Zippyshare: Sharehoster spreads malware

Via Malvertising has been spreading a script on the sharehoster Zippyshare malware for a few days. The download page is affected.

The sharehoster Zippyshare is currently under criticism in several underground forums. Apparently, since a few days more and more malware is spread from there. For example, the illegal music portal CannaPower explicitly warns against using this provider.

In CannaPower's forum, it is suspected that cyber criminals may have infiltrated a malicious script to the sharehoster Zippyshare via advertising. All users are advised to use the site with utmost caution at this time.

👀 👉🏼 Translated with DeepL
https://tarnkappe.info/zippyshare-sharehoster-verbreitet-malware-ssl-zertifikat-war-abgelaufen/

#zs #zippyshare #malware #malvertising #alert
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

U.S. Used Patriot Act to Gather Logs of Website Visitors

A disclosure sheds new light on a high-profile national security law as lawmakers prepare to revive a debate over it in the Biden administration.

WASHINGTON — The government has interpreted a high-profile provision of the Patriot Act as empowering F.B.I. national security investigators to collect logs showing who has visited particular web pages, documents show.

But the government stops short of using that law to collect the keywords people submit to internet search engines because it considers such terms to be content that requires a warrant to gather, according to letters produced by the Office of the Director of National Intelligence.

The disclosures come at a time when Congress is struggling with new proposals to limit the law, known as Section 215 of the Patriot Act. The debate ran aground in the spring amid erratic messages from President Trump, but is expected to resume after President-elect Joseph R. Biden Jr. takes the oath of office in January.

Enacted after the Sept. 11, 2001, attacks, Section 215 of the Patriot Act permits the F.B.I. to obtain a secret court order to collect any business records deemed relevant to a national security inquiry — a very easy standard for investigators to meet. The legal authority for it and two other surveillance-related investigative tools lapsed for new inquiries earlier this year, although the F.B.I. can still use them for pre-existing cases.

Section 215 has been at the center of repeated fights over the balance between empowering national security investigators to detect potential threats and preserving Americans’ privacy and freedom to read what they want or call other people without fear of government observation. In the Bush years, civil liberties advocates raised alarms over the possibility that the F.B.I. might use it to monitor people’s library records. In 2013, an uproar erupted over the disclosure that the National Security Agency had been secretly using it to collect bulk logs of all Americans’ phone calls.

👀 👉🏼 https://www.nytimes.com/2020/12/03/us/politics/section-215-patriot-act.html

#patriotact #usa #fbi #logging #privacy #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Mr. President, if you grant only one act of clemency during your time in office, please: free Julian Assange. You alone can save his life.

👀 👉🏼 https://nitter.net/Snowden/status/1334608745192677380

#snowden #assange #trump #amnesty
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

EFF Podcast: Control Over Users, Competitors, and Critics

Cory Doctorow joins EFF hosts Cindy Cohn and Danny O’Brien as they discuss how large, established tech companies like Apple, Google, and Facebook can block interoperability in order to squelch competition and control their users, and how we can fix this by taking away big companies' legal right to block new tools that connect to their platforms – tools that would let users control their digital lives.

🎙 https://archive.org/details/eff-podcast-episode-4-interroperability

#eff #doctorow #podcast #apple #google #facebook
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Telegram: the devastating verdict at heise.de - an analysis

The scathing verdict on Telegram bei heise still causes indignation. We explain why WhatsApp is worse. A guest commentary.

The devastating contribution of the editor Jürgen Schmidt caused a veritable wave of indignation in many cases. heise online presents Durows Messenger as a real "data protection nightmare". Even Zuckerberg's market leader WhatsApp works much more effectively when it comes to protecting the privacy of its users, Schmidt argues. Instead of presenting Telegram as a refuge for hackers, conspiracy theorists, right-wing radicals and other cyber criminals, heise took a closer look at the security aspects of Telegram. Our guest author shrugg1e took a closer look at the argumentation.

Is Telegram really a privacy nightmare?

