Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label surveillance. Show all posts
Tracking
Cyber Security Healthcare legislation Location Privacy surveillance Tracking

Why Location Data Privacy Laws Are Urgently Needed

 

Your location data is more than a simple point on a map—it’s a revealing digital fingerprint. It can show where you live, where you work, where you worship, and even where you access healthcare. In today’s hyper-connected environment, these movements are silently collected, packaged, and sold to the highest bidder. For those seeking reproductive or gender-affirming care, attending protests, or visiting immigration clinics, this data can become a dangerous weapon.

Last year, privacy advocates raised urgent concerns, calling on lawmakers to address the risks posed by unchecked location tracking technologies. These tools are now increasingly used to surveil and criminalize individuals for accessing fundamental services like reproductive healthcare.

There is hope. States such as California, Massachusetts, and Illinois are now moving forward with legislation designed to limit the misuse of this data and protect individuals from digital surveillance. These bills aim to preserve the right to privacy and ensure safe access to healthcare and other essential rights.

Imagine a woman in Alabama—where abortion is entirely banned—dropping her children at daycare and driving to Florida for a clinic visit. She uses a GPS app to navigate and a free radio app along the way. Without her knowledge, the apps track her entire route, which is then sold by a data broker. Privacy researchers demonstrated how this could happen using Locate X, a tool developed by Babel Street, which mapped a user’s journey from Alabama to Florida.

Despite its marketing as a law enforcement tool, Locate X was accessed by private investigators who falsely claimed affiliation with authorities. This loophole highlights the deeply flawed nature of current data protections and how they can be exploited by anyone posing as law enforcement.

The data broker ecosystem remains largely unregulated, enabling a range of actors—from law enforcement to ideological groups—to access and weaponize this information. Near Intelligence, a broker, reportedly sold location data from visitors to Planned Parenthood to an anti-abortion organization. Meanwhile, in Idaho, cell phone location data was used to charge a mother and her son with aiding an abortion, proving how this data can be misused not only against patients but also those supporting them.

The Massachusetts bill proposes a protected zone of 1,850 feet around sensitive locations, while California takes a broader stance with a five-mile radius. These efforts are gaining support from privacy advocates, including the Electronic Frontier Foundation.

“A ‘permissible purpose’ (which is key to the minimization rule) should be narrowly defined to include only: (1) delivering a product or service that the data subject asked for, (2) fulfilling an order, (3) complying with federal or state law, or (4) responding to an imminent threat to life.”

Time and again, we’ve seen location data weaponized to monitor immigrants, LGBTQ+ individuals, and those seeking reproductive care. In response, state legislatures are advancing bills focused on curbing this misuse. These proposals are grounded in long-standing privacy principles such as informed consent and data minimization—ensuring that only necessary data is collected and stored securely.

These laws don’t just protect residents. They also give peace of mind to travelers from other states, allowing them to exercise their rights without fear of being tracked, surveilled, or retaliated against.

To help guide new legislation, this post outlines essential recommendations for protecting communities through smart policy design. These include:
  • Strong definitions,
  • Clear rules,
  • Affirmation that all location data is sensitive,
  • Empowerment of consumers through a strong private right of action,
  • Prohibition of “pay-for-privacy” schemes, and
  • Transparency through clear privacy policies.
These protections are not just legal reforms—they’re necessary steps toward reclaiming control over our digital movements and ensuring no one is punished for seeking care, support, or safety.
Read more »
Tracking
Ads Analytics AppleTV Chromecast control Cyber Security Data device FireTV personalization Roku settings smartTV streaming surveillance Tracking

Your Streaming Devices Are Watching You—Here's How to Stop It

Streaming devices like Roku, Fire TV, Apple TV, and Chromecast make binge-watching easy—but they’re also tracking your habits behind the scenes.

Most smart TVs and platforms collect data on what you watch, when, and how you use their apps. While this helps with personalised recommendations and ads, it also means your privacy is at stake.


If that makes you uncomfortable, here’s how to take back control:

1. Amazon Fire TV Stick
Amazon collects "frequency and duration of use of apps on Fire TV" to improve services but says, “We don’t collect information about what customers watch in third-party apps on Fire TV.”
To limit tracking:
  • Go to Settings > Preferences > Privacy Settings
  • Turn off Device Usage Data
  • Turn off Collect App Usage Data
  • Turn off Interest-based Ads

2. Google Chromecast with Google TV
Google collects data across its platforms including search history, YouTube views, voice commands, and third-party app activity. However, “Google Chromecast as a platform does not perform ACR.”
To limit tracking:
  • Go to Settings > Privacy
  • Turn off Usage & Diagnostics
  • Opt out of Ads Personalization
  • Visit myactivity.google.com to manage other data

3. Roku
Roku tracks “search history, audio inputs, channels you access” and shares this with advertisers.
To reduce tracking:
  • Go to Settings > Privacy > Advertising
  • Enable Limit Ad Tracking
  • Adjust Microphone and Channel Permissions under Privacy settings
4. Apple TV
Apple links activity to your Apple ID and tracks viewing history. It also shares some data with partners. However, it asks permission before allowing apps to track.
To improve privacy:

