#Spy Dealer Malware | Explore Tumblr posts and blogs

herunswithscissors · 11 months ago

Text

Amazon Vine reviewers should unionize.

We are being thrown housewares for our work. We are not getting milk frothers for free. We are creators writing content. Writing advertisements for Amazon itself.

Our critical reviews are used to lie about Amazons integrity. Our positive reviews get shit sold. Even our semi critical reviews being sales because they create stars and give a new product traction.

And we have to really create those reviews on our own because we sell half our shit on the Facebook Black Marketplace and write reviews that are based on what we see in the pictures.

Amazon knows we sell them. They have some nefarious reason making us pay taxes on our "free" stuff that they probably making us pay taxes on it so they can write it off as a fucking business expense.

As if the money mattered to Bezos. A few hundred bucks in taxes on our little home business means so much to us. Far more than to Bezos or the IRS. And the IRS could fucking leave us alone if Bezos would just start paying his fucking taxes on his infinite wealth. What is he going to lose when he has a trillion Freedom Tokens? But he makes us pay exorbitant taxes on trinkets we deliver all over town like drug dealers just to get some fucking pocket money.

Fuck that noise. Our ad content brings in billions for Amazon.

Mostly because they help these predatory sellers foist the same 3 shitty makes in 40 alphabet soup companies using the exact same fucking photos colluding the shit out of America. They know we're faking it, you know we're faking it. Even half the customers suspect we're faking it. But enough believe it. And these fuckers get a few dozen reviews under the newest branding of the same fucking shit from China Bezos floods is with.

You know Amazon taxes them all for using it's site and I'm sure they have some policy that makes more money somehow by charging new companies higher taxes or some shit. And the Chinese just calculate that as a minor cost of business expense.

They are raping the shit out of us for dollars and giving us our own recycled plastic shit in return.

It's hilarious. I applaud it. Well played Xi. I bow to you sir.

Now here's two middle fingers and a spit in you eye for the Weigers.

I wish.

This little scenario would doubtlessly cost me my life. I'm sure Mr Xi would make my death s priority of the Chinese Intelligence Agencies.

And I'm sure all our Bluetooth shit is infected with Chinese viruses to spy and affect our computers. I'm a dead man. All my shit is networked and GPS.

And I'm also sure the manufacturers are slapping in their own malware with the spyware contract software on everything to make extra money on our processing per and data. And a whole fucking lot of profiteering by draining all our processing for supercomputer networks dedicated to fucking crypto Global Warming accelerator bullshit for more stupid Freedom Bucks to live in Capitalism. But the Jerry rigged network of devices and computers is kinda a genius way of making at least this particular super computers doing crypto is not making CC2 directly. I mean they are still profiting from it... But anyway if someone needed a supercomputer for something more noble like scientific research...

If original, this is a Nobel kind of idea and I want a cut. A volunteer network of people putting more reputable malware on their computers. People can volunteer their processing power for science. It would never run while you were active, but when you laptop or phone goes to sleep it uses your computers processing power and spare ram to support say Stanford research. It would fire up research. It would be a cool thing to do this for your alma mater and your favorite basketball team.

Back to business. Unionizing and getting paid.

Our creative reviews get people to buy this shit. We deserve a cut

We write the reviews that get the people to buy your shit. And make you a fuckton more of these fucking US Dollars chaining us to Capitalism. We can't even live without money like a peasant. We need Freedom Bucks. And you don't. And we believe that however much that money is worth to Bezos, we deserve our wages. We deserve a cut in this dirty work.

You sell shit. We all know this. You could demand some level of quality on Amazon like the old stores. They had several standard brands. But only the brands they trusted the quality of or if the people demanded Jordans or whatever Capitalist shit we liked at the time.

We help you shovel this nameless shit at people for gross amounts of profit. Give me my pay.

I create the ads that people read. And here's the crazy thing. They find out our assessments were all over as individuals, but they're still relatively trustworthy as a whole group.

Figuring out how shitty or not this shitty product is going to work is a fucking skill. We are pretty fucking good at it.

On the rare occasion that we do we get something that is truly good, we make sure the reader knows it because we want people to get good shit.

And really, we're pretty likely to just say 5 stars and make shit up out of our butt in the review because hey, it probably works as well as one can expect for 50 bucks.

Our reviews are ads they get customers. First to check out shit with reviews to see how shitty it is and whether or not to take a chance. They look at reviews first to see what other people thought after they bought it. They see Vines. They might ignore them it they might use them as an advisor and take a chance anyway on a good bet according to johhnyfiveisalive7. And it turns outjohhnyfiveisalive7 is pretty reliable in their little analysis and obvious personal experiences. And who doesn't like a story and silly pics. So they trust johhnyfiveisalive7's suggestions and buy more of the shit you shoveled at them to try. You get a community of respected experts. People buy the shit you let us keep for our work. Even if it is shitty, just because it got enough meh reviews they take a chance on it. (And get stuck with more cheap shit usually.)

Amazon doesn't sell inexpensive decent quantity shit. It sells cheap shitty shit that is occasionally not so expensive.

Anyways Bezos is making boku bank of our creative work and expert, respected analysis. We should unionize and demand our cut.

Bezos will threaten to cut your vine access. Oh noes.

Your house is already furnished with shitty Amazon shit. Selling this shit is a shit show for spending cash unless you get real dedicated. The new toys and gifts to give are nice. But really, what do you get for your creative work beyond telling a few jokes in public.

What will they do without decent writers all of a sudden?

We They might bring in scabs. But they won't be good at their job and since the products are always new they need a new source of trusted reviewers.

So they might try to phase out dissidents here and there or in waves at leadership remove them from the community and to prevent union action. Be strong. Union strong.

But anyway we should ask for wages in proportion to the money we are bringing in and to the work we are really doing. We should get hundreds of thousands. We have better odds asking for ad creation level wages.

Without us they couldn't push all this alphabet shit on Americans and bug all our shit for China and slow down all our shit for crypto.

They can't keep selling their shit because nobody trusts their shit because it's all the same shitty shit with me shitty names that don't make sense. They killed all the real brands. They just flooded the market with cheap shit that is all nameless and unknown. Who's going to buy the latest shitty model everybody copies of nobody will review it.

Who's going to take a chance on a weird new name with 0 reviews? You need traction. You need Vine now. There's no history on all these new models. We can't see last year's buyers or 5 years ago buyers. Usually we can't even see last month's reviews, they are so new.

Nobody is going to buy your flea market shit without us. Vine wants a cut.

================

By the by:

You know sneaker companies and Michael Jordan in particular need to face up to their destruction of Black neighborhoods with their shitty Capitalism shows. I say Jordon because he really launched the sneaker collector craze. With his flashy shoes and slick ads and likable personality plus court dominance.

Jordan really needsto face up and and pay up.

He has to face up to the fact he profited off some terrible shit as he sold his shitty shoes made by fucking prison slave labor. He fucked up Black community, destroyed lives and whole inner city neighborhoods. As people fight fight and died and desperately sold it bought it robbed it to wear or sell for it's inflated price based on our adoration and admiration of Jordan. People regularly resorted to prostitution and violence in order to have and/or steal. How many people died over a back alley hold up gone wrong. How many ended up in the Justice System, in hell.

