"It's not often that a piece of FBI advice triggers a Snopes fact check. But the agency's urgent message this month to Americans, often summarized as "stop texting," surprised many consumers.

The warning from the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) highlighted vulnerabilities in text messaging systems that millions of Americans use every day.

The U.S. believes hackers affiliated with China's government, dubbed Salt Typhoon, are waging a "broad and significant cyber-espionage campaign" to infiltrate commercial telecoms and steal users' data — and in isolated cases, to record phone calls, a senior FBI official who spoke to reporters on condition of anonymity said during a Dec. 3 briefing call.

The new guidance may have surprised consumers — but not security experts.

"People have been talking about things like this for years in the computer security community," Jason Hong, a professor at Carnegie Mellon University's School of Computer Science, told NPR. "You should not rely on these kinds of unencrypted communications because of this exact reason: There could be snoopers in lots of infrastructure.""

https://www.npr.org/2024/12/17/nx-s1-5223490/text-messaging-security-fbi-chinese-hackers-security-encryption

#USA #FBI #SaltTyphoon #CyberSecurity #China #StateHacking

"The Department of Homeland Security (DHS) believes that China, Russia, Iran, and Israel are the “primary” countries exploiting security holes in telecommunications networks to spy on people inside the United States, which can include tracking their physical movements and intercepting calls and texts, according to information released by Senator Ron Wyden.

The news provides more context around use of SS7, the exploited network and protocol, against phones in the country. In May, 404 Media reported that an official inside DHS’s Cybersecurity Insurance and Security Agency (CISA) broke with his department’s official narrative and publicly warned about multiple SS7 attacks on U.S. persons in recent years. Now, the newly disclosed information provides more specifics on where at least some SS7 attacks are originating from."

https://www.404media.co/dhs-says-china-russia-iran-and-israel-are-spying-on-people-in-us-with-ss7/

#USA #CyberSecurity #DHS #SS7 #MobilePhones #Surveillance

"Paragon, an Israeli spyware maker that has largely kept a low profile in recent years, was acquired last week by American private equity giant AE Industrial Partners, according to Israeli news reports.

Tech news website Calcalist reported that the investment firm bought Paragon for $500 million, and depending on how the company grows, the deal could reach $900 million. Globes reported that the upfront payment is $450 million, 20% of which will go to Paragon’s 400 employees, and 30% to the five co-founders, with the remaining 50% going to U.S. venture capital fund Battery Ventures and Israeli venture capital fund Red Dot.

In 2021, Forbes first revealed the existence of Paragon, which didn’t — and still doesn’t — have a website. The magazine reported that the company was founded by a group of former Israeli intelligence officers: Ehud Schneorson, former commander of Unit 8200, a renowned Israeli spy agency whose alumni often then work in the cybersecurity private sector, as well as CEO Idan Nurick, CTO Igor Bogudlov, and vice president of research Liad Avraham."

https://techcrunch.com/2024/12/16/israeli-spyware-maker-paragon-bought-by-u-s-private-equity-giant/

#CyberSecurity #Israel #Paragon #Graphite #Spyware

"The collective shrug around Salt Typhoon can also be seen across the news industry, where headlines about Salt Typhoon are making the rounds in the cybersecurity community, but generally aren’t splashed across front pages. In fairness, the news cycle at the moment is exhausting for reporters and readers alike — there’s a new administration forming, major global conflicts rage on and people are looking to take a break from it all over the holidays. Worrying about a massive and likely devastating global hack does not feel very merry.

And many details about the hack — when it happened, who was impacted, the extent of the damage — are slowly emerging and are still not totally clear, making it difficult for the layperson to follow.