  • Go to Settings > General > Privacy
  • Enable Allow Apps to Ask to Track
  • Turn off Share Apple TV Analytics
  • Turn off Improve Siri and Dictation

While streaming devices offer unmatched convenience, they come at the cost of data privacy. Fortunately, each platform allows users to tweak their settings and regain some control over what’s being shared. A few minutes in the settings menu can go a long way in protecting your personal viewing habits from constant surveillance.
Read more »
WhatsApp
New Media Privacy Social Media Spyware surveillance WhatsApp

WhatsApp Says Spyware Company Paragon Hacked 90 Users

WhatsApp Says Spyware Company Paragon Hacked 90 Users

Attempts to censor opposition voices are not new. Since the advent of new media, few Governments and nations have used spyware to keep tabs on the public, and sometimes target individuals that the government considers a threat. All this is done under the guise of national security, but in a few cases, it is aimed to suppress opposition and is a breach of privacy. 

Zero-click Spyware for WhatsApp

One such interesting incident is the recent WhatsApp “zero-click” hacking incident. In a conversation with Reuters, a WhatsApp official disclosed that Israeli spyware company Paragon Solutions was targeting its users, victims include journalists and civil society members. Earlier this week, the official told Reuters that Whatsapp had sent Paragon a cease-and-desist notice after the surveillance hack. In its official statement, WhatsApp stressed it will “continue to protect people's ability to communicate privately."

Paragon refused to comment

According to Reuters, WhatsApp had noticed an attempt to hack around 90 users. The official didn’t disclose the identity of the targets but hinted that the victims belonged to more than a dozen countries, mostly from Europe. WhatsApp users were sent infected files that didn’t require any user interaction to hack their targets, the technique is called the “zero-click” hack, known for its stealth 

“The official said WhatsApp had since disrupted the hacking effort and was referring targets to Canadian internet watchdog group Citizen Lab,” Reuter reports. He didn’t discuss how it was decided that Paragon was the culprit but added that law enforcement agencies and industry partners had been notified, and didn’t give any further details.

FBI didn’t respond immediately

“The FBI did not immediately return a message seeking comment,” Reuter said. Citizen Lab researcher John Scott-Railton said the finding of Paragon spyware attacking WhatsApp is a “reminder that mercenary spyware continues to proliferate and as it does, so we continue to see familiar patterns of problematic use."

Citizen Lab researcher John Scott-Railton said the discovery of Paragon spyware targeting WhatsApp users "is a reminder that mercenary spyware continues to proliferate and as it does, so we continue to see familiar patterns of problematic use."

Ethical implications concerning spying software

Spyware businesses like Paragaon trade advanced surveillance software to government clients, and project their services as “critical to fighting crime and protecting national security,” Reuter mentions. However, history suggests that such surveillance tools have largely been used for spying, and in this case- journalists, activists, opposition politicians, and around 50 U.S officials. This raises questions about the lawless use of technology.

Paragon - which was reportedly acquired by Florida-based investment group AE Industrial Partners last month - has tried to position itself publicly as one of the industry's more responsible players. On its website, Paragon advertises the software as “ethically based tools, teams, and insights to disrupt intractable threats” On its website, and media reports mentioning people acquainted with the company “say Paragon only sells to governments in stable democratic countries,” Reuter mentions.

Read more »
surveillance
China Cyber Security Cyber Security Cyberattacks CyberCrime CyberThreat surveillance

China's Surveillance System: Cracks in a Digital Panopticon

 


China's expansive surveillance network monitors over 1.4 billion citizens, blending advanced technology with minimal legal checks on state control. However, cracks are emerging in this highly complex system.

Overview of Surveillance 
 
China's surveillance infrastructure leverages technologies such as:
  • Facial Recognition: Identifies individuals through advanced cameras.
  • Gait Recognition: Detects people based on movement patterns.
  • Mobile Apps: Platforms like WeChat and Alipay track transactions, communications, and movements.
A hallmark of this system is the Social Credit System, rewarding or penalizing citizens based on monitored behavior. 
 
Emergence of Data Exploitation 

Despite its sophistication, China's surveillance system suffers from internal misuse:
  • Insider Corruption: Government employees sell sensitive data on black markets.
  • Telegram Markets: Personal information, such as banking records and passport scans, is sold openly.
  • Cryptocurrency Payments: Transactions ensure anonymity for buyers and sellers.
SpyCloud reported that privileged access to government data is routinely exploited for profit, undermining the system's integrity. 

Privacy Concerns and Repressive Measures 

Surveillance extends beyond public spaces into private homes under the guise of security. Over 700 million surveillance cameras are operational, equivalent to two lenses per two citizens. COVID-19 expanded surveillance through apps and "digital health codes." In addition, Cameras monitor everything from tourist sites to repressive policing measures.

Citizens have voiced discomfort with the invasive measures, but dissent remains muted under strict state control. 

Challenges in Maintaining Control 

China's monitoring network highlights the paradox of technological sophistication undermined by human corruption. The Chinese Communist Party's (CCP) inability to control insider threats erodes public trust. The cycle of data exploitation leaves millions vulnerable to harm.

