Search
Items tagged with: cybersecurity
In the #AFP, there are area commands, with units from the different services under its wing, and there are commands that offer support to the whole military. The #CyberGroup is one of those support units, alongside the AFP Reserve Command and Procurement Service, among others. #Philippines #cybersecurity
Brawner said he wants the Cyber Group expanded into a command so it can have more personnel and equipment.
AFP chief Brawner eyes #CyberCommand
https://www.rappler.com/philippines/afp-chief-brawner-eyes-expanded-command-cyber-warriors/
AFP chief Brawner eyes 'Cyber Command'
The Philippine military chief says the AFP is subject to hacking attempts ‘almost every day’Bea Cupin (Rappler)
NEW: "shocking and depressing"
"...even in this room I am speaking to people who were victims of this system"
#Poland's prosecutor general testifies to 🇵🇱#polish parliament about hacking of 100s with #Pegasus spyware.
Story: https://apnews.com/article/poland-spyware-pegasus-nso-group-israel-413bb3cb27daac011d52b524c6d16160
#polska #cybersecurity #spyware #malware #infosec #surveillance #EU #Europe
Poland's prosecutor general says previous government used spyware against hundreds of people
Poland’s prosecutor general has told the parliament that powerful Pegasus spyware was used against hundreds of people during the former government in Poland. Among them were elected officials.VANESSA GERA (AP News)
There's a disgraceful ecosystem of public relations & lobbying firms using hackers for hire.
Sometimes they are used to silence critics & advocacy groups.
Like US nonprofits doing climate advocacy.
Our investigation into a group we christened #DarkBasin uncovered a sprawling #India-based hack-for-hire operation.
They enabled US corporations to outsource lawbreaking.
https://citizenlab.ca/2020/06/dark-basin-uncovering-a-massive-hack-for-hire-operation/
#infosec #cybersecurity #malware #hacking #climatechange #climatecrisis #exxon #phishing
Dark Basin: Uncovering a Massive Hack-For-Hire Operation - The Citizen Lab
Over the course of our multi-year investigation, we found that Dark Basin likely conducted commercial espionage on behalf of their clients against opponents involved in high profile public events, criminal cases, financial transactions, news stories,…John Scott-Railton (The Citizen Lab)
I'd bet my bottom dollar that this "unnamed...PR and lobbying firm" knows exactly who they are...
...and are no doubt experiencing an afternoon of the purest panic.
Using the offshore hack-for-hire ecosystem has been largely consequence-free for the middlemen & the ultimate beneficiaries of stolen information.
The tide may be turning & this latest arrest suggests that more consequences may be inbound.
#hacking #infosec #spyware #malware #cybersecurity #phishing #India
BREAKING: #Israeli private investigator arrested for cyberespionage on behalf of American PR firm.
Caught by UK under #RedNotice from 🇺🇸US while boarding a flight.
BIG TWIST in a wild case that began w/our @citizenlab investigation into indian hack-for-hire group #belltrox
Sound familiar?
Because Amit Forlit is the *second* PI from #Israel arrested in similar way for this case.
First = convicted.
#hacking #cybersecurity #infosec #malware #espionage #intelligence
Hello friends, I've seen the below image come up a few times elsewhere and am going to expound a little!
While the hyperlinks in the image display correctly, those aren't actually the addresses of those sites! Instead, they're the Internationalized Domain Name replacements - examples of what are called IDN Homograph Attacks.
It's incredibly hard to include all characters from all active alphabets in the mechanisms that resolve domain names - so currently that letter set is restricted, and instead uses a translation system called Punycode to move between a visual URL with the correct characters and a domain name your computer can actually resolve to a website.
So while neurovagrant[.]com is fine either way, nӘ̃urovagrant[.]com isn't! The actually domain would be xn--nurovagrant-rkg322d[.]com.
Notice that xn-- ! That's what tells browsers and other software that it's an IDN domain, and to try and translate it.
Attackers use this to their benefit. So:
xn--mcrosoft-security-teams-1ec[.]com can appear in your email, on your twitter feed, in other places visually as: mícrosoft-security-teams[.]com
You may think you're signing in to check your retirement at vanguarɗ[.]com but it's actually sent you to xn--vanguar-4cd[.]com
A link that appears as vḙnmo[.]com actually sends you to the website xn--vnmo-q64a[.]com
They even target kids! Take a look at xn--rblox-jua[.]com - which looks like röblox[.]com in most settings. Note the diacritical mark above the first o.
If anything looks off, there's a reason. Always view links with skepticism, don't click on things unnecessarily, and always sign into the sites you use by going to the domain name you know.
Stay frosty out there, friends.
#cybersecurity #infosec #StayFrosty
"Citizen, leave a copy of your home keys at the police station."
Hmm, people won't like that.
How about, "home-builders have a social responsibility ...[and must give police copies of all house keys]"
Much better.
#Europol taking another stab at the encryption fight.
#Encryption #privacy #infosec #cybersecurity #europe #surveillance