CosicBe

Piratenpartij, 22 days ago to random Dutch

270 wetenschappers uit 33 landen maken gehakt van de laatste voorstellen van de Raad van de EU voor #chatcontrole en waarschuwen voor "catastrofale gevolgen":
▶️ ondermijnt communicatie en systeemveiligheid
▶️ ongekende toezichts- en controlemogelijkheden
▶️ Miljoenen valse alarmen te verwachten
▶️ #chatcontrole is techno-oplossingsgericht en zal kindermisbruik nauwelijks tegengaan
#chatcontrol
https://nce.mpi-sp.org/index.php/s/eqjiKaAw9yYQF87

jsrailton, 25 days ago (edited 25 days ago) to hacking

BREAKING: #Israeli private investigator arrested for cyberespionage on behalf of American PR firm.

Caught by UK under #RedNotice from 🇺🇸US while boarding a flight.

BIG TWIST in a wild case that began w/our @citizenlab investigation into indian hack-for-hire group #belltrox

Sound familiar?

Because Amit Forlit is the second PI from #Israel arrested in similar way for this case.

First = convicted.

https://www.reuters.com/world/israeli-private-eye-arrested-uk-over-alleged-hacking-us-pr-firm-2024-05-02/

#hacking #cybersecurity #infosec #malware #espionage #intelligence

glynmoody, 25 days ago to random

EU plan to force messaging apps to scan for #CSAM risks millions of false positives, experts warn - https://techcrunch.com/2024/05/02/eu-csam-scanning-council-proposal-flaws/ of course, as we have been saying for years...

restofworld, 25 days ago to random

As the Indian government expands its powers over online speech, the threat of a full-scale WhatsApp ban is closer than it’s been in years

https://restofworld.org/2024/exporter-whatsapp-encryption-india/?utm_source=mast

tjmcintyre, 25 days ago to random

A new open letter signed by more than 270 scientists from 33 countries warning for the risks of the modified CSAM (child sexual abuse) regulation proposed by the Belgian presidency. #chatcontrol
http://csa-scientist-open-letter.org

I've co-signed and can answer media inquiries for Ireland

wabrandsma, 26 days ago to random

'Autofabrikanten breken belofte over delen locatiegegevens met politie' https://www.security.nl/posting/840010/'Autofabrikanten+breken+belofte+over+delen+locatiegegevens+met+politie'
De autofabrikanten hadden aangegeven dat ze locatiegegevens van de voertuigen van hun klanten alleen na een gerechtelijk bevel met opsporingsdiensten zouden delen, maar dat blijkt in de praktijk niet te gebeuren.

TheConversationUS, 1 month ago (edited 1 month ago) to TikTok

Forcing a Chinese company to sell TikTok won’t solve the biggest problem with #TikTok: the fact that so people get their “#news” from platforms that are designed to hijack attention for commercial gain, not to deliver reliable information.

If China wants information on Americans, it can buy data from companies since there are no effective #privacy laws.

And American-owned Facebook and X have shown themselves to be as bad or worse as TikTok at spreading #misinformation.

https://theconversation.com/tiktok-fears-point-to-larger-problem-poor-media-literacy-in-the-social-media-age-226667

campuscodi, 1 month ago to random

A team of academics has looked at several ways to identify residential IP (RESIP) traffic.

The research comes as threat actors are building more and more RESIP botnets and renting access to these proxy networks to other threat actors to disguise the origin of malicious traffic.

https://chasesecurity.github.io/bandwidth_sharing/

tdp_org, 1 month ago to random

@tomatospy isn't pulling any punches (and is absolutely correct, IMO) on today's Risky Biz newsletter.

https://news.risky.biz/corporate-freeloading-makes-open-source-vulnerable/

fhe, 1 month ago to random

Join us for welcoming returning presenter Sergi Rovira, with Axel Mertens, from Universitat Pompeu Fabra (UPF) and @CosicBe respectively, presenting Convolution-friendly Image Compression in FHE, Apr 25th, 2024 @ 4PM CEST.

Don't miss it!

🗓️ https://fhe.org/meetups/049

#fhe #cryptography

jmaris, 1 month ago to opensource

This week, the #European Parliament signed off on the budget of the institutions, and it was a great week for #opensource: the sign-offs praise institutions for using Open Source software, encourage the adoption of #mastodon, and push for the generalisation of the use of Open Source in EU institutions.

campuscodi, 1 month ago to random

Threat actors are using fake stars and automated updates to manipulate GitHub search results and promote malware-infected projects.

The repos are Visual Studio projects that install malware on a developer's system when they build the app.

According to Checkmarx, the malicious code installs a version of Keyzetsu, a malware strain that can manipulate the Windows clipboard.

https://checkmarx.com/blog/new-technique-to-trick-developers-detected-in-an-open-source-supply-chain-attack/

campuscodi, 1 month ago to random

Apple sent threat notifications to iPhone users in 92 countries on Wednesday, warning them that may have been targeted by mercenary spyware attacks.

https://techcrunch.com/2024/04/10/apple-warning-mercenary-spyware-attacks/

campuscodi, 1 month ago to random

"The Solution of the Zodiac Killer’s 340-Character Cipher"

https://arxiv.org/abs/2403.17350

echo_pbreyer, 1 month ago to random German

🇩🇪Die Grundrechtsexperten von EDRi nehmen den neuesten Rats-Vorstoß zur #Chatkontrolle auseinander. Ihr Ergebnis: Weder verhältnismäßig, noch wird Verschlüsselung geschützt.