But Beijing is taking notes on the sluggish U.S. response. At the one Senate Commerce hearing on the topic held Wednesday, JAMES LEWIS, director of the Strategic Technologies Program at the Center for Strategic and International Studies, testified about the need for the U.S. to counter Chinese hacking operations by giving Beijing a taste of its own medicine through U.S. offensive hacking. Otherwise, he warned, China would just keep going."

https://www.politico.com/newsletters/national-security-daily/2024/12/12/we-need-to-talk-about-salt-typhoon-00183727

#CyberSecurity #China #USA #SaltTyphoon #StateHacking

"WhatsApp fixed a bug that allowed malicious users to save pictures and videos that were supposed to be viewed only once and then vanish.

In September, TechCrunch reported that a bug in the implementation of the “View Once” privacy feature allowed people using WhatsApp’s browser-based web app to display and then keep the picture or video. The View Once feature is designed to prevent recipients from saving, sharing, forwarding, copying, and even screenshotting or screen recording media sent as “View Once,” given that in normal circumstances, the pictures or videos disappear after being viewed.

On Friday, WhatsApp spokesperson Zade Alsawah told TechCrunch that the company has rolled out a longer-term fix that resolved the issue."

https://techcrunch.com/2024/12/09/whatsapp-fixes-bug-that-let-users-bypass-view-once-privacy-feature/

#CyberSecurity #WhatsApp #Privacy #Meta

"- This joint investigation with First Department, a legal assistance organization, found spyware covertly implanted on a phone returned to a Russian programmer accused of sending money to Ukraine after he was released from custody.

• He describes being subjected to beatings and an intense effort to recruit him as an informant for the Russian Federal Security Service (FSB).

• Our analysis finds that the spyware placed on his device allows the operator to track a target device’s location, record phone calls, keystrokes, and read messages from encrypted messaging apps, among other capabilities.

• The spyware bears many similarities to the Monokle family of spyware, previously reported on by Lookout Mobile Security, which they attribute to the “Special Technology Center,” a contractor to the Russian government.

• Our analysis also finds certain differences from previously-reported samples of Monokle spyware, suggesting that it is either an updated version of Monokle or new software created by reusing much of the same code."

https://citizenlab.ca/2024/12/device-confiscated-by-russian-authorities-returned-with-monokle-type-spyware-installed/

#CyberSecurity #Russia #Spyware #Monokle

"The company’s Mobile Threat Hunting feature uses a combination of malware signature-based detection, heuristics, and machine learning to look for anomalies in iOS and Android device activity or telltale signs of spyware infection. For paying iVerify customers, the tool regularly checks devices for potential compromise. But the company also offers a free version of the feature for anyone who downloads the iVerify Basics app for $1. These users can walk through steps to generate and send a special diagnostic utility file to iVerify and receive analysis within hours. Free users can use the tool once a month. iVerify's infrastructure is built to be privacy-preserving, but to run the Mobile Threat Hunting feature, users must enter an email address so the company has a way to contact them if a scan turns up spyware—as it did in the seven recent Pegasus discoveries."

https://arstechnica.com/security/2024/12/1-phone-scanner-finds-seven-pegasus-spyware-infections/

#CyberSecurity #Spyware #iVerify #iOS #Android #Pegasus

"End-to-end encryption means that the information is scrambled in transit and only the sender and recipient can access it. Regular text messages (SMS messages) and voice calls are usually not encrypted, and can be intercepted in transit or stored on a carrier’s server for extended periods of time.

Email services such as Gmail and Outlook generally offer encryption in transit, which means they can be read on the companies’ servers and by the end users. Messages that are encrypted in transit can’t be nabbed from a telecom network in an accessible format, but they could be accessed through an email service provider or a law enforcement request to that company.

End-to-end encryption—the kind offered by services like WhatsApp and Signal—is considered the best bet for privacy, particularly when paired with the option to auto-delete messages after a set period of time, says Mullin."

https://www.inc.com/jennifer-conrad/why-you-should-start-using-encrypted-communications-today/91034632

#CyberSecurity #Privacy #Encryption #E2EEncryption #Signal

"A UK-led operation has uncovered a multibillion-dollar money laundering scheme run out of London, Moscow and Dubai that enabled Russian spies and European drug traffickers to evade sanctions using cryptocurrency.