As China expands its surveillance capabilities, it faces a dual challenge: securing its data infrastructure while curbing internal corruption. This serves as a cautionary tale that no system, however advanced, is immune to human flaws.
Read more »
User Tracking
Data DEA FBI FTC Location Privacy surveillance User Tracking

FTC Stops Data Brokers from Unlawful User Location Tracking

FTC Stops Data Brokers from Unlawful User Location Tracking


Data Brokers Accused of Illegal User Tracking

The US Federal Trade Commission (FTC) has filed actions against two US-based data brokers for allegedly engaging in illegal tracking of users' location data. The data was reportedly used to trace individuals in sensitive locations such as hospitals, churches, military bases, and other protected areas. It was then sold for purposes including advertising, political campaigns, immigration enforcement, and government use.

Mobilewalla's Allegations

The Georgia-based data broker, Mobilewalla, has been accused of tracking residents of domestic abuse shelters and protestors during the George Floyd demonstrations in 2020. According to the FTC, Mobilewalla allegedly attempted to identify protestors’ racial identities by tracing their smartphones. The company’s actions raise serious privacy and ethical concerns.

Gravy Analytics and Venntel's Accusations

The FTC also suspects Gravy Analytics and its subsidiary Venntel of misusing customer location data without consent. Reports indicate they used this data to “unfairly infer health decisions and religious beliefs,” as highlighted by TechCrunch. These actions have drawn criticism for their potential to exploit sensitive personal information.

Unlawful Data Collection Practices

The FTC revealed that Gravy Analytics collected over 17 billion location signals from more than 1 billion smartphones daily. The data was allegedly sold to federal law enforcement agencies such as the Drug Enforcement Agency (DEA), the Department of Homeland Security (DHS), and the Federal Bureau of Investigation (FBI).

Samuel Levine, Director of the FTC’s Bureau of Consumer Protection, stated, “Surreptitious surveillance by data brokers undermines our civil liberties and puts servicemembers, union workers, religious minorities, and others at risk. This is the FTC’s fourth action this year challenging the sale of sensitive location data, and it’s past time for the industry to get serious about protecting Americans’ privacy.”

FTC's Settlements

As part of two settlements announced by the FTC, Mobilewalla and Gravy Analytics will cease collecting sensitive location data from customers. They are also required to delete the historical data they have amassed about millions of Americans over time.

The settlements mandate that the companies establish a sensitive location data program to identify and restrict tracking and disclosing customer information from specific locations. These protected areas include religious organizations, medical facilities, schools, and other sensitive sites.

Additionally, the FTC’s order requires the companies to maintain a supplier assessment program to ensure consumers have provided consent for the collection and use of data that reveals their precise location or mobile device information.

Read more »
WhatsApp
Cyber Attacks espionage Iran Israel spying surveillance Telegram WhatsApp

Iran Spies on Senior Israeli Officials, Launches Over 200 Cyberattacks

Iran Spies on Senior Israeli Officials, Launches Over 200 Cyberattacks

Shin Bet, an Israeli Cybersecurity Service said recently it discovered over 200 Iranian phishing attempts targeting top Israeli diplomats to get personal information. Shin Bet believes the attacks were launched by Iranian actors through Telegram, WhatsApp, and email. 

The threat actors tried to bait targets into downloading infected apps that would give them access to victim devices and leak personal data like location history and residential addresses.

Iran Targeting Israeli Officials

The targeted senior officials include academicians, politicians, media professionals, and others

ShinBet said the stolen information would be used by Iran to launch attacks against Israeli nationals “through Israeli cells they have recruited within the country.” The targets were reached out with an “individually tailored cover story for each victim according to their area of work, so the approach doesn’t seem suspicious.”

In one case, the attacker disguised as a Cabinet Secretary lured the target saying he wanted to coordinate with PM Benjamin Netanyahu. Shin Bet has tracked the targets involved in the campaign and informed them about the phishing attempts. 

“This is another significant threat in the campaign Iran is waging against Israel, aimed at carrying out assassination attacks. We request heightened awareness, as cyberattacks of this type can be avoided before they happen through awareness, caution, suspicion, and proper preventative behavior online,” said a Shin Bet official.

Reasons for attack

Shin Bet “will continue to act to identify Iranian activity and thwart it in advance.” It believes the motive behind the attacks was to manage future attacks on Israeli nationals using information given by Israeli cells recruited by Iran. The campaign is a sign of an escalation between Iran and Israel, the end goal being assassination attempts.

The bigger picture

The recent discovery of phishing campaigns is part of larger targeted campaigns against Israel. In September 2024, 7 Jewish Israelis were arrested for allegedly spying on IDF and Israeli security figures for Iran. 

The Times of Israel reports, “Also in September, a man from the southern city of Ashkelon was arrested on allegations that he was smuggled into Iran twice, received payment to carry out missions on behalf of Tehran, and was recruited to assassinate either Israel’s prime minister, defense minister, or the head of the Shin Bet.”