At the end of November an article about the popular Messenger Telegram was published on the news portal heise.de. Within a few days, almost 1,100 (!) comments accumulated there. The article obviously hit a sensitive nerve. So let's take a closer look at the published theses. By the way, just one year earlier, the same editor had publicly demonized WhatsApp at heise for disclosing far too much data to third parties.

👀 👉🏼 Translated with DeepL
https://tarnkappe.info/telegram-das-vernichtende-urteil-bei-heise-de-eine-analyse/

#telegram #heise #shitpost #commentary #pleaseshare
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

LineageOS adopts SeedVault as its open source backup solution

For those not familiar with SeedVault, it is an open-source backup app that uses the same internal APIs as adb backup. The application doesn’t need root access, but it must be compiled with the operating system. The backup location is user-configurable, with options ranging from a USB flash drive to a remote self-hosted cloud alternative such as NextCloud. This makes SeedVault a particularly viable option for users who doesn’t want to store their personal data to Google’s proprietary cloud-based storage.

👀 👉🏼 https://nitter.net/t_grote/status/1220036097293586432#m

👀 👉🏼 http://telegra.ph/LineageOS-adopts-SeedVault-as-its-open-source-backup-solution-12-06

via www.xda-developers.com

#lineage #android #seedvoult #opensource #backup #tool
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Bengaluru cops to rope in banks, ISPs to fight cyber crime

Only about 10 per cent of cyber-crimes are investigated to the satisfaction of complainants —nearly 60 per cent of whom are people who have lost money in frauds or have been targeted with morphed pictures.

On December 12 last year, Bengaluru city’s cyber crime FIR system registered its 9,999th case. Soon after, it crashed. The automated registry of the main cyber crime police station in India’s IT capital was simply not built to log cases beyond the four-figure mark.

Cut to 2020, and eight specialised cyber crime and economic offences police stations across the city are sharing the burden of the nearly 7,800 cyber-crime cases registered till the end of November.

The city’s police may have increased its cyber-crime combatting footprint, but a vital issue persists. Only about 10 per cent of cyber-crimes are investigated to the satisfaction of complainants —nearly 60 per cent of whom are people who have lost money in frauds or have been targeted with morphed pictures.

A key reason for the poor resolution rate, particularly in cases of online monetary fraud, is the crucial time gap between the discovery of the crime by the victim and the registration of a complaint by the police—referred to as the “golden period”.

Now, the Bengaluru Police are now working on creating an automated, real-time system for stopping cyber crimes which will work in conjunction with banks, payment services, internet service providers, social media firms, and even judiciary, to catch these crimes early.

👀 👉🏼 http://telegra.ph/Bengaluru-cops-to-rope-in-banks-ISPs-to-fight-cyber-crime-12-06

via indianexpress.com

#bengaluru #india #cybercrime #fraud #isp #police
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Ever wanted to download a Youtube video on Windows without using shady apps?

This little context menu script will grab the link from your clipboard, download the video (or audio) and encode it to mp4 with NVENC hardware acceleration (mp3 for audio).

https://gist.github.com/notthebee/7d544c568ac3cdfc2bd32938d85f2a18

https://nitter.net/notthebeeee/status/1330960152527327243#m

#youtube #download #youtubedl #tool #windows
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

EU Parliament clears way for screening of private messages

Facebook and Skype have for years automatically searched private pictures and videos for evidence of child abuse. A new law, which was passed today in the EU Parliament in a fast-track procedure, is to continue this practice - despite surveillance concerns.

MEPs today gave the green light for a new EU law that will allow providers like Facebook to continue screening private messages for possible signs of child abuse images and videos. The law, which was proposed by the Commission as recently as the summer, is currently being rushed through the EU institutions. It could be passed as early as the beginning of 2021.

The reason for the law is a change in the law in the previous year, which initially received little attention. As a result, service providers such as Facebook and Skype will lose the ability to screen chat messages and private groups for child abuse content on a massive scale as of December 21, 2020. The European Code for Electronic Communications strengthens the confidentiality of e-mail, messenger services and Internet telephony. Such services will then be legally equivalent to telephone and fax, and the secrecy of telecommunications will apply.