Jordan needs to pay up. Reinvest in Black America. That could be his new thing while he still quietly profits off of shoe sales.

#Amazon Vine #vine reviewers #Union strong #apes together strong #fuck Bezos #how come people are so greedy? it's $2 #if Biden won't tax him we will #at least a little more of Bezos money leaks out of Panama and back to the people #selling shit on Facebook marketplace is the worst.#how come people are so greedy on there #you just can't be happy without $5 off #and delivery you say?#nobody seems to have a fucking car #no i will not meet you in fucking Visalia #wait they do have a bunch of independent weed shops out there...#get paid

1 note · View note

mostlysignssomeportents · 3 years ago

Text

The infosec apocalypse is nigh

When the Pegasus Project dropped last week, it was both an ordinary and exceptional moment. The report — from Amnesty, Citizenlab, Forbidden Stories, and 80 journalists in 10 countries — documented 50,000 uses of the NSO Group’s Pegasus malware.

https://www.occrp.org/en/the-pegasus-project/

The 50,000 targets of NSO’s cyberweapon include politicians, activists and journalists. The Israeli arms-dealer — controlled by Novalpina Capital and Francisco Partners — has gone into full spin mode.

NSO insists that the report is wrong, but also that it’s fine to spy on people, and also that terrorists will murder us all if they aren’t allowed to reap vast fortunes by helping the world’s most brutal dictators figure out whom to kidnap, imprison and murder.

As I say, all of this is rather ordinary. The NSO Group’s bloody hands, immoral practices and vicious retaliation against critics are well established.

It’s been four years since NSO’s assurances that it only sold spying tools to democratic states to hunt terrorists were revealed as lies, when Citizenlab revealed that its weapons targeted Mexican anti-sugar activists (and their children).

https://citizenlab.ca/2017/06/reckless-exploit-mexico-nso/

Then Citizenlab found 45 more countries where NSO’s Pegasus weapon had been used, and demonstrated that notorious human-rights abusers got help from NSO to target everyday citizens to neutralize justice struggles.

https://citizenlab.ca/2018/09/hide-and-seek-tracking-nso-groups-pegasus-spyware-to-operations-in-45-countries/

Outside of human rights and cybersecurity circles, the story drew little attention, but it did prick NSO’s notoriously thin skin — the company dispatched (inept) private spooks, late of the Mossad, to entrap Citizenlab’s researchers.

https://www.nytimes.com/2019/01/28/world/black-cube-nso-citizen-lab-intelligence.html

As far as we know, the company never managed to infiltrate any of Citizenlab’s systems — but their weapons were found on the devices of an Israeli lawyer suing them for their role in human rights abuses.

https://www.nytimes.com/2019/05/13/technology/nso-group-whatsapp-spying.html

That had some consequences. The attack exploited a vulnerability in Whatsapp, owned by Facebook. FB retaliated by suing — and terminating NSO Group employees’ Facebook accounts. Judging from NSO’s outraged squeals, getting kicked of FB hurt far worse.

https://www.vice.com/en/article/7x5nnz/nso-employees-take-legal-action-against-facebook-for-banning-their-accounts

Through it all, the NSO Group insisted that its tools were vital anti-terror weapons — not the playthings of rich sociopaths with long enemies lists.

They continued these claims even after Pegasus was linked to the blackmail attempt against Jeff Bezos, in a bid by Saudi royals to end the Washington Post’s investigative reporting on the murder and dismemberment of the journalist Jamal Khashoggi.

https://www.vice.com/en/article/v74v34/saudi-arabia-hacked-jeff-bezos-phone-technical-report

Despite all this — attacks on the powerful and the powerless, grisly deaths and farce-comedy entrapment attempts — NSO Group plowed on, raking in millions while undermining the security of the devices that billions of us rely on for our own safety.

Until now.

Something about the Pegasus Project shifted the narrative. Maybe it’s the ransomware epidemic, shutting down hospitals, energy infrastructure, and governments — or maybe it’s the changing tide that has turned on elite profiteers. Whatever it is, people are pissed.

Finally.

I mean, when Edward Snowden calls for the owners of a cybercrime company to be arrested, people sit up and pay attention. But Snowden’s condemnation of NSO and its industry are just for openers.

https://edwardsnowden.substack.com/p/ns-oh-god-how-is-this-legal

Snowden describes NSO as part of an “Insecurity Industry” that owes its existence to critical vulnerabilities in digital devices in widespread use. They spend huge sums discovering these vulns — and then, rather than reporting them so they can be fixed, they weaponize them.

As Snowden points out, this is not merely a private sector pathology. Governments — notably the US government, through the NSA’s Tailor Access Operations Group — engage in the same conduct.

Indeed, as with all digital surveillance, there’s no meaningful difference between private and public spying. Governments rely on tech and telecoms giants for data (which they buy, commandeer, or steal, depending on circumstances).

This, in turn, creates powerful security/public safety advocates for unlimited commercial surveillance, to ensure low-cost, high-reliability access to our private data. Those agencies stand ready to quietly scuttle comprehensive commercial privacy legislation.

This private-public partnership from hell extends into the malware industry: the NSA and CIA can’t, on their own, create enough cyber-weapons to satisfy all government agencies’ demand, so they rely on (and thus protect) the Insecurity Industry.

But as Snowden points out, none of this would be possible were it not for the vast, looming, grotesque tech-security debt that the IT industry has created for us. Everything we use is insecure, and it’s built atop more insecure foundations.

We live in an information society with catastrophic information security. If our society was a house, the walls would all be made of flaking asbestos and the attic would be stuffed with oily rags.

It’s hard to overstate just how much risk we face right now, and while the Insecurity Industry didn’t create that risk, they’re actively trying to increase it — finding every weak spot and widening it as far as possible, rather than shoring it up.

It’s a cliche: “Security is a team sport.” But I like how Snowden puts it: security is a public health matter. “To protect anyone, we must protect everyone.”

Step one is “to ban the commercial trade in intrusion software” for the same reason we “do not permit a market in biological infections-as-a-service.”

We should punish the cyber-arms dealers — but also use international courts to target the state actors who pay them.

But this fight will be a tough one. The huge sums that governments funnel to cyber arms-dealers allows them to silence their critics — I’ve been forced to remove some of my own coverage thanks to baseless threats I couldn’t afford to fight.

Writing in today’s Guardian (who also removed unfavorable coverage of NSO Group following legal threats), Arundhati Roy demolishes the company’s claims of clean hands.

https://www.theguardian.com/commentisfree/2021/jul/27/spying-pegasus-project-states-arundhati-roy

After all, NSO charges a 17% “system maintenance fee” that gives them oversight and insight into how their tools are being used by the demagogues and dictators who shower them with money.

https://www.thecitizen.in/index.php/en/newsdetail/index/9/20672/pegasus-hack-how-much-did-it-cost-to-spy-on-citizens

“There has to be something treasonous about a foreign corporation servicing and maintaining a spy network that is monitoring a country’s private citizens on behalf of that country’s government.” -Roy

The NSO Group claims that the human rights abuses it abets are exceptions that slip through the cracks, but the reality is, it has no business model without state terror — without powerful thugs who demand weapons to help jail, torture and kill their critics.

