Stealthy new Android malware poses as ad blocker, serves up ads instead

Since its discovery less than a month ago, a new Trojan malware for Android we detect as Android/Trojan.FakeAdsBlock has already been seen on over 500 devices, and it’s on the rise. This nasty piece of mobile malware cleverly hides itself on Android devices while serving up a host of advertisements: full-page ads, ads delivered when opening the default browser, ads in the notifications, and even ads via home screen widget. All while, ironically, posing as an ad blocker vaguely named Ads Blocker.

https://blog.malwarebytes.com/android/2019/11/stealthy-new-android-malware-poses-as-ad-blocker-serves-up-ads-instead/

#google #playprotect #adblocker
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

How Big Corporations Spy on Their Workers to Keep Their Wages Down
https://www.commondreams.org/views/2019/11/09/how-big-corporations-spy-their-workers-keep-their-wages-down

https://redd.it/dumh5j
@r_privacy

The Xinjiang Papers

‘Absolutely No Mercy’: Leaked Files Expose How China Organized Mass Detentions of Muslims

More than 400 pages of internal Chinese documents provide an unprecedented inside look at the crackdown on ethnic minorities in the Xinjiang region.

HONG KONG — The students booked their tickets home at the end of the semester, hoping for a relaxing break after exams and a summer of happy reunions with family in China’s far west.

Instead, they would soon be told that their parents were gone, relatives had vanished and neighbors were missing — all of them locked up in an expanding network of detention camps built to hold Muslim ethnic minorities.

The authorities in the Xinjiang region worried the situation was a powder keg. And so they prepared.

The leadership distributed a classified directive advising local officials to corner returning students as soon as they arrived and keep them quiet. It included a chillingly bureaucratic guide for how to handle their anguished questions, beginning with the most obvious: Where is my family?

👉🏼 Document: What Chinese Officials Told Children Whose Families Were Put in Camps
https://www.nytimes.com/interactive/2019/11/16/world/asia/china-detention-directive.html

👉🏼 Read more:
https://www.nytimes.com/interactive/2019/11/16/world/asia/china-xinjiang-documents.html

#Xinjiang #China #leaked #papers
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

PinePhone “BraveHeart” Limited Edition Linux Smartphone Is Now Available For $150

Pinephone is a Linux smartphone powered by an Allwinner A64 processor, and running one of the various Linux mobile distributions such as PostmarketOS or Ubuntu Touch among others.

Last time we wrote about Pinephone mass-production schedule, the phone was expected to start shipping in October, and there has been a slight delay, but the good news is that Pinephone “BraveHeart” Limited Edition is now up for sale for $149.99. Note this batch is for enthusiasts as the phone may have some defects, and comes without operating system with the users having to flash it themselves.

https://www.cnx-software.com/2019/11/16/buy-pinephone-braveheart-limited-edition-linux-smartphone


#pinephone #pine64 #phone #mobile

Chrome, Edge, Safari hacked at elite Chinese hacking contest

China's top white-hat hackers have gathered in Chengdu to test zero-days against today's top software.

China's top hackers have gathered this weekend in the city of Chengdu to compete in the Tianfu Cup, the country's top hacking competition.

https://www.zdnet.com/article/chrome-edge-safari-hacked-at-elite-chinese-hacking-contest/

Read Via Telegram

#chrome #google #hacked
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

Google 'DOES blacklist sites, has targeted conservative news sites and changes its algorithms to favor big businesses,' claims new report - despite the tech giant's denials

🔵 The Wall Street Journal claims Google has been blacklisting sites
🔵 It also claims that conservative publications have been blacklisted
🔵 The WSJ claims that Google made algorithmic changes in favour big businesses over smaller ones including on behalf of a major advertiser, eBay
🔵 They claim the blacklist policy instructs engineers, known as 'maintainers', to focus on sites that actively aim to mislead
🔵 A Google spokesperson said the company does 'not manually determine the order of any search result'

https://www.dailymail.co.uk/sciencetech/article-7690435/Google-keeps-blacklists-sites-targeted-conservative-news-sites-blogs-claims-report.html

Read Via Telegram

📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

It is worth noting that Wikipedia does not consider the Daily Mail a reliable source.

Wikipedia is usually right when it comes to such things, and this should be kept in mind.

WhatsApp Vulnerability Allows Code Execution Via Malicious MP4 File

A security vulnerability in WhatsApp that was made public last week could be abused to execute arbitrary code remotely on affected devices.

Tracked as CVE-2019-11931, the issue is a stack-based buffer overflow that can be triggered by sending a specially crafted MP4 file via WhatsApp, Facebook explains in an advisory.

https://www.securityweek.com/whatsapp-vulnerability-allows-code-execution-malicious-mp4-file

Read Via Telegram

📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

Massive Hack Strikes Offshore Cayman National Bank and Trust

Isle of Man, UK – A blast of sunshine has hit a secretive banking network used by global ultra-wealthy figures following a massive hack by “Phineas Fisher“, a notorious self-described “hacktivist”, of Cayman National Bank and Trust, which serves nearly 1,500 accounts in Isle of Man. Transparency collective Distributed Denial of Secrets has began publishing copies of the bank’s servers, a cache of documents as well as communications among bankers and others. Journalists around the world are investigating and have begun releasing stories.