Read more »
wiretapping
CALEA China Cybersecurity Data Breach Encryption Hackers Privacy surveillance Telecom wiretapping

China-backed Hackers Breach U.S. Telecom Wiretap Systems, Sparking Security Concerns

 

China-backed hackers infiltrated wiretap systems of multiple U.S. telecom and internet providers, reportedly seeking to collect intelligence on American citizens. This revelation has raised alarm in the security community.

Wiretap systems, required by a 30-year-old U.S. federal law, allow a small number of authorized employees access to sensitive customer data, including internet activity and browsing history. These systems, now compromised, highlight long-standing concerns about their vulnerability.

Security experts had long warned about the risks of legal backdoors in telecom systems. Many saw this breach as an inevitable outcome of such vulnerabilities being exploited by malicious actors. Georgetown Law professor Matt Blaze remarked that this scenario was “absolutely inevitable.”

According to the Wall Street Journal, the hacking group, Salt Typhoon, accessed systems used by major U.S. internet providers like AT&T, Lumen, and Verizon. The group reportedly collected large amounts of internet traffic, and a U.S. government investigation is now underway.

The hackers' goals remain unclear, but experts believe the breach could be part of a larger Chinese effort to prepare for potential cyberattacks in the event of conflict, possibly over Taiwan. The intrusion reinforces the dangers of security backdoors.

Riana Pfefferkorn, a Stanford academic, pointed out that this hack exposes the risks of U.S. wiretap systems, arguing that these measures jeopardize citizens’ privacy rather than protecting them. She advocates for increased encryption as a solution to these vulnerabilities.

The compromised wiretap systems are part of the Communications Assistance for Law Enforcement Act (CALEA), a law enacted in 1994 to help the government access telecom data through lawful orders. However, this system has become a target for hackers and malicious actors.

After 9/11, U.S. surveillance laws expanded wiretapping to collect intelligence, sparking an entire industry dedicated to facilitating these operations. Yet, the extent of government access to private data was only exposed in 2013 by whistleblower Edward Snowden.

Post-Snowden, tech giants like Apple and Google began encrypting customer data to prevent unauthorized access, even from government agencies. However, telecom companies have been slower to follow suit, leaving much U.S. phone and internet traffic vulnerable to wiretapping.

Governments worldwide continue to push for legal backdoors into encrypted systems. In the EU, for example, proposed laws aim to scan private messages for illegal content, raising security concerns among experts.

Signal, the encrypted messaging app, warned of the dangers of backdoors, pointing to the Chinese hacking incident as an example of why such measures pose severe cybersecurity risks. Meredith Whittaker, Signal’s president, stressed that backdoors cannot be restricted to just "the good guys."

Blaze called the CALEA law a cautionary tale, emphasizing the dangers of building security systems with inherent vulnerabilities.
Read more »
surveillance
APT Cyber Crime GuardZoo Spyware surveillance

Houthi-Aligned APT Targets Mideast Militaries With ‘GuardZoo’ Spyware


Since 2019, surveillance equipment deployed by a Yemeni Shia Islamist organization's partners has been used to target troops throughout the Middle East, according to a new study.

Surveillanceware Targeting Middle Eastern Militaries

A Houthi-aligned threat actor utilized GuardZoo malware to capture images, documents, and other files from compromised devices, according to Lookout researchers in a report released Tuesday.

According to unsecured command and control server logs, the majority of the approximately 450 victims were found in Yemen, Saudi Arabia, Egypt, and Oman, with a tiny number in the United Arab Emirates, Turkey, and Qatar.

The Houthis took possession of Yemen's capital city in 2014, sparking a civil conflict and hunger. According to human rights organizations, a contentious Saudi-led intervention in Yemen began in June 2019 and resulted in a wave of arbitrary arrests, torture, and enforced disappearances.

The Houthi-aligned threat actor was identified by "application lures, exfil data, targeting, and the C2 infrastructure location," according to the report.

The Origins

According to Lookout, the spying tool is named after a fragment of source code that persists on an infected device. In addition to collecting images and documents, the study stated that it can "coordinate data files related to marked locations, routes, and tracks," as well as identify an infected device's location, model, cellular service carrier, and Wi-Fi setup.

GuardZoo can also download and install "arbitrary applications on the device," implying it can offer more destructive abilities once the gadget is infected," according to the paper.

Technical Details

According to Lookout, the spyware has been detected primarily in military-themed applications, with distribution and infections originating primarily in WhatsApp, WhatsApp Business, and browser downloads. In a few other cases, victims were enticed by content with a religious-themed prayer app or an e-book theme.

Researchers initially found GuardZoo in October 2022. Lookout claims the tool is based on Dendroid RAT, a "commodity spyware" that has been in use for at least a decade.

Capabilities

After infecting a device, GuardZoo communicates to the command and control server and sends four commands to each new victim, including deactivating local logging and uploading metadata for all files.

"These extensions are related to maps, GPS and markings showing waypoints, routes and tracks," according to Lookout's findings.

GuardZoo's lures were originally general, but they've evolved to include military themes with titles like "Constitution Of The Armed Forces" and "Restructuring Of The New Armed Forces." Military apps used as a lure featured emblems from numerous Middle Eastern countries, including Yemen and Saudi Arabia.