The change was called for by the EU Commission, security authorities and child rights activists. Even the US actor Ashton Kutcher intervened in the process. There is skepticism, however, from the digital civil society, the Greens and the Left. They consider the plans to soften the confidentiality of online communication to be a mistake, even if they are intended to serve a good cause.

Source (german)
https://netzpolitik.org/2020/gesetz-gegen-kindesmissbrauch-eu-parlament-gibt-weg-frei-fuer-durchleuchten-privater-nachrichten/

#surveillance #privacy #messages #eu #parlament #childabuse #authorities #police #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Norton Life Lock takes over Avira for USD 360 million

After 34 years of independence, the German software manufacturer was bought by a group of investors from Bahrain in April 2020. They are now selling the German company to the US-Americans of Norton Life Lock.

In 1986, Avira GmbH & Co. KG was founded in Tettnang on Lake Constance. In 2020, the company employs more than 500 people at its headquarters in Baden-Württemberg and has branches in Europe, the USA and Asia.

👉🏼 PDF 👈🏼
https://s24.q4cdn.com/151081985/files/doc_news/2020/Avira-Press-Release-FINAL.pdf

#avira #norton #antivirus #germany #usa #pdf
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

FuzzOS

👉🏼 Summary

We’re going to work on an operating system which is designed specifically for fuzzing! This is going to be a streaming series for most of December which will cover making a new operating system with a strong focus on fuzzing. This means that things like the memory manager, determinism, and scalability will be the most important parts of the OS, and a lot of effort will go into making them super fast!

👉🏼 When
Streaming will start sometime on Thursday, December 10th, probably around 18:00 UTC, but the streams will be at relatively random times on relatively random days. I can’t really commit to specific times!

Streams will likely be 4-5 days a week (probably M-F), and probably 8-12 hours in length. We’ll see, who knows, depends how much fun we have!

👉🏼 Where
You’ll be able to find the streams live on my Twitch Channel, and if you’re unlucky and miss the streams, you’ll be able to find the recordings on my YouTube Channel! Don’t forget to like, comment, and subscribe, of course.

https://gamozolabs.github.io/fuzzing/2020/12/06/fuzzos.html

#fuzzOS #fuzzing
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Agents raid home of fired Florida data scientist who built COVID-19 dashboard

DeSantis "sent the Gestapo": Video shows FDLE agents with guns drawn at home of woman fired over COVID-19 data.

State police brandishing firearms Monday raided the Tallahassee home of Rebekah Jones, the former Department of Health data DeSantis who built the state's much-praised COVID-19 dashboard before being fired over what she said was refusing to "manipulate data."

"They pointed a gun in my face. They pointed guns at my kids," Jones tweeted shortly before 5 p.m.

https://eu.tallahassee.com/story/news/2020/12/07/agents-raid-home-fired-florida-data-scientist-who-built-covid-19-dashboard-rebekah-jones/6482817002/

#DeSantis #fdle #agents #tallahassee #florida #scientist #usa #covid #data
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Chinese Phone Maker Gionee Found Guilty of Implanting Malware in More Than 20 Million Devices

A Chinese court has found phone manufacturer Gionee guilty of intentionally implanting malware in more than 21.75 million smartphones to generate revenue from users.

Shenzhen Zhipu Technology, a subsidiary of Gionee, together with its partner, Beijing Baice, implanted a Trojan Horse program in Gionee smartphones via an update to the Story Lock Screen app in 2018, according to an official document released by the People’s Court of Yiwu City, Zhejiang Province.

The software is installed on the affected phones without users’ knowledge through a hot code push functionality, which allows an automatic update to mobile apps when the server is updated, without going through any app reviews.

A hot update plugin called “Dark Horse Platform” was proposed by Baice in December 2018 to increase the efficiency of the “pull method”, which is used to launch the app and boost daily active user count.

