research organizations in Belgium, France, Gaza, Israel, the U.K., and the U.S. have been targeted by an Iranian...
Unspecified governments have demanded mobile push notification records from Apple and Google users to pursue people of interest, according to U.S. Senator Ron Wyden. "Push notifications are alerts...
A U.S. senator revealed today that government agencies worldwide demand mobile push notification records from Apple and Google users to spy on their customers. Data collection through this method helps link devices to Apple or Google accounts and may also allow access to unencrypted notification content, including text displayed on the receiving smartphone.
One of the requirements of eIDAS 2.0 is that browser makers trust government-approved Certificate Authorities and do not implement security controls beyond those specified by the European Telecommunications Standards Institute. When a browser visits that site, the website presents a public portion of its CA-issued certificate to the browser, and the browser checks the cert was indeed issued by one of the CAs it trusts, using the root certificate, and is correct for that site.
The Winter Vivern APT group has been exploiting a zero-day vulnerability in Roundcube webmail servers to spy on email communications of European governmental entities and a think tank, according to ESET researchers. Roundcube is an open-source browser-based email client with application-like user interface.
A former US Army Sergeant with Top Secret US military clearance created a Word document entitled "Important Information to Share with Chinese Government," according to an FBI agent's sworn declaration. The DoJ said Schmidt retired from active duty in January 2020, traveling to China, then back to the US, then to Istanbul in February 2020, before returning to the US again, and then going back to China in March 2020.
Comment Sanity appears to have prevailed in the debate over the UK Online Safety bill after the government agreed to ditch proposals - at least for the time being - to legislate the scanning of encrypted messages. In response to questions regarding the technical feasibility of scanning messages and the assessments that Ofcom must make, Lord Parkinson, a Digital, Culture, Media and Sport minister, said: "If the appropriate technology does not exist that meets these requirements, then Ofcom will not be able to use Clause 122 to require its use."
On Monday, the company said in a blog post that there's no need to worry about that. Zoom execs swear the company won't actually train its AI on your video calls without permission, even though the Terms of Service still say it can.
A cyberespionage group named 'MoustachedBouncer' has been observed using adversary-in-the-middle (AitM) attacks at ISPs to hack foreign embassies in Belarus. [...]