NSO, more than anyone, should know this. But as Upton Sinclair wrote, “It is difficult to get a man to understand something when his salary depends upon his not understanding it.”

#pluralistic

171 notes · View notes

bhaumiksubhadeep · 7 years ago

Video

youtube

(via https://www.youtube.com/watch?v=_nkEGUOA2YM)

#Spy Dealer Malware #Hat to read human brains #Redmi Note 5A #SONY LATEST AUDIO UNIT #egadgets4u

0 notes

patrickcmiller · 7 years ago

Link

via Twitter https://twitter.com/PatrickCMiller

#IFTTT #Twitter

0 notes

shirlleycoyle · 4 years ago

Text

NSO Group Closes Cyprus Office of Spy Firm

Controversial phone hacking company NSO Group has closed the Cyprus office of Circles, a surveillance firm that previously merged with NSO, and fired a number of staff, according to two former NSO employees.

Cyprus is a hotbed for surveillance companies that sometimes set up shop in the country and then sell their technology from the region.

"They fired all the Cyprus office," one of the former NSO employees told Motherboard.

"All Cyprus site was closed recently; all of the people fired," the second former employee added. Motherboard granted the sources anonymity as they weren't authorized to speak to the press about internal company issues, and to avoid retaliation from NSO.

Do you work at NSO Group or Circles? Did you used to? We'd love to hear from you. Using a non-work computer or phone, you can contact Joseph Cox securely on Signal on +44 20 8133 5190, Wickr on josephcox, OTR chat on [email protected], or email [email protected].

Circles focuses on geolocating devices and intercepting communications via access to SS7, a network and related protocol that is particularly used by phones when roaming. Circles created its own phone company to gain this access for surveillance purposes.

Other surveillance companies have bought their way into the SS7 network for as little as $22 an hour. The main underlying issue with SS7 is that the network does not authenticate who sent a request, so if someone gains access, SS7 will treat their requests to reroute communications as legitimate, letting spies listen in on texts, calls, or locate the device too.

An NSO spokesperson told Motherboard in an emailed statement that “In order to ensure that we are operating as efficiently as possible, we have recently restructured the development of one of our tactical search and rescue products, and shifted resources to other existing group locations. These changes will further our mission to prevent terrorism and serious crime.” Circles has another base in Bulgaria, the two former employees said.

NSO merged with Circles in 2014 after American private equity firm Francisco Partners bought Circles for $130 million. While Circles focuses on network exploitation, NSO develops malware for targeting cellphones themselves. Its main product, dubbed Pegasus, is capable of infecting Android and iPhone phones, and can siphon photos, messages from encrypted messaging programs, turn on a device's microphone, and much more. Together, the two suites of tools could form a powerful surveillance capability; SS7 attacks can also be used to deliver malware to target devices.

“They exaggerated their system's abilities.”

But months before the Cyprus office closure, one of the former employees described to Motherboard how Circles' product didn't necessarily match well with NSO's.

"The idea was that the sum will be greater than its parts. That they will increase the attack vector, but in reality there were few successes in integration. They exaggerated their system's abilities," the former NSO employee said of Circles.

The source said NSO had "awful integration with Circles." The second former employee said the integration "wasn't great."

But one of the sources added that the SS7 geolocation system itself worked "very well" in Mexico. Mexico is one of NSO's largest clients, with journalists and researchers uncovering extensive use of NSO products in the country. NSO malware was used to target lawyers, journalists, and politicians in Mexico.

According to a lawsuit filed in 2014 in Israel and Cyprus and mentioned by Haaretz, an official from the United Arab Emirates’ Supreme Council for National Security emailed Eric Banoun, a Circles executive, and asked them to intercept the communications of the editor of the Al Arab newspaper even though this was not included in the client’s license. Shortly after, Ahmad Ali al-Habsi, the official, received an email with the recordings.

Motherboard previously reported how NSO pitched a product codenamed Landmark to the Los Angeles Police Department. A former NSO employee previously said that Landmark is an SS7-based geolocation capability.

Cyprus has attracted multiple surveillance firms in recent years.

"While Cyprus is working to shake its reputation as a haven for Russian criminal cash, I can't imagine that the country is thrilled to see that a growing number of shady surveillance vendors are setting up shop," John Scott-Railton, senior researcher from Citizen Lab, based in the Munk School of Global Affairs at the University of Toronto, which has extensively followed NSO's work, told Motherboard.

"There is historic jurisdictional affinity between arms dealers and money launderers. Both prefer to disguise who they do business with, and how they move their money. I read the preference for places like Cyprus as yet another indication that spyware vendors have more in common with arms traders than software startups," he added.

Last year, Cyprus authorities arrested employees of surveillance firm WiSpear after the company demonstrated its so-called spy van to Forbes in the country. The CEO of WiSpear Tal Dilian is an original co-owner of Circles.

In a March 2019 letter addressed to various human rights groups including Amnesty International, Stephen Peel, founding partner at European private equity firm Novalpina Capital wrote that some of NSO's products are exported from Cyprus. Novalpina bought a majority stake in NSO in February 2019.

In May 2019, activist group Access Now wrote to authorities in Bulgaria and Cyprus, asking them to further scrutinize NSO exports due to abuses of NSO's technology.

NSO Group Closes Cyprus Office of Spy Firm syndicated from https://triviaqaweb.wordpress.com/feed/

0 notes

terabitweb · 5 years ago

Text

Original Post from Krebs on Security Author: BrianKrebs

In April 2013, I received via U.S. mail more than a gram of pure heroin as part of a scheme to get me arrested for drug possession. But the plan failed and the Ukrainian mastermind behind it soon after was imprisoned for unrelated cybercrime offenses. That individual recently gave his first interview since finishing his jail time here in the states, and he’s shared some select (if often abrasive and coarse) details on how he got into cybercrime and why. Below are a few translated excerpts.

When I first encountered now-31-year-old Sergei “Fly,” “Flycracker,” “MUXACC” Vovnenko in 2013, he was the administrator of the fraud forum “thecc[dot]bz,” an exclusive and closely guarded Russian language board dedicated to financial fraud and identity theft.

Many of the heavy-hitters from other fraud forums had a presence on Fly’s forum, and collectively the group financed and ran a soup-to-nuts network for turning hacked credit card data into mounds of cash.

Vovnenko first came onto my radar after his alter ego Fly published a blog entry that led with an image of my bloodied, severed head and included my credit report, copies of identification documents, pictures of our front door, information about family members, and so on. Fly had invited all of his cybercriminal friends to ruin my financial identity and that of my family.

Somewhat curious about what might have precipitated this outburst, I was secretly given access to Fly’s cybercrime forum and learned he’d freshly hatched a plot to have heroin sent to my home. The plan was to have one of his forum lackeys spoof a call from one of my neighbors to the police when the drugs arrived, complaining that drugs were being delivered to our house and being sold out of our home by Yours Truly.