Following the hack, a manifesto was uploaded to the Internet addressing the motivation for hacking financial services companies. Unicorn Riot has embedded the manifesto below which includes previously unpublished code which the author claims was used to break into “Hacking Team” an Italian surveillance company. Hacking Team was an elite corporation that specialized in developing malware until Phineas Fisher hacked them and published their code online. The malware developed by Hacking Team was often used to attack journalists and activists on behalf of repressive governments .

Unicorn Riot has obtained the small HackBack announcement text released exclusively in Spanish, described as “Desde las montañas del Sureste Cibernético” (‘From the mountains of the Cyber Southeast’). It bills itself as a “HackBack” DIY guide for “Una guía DIY para robar bancos” (‘A DIY guide for robbing banks.’) The announcement begins with a tongue-in-cheek dedication to “Subcowmandante Marcos” with an ASCII text-styled pipe-smoking cow referring to former Zapatista spokesperson Subcomandante Marcos.

Also included in the announcement were introductions to common information security tools such as Metasploit and observations about previous major bank hacks, suspicious activities on SWIFT (an international financial network), and art such as a skeleton saying “Be Gay, Do Crimes” in Spanish.

👉🏼 Read more:
https://unicornriot.ninja/2019/massive-hack-strikes-offshore-cayman-national-bank-and-trust/

https://unicornriot.ninja/wp-content/uploads/2019/11/hackback-announce-text.txt

#hacker #PhineasFisher #hacked #hackback #offshore #bank
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

hmm

Intresting 👀

How Google Interferes With Its Search Algorithms and Changes Your Results

The internet giant uses blacklists, algorithm tweaks and an army of contractors to shape what you see

👀 More than 100 interviews and the Journal’s own testing of Google’s search results reveal:

‼️ Google made algorithmic changes to its search results that favor big businesses over smaller ones, and in at least one case made changes on behalf of a major advertiser, eBay Inc., contrary to its public position that it never takes that type of action. The company also boosts some major websites, such as Amazon.com Inc. and Facebook Inc., according to people familiar with the matter.

‼️ Google engineers regularly make behind-the-scenes adjustments to other information the company is increasingly layering on top of its basic search results. These features include auto-complete suggestions, boxes called “knowledge panels” and “featured snippets,” and news results, which aren’t subject to the same company policies limiting what engineers can remove or change.

‼️ Despite publicly denying doing so, Google keeps blacklists to remove certain sites or prevent others from surfacing in certain types of results. These moves are separate from those that block sites as required by U.S. or foreign law, such as those featuring child abuse or with copyright infringement, and from changes designed to demote spam sites, which attempt to game the system to appear higher in results.

‼️ In auto-complete, the feature that predicts search terms as the user types a query, Google’s engineers have created algorithms and blacklists to weed out more-incendiary suggestions for controversial subjects, such as abortion or immigration, in effect filtering out inflammatory results on high-profile topics.

‼️ Google employees and executives, including co-founders Larry Page and Sergey Brin, have disagreed on how much to intervene on search results and to what extent. Employees can push for revisions in specific search results, including on topics such as vaccinations and autism.

‼️ To evaluate its search results, Google employs thousands of low-paid contractors whose purpose the company says is to assess the quality of the algorithms’ rankings. Even so, contractors said Google gave feedback to these workers to convey what it considered to be the correct ranking of results, and they revised their assessments accordingly, according to contractors interviewed by the Journal. The contractors’ collective evaluations are then used to adjust algorithms.

👉🏼 Read more (paywall):
https://www.wsj.com/articles/how-google-interferes-with-its-search-algorithms-and-changes-your-results-11573823753

👉🏼 Read more (german/no paywall):
https://netzpolitik.org/2019/der-selbstgebaute-algorithmus/

#DeleteGoogle #manipulation #search #algorithms #why #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

For those of you who don't know, Iran's Regime has banned the internet for all of its citizens since people started protesting for the rise of Gas/Petrol prices up to thrice. Some have been shot and killed during these protests. They don't have access to anything online so if you guys from other countries share the message with your people and media it would be a big help to Iranians since they have no media to share what's going on. I am also one of them and getting access to the net to share this message was really hard for me, but i wont be able to post for you guys untill things go back to normal so please share our situation on your Twitter, Facebook, Instagram etc.

😳 Nerds and Hackers, the people of Iran needs you right now!