The SDK version of the Story Lock Screen app was upgraded with Trojan plugins while the Dark Horse Platform was used to install and update the “Living Trojan Horse” without the user’s knowledge, court documents revealed.

The “pull method” was then activated 2.88 billion times between December 2018 and October 2019, generating a revenue of 27.85 million yuan ($4.2 million) for the two companies through unsolicited ads and other illegitimate means, the court added.

Shenzhen Zhipu was given a fine of 400,000 yuan ($61,000) for “illegally controlling computer information systems”.

Zhipu is a software technology company specializing in advertising operations and gaming products, and Gionee owns 85% of its shares. Beijing Baice was Zhipu’s partner in the update scheduler.

Four of Zhipu’s employees — Xu Li, Zhu Ying, Jia Zhengqiang and Pan Qi — were sentenced to three to three years and six months in jail and fined 200,000 ($30,000) each.

https://pandaily.com/chinese-phone-maker-gionee-found-guilty-of-implanting-malware-in-more-than-20-million-devices/

#gionee #malware #china
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

SOPS: Secrets OPerationS

sops is an editor of encrypted files that supports #YAML, #JSON, #ENV, #INI and #BINARY formats and encrypts with #AWS #KMS, #GCP #KMS, #Azure #Key #Vault and #PGP.

https://github.com/mozilla/sops

#sops #encryption #tool
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Cybersecurity firm FireEye has been hacked

In a blog post, CEO Kevin Mandia said a highly sophisticated foreign nation-state attack resulted in the theft of internal hacking tools (Red Team kits)

https://nitter.net/Bing_Chris/status/1336416367554203648#m

https://www.reuters.com/article/fireeye-cyber/u-s-cybersecurity-firm-fireeye-discloses-breach-theft-of-internal-hacking-tools-idUSL1N2IO2EI

#fireeye #hacked #nationstate #attack
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Forensic guide to iMessage, WhatsApp, Telegram, Signal and Skype data acquisition

Instant messaging apps have become the de-facto standard of real-time, text-based communications. The acquisition of instant messaging chats and communication histories can be extremely important for an investigation. In this article, we compare the five top instant messaging apps for iOS in the context of their forensic analysis.

Acquisition and Extraction
Speaking of iOS, there are several methods to acquiring communications going through an instant messaging app. The MITM (man-in-the-middle) attack is practically out of the question for most modern instant messaging apps; if there are exceptions, we aren’t aware of those. Even on Android devices, a MITM attack would require installing a third-party SSL certificate, and even that may not work for some instant messengers.

The ability to obtain communication histories from the vendor is a great tool in the hands of the law enforcement. The policies of different vendors vary greatly from near-instant full disclosure to flat non-disclosure with stops in between. We’ll discuss it in detail for each of the messaging apps.

Cloud extraction may be possible from several sources, which include iCloud synchronized data (including end-to-end encrypted data), iCloud backups and stand-alone backups in iCloud Drive. It’s up to the vendor to decide where and how to store the data; more on that later.

Finally, the data can be extracted from the iPhone device itself. For some messaging apps, logical extraction via iTunes-style backups is enough, while some other messengers don’t store anything in local backups. Imaging the file system (and, in some cases, decrypting the keychain) is always enough to gain full access to conversation histories.

So let us see the different extraction options available for the five top instant messaging apps for iOS.

https://blog.elcomsoft.com/2020/04/forensic-guide-to-imessage-whatsapp-telegram-signal-and-skype-data-acquisition/

#forensic #guide #imessage #whatsapp #telegram #signal #skype
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Oblivious DNS Over HTTPS

Abstract

This document describes an extension to DNS Over HTTPS (DoH) that
allows hiding client IP addresses via proxying encrypted DNS
transactions. This improves privacy of DNS operations by not
allowing any one server entity to be aware of both the client IP
address and the content of DNS queries and answers.

https://tools.ietf.org/html/draft-pauly-dprive-oblivious-doh-03

#dns #https #doh #privacy
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

The CentOS Project Just Committed Suicide

In shocking news the CentOS project announced today that they are shifting their Linux distribution to be based on the beta (non-stable) branch of Red Hat Enterprise Linux, rather than the stable branch. And that they are terminating CentOS 8 updates at the 31st of December, 2021.