Thankfully, someone on Fly’s forum also posted a link to the tracking number for the drug shipment. Before the smack arrived, I had a police officer come out and take a report. After the heroin showed up, I gave the drugs to the local police and wrote about the experience in Mail From the Velvet Cybercrime Underground.

Angry that I’d foiled the plan to have me arrested for being a smack dealer, Fly or someone on his forum had a local florist send a gaudy floral arrangement in the shape of a giant cross to my home, complete with a menacing message that addressed my wife and was signed, “Velvet Crabs.”

The floral arrangement that Fly or one of his forum lackeys had delivered to my home in Virginia.

Vovnenko was arrested in Italy in the summer of 2014 on identity theft and botnet charges, and spent some 15 months in arguably Italy’s worst prison contesting his extradition to the United States. Those efforts failed, and he soon pleaded guilty to aggravated identity theft and wire fraud, and spent several years bouncing around America’s prison system.

Although Vovnenko sent me a total of three letters from prison in Naples (a hand-written apology letter and two friendly postcards), he never responded to my requests to meet him following his trial and conviction on cybercrime charges in the United States. I suppose that is fair: To my everlasting dismay, I never responded to his Italian dispatches (the first I asked to be professionally analyzed and translated before I would touch it).

Seasons greetings from my pen pal, Flycracker.

After serving his 41 month sentence in the U.S., Vovnenko was deported, although it’s unclear where he currently resides (the interview excerpted here suggests he’s back in Italy, but Fly doesn’t exactly confirm that).

In an interview published on the Russian-language security blog Krober[.]biz, Vovnenko said he began stealing early in life, and by 13 was already getting picked up for petty robberies and thefts.

A translated English version of the interview was produced and shared with KrebsOnSecurity by analysts at New York City-based cyber intelligence firm Flashpoint.

Sometime in the mid-aughts, Vovnenko settled with his mother in Naples, Italy, but he had trouble keeping a job for more than a few days. Until a chance encounter led to a front job at a den of thieves.

“When I came to my Mom in Naples, I could not find a permanent job. Having settled down somewhere at a new job, I would either get kicked out or leave in the first two days. I somehow didn’t succeed with employment until I was invited to work in a wine shop in the historical center of Naples, where I kinda had to wipe the dust from the bottles. But in fact, the wine shop turned out to be a real den and a sales outlet of hashish and crack. So my job was to be on the lookout and whenever the cops showed up, take a bag of goods and leave under the guise of a tourist.”

Cocaine and hash were plentiful at his employer’s place of work, and Vovnenko said he availed himself of both abundantly. After he’d saved enough to buy a computer, Fly started teaching himself how to write programs and hack stuff. He quickly became enthralled with the romanticized side of cybercrime — the allure of instant cash — and decided this was his true vocation.

“After watching movies and reading books about hackers, I really wanted to become a sort of virtual bandit who robs banks without leaving home,” Vovnenko recalled. “Once, out of curiosity, I wrote an SMS bomber that used a registration form on a dating site, bypassing the captcha through some kind of rookie mistake in the shitty code. The bomber would launch from the terminal and was written in Perl, and upon completion of its work, it gave out my phone number and email. I shared the bomber somewhere on one of my many awkward sites.”

“And a couple of weeks later they called me. Nah, not the cops, but some guy who comes from Sri Lanka who called himself Enrico. He told me that he used my program and earned a lot of money, and now he wants to share some of it with me and hire me. By a happy coincidence, the guy also lived in Naples.”

“When we met in person, he told me that he used my bomber to fuck with a telephone company called Wind. This telephone company had such a bonus service: for each incoming SMS you received two cents on the balance. Well, of course, this guy bought a bunch of SIM cards and began to bomb them, getting credits and loading them into his paid lines, similar to how phone sex works.”

But his job soon interfered with his drug habit, and he was let go.

“At the meeting, Enrico gave me 2K euros, and this was the first money I’ve earned, as it is fashionable to say these days, on ‘cybercrime’. I left my previous job and began to work closely with Enrico. But always stoned out of my mind, I didn’t do a good job and struggled with drug addiction at that time. I was addicted to cocaine, as a result, I was pulling a lot more money out of Enrico than my work brought him. And he kicked me out.”

After striking out on his own, Vovnenko says he began getting into carding big time, and was introduced to several other big players on the scene. One of those was a cigarette smuggler who used the nickname Ponchik (“Doughnut”).

I wonder if this is the same Ponchik who was arrested in 2013 as being the mastermind behind the Blackhole exploit kit, a crimeware package that fueled an overnight explosion in malware attacks via Web browser vulnerabilities.

In any case, Vovnenko had settled on some schemes that were generating reliably large amounts of cash.

“I’ve never stood still and was not focusing on carding only, with the money I earned, I started buying dumps and testing them at friends’ stores,” Vovnenko said. “Mules, to whom I signed the hotlines, were also signed up for cashing out the loads, giving them a mere 10 percent for their work. Things seemed to be going well.”

FAN MAIL

There is a large chronological gap in Vovnenko’s account of his cybercrime life story from that point on until the time he and his forum friends started sending heroin, large bags of feces and other nasty stuff to our Northern Virginia home in 2013.

Vovnenko claims he never sent anything and that it was all done by members of his forum.

-Tell me about the packages to Krebs. “That ain’t me. Suitcase filled with sketchy money, dildoes, and a bouquet of coffin wildflowers. They sent all sorts of crazy shit. Forty or so guys would send. When I was already doing time, one of the dudes sent it. By the way, Krebs wanted to see me. But the lawyer suggested this was a bad idea. Maybe he wanted to look into my eyes.”

In one part of the interview, Fly is asked about but only briefly touches on how he was caught. I wanted to add some context here because this part of the story is richly ironic, and perhaps a tad cathartic.

Around the same time Fly was taking bitcoin donations for a fund to purchase heroin on my behalf, he was also engaged to be married to a nice young woman. But Fly apparently did not fully trust his bride-to-be, so he had malware installed on her system that forwarded him copies of all email that she sent and received.

Fly,/Flycracker discussing the purchase of a gram of heroin from Silk Road seller “10toes.”

But Fly would make at least two big operational security mistakes in this spying effort: First, he had his fiancée’s messages forwarded to an email account he’d used for plenty of cybercriminal stuff related to his various “Fly” identities.

Mistake number two was the password for his email account was the same as one of his cybercrime forum admin accounts. And unbeknownst to him at the time, that forum was hacked, with all email addresses and hashed passwords exposed.

Soon enough, investigators were reading Fly’s email, including the messages forwarded from his wife’s account that had details about their upcoming nuptials, such as shipping addresses for their wedding-related items and the full name of Fly’s fiancée. It didn’t take long to zero in on Fly’s location in Naples.

While it may sound unlikely that a guy so immeshed in the cybercrime space could make such rookie security mistakes, I have found that a great many cybercriminals actually have worse operational security than the average Internet user.

I suspect this may be because the nature of their activities requires them to create vast numbers of single- or brief-use accounts, and in general they tend to re-use credentials across multiple sites, or else pick very poor passwords — even for critical resources.

