Security News

Researchers have uncovered a surveillance campaign, dating back to at least 2013, which has used a slew of Android surveillanceware tools to spy on the Uyghur ethnic minority group. Researchers say, the surveillance apps in the campaign were likely distributed through a combination of targeted phishing and fake third-party app stores - however, they fortunately haven't been discovered on official app marketplaces, like Google Play.

D-Link announced its new PoE surveillance switch series, which includes the 9-Port PoE Unmanaged Surveillance Switch and the 18-Port PoE Unmanaged Surveillance Switch. Supporting long range PoE delivery, DSS-100E switches are a cost-effective solution that provide a versatile and reliable surveillance network.

Malicious Chrome extensions employed in a massive global surveillance campaign have been downloaded by millions before removal, Awake Security reveals. Over the past three months, Awake identified 111 malicious or fake Chrome extensions that used GalComm domains for attacker command and control infrastructure and/or as loader pages.

Researchers at Awake Security have published a report on malicious extensions in the Chrome web store, making both specific claims of over 32 million downloads of one malware family, and general claims of weak security in both domain registration and Google's store. This led them to a bunch of malicious browser extensions, 111 in total, which "Were found to upload sensitive data or not perform the task they're advertised to perform. A common technique, they said, is that the developer gets a clean version of an extension approved, and later updates it with the malicious payload. Some of the suspicious extensions have a reassuring number of reviews and downloads, in one case more than 22,000 reviews and 10 million downloads, presumably achieved by bot activity. Another popular approach is to clone a genuine extension and bundle it with malware."Awake has since worked with Google to take down these extensions from the Chrome Web Store," said the report, but no doubt more are on the way.

House Democrats on Wednesday decided to abandon a vote on the reauthorization of several government surveillance programs under the Foreign Intelligence Surveillance Act. A similar amendment proposed earlier this week by Representatives Zoe Lofgren and Warren Davidson saw broad support in the House of Representatives, but the vote on the USA FREEDOM Reauthorization Act was abandoned on Wednesday, after both the Department of Justice and President Donald Trump publicly opposed the bill.

In December 2018, the Australian government passed the Telecommunications Access and Assistance Act, which allows the Australian government to compel cooperation and surveillance assistance from companies. Local use of the Wickr Pro/business platform increased by 200%. In Russia, in May 2019 when the sovereign internet law was signed, tightening Moscow's grip on internet communications, use of Wickr again increased by 200%. It seems likely from these figures that the primary motivation for adopting secure collaboration platforms is concern over government interference in privacy.

Germany's foreign intelligence service violated the constitution by spying on internet data from foreigners abroad, the nation's top court ruled Tuesday in a victory for overseas journalists who brought the case. The BND agency's surveillance violates "The fundamental right to privacy of telecommunications" and freedom of the press, judges at the Constitutional Court in Karlsruhe said in their verdict.

The Senate came one vote short Wednesday of approving a proposal to prevent federal law enforcement from obtaining internet browsing information or search history without seeking a warrant. The amendment vote came as the Senate considered renewal of three surveillance provisions that expired in March before Congress left due to the coronavirus pandemic.

The most common form of surveillance implemented to battle the pandemic is the use of smartphone location data, which can track population-level movement down to enforcing individual quarantines. Some governments are making apps that offer coronavirus health information, while also sharing location information with authorities for a period of time.

Twitter will not be allowed to disclose more information on national security requests after the U.S. government convinced a judge that the disclosure of such information could harm national security. In 2014, companies were given permission to disclose some information on the national security requests they receive, including FISA court orders and national security letters.