The UK’s National Crime Agency said on Wednesday that its “Operation Destabilise” investigation centred on two companies — Smart and TGR — that acted as a financial hub for cash-rich global criminals and sanctioned individuals relying on cryptocurrency outside the banking system.

The NCA said the network had been used by clients including the Kinahan cartel, Irish cocaine traffickers linked to numerous contract killings, as well as funding ransomware groups, and “Russian espionage operations” from late 2022 to summer 2023.

The illicit network, operating across more than 30 countries, illustrates the growing interaction between hostile states and organised criminals as economic sanctions have forced countries such as Russia to find new ways of operating in the west. The case also shows the increasing use of cryptocurrencies by those cut off from the global banking system."

https://www.ft.com/content/31b9053f-343e-4c47-ace9-2b0080ec8799

#Crypto #Cryptocurrencies #UK #Russia #CyberSecurity #Cybercrime #Ransomware

"Security firm iVerify said a leader of a big company was among several individuals whose iPhones were recently targeted with the Pegasus spyware.

While journalists, human rights defenders, lawmakers, and political officials are frequent targets of state surveillance, reports of spyware compromising the phones of business leaders are rare, but not unheard of. The findings come as a fresh warning that spyware typically used by governments under the guise of preventing serious crime and terrorism can also be misused for commercial espionage.

In a call with TechCrunch this week, iVerify chief executive Rocky Cole declined to name who was targeted, but said that the spyware targeted a business “that you’ve heard about.” Cole, a former analyst at the National Security Agency, said the business leader, who iVerify is in contact with, was “completely surprised” by the attempt to compromise their phone."

https://techcrunch.com/2024/12/04/business-leaders-among-pegasus-spyware-victims-says-security-firm/

#CyberSecurity #NSOGroup #Spyware #Pegasus #iPhone

"At the start of 2024, OpenAI’s rules for how armed forces might use its technology were unambiguous.

The company prohibited anyone from using its models for “weapons development” or “military and warfare.” That changed on January 10, when The Intercept reported that OpenAI had softened those restrictions, forbidding anyone from using the technology to “harm yourself or others” by developing or using weapons, injuring others, or destroying property. OpenAI said soon after that it would work with the Pentagon on cybersecurity software, but not on weapons. Then, in a blog post published in October, the company shared that it is working in the national security space, arguing that in the right hands, AI could “help protect people, deter adversaries, and even prevent future conflict.”

Today, OpenAI is announcing that its technology will be deployed directly on the battlefield.

The company says it will partner with the defense-tech company Anduril, a maker of AI-powered drones, radar systems, and missiles, to help US and allied forces defend against drone attacks."

https://www.technologyreview.com/2024/12/04/1107897/openais-new-defense-contract-completes-its-military-pivot/amp/

#AI #OpenAI #AIWarfare #Cybersecurity #DroneWarfare

"So, what should we make of all this? I’m always worried to see the rise of far-right candidates, but by now we have plenty of examples of establishment parties pointing to social media manipulation (often with some link to Russian interference) as the reason for their declining support instead of probing how the public has (often rightfully) become disillusioned with the politics they’re offering. I don’t know enough about Romania to know where this case falls, but I wouldn’t be surprised if it’s somewhere in the middle.

It doesn’t appear that TikTok intentionally manipulated its algorithms to promote Georgescu, but rather that actors took advantage of the way its platform is designed to get the results they were expecting — not unlike how Russian actors didn’t actually “hack” the 2016 US election. For now it’s worth watching to see where the Romanian case goes."

https://disconnect.blog/roundup-whats-going-on-in-romania/

#SocialMedia #Romania #TikTok #Algorithms #FarRight #CyberSecurity #Politics #Elections #Russia