In addition to elaborating on his hacking career, Fly talks a great deal about his time in various prisons (including their culinary habits), and an apparent longing or at least lingering fondness for the whole carding scene in general.

Towards the end, Fly says he’s considering going back to school, and that he may even take up information security as a study. I wish him luck in that whatever that endeavor is as long as he can also avoid stealing from people.

I don’t know what I would have written many years ago to Fly had I not been already so traumatized by receiving postal mail from him. Perhaps it would go something like this:

“Dear Fly: Thank you for your letters. I am very sorry to hear about the delays in your travel plans. I wish you luck in all your endeavors — and I sincerely wish the next hopeful opportunity you alight upon does not turn out to be a pile of shit.”

The entire translated interview is here (PDF). Fair warning: Many readers may find some of the language and topics discussed in the interview disturbing or offensive.

#gallery-0-5 { margin: auto; } #gallery-0-5 .gallery-item { float: left; margin-top: 10px; text-align: center; width: 33%; } #gallery-0-5 img { border: 2px solid #cfcfcf; } #gallery-0-5 .gallery-caption { margin-left: 0; } /* see gallery_shortcode() in wp-includes/media.php */

Go to Source Author: BrianKrebs Interview With the Guy Who Tried to Frame Me for Heroin Possession Original Post from Krebs on Security Author: BrianKrebs In April 2013, I received via U.S. mail more than a gram of pure heroin as part of a scheme to get me arrested for drug possession.

#Krebs on Security

0 notes

intell-news-blog · 6 years ago

Text

intelligence-news.com: Lawyer involved in suits against Israel's most notorious cyber-arms dealer targeted by its weapons, delivered through a terrifying Whatsapp vulnerability

NSO Group is a notorious Israeli cyber-arms dealer whose long trail of sleaze has been thoroughly documented by the University of Toronto’s Citizen Lab (which may or may not be related to an attempt to infiltrate Citizen Lab undertaken by a retired Israeli spy); NSO has been implicated in the murder and dismemberment of the dissident Saudi journalist Jamal Khashoggi (just one of the brutal dictatorships who’ve availed themselves of NSO tools), and there seems to be no cause too petty for their clients, which is why their malware has been used to target anti-soda activists in Mexico. Now, NSO has been caught deploying its “Pegasus” malware via a […] https://is.gd/N2trC8

0 notes

mostlysignssomeportents · 3 years ago

Text

The Attack Surface paperback is out! (and a once-in-a-lifetime deal on the Little Brother audiobooks)

It’s my book-birthday! Today marks publication of the Tor (US/Canada) paperback edition of ATTACK SURFACE, a standalone adult Little Brother book.

https://us.macmillan.com/books/9781250757517/attacksurface

Little Brother and its sequel Homeland were young adult novels that told the tale of Marcus Yallow, a bright young activist in San Francisco who works with his peers to organize resistance to both state- and private-sector surveillance and control.

The books’ impact rippled out farther than I dared dream. I’ve lost track of the number of cryptographers, hackers, activists, cyberlawyers and others who told me that they embarked on their tech careers after reading them.

These readers tell me that reading Little Brother and Homeland inspired them to devote themselves to taking technological control away from powerful corporations and giving it to people, putting them in charge of their own technological destiny.

This has been a source of enormous pride — never moreso than in Citizenfour, Laura Poitras’s documentary, when Edward Snowden grabs his copy of Homeland off his Hong Kong bedside table as he heads for a safe-house.

https://craphound.com/homeland/2014/12/02/when-ed-snowden-met-marcus-yallow/

Despite the growing movement of public interest, ethical technologists, the main current of the tech industry for decades has been an unbroken tendency towards spying, control, and manipulation.

These technological shackles are made by geeks who bear striking similarities to the Little Brother readers who’ve told me the story of their technopolitical awakenings — they share a love of the power of technology and the human connections we make through networks.

Without these people and their scarce expertise — arrived at through passionate exploration of tech — these technologies of control wouldn’t exist. They started from the same place as Marcus Yallow and his fans, but they took a very different path.

Attack Surface is the story of how that happens. Its (anti)hero is Masha Maximow, who appears as Marcus’s frenemy in the first two books — a more talented hacker than Marcus, who bats for the other side.

In Little Brother, Masha is working for the DHS in its project to turn San Francisco into a police state in the wake of a terrorist attack. In Homeland, she’s working on a forward operations base as a private military contractor, spying on jihadi insurgents.

When we meet her again in Attack Surface, Masha is a very highly paid senior technologist for a cyber-arms-dealer that sells spy tools to the most brutal, autocratic dictators in the world — something she’s deeply, self-destructively conflicted about.

When Masha gets caught helping pro-democracy protestors defeat the spyware she herself installed and maintained, she is cashiered and flees back home to San Francisco, where she makes a horrifying discovery.

Tanisha, her childhood best friend, who has devoted her life to racial justice struggles, is being targeted with the same malware that Masha helped inflict on protesters half a world away. For Masha, the war has come home.

That’s what makes this a book for adults, rather than a YA novel — it’s a tale about moral reckonings. It’s a story about being an adult that your younger self would neither recognize, nor approve of. It’s a story about redemption and struggle.

Like the other Little Brother novels, it’s a book whose technopolitics are firmly grounded in real-world technologies, from anti-malware countermeasures for state phone hacking to defeating facial recognition by exploiting machine learning’s deep flaws.

The book’s been out for a year now, and in addition to praise from the trade press and newspapers like the Washington Post, it’s attracted a loyal following of readers, many of whom never read Little Brother or Homeland.

Like the public interest technologists who tell me how Little Brother helped set the course of their lives, these Masha Maximow fans tell me how reading Attack Surface helped change that course — made them confront the compromises they’d made and decide to make a change.

It’s an honor and a privilege to have affected so many lives in this way, and I’m profoundly grateful to the readers who’ve contacted me to tell me about their experience of the book.

And now the paperback is out! A whole new group of readers can discover Masha, Attack Surface, and read about how it’s never too late to reckon with the morality of your past self’s actions.

You may recall that I produced my own audiobook for Attack Surface — something I had to do because Audible — Amazon’s monopoly audiobook company — refuses to carry my work because I won’t put DRM on it.

The audiobook was amazing — read by Buffy’s Amber Benson, who put in a virtuoso performance, and the presales audiobook was the most successful audiobook Kickstarter in crowdfunding history.

https://www.kickstarter.com/projects/doctorow/attack-surface-audiobook-for-the-third-little-brother-book/

Like the print novel, the audiobook for Attack Surface has enjoyed a brilliant post-launch afterlife, selling briskly and attracting great reviews.

To celebrate the paperback’s release, I’m offering the Attack Surface audio, along with the audio for Homeland (read by @wilwheaton) and Little Brother (read by Kirby Heyborne) — normally $70 in all — in a bundle for $30:

https://sowl.co/uqT2G

As with my other releases, my local indie bookstore, Dark Delicacies, is accepting orders for signed copies of the paperback — I’ll even drop by and personalize them for you!

https://www.darkdel.com/store/p1840/Cory_Doctorow_-__Attack_Surface_HB_%26_TPB.html#/

If the themes of Attack Surface interest you, I recommend checking out the video and audio archives of the Attack Surface Lectures, a series of eight online panels hosted by indie bookstores and undertaken with a range of stellar guest-speakers, available as video and audio.

