Mobile Malware Continues to Increase in Complexity and Scope
The mobile platform is an increasing target for nation states to observe key individuals. Threat actors against mobile platforms are broader groups than those simply looking to boost ad revenues.

💾 https://www.mcafee.com/enterprise/en-us/assets/reports/rp-mobile-threat-report-2019.pdf

#android #malware #report #threat #pdf
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

📺 🇬🇧 Google Launches Backstory — A New Cyber Security Tool for Businesses

Google's one-year-old cybersecurity venture Chronicle today announced its first commercial product, called Backstory, a cloud-based enterprise-level threat analytics platform that has been designed to help companies quickly investigate incidents, pinpoint vulnerabilities and hunt for potential threats.

📺 https://thehackernews.com/2019/03/backstory-cybersecurity-software.html

#google #backstory #CyberSecurity #tool
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

💾 GOOGLE AUSTRALIA PTY LTDDIGITAL PLATFORMS INQUIRYSUBMISSION
IN RESPONSE TO THE ACCC’S PRELIMINARY REPORT

💾 https://www.accc.gov.au/system/files/Google%20%28February%202019%29.PDF

#google #australia #response #preliminary #report #pdf
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

💾 Digital Platforms Inquiry
Preliminary report accc.gov.au

💾 https://www.accc.gov.au/system/files/ACCC%20Digital%20Platforms%20Inquiry%20-%20Preliminary%20Report.pdf

#australia #gov #inquiry #preliminary #report #pdf
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

🇬🇧 Google rejects ACCC's calls to have tougher scrutiny over Australian operations

The search giant believes that if the consumer watchdog holds any particular concerns, it is welcome to investigate under existing Australian law.

Google has taken aim at claims made by the Australian Competition and Consumer Commission (ACCC) in its digital platforms review, rejecting the idea its business requires tougher regulatory scrutiny in Australia.

The comments follow the ACCC recently putting its spotlight on Google and Facebook, determining in December that the substantial market power of the two companies called into question the validity of information that is available and shared on their respective platforms.

🇩🇪 Google weist die Forderungen von ACCC zurück, eine strengere Kontrolle über australische Unternehmen haben zu wollen

Der Suchriese glaubt, dass, wenn der Verbraucherwächter besondere Bedenken hat, er willkommen ist, nach geltendem australischem Recht zu ermitteln.

Google hat die Behauptungen der Australian Competition and Consumer Commission (ACCC) in ihrer Überprüfung der digitalen Plattformen ins Visier genommen und die Idee abgelehnt, dass ihr Geschäft eine strengere regulatorische Kontrolle in Australien erfordert.

Die Kommentare folgen auf die ACCC, die kürzlich ihren Fokus auf Google und Facebook gelegt hat und im Dezember feststellte, dass die beträchtliche Marktmacht der beiden Unternehmen die Gültigkeit der Informationen, die auf ihren jeweiligen Plattformen verfügbar und geteilt sind, in Frage stellte.

💾 PDF Digital Platforms Inquiry Preliminary report accc.gov.au:
https://t.me/BlackBox_Archiv/203

💾 PDF GOOGLE AUSTRALIA PTY LTDDIGITAL PLATFORMS INQUIRYSUBMISSION
IN RESPONSE TO THE ACCC’S PRELIMINARY REPORT:
https://t.me/BlackBox_Archiv/202

https://www.zdnet.com/article/google-rejects-acccs-calls-to-have-tougher-scrutiny-over-australian-operations/

#google #australia #response #preliminary #report #pdf #gov #inquiry
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

🇬🇧 Tenth M-Trends Report Published
FireEye's M-Trends Report shows how cyber-threaters acted in 2018. The results show a new trend of attacking organizations or companies as they go through a Merger & Acquisition process. The data also represents an increasing trend towards phishing emails.

🇩🇪 Zehnter M-Trends Report veröffentlicht
Der M-Trends Report von FireEye zeigt auf, wie Cyber-Bedroher im Jahr 2018 agierten. Die Ergebnisse zeigen einen neuen Trend Organisationen oder Unternehmen anzugreifen, während diese einen Merger & Acquisition-Prozess durchlaufen. Die Daten stellen zudem einen zunehmenden Trend zu Phishing-E-Mails dar.