Operational Impact

After infecting a device, GuardZoo communicates to the command and control server and sends four commands to each new victim, including deactivating local logging and uploading metadata for all files.

"These extensions are related to maps, GPS and markings showing waypoints, routes and tracks," according to Lookout's findings.

GuardZoo's lures were originally general, but they've evolved to include military themes with titles like "Constitution Of The Armed Forces" and "Restructuring Of The New Armed Forces." Military apps used as a lure featured emblems from numerous Middle Eastern countries, including Yemen and Saudi Arabia.
Read more »
USA
Data Privacy Federal Agencies Privacy surveillance Technology Threats USA

Controversial Reverse Searches Spark Legal Debate


In a growing trend, U.S. police departments and federal agencies are employing controversial surveillance tactics known as reverse searches. These methods involve compelling big tech companies like Google to surrender extensive user data with the aim of identifying criminal suspects. 

How Reverse Searches Operate 

Under Reverse Searches Enforce Agencies order digital giant companies such as Google to give them vast reservoirs of user data. Under this law, these agencies have the power to demand information related to specific events or queries which include: 

  • Location Data: Requesting data on individuals present in a particular place at a specific time based on their phone's location. 
  • Keyword Searches: Seeking information about individuals who have searched for specific keywords or queries. 
  • YouTube Video Views: A recent court order disclosed that authorities could access identifiable information on individuals who watched particular YouTube videos. 

In the past, when law enforcement needed information for an investigation, they would usually target specific people they suspected were involved in a crime. But now, because big tech companies like Google have so much data about people's activities online, authorities are taking a different approach. Instead of just focusing on individuals, they are asking for massive amounts of data from these tech companies. This includes information on both people who might be relevant to the investigation and those who are not. They hope that by casting a wider net, they will find more clues to help solve cases. 

Following the news, critics argue that these court-approved orders are overly broad and potentially unconstitutional. They raise concerns that such orders could force companies to disclose information about innocent people unrelated to the alleged crime. There are fears that this could lead to prosecutions based on individuals' online activities or locations. 

Also, last year an application filed in a Kentucky federal court disclosed that federal agencies wanted Google to “provide records and information associated with Google accounts or IP addresses accessing YouTube videos for a one-week period, between January 1, 2023, and January 8, 2023.” 

However, it did not end here, the constitutionality of these orders remains uncertain, paving the way for a probable legal challenge before the U.S. Supreme Court. Despite the controversy, federal investigators continue to push the boundaries of this contentious practice.
Read more »
surveillance
DTEK Kyiv Privacy Russia-Ukraine War Russian intelligence Security Service of Ukraine(SBU) surveillance

Russia Hacks Surveillance Cameras to Monitor Attacks in Kyiv


During Tuesday's intense missile and drone strikes on Ukraine's capital, Kyiv, which left over 250,000 people without internet or electricity amid dropping winter temperatures, Russian military intelligence broke into surveillance cameras to spy on Ukrainian air defenses and Kyiv's vital infrastructure.

Security Service of Ukraine informed that it responded to the hack by blocking and dismantling the suspected camera. 

The agency further advised online users to cease transmitting and watching security camera feeds online, as Russian military intelligence is utilizing the "collected data for preparing and adjusting strikes on Kyiv."

Russia has been attacking Kyiv and Kharkiv since New Year’s holiday weekend, resulting in five casualties and over 130 injured. On Tuesday, around 100 missiles were fired on the two cities. 

These attacks were monitored by the Russian intelligence by hacking into the online surveillance cameras that are privately-owned. "According to SBU cyber specialists, one of the devices was located on the balcony of an apartment building and was used by a local condominium to monitor the surrounding area," the SBU reported.

Hackers secretly recorded all visual data inside the surveillance camera's viewing range by gaining remote access to the device and altering its viewing angle. According to the SBU, Russian intelligence then viewed the feed on YouTube to assist the military in tracking the airstrikes and informing soldiers about their targets.

The hacked surveillance camera used for monitoring the parking lot of other residential complex in Kyiv helped hackers to surveille the surrounding areas, which comprised vital infrastructure facilities.

Internet and Power Supply Affected

The energy company DTEK said that Russian missiles had damaged power grid equipment and overhead lines in Kyiv and the surrounding region, causing blackouts that affected nearly 260,000 Kyiv residents. Russian missiles, drones, and bombers also struck Ukrainian internet and power supply services.

DTEK tweeted, "Critical infrastructure, industrial, civilian and military facilities were attacked. The main focus of the attack was the capital of Ukraine[…]DTEK's power engineers are quickly restoring power after the attack."

As of Wednesday, DTEK Executive Director Dmytro Sakharuk announced that all 260,000 residents in Kyiv and an additional 185,000 residents in the surrounding districts had their power restored. "We are now continuing to repair networks after yesterday's shelling, because some consumers had to be connected via backup circuits."  

Read more »
User Privacy
Data collection Malicious actor Privacy Sensitive Data Leak surveillance Surveillance Tool User Privacy

Controversial Cybersecurity Practices of ICE

US Immigration and Customs Enforcement (ICE) have come under scrutiny for its questionable tactics in data collection that may have violated the privacy of individuals and organizations. Recently, ICE's use of custom summons to gather data from schools, clinics, and social media platforms has raised serious cybersecurity concerns.