Anger over sharp hike in petrol price and rationing scheme sparks demonstrations in oil-rich Iran. At least two people have been killed in sporadic violence surrounding the protests so far
info source 👉🏻 t.me/s/indygram?q=iran && t.me/MetaAnarchoMemes/122805

Join @NoGoolag's chat group, if you can help: t.me/joinchat/FyFlS0X2D7f6YNvdxhEsfw

HackBack! - Talking with Phineas Fisher

Hacking as Direct Action against the Surveillance State

We spoke with the world-famous hacker persona and self-proclaimed anarchist revolutionary Phineas Fisher about the politics behind their attacks on the surveillance industry, the ruling party in Turkey, and the Catalan police. Here follows a retrospective on the exploits of Phineas Fisher, followed by their remarks to us.

Hacking is often depicted as something technical, a simple matter of attack and defense. Yet motivations are everything. The same technique that builds oppressive tools can be used as a weapon for emancipation. Hacking, in its purest form, is not about engineering: it is about leveraging power dynamics by short-circuiting technology. It is direct action for the new digital world we all live in.

In the shadows of the techno-empire, the hacking scene became a target for cooptation and infiltration. But the underground cannot be eradicated: from time to time, a new action breaks through the surface. Some of the hackers we admire are coders who produce tools for online privacy and anonymity. Other crews create and distribute alternative media. And then there are those who hack back.

The Lost Hacker Circles
It is no secret, for anyone paying attention, that for a long time the hacker underground was also taking sides in the ongoing war. Yet the effervescence that characterized the underground DIY scene of the past few decades has died down, or at least receded to less visible places.

Pessimists mourned the death of hacker communities in a proliferation of individual desertions. It is true that the techno-military complex succeeded in swelling the ranks of the mercenaries: there is a price at which a particular mindset can be bought, whether with money, success, the feeling of power, or the excitement of playing with fancy toys while chasing what state propaganda labels “the enemy.”

👉🏼 Read more:
https://crimethinc.com/2018/06/05/hackback-talking-with-phineas-fisher-hacking-as-direct-action-against-the-surveillance-state

👉🏼 Regarding: Massive Hack Strikes Offshore Cayman National Bank and Trust
https://t.me/NoGoolag/1843

#PhineasFisher #hacker #HackBack #Interview
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

Cutting the Wire

It has recently come to the attention of the PrivacyTools team that Wire, the popular end-to-end encryption messaging platform had been sold or moved to a US company. After a week of questioning, Wire finally confirmed they had changed holding companies and would now be a US based company in a move they called “simple and pragmatic,” as they worked to expand their foothold in the enterprise market. This also came alongside the news that Wire had accepted more than $8 million in Venture Capital (VC) funding from Morpheus Ventures, as well as other investors.

Morpheus Ventures holds a portfolio including companies in healthcare, voice AI, life insurance, and retail customer data analytics: All sectors that have historically used invasive data collection methods to survive. Why would a VC with a portfolio centered on consumer data want to invest in a company whose mission claims to protect that very same information?

Earlier this year, Wire announced they had entered a partnership with FedResults, in a move that would bring Wire's secure messaging platform to US federal agencies. This raised a few eyebrows, but did not alarm the privacy community as Wire remained Swiss based and beholden to Switzerland's strict privacy laws. Today however, while much of Wire's business will continue to be run out of their Swiss offices, with new US-based ownership it is not entirely clear how much jurisdiction the United States will have over Wire data.

This is alarming because it is well known that Wire stores unencrypted metadata for every user.

👉🏼 Read more:
https://blog.privacytools.io/delisting-wire/

#privacytools #delisting #wire #FedResults #messenger #swiss #thinkabout
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

Telegram bots [updated to remove thonkbot and Yana (deprecated)]

🤖 Marie unreliable : @BanhammerMarie_bot
Support: @MarieSupport @MarieNews
https://github.com/PaulSonOfLars/tgbot


🤖 Sophie: @rSophieBot
Support: @SophieSupport
News: @SophieNEWS
https://github.com/MrYacha/SophieBot

🤖 GroupButler: @GBReborn_bot
Support: @gbgroups @GB_tutorials

🤖 More OpenSource tg bots:
https://danyspin97.github.io/TelegramBotsList

Others:
🤖 @botlist
Use @BotListBot in inline mode to send individual categories and more...
Send your bot's in: @BotListChat


📡 @Libreware
#bots #telegram #tg

GitHub Archive Program

Preserving open source software for future generations

It is a hidden cornerstone of modern civilization, and the shared heritage of all humanity. The mission of the GitHub Archive Program is to preserve open source software for future generations.

GitHub is partnering with the Long Now Foundation, the Internet Archive, the Software Heritage Foundation, Arctic World Archive, Microsoft Research, the Bodleian Library, and Stanford Libraries to ensure the long-term preservation of the world's open source software. We will protect this priceless knowledge by storing multiple copies, on an ongoing basis, across various data formats and locations, including a very-long-term archive designed to last at least 1,000 years.

👉🏼 Read more:
https://archiveprogram.github.com/

#GitHub #archiveprogram #repo #arctic #norway
📡@cRyPtHoN_INFOSEC_DE
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_ES

How a trivial cell phone hack is ruining lives
https://www.engadget.com/2019/06/28/cell-phone-hack-is-ruining-lives-identity-theft/

https://redd.it/c829zc
@r_privacy