🇬🇧 PDF:
https://fileshare-emea.bm.com/dl/3qMnuauriC

#pdf #report #M_Trends #FireEye #security
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

🎧 🇬🇧 What if Women Built the Internet?
All the things we love on the internet — from websites that give us information to services that connect us — are made stronger when their creators come with different points of view. With this in mind, we asked ourselves and our guests: “What would the internet look like if it was built by mostly women?”

📻 #IRL Online Life Is Real Life #Season4 #Episode7 #podcast
https://irlpodcast.org/

📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

🇬🇧 Researchers Discover Information Leak "SPOILER" in Intel CPUs
A new attack technique on the speculative execution of Intel CPUs can facilitate subsequent attacks such as Rowhammer.

🇩🇪 Forscher entdecken Informationsleck "SPOILER" in Intel-CPUs
Eine neue Angriffstechnik auf die spekulative Ausführung von Intel-CPUs kann Folgeangriffe wie Rowhammer erleichtern.

SPOILER: Speculative Load Hazards Boost Rowhammer and Cache Attacks
Worcester Polytechnic Institute, Worcester, MA, USA2University of Lübeck, Lübeck, Germany
💾 https://arxiv.org/pdf/1903.00446.pdf

#pdf #spoiler #rowhammer #attacks #leak
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

🇪🇸“Es más peligroso tener a Alexa encima de la mesa que a un señor observándote cada día en el salón”

La abogada Paloma Llaneza explica que borrar ‘apps’ como Facebook y WhatsApp es la única forma de evitar que recopilen nuestros datos.

Paloma Llaneza (Madrid, 1965) fue una de las primeras usuarias de Facebook. Pero esta abogada experta en protección de datos, al ver cómo funcionaba la red social y la información suya que recopilaba, borró su cuenta. El día que la compañía de Zuckerberg compró WhatsApp también desinstaló de su teléfono este servicio de mensajería instantánea. Y envió un mensaje a todos sus contactos: “Facebook ha comprado WhatsApp y lo ha comprado por los usuarios, lo ha comprado por vuestros datos. Yo me voy”.

“Los datos son valiosos porque dicen muchísimo de nosotros y somos votantes potenciales, compradores potenciales y peticionarios de servicios de transporte, salud, educación y crédito potenciales. El mundo gira alrededor de nuestras necesidades. Cuanto mejor te conozca a ti, mejor seré capaz de venderte lo que creo que necesitas, aunque tú no creas necesitarlo aún, y de negarte lo que pides”, explica en una entrevista a EL PAÍS. Llaneza, que también es auditora de sistemas y consultora en ciberseguridad, acaba de publicar Datanomics, un libro en el que explica qué hacen las empresas tecnológicas con nuestros datos personales.

El coste de tener instaladas aplicaciones como Facebook, Whatsapp o Instagram “es muy alto”: “El día que WhatsApp hable de todo lo que le hablamos se acaba el mundo”. Los gigantes tecnológicos llegan a conocer al usuario mejor que unos padres, una pareja o incluso uno mismo. “Lo que más nos dice de un ser humano es aquello que oculta de sí mismo: su parte emocional. Las redes sociales permiten saber cuál es tu estado de ánimo en tiempo real, si estás sufriendo de amores o buscando medicación para los nervios, si tienes depresión, si abusas demasiado del alcohol, si sales mucho o si la música que escuchas indica una tendencia al suicidio o una melancolía transitoria que forma parte de tu carácter”, asegura la abogada.

Facebook analizó datos de más de seis millones de adolescentes australianos y neozelandeses para determinar su estado de ánimo y facilitar a los anunciantes información sobre los momentos en los que se sentían más vulnerables, según un documento de la compañía en Australia filtrado en 2017 por el periódico The Australian. Al saber cómo es una persona y cómo siente en cada instante, las empresas pueden venderle en el momento oportuno “cualquier cosa que emocionalmente necesite”: “Una idea, un pensamiento, un partido político, un modo de vida o incluso un sentimiento de superioridad nacional”. “Esto que es preocupante ha funcionado muy bien en el Brexit, en las elecciones de Trump y en alguna elección reciente en España”, afirma Llaneza.