According to a Wired report, ICE issued 1,509 custom summons to a significant search engine in 2020, seeking information on individuals and organizations involved in protests against ICE. While the summons is legal, experts have criticized the lack of transparency and oversight in the process and the potential for data breaches and leaks.

ICE's data collection practices have also targeted schools and clinics, with reports suggesting that the agency has sought information on students' and patients' immigration status. These actions raise serious questions about the privacy rights of individuals and the ethics of using sensitive data for enforcement purposes.

The Intercept has also reported on ICE's use of social media surveillance, which raises concerns about the agency's ability to monitor individuals' online activities and potentially use that information against them. The lack of clear policies and oversight regarding ICE's data collection practices puts individuals and organizations at risk of having their data mishandled or misused.

As the use of data becomes more prevalent in law enforcement, it is essential to ensure that agencies like ICE are held accountable for their actions and that appropriate safeguards are put in place to protect the privacy and cybersecurity of individuals and organizations. One expert warned, "The more data you collect, the more potential for breaches, leaks, and mistakes."

Privacy and cybersecurity are seriously at risk due to ICE's use of bespoke summonses and other dubious data collection techniques. It is essential that these problems are addressed and that the proper steps are made to safeguard both organizations' and people's rights.

Read more »
surveillance
DDOS Attack Location data location tracking Mobile Hacking Mobile Security Smartphone surveillance

The Russian Expert Listed the Main Signs of Smartphone Surveillance

 

Along with the unconditional benefits, the smart devices around us also carry a number of dangers. Thus, with the help of a smartphone, attackers can gain access to the personal data of its owner. According to Evgeny Kashkin, associate professor of the Department of Intelligent Information Security Systems at RTU MIREA, there are several signs that may indirectly indicate that your smartphone has become a spy. 

"An important point, in this case, is the requirement for applications to use a camera, microphone, as well as access to data (images and videos) on the phone during installation. Of course, you can disagree with this point during the installation, but most likely, then the application will not work at all or will work incorrectly," the expert explains. 

According to him, for a number of applications, these access rights are mandatory for work, but there are applications where "such rights for normal operation are simply absurd." For example, a home internet account status application. 

Another important factor, in his opinion, is the use of geolocation in applications. At the same time, it`s not only about GPS, but also the use of cellular data, as well as connections to various web resources. Such an approach, on the one hand, can greatly facilitate the search for the right companies within walking distance in a number of search engines, but, on the other hand, the cell phone conducts a "total" tracking of your movements. The key question, in this case, is how the data will be used by those who collect it. 

A number of companies have gone even further in this context. They started tracking the email messages of the users. Thus, with the banal purchase of an electronic plane ticket, the system will notify you in advance of the departure date, and on the day of departure, it will build you a route to the airport, taking into account traffic jams. 

He also advises paying attention to the sudden and uneven loss of battery power. This may indicate that a malicious program is running in the background that can use the phone to carry out a DDOS attack. 

Another alarming symptom is the sudden freezing of the phone or even turning it off for no objective reason. And finally, the occurrence of noises and extraneous sounds during a conversation may also indicate that your phone is being monitored. 

Read more »
United States
Cyber Security Data Leak Data Privacy data security Police surveillance United States

DDoSecrets Published 1.8 TB of Surveillance Footage From Helicopters on the Internet

 

Surveillance drones have been increasingly popular among law enforcement agencies across the United States in recent years, drawing criticism from privacy advocates. However, freshly obtained aerial surveillance footage from the Dallas Police Department in Texas and what appears to be the Georgia State Patrol highlights the range and quality of footage captured by helicopters. 

On Friday, the transparency activist group Distributed Denial of Secrets, or DDoSecrets, released a 1.8-terabyte archive of police helicopter footage on its website. DDoSecrets cofounder Emma Best said her organization doesn't know who shared the material and that no affiliation or purpose for disclosing the files was given. The source just stated that the data was being stored in insecure cloud infrastructure by the two police departments. 

In June 2020, DDoSecrets made headlines when it revealed a massive leak of law enforcement data taken by a hacker linked to Anonymous. Emails, audio, video, and intelligence documents from more than 200 states, municipal, and federal agencies around the US were included in the data, called BlueLeaks. DDoSecrets was banned from Twitter, and Reddit banned the r/blueleaks subreddit. 

The report merely stated that the law enforcement agencies responsible for keeping the video secure were sorting the data in an insecure cloud infrastructure when the bad actor obtained access and posted the video online. WIRED examined the material that was posted online, and according to their article, the samples included footage of a helicopter being piloted during the day and at night, recording everything from an aerial view. 

“This is exactly one of the things that people are constantly warning about, especially when it comes to government surveillance and corporate data mining,” Best told WIRED in a text message interview. “Not only is the surveillance itself problematic and worrisome, but the data is not handled in the ideal conditions we're always promised." 