“Politics and Protest,” with Eva Galperin and Ron Deibert, hosted by The Strand:

https://craphound.com/attacksurface/2020/11/16/the-attack-surface-lectures-politics-and-protest-fixed/

“Cross-Media SF,” with Amber Benson and John Rogers, hosted The Brookline Booksmith:

https://craphound.com/attacksurface/2020/11/17/the-attack-surface-lectures-cross-media-sci-fi/

“Race, Surveillance and Tech,” with Malkia Cyril and Meredith Whittaker, hosted by Booksmith:

https://craphound.com/attacksurface/2020/11/18/the-attack-surface-lectures-intersectionality-race-surveillance-and-tech-and-its-history/

“Cyberpunk and Post-Cyberpunk,” with Bruce Sterling and Christopher Brown, hosted by Andersons:

https://craphound.com/attacksurface/2020/11/19/the-attack-surface-lectures-cyberpunk-and-post-cyberpunk/

“Opsec and Personal Cybersecurity,” with Runa Sandvik and Window Snyder, hosted by Third Place Books:

https://craphound.com/attacksurface/2020/11/23/the-attack-surface-lectures-opsec-and-personal-cyber-security/

“Sci Fi Genre,” with Chuck Wendig and Sarah Gailey, hosted by Fountain Bookstore:

https://craphound.com/attacksurface/2020/11/24/the-attack-surface-lectures-sci-fi-genre/

“Tech in SF,” with Annalee Newitz and Ken Liu, hosted by Interrabang:

https://craphound.com/attacksurface/2020/11/25/the-attack-surface-lectures-tech-in-sf/

I’m eternally grateful to all the people who helped with this book — the editorial team at Tor, the booksellers, my co-panelists, the reviewers and critics, the audiobook team, my Kickstarter backers, and you, my readers. Thank you.

#pluralistic

20 notes · View notes

squats-and-tacos-blog · 7 years ago

Text

Kaspersky Promo Code

Different from many companies launching discount promotion only, MacXDVD also offers giveaway on their most popular products for Facebook fans specially. Maqui Berry is quickly growing in reputation which is not any surprise as it's well documented that it has the very best recognized antioxidant worth of some other tremendous fruit. For example, when I was teaching holistic nutrition years ago, I sometimes wondered why people were paying me (or WOULD pay me) to teach them about whole foods versus processed foods. Especially with all of the mobile technology going on these days, and the fact that it is sometimes hard to keep everything organized, utilizing some type of Kaspersky discount 2018 VPS Kaspersky discount coupon 2018 hosting service is going to be a huge Kaspersky coupon 2018 benefit to you either personally or professionally, once you begin to get organized. They both offer very similar packages and benefits, and in fact have both been purchased by the same company - EIG, and are now hosted in a large server farm in Utah. You can choose the minimum package you can get away with then upgrade as your site grows. Submit to quality web directories only, such as Business.com, BOTW.com. But somehow the weight issue remains a weighty one until a tipping point is reached. But, from my perspective, the grey area tipping point was most often the personal factors of rapport, relationship and trust, and almost never the tactical manipulations of the salespeople involved. Two of the most necessary components you definitely poorness to mull are store and bandwidth. Through this link directory, your link reputation and page rank will enliven as well as your search engine will boost up. Using a spam filtering service on everyone's email will be a lucrative idea. Xeoma also allows you to connect multiple computers with the software installed and view feeds on the server computer. However, this layout might not be Kaspersky promo the most efficient if there is already a type of wallpaper that goes Kaspersky discount coupon halfway or most of the way up the wall. You need to find out what the main requirement of a website is. Malls/ Department Stores- Most of these stores offer Kaspersky promo 2018 discount slips and cards to promote their sales. Another interesting fact from the study: 39% of those polled admitted eating pizza for breakfast at some point! For example, when you are downloading some toolbar from a website, without even knowing it, other harmful viruses enter the system and start spreading through your emails, applications and other data. You may be trying to decide whether you're going to go for a classic, manual transmission gear box or the semi-automatic, dual-shifting gear box. Contact us for outsource work, outsourcing Pakistan freelancers, or required a freelance graphic Designer for your freelance projects or freelance websites and find the freelance programmers, graphic designers, web designers, and web developers. Irritable Bowel Syndrome (IBS): Also known as spastic colon, IBS may be accompanied by abdominal pain, diarrhea, headaches, low back pain and chest pain. Even some very famous stars have helped to make these interesting accessories become a bit more mainstream, so much so that each time you set foot away from home you are likely to spy a fun-loving person donning a fluffy panda hat with paws or a red fox spirit hood. Some of the ingredients listed may have undesirable side effects. In 2 Treadmill Workouts To Help You Lose 5 Pounds Of Fat part 2, I will reveal a technique that can help you run faster, burn more calories, speed up your metabolism. What you really need to keep control of is the calorie intake. Then you spend between seven and ten days consuming Kaspersky coupon code only lemonade plus water. It has sensible default configuration, clear and appropriate reactions on malware discovery, and useable scanning options in Safe Mode. Remember that you are going for a drive to show the examiner that you can be safe while driving on public roads. This cross trainer exerciser (just like numerous others) can be set up to use whilst you are watching television or listening to music. Freightliner commercial and work Kaspersky promo code trucks, new and used, are available for sale with clearance prices and special dealer lending due to this economic down turn. Detection Kaspersky coupon signatures are being updated or modified by security vendors because it does not only add new virus signatures, but also enhances the detection for existing virus signatures. They move to other hosting solutions opting for any one of the choices previously described. This will enable it to identify and deal with any new threats that are making the rounds online. When people purchase Kaspersky discount web hosting services, they may only focus on the price of the plans. Reliable business directories online help retailers the ideal source of wholesalers faster due to the various categories are neatly categorized and easily accessible. It is a flexible and unlike the shared one the concerned individual has got full control over the server such as operating the hardware, system etc. You don't need to have software that is going to have a high learning curve to it. Just the sound of that - "nutrition" - how does it make Kaspersky coupon code 2018 you feel compared to "diet?" I'm SERIOUS, Kaspersky promo code 2018 THINK about that.

