Security News

Surveillance-for-hire: Are you a target of the booming spy business?
2021-12-20 16:03

Any individual or any company can become their target, as long as someone pays to spy on them. Engagement: This part consists of engaging contact with the target or people close to it in an effort to build enough trust to entice the target to download/execute files or click on infecting links.

Facebook disrupts operations of seven surveillance-for-hire firms
2021-12-16 20:52

Facebook has disrupted the operations of seven different spyware-making companies, blocking their Internet infrastructure, sending cease and desist letters, and banning them from its platform. "As a result of our months-long investigation, we took action against seven different surveillance-for-hire entities to disrupt their ability to use their digital infrastructure to abuse social media platforms and enable surveillance of people across the internet," said Director of Threat Disruption David Agranovich and Head of Cyber Espionage Investigations Mike Dvilyanski.

Moobot Botnet Chews Up Hikvision Surveillance Systems
2021-12-08 20:13

Although a patch was released in September, any still-vulnerable Hikvision IP Network Video Recorder products are being actively targeted by the Mirai-based botnet known as Moobot. FortiGuard Labs has released a report detailing how the Moobot botnet is leveraging a known remote code execution vulnerability in Hikvision products to spread a Moobot, which carries out distributed denial of service attacks.

Israel Bans Sales of Hacking and Surveillance Tools to 65 Countries
2021-12-01 00:08

Israel's Ministry of Defense has dramatically restricted the number of countries to which cybersecurity firms in the country are allowed to sell offensive hacking and surveillance tools to, cutting off 65 nations from the export list. In curtailing the exports, the move effectively makes it harder for local cybersecurity firms to market their software to countries with totalitarian regimes or with a track record of perpetrating human abuses.

Surveillance firm pays $1 million fine after 'spy van' scandal
2021-11-13 15:01

The Office of the Commissioner for Personal Data Protection in Cyprus has collected a $1 million fine from intelligence company WiSpear for gathering mobile data from various individuals arriving at the airport in Larnaca. While this is just an administrative fine under the European Union's General Data Protection Regulation, it is related to a scandal two years ago widely publicized as the "Spy van" case.

No day in court: US Foreign Intelligence Surveillance Court rulings will stay a secret
2021-11-05 16:15

The US Supreme Court this week refused [PDF] to hear a case that would have forced the country's hush-hush Foreign Intelligence Surveillance Court to explain its justifications for giving the Feds the right to help themselves to bulk amounts of the public's data. In a blistering dissent filed on Monday [PDF], Justices Neil Gorsuch and Sonia Sotomayor asked why the court would decline to review a case with "Profound implications for Americans' privacy and their rights to speak and associate freely."

Reg scribe spends week being watched by government Bluetooth wristband, emerges to more surveillance
2021-10-19 06:41

Accompanying documentation explained that the gateway can measure distance to the wristband. Since the alternative was to serve the quarantine in a cramped and expensive hotel room with my kids, I was prepared to allow the app the access it wanted.

The European Parliament Voted to Ban Remote Biometric Surveillance
2021-10-11 12:49

It's not actually banned in the EU yet - the legislative process is much more complicated than that - but it's a step: a total ban on biometric mass surveillance. To respect "Privacy and human dignity," MEPs said that EU lawmakers should pass a permanent ban on the automated recognition of individuals in public spaces, saying citizens should only be monitored when suspected of a crime.

European Parliament calls for ban on AI-powered mass surveillance
2021-10-06 16:23

The EU Parliament has voted in favor of a resolution that essentially calls for the ban of AI-powered biometric mass surveillance technologies such as facial recognition systems in the continent. With today's decision, the European Parliament asks for a permanent ban on the automated recognition of individuals in public spaces, and the prohibition of predicting policing based on behavioral data.

IP Surveillance Bugs in Axis Gear Allow RCE, Data Theft
2021-10-05 21:09

Three vulnerabilities in the IP video-surveillance systems created by Axis Communications could allow arbitrary code execution, among other attacks. That's according to Nozomi Networks Labs, whose researchers examined the company's Axis Companion Recorder, a compact network video recorder that stores IP surveillance video coming from attached cameras.