✳️Cómo evitar la recopilación de nuestros datos

Para evitar que las compañías tecnológicas recopilen datos sobre nosotros, Llaneza afirma que la única solución es borrar este tipo de aplicaciones: “No hay un consejo intermedio, da igual compartir más o menos publicaciones”. “La parametrización de privacidad que hace Facebook está pensada para terceros, pero Facebook lo ve todo y guarda hasta tus arrepentimientos, incluso ese correo que ibas a mandar poniendo a caer de un burro a alguien y que luego decidiste no hacerlo. Porque un arrepentimiento dice de ti mucho más que lo que mandas”, explica. Hacer un uso menos intensivo de estas aplicaciones no serviría, según Llaneza, ya que “tienen un montón de permisos para acceder a tu teléfono móvil”: “Incluso por cómo mueves el teléfono y tecleas, tienen una huella biométrica tuya que te identifica con un alto grado de probabilidad”.

Los dispositivos y las aplicaciones están pensados para ser “usables, molones y altamente adictivos”. El problema es que la percepción del riesgo entre los usuarios “es muy baja”: “Nadie es consciente de la cantidad brutal de información que da a un móvil incluso sin tocarlo”. “Tener un móvil o a Alexa encima de la mesa de tu casa te parece lo más normal y, sin embargo, no tendrías un señor sentado en el salón de tu casa todos los días observando cómo hablas o viendo como meriendas. Es mucho más peligroso tener a Alexa encima de la mesa que a ese señor, que tiene una memoria humana y se le va a olvidar la mitad de lo que oiga”, concluye Llaneza.

#privacidad
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

🎧 🇬🇧 Darknet Diaries - RockYou
In 2009 a hacker broke into a website with millions of users and downloaded the entire user database. What that hacker did with the data has changed the way we view account security even today.

💾 Download the RockYou password list here:
https://wiki.skullsecurity.org/Passwords

📻 #Darknet #Diaries #Ep33 #RockYou #podcast
https://darknetdiaries.com/episode/33/

📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

📺 🇩🇪 Tausende demonstrieren spontan in fünf Städten gegen Uploadfilter
In nur 24 Stunden konnte die Protestbewegung gegen Uploadfilter in der EU-Urheberrechtsreform tausende Teilnehmer zu Spontandemonstrationen mobilisieren. Die Konservativen im EU-Parlament nehmen nun von diesen Plänen Abstand.

📺 🇬🇧 Thousands spontaneously demonstrate against upload filters in five cities
In just 24 hours, the protest movement against upload filters in the EU copyright reform was able to mobilize thousands of participants for spontaneous demonstrations. The conservatives in the EU parliament are now distancing themselves from these plans.

📺 https://twitter.com/ARD_BaB (Sorry about the crooked video position.)
https://twitter.com/uploadfilter/status/1103015233604456449

#Uploadfilter #Artikel13 #NoUploadFilter #demo #CreateAwareness #getactive #SaveTheInternet #FreeSpeach #Podcast

🎧 🇬🇧 Silk Road [Part 1 of 3]
The Silk Road was an ancient network of trade routes that started in China in the 2nd century B.C. Via a combination of roads, and sea routes, goods like silk, paper and spices were transported from the producers in Asia to markets in Europe. Eventually, it wasn’t just goods that were traded – there were also ideas, customs, religions and even diseases.
The Silk Road expanded throughout different continents and civilizations for several centuries. It connected Asia, Europe, Africa and the Middle East. A marketplace across the world.

Two major expansions can be traced back to the Silk Road. One of these was the introduction of Buddhism into China. The second was the Black Death.

📻 #SilkRoad #darknet #podcast #part1
https://casefilepodcast.com/case-76-silk-road-part-1/

📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

🎧 🇬🇧 Silk Road [Part 2 of 3]
Nob and the Dread Pirate Roberts started to communicate regularly. The Dread Pirate Roberts had no idea he was really speaking to a DEA agent. And the DEA agent had no idea about the true identity of the Dread Pirate Roberts.