Die Analyse (englisch): https://edri.org/our-work/rearranging-deck-chairs-on-the-titanic-belgiums-latest-move-doesnt-solve-critical-issues-with-eu-csa-regulation/

Jetzt gilt es Druck zu machen! #Piraten

ilumium, 1 month ago to security

"The biggest source of conflict was an amendment ... that would prohibit #databrokers from selling consumer data to #lawenforcement and would require a warrant to access Americans’ information... National #security hawks in #Congress and local law enforcement groups joined forces to kill the amendment, with the National Sheriffs’ Association claiming it would “kneecap law enforcement” in a letter to Congress..."

https://www.theverge.com/2024/4/5/24122079/data-brokers-fisa-extension-nsa-section-702-surveillance-lexis-nexis

eff, 1 month ago to random

“This is the clearest picture that we’ve gotten of how cell-site simulators are operated, installed, and sold to police in years,” EFF’s @cooperq told @HorizonMass. “There absolutely needs to be case law requiring a warrant for a simulator.”
https://horizonmass.news/2024/04/03/feature-follow-up-surreptitious-simulation/

epicenter_works, 1 month ago to random German

EU governments have to recognise: The Council’s “new” #chatcontrol proposal is merely a repackaging & still crosses red lines that many Member States have already expressed. We call on them to reject a proposal that would clearly violate fundamental rights.https://edri.org/our-work/rearranging-deck-chairs-on-the-titanic-belgiums-latest-move-doesnt-solve-critical-issues-with-eu-csa-regulation/

hanse_mina, 1 month ago to Ukraine

Nr. 2 of @afd European Parliament election list audio-taped receiving Russian intelligence bribe.

Czech counter-intelligence agendy @biscz have audio recording of German Member of Bundestag @PetrBystronAfD receiving money from Russian espionage. Bystroň is also foreign policy spokesperson of the Bundestag fraction of Russian Alternative for Germany.

https://threadreaderapp.com/thread/1775206482956398690.html

https://denikn.cz/1391766/dukazem-maji-byt-zvukove-nahravky-co-rekl-koudelka-vlade-o-proruske-siti-a-nemeckem-politiku-bystronovi/

#Ukraine #Russia #AfD #Germany #EU #Czech

campuscodi, 1 month ago to random

Newsletter: https://news.risky.biz/risky-biz-news-supply-chain-attack-in-linuxland/
Podcast: https://risky.biz/RBNEWS269/

-Supply chain attack in Linuxland
-AT&T confirms 2019 data breach
-Canonical switches to manual reviews after flood of scam crypto apps
-HP leaves Russia
-Prisma Finance for $12mil
-NSA/Cybercom to keep election security group leaders anonymous
-250 Indians repatriated from Cambodia scam centers
-Fortra, TeamCity, and Splunk security updates
-Unconfirmed Signal zero-day
-Hot Topic discloses cred-stuffing attack

jbaert, 1 month ago to random

Finally banned from computer vision / image processing papers: the "Lena" playboy image that was used since 1972

https://arstechnica.com/information-technology/2024/03/playboy-image-from-1972-gets-ban-from-ieee-computer-journals/

eff, 1 month ago to random

Almost all of us rely on Wi-Fi outside of our homes. That access should be protected against government surveillance. https://www.eff.org/deeplinks/2024/03/eff-asks-oregon-supreme-court-not-limit-fourth-amendemtn-rights-based-terms

eff, 1 month ago to random

Face recognition technology has been plagued by bias because early models were “trained” mostly on white, male faces, @kashhill tells EFF’s Cindy Cohn & @jgkelley on the new episode of “How to Fix the Internet.” https://www.eff.org/deeplinks/2024/03/podcast-episode-about-face-recognition

PrivacyDigest, 1 month ago to privacy

AT&T says leaked data set affects about 73 million current, former account holders

Telecom company AT&T said on Saturday that a data set released on the "dark web" about two weeks ago has impacted approximately 7.6 million current account holders and 65.4 million former account holders, based on the company's preliminary analysis of the incident.
#att #privacy #security #leak

https://finance.yahoo.com/news/1-t-says-leaked-data-143508014.html

GossiTheDog, 1 month ago to random

HT to @wdormann here - somebody has backdoored the open source project XZ which has downstream impacts.

For example, although OpenSSH doesn’t use XZ, Debian patch OpenSSH and introduced a dependency which translates as the XZ changes introducing a sshd authentication bypass backdoor it appears.

One dude bothered to investigate in his free time about why ssh was running slow, so it was caught fairly early - i.e. hopefully before distros started bundling it.

https://www.openwall.com/lists/oss-security/2024/03/29/4