0 notes

emosupremo-blog · 7 years ago

Text

Kaspersky Coupon

They may be much cheaper than other options but you will have no way to be sure they are in full working order. If you notice that certain actions take much longer then usual, you should be concerned. Microsoft had announced that it will offer $250,000 to the person who will provide information about the culprit, but the investigation is still continuing. No; however malicious hackers Kaspersky discount and bots sometimes Kaspersky coupon 2018 crawl sites and may register email addresses on signup forms Kaspersky promo code 2018 that are from a dead domain that could coincidentally, have been 'harvested' by a honeypot blacklist. Thankfully, right now there are really a few sensible sources of Joann Fabrics coupons which are usually about date and even reliable. Pegasus InfoCorp is an India based web design, web development and online/offline software development company. You might also want a web host that uses control panel to make setting up and managing your Kaspersky discount coupon hosting account quick and easy. Some considerations for purchasing laptop locks include, size (whether grumpy or small), design (old fashioned or fit to contemporary offices/corporates), amount of security they offer, interference with the aesthetics of the room, simplicity in the installation. Additional features include automated port costs and canal fee calculation, charter cost calculation, integrated distance table, invoice reconciliation and voyage result analysis. Update Server has a web-based interface, which facilitates easy configuration and monitoring from any computer connected to the network. Moreover, the lessons learned can be applied immediately to improve today's performance. Malware, Spy ware can equally be used in stealing things like the number of your credit card, your social security number or even your bank account number. If you lawyer miscalculates your sentencing guidelines, you will usually not be allowed to withdraw Kaspersky coupon your Kaspersky discount coupon 2018 plea. Updates come in the following ways: Updates for the malware signatures - as new threats appear, the files containing malware signatures must be updated to ensure permanent up-to-date protection against them. AVG Anti-Virus Free of charge Variation is often a no Kaspersky promo cost online antivirus plan who has obtained substantial signifies because of its consistency. With a hardness rating of 56-58 HRC, the moderate carbon and low chromium steel combination enables the blade to hold its edge quite well. If your Web visitor has moved past your home page and finds you to be legit, he or she will now want to know if you can really give them what they want. So - enjoy the updated version of my Mt. A contextual menu is available, allowing you to manage quarantined files easily. Why Buy Simple Software for a Complicated Industry?Problem was it didn't do everything a Builder needed. Is there such a thing as foods that help you lose weight fast? The results of the testing in America will be presented at the meeting by Jacobsen. Open source applications were developed by an open community of developers all taking part in designing, improving, testing and finalizing the application. This application is used for the mid sized industries for performing accounting; operations; customer relationship management (CRM); human resources (HR); time tracking; and merchant services. Warning to user, do not click on them as you entice and will trigger more downloading of spyware. The Albuquerque website developers should be able to help you Kaspersky discount 2018 with creating the right customer care services to help customers learn about the company and report their experiences about the brand advertised on your website. Despite the economic condition, there are people who keep changing their sets, disposing them in various second-hand dealers. An excellent security suite for a home is under 50$ per year. It will be much more than you bargained for should you go with out antivirus protection for your laptop or computer. Its weight loss abilities were discovered by a doctor named A.T.W. Next step Kaspersky promo code will be to see whether you are running updated browser. How the web hosting company communicates with Kaspersky coupon code 2018 customers is another factor to be seriously considered about a web hosting company. Become free from Downadup.DY infection in one click and enjoy Kaspersky coupon code stability of your Windows. Remember that those who will be looking at your collection for a possible trade or buy out will be collectors too. One can also use Archive Manager to save a return before any amendment. Our wisdom and experience are gifts that are good to pass on and we often surprisingly get back a lot more. It then proceeds to tell you that your computer is under attack from a outside source and Kaspersky promo 2018 your personal information is in danger. The resultant variations from state to state, (including differences in verification and penalty clauses), pose difficulties for suppliers of electrical and electronic goods in developing compliance programs.

0 notes

paintedfragments-blog1 · 7 years ago

Text

Kaspersky Coupon

0 notes

finessaaaa-blog1 · 7 years ago

Text

Kaspersky Coupon

0 notes

bluewhisky-blog1 · 7 years ago

Text

Kaspersky Coupon

0 notes

shirlleycoyle · 5 years ago

Text

The Cybersecurity Stories We Were Jealous of in 2019

Cyber! Cyber! Cyber! We all love information security here at Motherboard. It seems no one can have enough cyber in their lives these days.

Yet, 2019 was actually kind of a slow year in terms of cybersecurity news, perhaps because hackers are saving their best shots for 2020. Still, there were some truly astounding and enthralling stories published on the internet about hackers, digital privacy, and surveillance.

As we did last year, we’re rounding up our favorite stories not written by us. We call it Motherboard’s Cyber Jealousy list, our annual hat tip to our awesome competitors, friends, and enemies at other outlets. Thanks for being awesome and pushing us to do better and working with us to give readers important stories they need to care about. We love scooping you, we hate being scooped by you, but in the end we’re all working toward the same goal: writing impactful cybersecurity stories in the public interest.

Without further ado, here’s our list of the best infosec stories published elsewhere. Enjoy and see you in 2020!

The Untold Story of the 2018 Olympics Cyberattack, the Most Deceptive Hack in History

By: Andy Greenberg

This is the blow-by-blow account of how Russian government hackers targeted the Pyeongchang's Winter Olympics in South Korea, shutting down part of its IT infrastructure during the opening ceremony. The most surprising part of this hack is that the perpetrators cleverly hid their provenance, with layers of false flags to deceive investigators looking into the hack. The hackers, for example, used a data-deleting tool used by North Korean government hackers, and password-stealing code previously used by Chinese government hackers in an attempt to lead investigators to point the finger to the wrong country. In this story, an excerpt from his new book Sandworm, Andy Greenberg tells us how researchers were able to unravel the web of planted clues and find the real culprits.

The Sinkhole That Saved the Internet

By: Zack Whittaker

In May of 2017, an unprecedented ransomware outbreak hit hundreds of thousands of computers all over the world, including systems belonging to the UK’s National Health Services, forcing health care facilities to turn patients away and close emergency rooms. The virus was called WannaCry, and its viral spread was stopped by two clever security researchers who realized the malware included a kill-switch. This enthralling piece details for the first time what it was like to stop WannaCry directly from the point of view of the two researchers, Marcus Hutchins—aka MalwareTech—and Jamie Hankins.

Inside The UAE’s Secret Hacking Team Of American Mercenaries

By: Christopher Bing and Joel Schectman

DarkMatter, the shadowy cybersecurity company from Dubai, has long been under scrutiny for its alleged shady practices. Chris Bing and Joel Schectman published this bombshell of a story that finally showed faces and concrete stories: the company was using former US intelligence operatives to run espionage operations on behalf of the United Arab Emirates government. A former NSA analyst went on the record for this story, providing documents and other data that showed how American DarkMatter employees targeted journalists and human rights workers, sometimes using a sophisticated iPhone hacking tool to hack their targets. The Reuters duo followed up this deep-dive with another scoop just a few days ago, revealing that White House cybersecurity veterans played a key role in building the UAE’s intelligence apparatus in the late 2000s and early 2010s.

Beto O’Rourke’s Secret Membership In America’s Oldest Hacking Group

By: Joseph Menn

This incredible story about Texas politician Beto O’Rourke’s membership in one of the oldest American hacking collectives, Cult of The Dead Cow, is a wild ride. As part of the hacktivist group in the 1980s, O’Rourke wrote a murder fantasy in which the narrator drives over children, imagined a world without money, and stole long distance phone calls. He didn’t actually hack much, but he was an active member and attended hacker conferences. His membership in the group was kept secret for decades, until Joseph Menn revealed it in this article, part of his book on the hacktivist group. O’Rourke’s presidential bid is over, but, perhaps, his story will help normalize how Americans see hackers in the future.