Police drones have gained a lot of attention recently because they represent a new generation of aerial vehicles capable of stealthy surveillance and novel behaviors, such as flying indoors. Law enforcement forces, on the other hand, have been using helicopters for aerial surveys and monitoring for decades. However, DDoSecrets' footage shows how successful helicopter-mounted cameras are in capturing extremely crisp and detailed video near to the ground. 

Given that such footage could be helpful in a variety of ways for stalkers, assailants seeking materials for blackmail, domestic or international terrorist groups, or those conducting espionage operations, privacy advocates underline the importance of safeguarding aerial police surveillance data.
Read more »
surveillance
data security data threat malware surveillance

Balikbayan Foxes: Threat Group Impersonating The Philippine Entities

 

Proofpoint has discovered a new and “highly functional” cybercriminal group that is impersonating many departments of the Philippine government and businesses to spread Trojan malware. The group dubbed "Balikbayan Foxes" and tracked as TA2722, is mainly targeting Shipping/Logistics, Business Services, Manufacturing, Finance, Pharmaceutical, and Energy entities across the region. Alongside, the group is also targeting other countries including North America, Europe, and Southeast Asia. 

The threat actors have conducted a series of campaigns throughout 2021 in which the group impersonated various Philippine government bodies including the Philippine Overseas Employment Administration (POEA), the Department of Health, and the Bureau of Customs to send phishing emails. The other campaigns were personated by the group named the Manila embassy for the Kingdom of Saudi Arabia (KSA) and DHL Philippines. 

According to the research, seeing the continuous pattern of spoofing email addresses and delivering lures designed to impersonate government bodies, it's clear that the threat actors are targeting the organizations that are directly or indirectly connected to the Philippine government. Besides, threat actors used themes related to COVID-19 infection information, invoicing, billing, and industry advisories. Some of the targets are involved in a very large supply chain, so if it gets compromised, it could have a far-reaching impact. 

Research conducted at Proofpoint identified that in every campaign the threat actors distributed either Remcos or NanoCore remote access trojans (RATs). Remcos and NanoCore Trojans are mainly used for surveillance, information gathering, monitoring data theft operations, and control of compromised computers. 

It has been observed that in a series of campaigns, different mechanisms have been used in some cases, phishing emails were sent containing OneDrive URLs linking to RAR files with embedded UUE files, whereas in others, crafted.PDFs were attached containing embedded URLs leading to compressed executables (.iso files) that download and run malware. The group has also used another common malware payload deployment method that involved MS Excel documents containing macros which if activated will execute Trojan. 

The reports also showed that Balikbayan Foxes is expanding and advancing its tactics. The group is highly activated at present time, the research added. 
Read more »
Telegram
Pavel Durov Privacy Privacy Breach surveillance Telegram

Telegram Pavel Durov says that since 2018 he knew about the potential surveillance of his phone

The billionaire said he had known since 2018 that one of his phone numbers was on the NSO Group list, but was not worried about it.

"Since 2011, when I was still living in Russia, I used to think that all my phones were hacked. Anyone who gets access to my personal data will be extremely disappointed, as he will have to view thousands of Telegram feature concepts and millions of messages related to the development process of our product. He will not find any important information there," Durov explained.

At the same time, he recalled that surveillance tools were also used against "much more significant" people, including more than 10 heads of state. "A huge problem for humanity", according to the businessman, is created by "backdoors" that smartphone and software manufacturers deliberately leave in their systems.

"According to Snowden's 2013 revelations, Apple and Google are part of a global surveillance program. These companies should introduce backdoors into their mobile operating systems. These backdoors, usually disguised as security bugs, allow US intelligence agencies to access information on any smartphone in the world," Durov wrote. 

According to Durov, at the same time, access to these vulnerabilities can be obtained not only by the US authorities but also "any other organization that finds them."

"It is not surprising that this is exactly what happened: the Israeli company NSO Group sold access to spy tools that allowed third parties to hack tens of thousands of phones," the billionaire noted.

Recently, The Guardian reported that the Telegram founder's British mobile number was on a list of potential surveillance targets in 2018.

The publication suggested that the authorities of the United Arab Emirates could have shown interest in Durov since the appearance of the entrepreneur's number on the list coincided with his move to this country.

Read more »
User Security
iOS malware Mobile Spyware Pegasus spyware and malware surveillance User Security

iPhones of Al Jazeera Journalists Being Snooped On Via Israeli Firm's Spyware

 

iPhones of around 36 Journalists at Al Jazeera news organisation have been hacked by nation-sponsored hackers who sent malware laden iMessages. The attackers who are suspected to be backed by the governments of the United Arab Emirates and Saudi Arabia, exploited a zero-day vulnerability in iMessage which was later fixed by Apple. 

In a technical report, experts have stated that the Journalists' iPhones were snooped on by attackers who employed NSO's Pegasus software to deploy spyware onto the iPhones of 36 journalists, executives and producers at the news agency, Al Jazeera. 

Pegasus is a modular malware developed by the Israeli firm NSO which is used for surveillance purposes and has also been linked to surveillance abuse at multiple occasions. The spyware allows hosts to remotely monitor and exploit devices. Reportedly, the attack took place invisibly and it didn't require the attackers to trick the victims into clicking on a malicious link – as opposed to conventional ways of deploying malware. 