📻 #SilkRoad #darknet #podcast #part2
https://casefilepodcast.com/case-76-silk-road-part-2/

📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

🎧 🇬🇧 Silk Road [Part 3 of 3]
As the two agents walked towards the front door of 2260 Fifteenth Avenue, one of them pulled out the fake IDs to have another look before asking questions.

When they reached the door, the same agent was about to knock when he saw a man standing on the other side of the door wearing nothing but shorts. It was the man whose picture was on the fake identity cards.

📻 #SilkRoad #darknet #podcast #part3
https://casefilepodcast.com/case-76-silk-road-part-3/

📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

🎧 🇬🇧 Data-Wiping Cyberattacks Plague Financial Firms
@RSA Conference 2019

A new report outlines the cyberattacks and threats that financial firms are facing.
Over a quarter of surveyed financial institutions reported that they were targeted by destructive cyberattacks over the past year, bent on completely destroying data.

📻 #RSA #conference #DataWiping #cyberattacks #plague #financial #firms #podcast
https://threatpost.com/rsac-2019-data-wiping-cyberattacks-plague-financial-firms/142397/

📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

🎧 🇬🇧 The CyberWire Daily Podcast
India hacks back. Rob Joyce discusses cyber conflict. Chinese hackers...

In today’s podcast, we hear that India went on the offensive when its government websites were attacked by hackers from Pakistan.
Rob Joyce, Senior Advisor for Cybersecurity Strategy to the Director of the US National Security Agency, discusses trends in cyber conflict.
A Chinese cyberespionage group hacks for maritime technologies.
Facebook lets people look you up by your two-factor authentication phone number.
And Google researchers disclose a vulnerability in macOS.
CyberWire Editor John Petrik with results from the RSA Conference Innovation Sandbox.
Guest Balaji Parimi from CloudKnox weighs the pros and cons of various authorization schemes.

📻 The #CyberWire Daily #podcast
https://www.thecyberwire.com/podcasts/cw-podcasts-daily-2019-03-05.html

📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

📺 🇬🇧 BleedingBit’s impact continues to spread across various devices, researchers at RSA Conference 2019 said.
The researchers said in a Wednesday session at RSA Conference 2019 that the latest patch showcases just how widespread BleedingBit is on various devices – and the breadth of attacks that the flaws could enable.

📺 #RSA #Conference 2019 #UniKey #Patches #BleedingBit #Flaws Granting #Access To Hotel Rooms, Cars
https://threatpost.com/unikey-bleedingbit-hotel/142523/

📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

Guide to the technical implementation of IoT-Security

IoT Security Maturity Model: Practitioner’s Guide Version 1.0

💾 https://www.iiconsortium.org/pdf/IoT_SMM_Practitioner_Guide_2019-02-25.pdf/

#guide #IoT #security #implementation
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

🎧 🇬🇧 The CyberWire Daily Podcast
5G worries. Whitefly vs. SingHealth. Speculative execution bug.

In today’s podcast, we hear that Australia's former prime minister warns Britain about Chinese tech companies.
Symantec says Whitefly was behind SingHealth's massive data breach.
Iranian hackers show code overlap.
Intel CPUs are vulnerable to another speculative execution flaw.
The NSA hasn't been using its domestic phone surveillance program lately.
And Google will ban political ads in Canada.
Justin Harvey from Accenture with results from their Costs of Crime report, as well as observations from RSAC.
Guest is Gerald Beuchelt from LogMeIn with info from their latest password survey.

📻 The #CyberWire Daily #podcast
https://www.thecyberwire.com/podcasts/cw-podcasts-daily-2019-03-06.html

📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

🇬🇧 You Think That’s Air You’re Breathing?
An Exercise in Practical Container Escapology

🇩🇪 Du denkst, das ist Luft, die du atmest?
Eine Übung in der praktischen Container-Eskapologie

https://capsule8.com/blog/practical-container-escape-exercise/
#container #escapology