The CentOS project will now release something named “CentOS Stream”, which is a Linux distribution built on the beta branch of RHEL so that contributors and interested groups can solve issues and report bugs before the software are shipped in RHEL. In other words, CentOS will become a testing mice for RHEL before new RHEL versions get released.

Historically, the CentOS Linux distribution was always built on the stable branch of Red Hat Enterprise Linux, providing binary compatibility between the two while also providing the same quality and stability. Red Hat publishes the source RPMs (SPRMS) of all its packages publicly on the Internet, and what the CentOS project was doing is that it was taking these packages, building them, and then shipping them under the CentOS re-branding. It also provided a promise that it will support each CentOS release up to 10 years with updates. Today, all of these promises are canceled as the project takes a new direction.

https://fosspost.org/centos-project-suicide/

https://blog.centos.org/2020/12/future-is-centos-stream/

#centos #os #redhat #linux
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

How anti-fingerprinting extensions tend to make fingerprinting easier

Do you have a privacy protection extension installed in your browser? There are so many around, and every security vendor is promoting their own. Typically, these will provide a feature called “anti-fingerprinting” or “fingerprint protection” which is supposed to make you less identifiable on the web. What you won’t notice: this feature is almost universally flawed, potentially allowing even better fingerprinting.

I’ve seen a number of extensions misimplement this functionality, yet I rarely bother to write a report. The effort to fully explain the problem is considerable. On the other hand, it is obvious that for most vendors privacy protection is merely a check that they can put on their feature list. Quality does not matter because no user will be able to tell whether their solution actually worked. With minimal resources available, my issue report is unlikely to cause a meaningful action.

That’s why I decided to explain the issues in a blog post, a typical extension will have at least three out of four. Next time I run across a browser extension suffering from all the same flaws I can send them a link to this post. And maybe some vendors will resolve the issues then. Or, even better, not even make these mistakes in the first place.

👉🏼 Contents 👈🏼

— How fingerprinting works
— How anti-fingerprinting is supposed to work
— Barking the wrong tree
— Catching all those pesky frames
— Timing woes
— The art of faking

https://palant.info/2020/12/10/how-anti-fingerprinting-extensions-tend-to-make-fingerprinting-easier/

#fingerprinting #extensions #privacy #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

Brave-Browser: Apple thwarts the browser's payment system because it is not built on the mandatory in-app interface. Brave therefore removes functions from iOS.

Today Brave is releasing a new version (1.22) of its iOS browser in order to comply with recent stipulations made by Apple. In a nutshell, Brave users on iPhones and iPads will no longer be able to earn rewards for their attention, and will no longer be able to tip their favorite online creators via Brave. These changes to our Brave Rewards system do not apply to our desktop and Android browsers.

https://brave.com/rewards-ios/

#brave #apple #ios
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag

‘No one’s safe under these laws’: Surveillance Bill could target activists and downloaders

The Morrison government’s proposed Surveillance Bill could be used to target everyone from Black Lives Matter campaigners to underage kids illegally downloading movies, critics have warned.

Victorians Greens Senator Lidia Thorpe told The New Daily that the sweeping powers proposed by the Bill have “far-reaching implications for grassroots activists, and people standing up for their rights”.

“No one’s safe under these new laws,” Senator Thorpe said.

“It will affect grassroots communities across the country, it will affect children. It will affect anybody who downloads a movie illegally over the internet – they could go to jail for five years.”

The proposed legislation gives the Australian Federal Police, the Australian Criminal Intelligence Commission and, through those bodies, the Australian Signals Directorate three new powers to investigate and disrupt criminal activity online.

https://thenewdaily.com.au/life/tech/2020/12/10/dutton-surveillance-bill-australia/

#surveillance #australia #netpolitics #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@BlackBox_Archiv
📡@NoGoolag