Undercover Agents Target Cybersecurity Watchdog

By: Raphael Satter

This was legitimately one of the most grotesque stories of the year. Spies working for a private intelligence company targeted researchers at Citizen Lab, a digital rights watchdog known for tracking spyware companies. The spies approached the researchers under false premises and were unmasked when one of the targets, John Scott-Railton, worked with journalist Raphael Satter to set up a sting operation against the spies. When Scott-Railton met in New York City with one of the spies, Satter crashed the meeting along with videomakers to confront the spy. The spy’s operation was so weird and sloppy that Satter described it as “half John Le Carré and half Mr. Bean.”

Inside Google’s Team Fighting to Keep Your Data Safe From Hackers

By: Robert McMillan

This was a good profile of a little-known Google security team that tracks government hackers: the Threat Analysis Group, or TAG. In this piece, The Wall Street Journal’s Robert McMillan scored one of the first ever interviews with TAG’s leader, Shane Huntley, who is a former Australian government hacker himself. Huntley talked about what his team does and what hackers they track, sharing details about some of the operations they derailed for the first time. (Note: Huntley later came onto our podcast CYBER.)

Attacking the Heart of the German Industry

By: Hakan Tanriverdi, Svea Eckert, Jan Strozyk, Maximilian Zierer, and Rebecca Ciesielski

It's always impressive and rewarding when reporters take tools usually reserved for cybersecurity professionals but use them to uncover something journalistically. In this case, a joint investigation by German public broadcasters BR and NDR found that Chinese state-backed hackers had broken into German companies. They didn't do this based entirely on talking to sources, but by scanning company servers for signs of Chinese malware.

"In all cases where Winnti was installed, the malware will respond to our request. This tells us: That company has been hacked," the article reads, referring to the specific strain of malware.

A Multimillionaire Surveillance Dealer Steps Out Of The Shadows . . . And His $9 Million WhatsApp Hacking Van

By: Thomas Brewster

Perhaps the most bizarre cyber story of the year. This is the profile of a shady Israeli surveillance maker, who sells a $9 million hacking van, which is supposed to be able to hack nearby phones equipped with WhatsApp—“the A-Team truck spliced with a Bond car,” as the author of the piece, Thomas Brewster, put it. In the article, the surveillance maker, named Tal Dilian, defended his industry’s reputation, saying people like him, or the controversial spyware maker NSO Group, “are not the policemen of the world, and we are not the judges of the world,” meaning it’s up to their customers to do the right thing, they just provide the tools. Dilian clearly is a believer, as he agreed to show Brewster the van for an accompanying video.

These Hackers Made an App That Kills to Prove a Point

By: Lily Hay Newman

Medical devices’ security has been under scrutiny and under suspicion for a few years now. But this story drives home how dangerous flaws in these devices can be. A group of researchers made an app that can remotely control insulin pumps, potentially giving hackers the ability to hurt—and perhaps kill—patients. "We’ve essentially just created a universal remote for every one of these insulin pumps in the world," said one of the researchers in what’s truly a terrifying quote captured by Lily Hay Newman.

The Inside Story Of The World's Most Dangerous Malware

By: Blake Sobczak

In 2017, an oil refinery in Saudi Arabia was hit by what some described as the most dangerous malware ever used, which had the ability to interact with the plant’s safety systems, potentially causing physical damage and hurting people in the refinery. At the time, the identity of the victim, as well as many of the details of the attack, stayed out of the public’s view. In this long and well-sourced feature, E&E News’ Blake Sobczak revealed the name of the company hit by the malware, the oil giant Petro Rabigh, the people who investigated it, and how the hackers played cat-and-mouse with attempts to kick them out of the company’s network. This story wasn’t easy, as most of the people and organizations involved declined to talk to Sobczak on the record, as it usually happens in such high-profile cyberattacks.

How The U.S. Hacked ISIS

By: Dina Temple-Raston

It’s very rare for hackers who work for intelligence agencies—especially those fighting terrorists—to talk to journalists, given that their work is often classified. NPR veteran reporter Dina Temple-Raston somehow convinced several people who worked for the U.S. military on operations to hack ISIS to do just that. In this story, she reveals how the U.S. Cyber Command and the NSA identified and took down key infrastructure used by the terrorist organization at the height of its popularity—an absolute must-read.

The Cyber speaks: What will actually happen in 2020

By: Kelly Shortridge

As we approach the end of the year, cybersecurity companies—for some reason I can’t really fathom—rush to compile relatively vague, mostly meaningless predictions of what will happen in the hacking world. It’s a yearly tradition very few cherish. No one made fun of it in such a smart was as Kelly Shortride did in this article on Cyberscoop. Shortridde forced a bot to read more than 1,000 (!) cybersecurity predictions and then come up with its own predictions using machine learning. The results are simply hilarious. “Don’t be chilled by what you don’t know. You ain’t cybersecurity.” Amen, dear bot.

Ghost Ships, Crop Circles, And Soft Gold: A GPS Mystery In Shanghai

By: Mark Harris

This story has it all. How do you not want to read this after seeing that headline? Summarizing it may be spoiling it, so just trust us and read this bamboozle of a piece.

Tracking Phones, Google Is a Dragnet for the Police

By: Jennifer Valentino-DeVries

These two companion pieces are as shocking as well reported by veteran Jennifer Valentino-DeVries, someone who was writing about digital surveillance way before many cared about it. In this investigation, she reveals how investigators are using precise locations gathered by Google to track criminals all over America. These investigations relied on a giant, and previously unknown, Google database eerily called Sensorvault, which “turn the business of tracking cellphone users’ locations into a digital dragnet for law enforcement,” as the Times put it.

All The Incredible Ring Scoops All Over The Internet

By: Sam Biddle; Dell Cameron and Dhruv Mehrotra; Kari Paul; Alfred Ng

Ring, Amazon’s dystopian front-door camera surveillance startup, has really been one of the hottest stories of the year. It’s been thoroughly written about and meticulously dissected by so many journalists that it would be almost unfair to single out just one story. So we decided it’s better to name a bunch of them (and forgive us to remind you to read Motherboard own series by Caroline Eha):

Amazon’s Ring Planned Neighborhood “Watch Lists” Built On Facial Recognition

Ring’s Hidden Data Let Us Map Amazon's Sprawling Home Surveillance Network

Everything Cops Say About Amazon's Ring Is Scripted or Approved by Ring

Amazon's Doorbell Camera Ring Is Working With Police – And Controlling What They Say

Ring Let Police View Map Of Video Doorbell Installations For Over A Year

Subscribe to our cybersecurity podcast, CYBER.

The Cybersecurity Stories We Were Jealous of in 2019 syndicated from https://triviaqaweb.wordpress.com/feed/

0 notes

securitynewswire · 7 years ago

Text

WiFi plus Malware vers Surveillance Dealers Answer To Spying On WhatsApp Forbes

SNPX.com : http://dlvr.it/Q4f95Z

0 notes

thelovelyleahgotti-blog · 7 years ago

Text

Kaspersky Coupon Code

0 notes