While examining one of the victim's device, researchers discovered that spyware was deployed secretly through iMessage and was able to take images using iPhone's camera, access passwords, and victim's location. Besides, it's likely that the spyware was also recording phone calls and microphone.  

As per the researchers at Citizen Lab, a total of four operators belonging to Pegasus were observed to have assisted the hack. Two of the operators namely SNEAKY KESTREL and MONARCHY are suspected to be having links with the governments of Middle Eastern countries; to the UAE and Saudi Arabia, respectively.  

According to the reports by Citizen Lab, "In July and August 2020, government operatives used NSO Group’s Pegasus spyware to hack 36 personal phones belonging to journalists, producers, anchors, and executives at Al Jazeera. The personal phone of a journalist at London-based Al Araby TV was also hacked." 

"The phones were compromised using an exploit chain that we call KISMET, which appears to involve an invisible zero-click exploit in iMessage. In July 2020, KISMET was a zero-day against at least iOS 13.5.1 and could hack Apple’s then-latest iPhone 11." 

"We do not believe that KISMET works against iOS 14 and above, which includes new security protections. All iOS device owners should immediately update to the latest version of the operating system," the report further read.
Read more »
surveillance
internet privacy Privacy Privacy Breach Privacy News surveillance

Russian expert told how to figure out surveillance via a webcam

 It is becoming more and more difficult to find out whether you are being followed through a webcam. According to Arseny Shcheltsin, General Director of Digital Platforms, earlier it was used by a special indicator, which showed whether the camera is recording, but now it’s easy to bypass this device.

"The most characteristic signs of tracking are the “freezing” of the computer or phone only when there is an Internet connection, or immediately after switching on,” explained the specialist.

As Shcheltsin noted, the appearance of unknown programs on the device that significantly "slow down" its work should also be alerted. One of the most obvious confirmations that a person is being spied on through a webcam is its spontaneous activation, but today, as the expert clarified, the burning icon near the device's camera may not light up, while it will record what is happening around.

The expert noted that it is worth paying attention to where the potential use of the camera can harm its owner. For example, it is better not to use the phone where the person is not fully dressed — in the locker room, bathroom, etc.

It is also important to keep your computer's antivirus software up-to-date. They should be updated as a new version is released.

Previously, Mr. Shcheltsin reported that intelligence services of various countries are using backdoors to spy on people around the world through Smart TVs.
Read more »
surveillance
China Coronavirus COVID-19 Privacy surveillance

Residents in China under Surveillance amid the Coronavirus Pandemic


According to recent reports, China is alleged for surveilling its residents' homes among the coronavirus epidemic. However, there is no official rule that says China can keep quarantined residents under watch. The incident has been happening since February in China, where few residents have reported cases of security camera equipped right in front of their homes. Three people have already informed of this incident, whereas other similar cases have appeared on social media.


Currently, China doesn't have any national law that allows it to watch its people through surveillance cameras, but still, the cameras are equipped in various public areas in China. According to sources, the authorities are continually keeping a watch on people, whether they are in malls, eating in a restaurant, boarding transport, or even in schools and colleges. According to data by CNN, around 20 Million cameras were installed across china in the year 2020, and this is only a rough estimate. According to some other sources, the numbers can go even higher. As per the reports of IHS Markit Technology, which currently works under Informa Tech, China had around 350 Million surveillance cameras installed in the year 2018, which is five times than of the USA.

 What will happen by 2021? 

According to the data, the projection suggests that by the year 2021, China will have equipped six times more surveillance cameras than the US. According to Comparitech, a UK based research organization, "Estimates vary on the number of CCTV cameras in China, but reports range from 200 million up to 626 million in use by 2020. Based on the country's current population of 1.4 billion people, that would mean nearly one camera for every two people. Although this projection might seem vast, it may be a fraction of the actual number."

In the present times, however, the COVID-19 pandemic has triggered the Chinese authorities to keep a watch on its residents' private life. According to these residents, it is a complete breach of privacy. Knowing that this issue might appear, the Joint Civil Society issued a statement earlier this month that said, "the COVID-19 pandemic is a global public health emergency that requires a coordinated and large-scale response by governments worldwide. However, States' efforts to contain the virus must not be used as a cover to usher in a new era of greatly expanded systems of invasive digital surveillance."
Read more »
surveillance
APT20 China Cyber Security surveillance

Businesses over Various Countries become Victims of Threat 'APT20'


An Advanced Persistent Threat (APT) player expected to work from China from the last 2 years is silently targeting companies in the US and throughout the world in complete surveillance operations. Amongst its many targets are businesses in the flight, architecture, service, banking, health, transport businesses, and more, over 10 nations, including the United States, United Kingdom, Germany, China, and France. The threat is known as APT20, according to a report from Fox-It. "We say with great certainty that the threat is from a group from China and, it is probably supporting the interests of the Chinese government with stealing data for surveillance aim," says Fox-IT in a statement.


Fox-IT's report of APT reveals that in a few events, the hackers gained primary entrance to a target's system through a weak Network. Usually, the servers by which APT20 gained access had already jeopardized in an unrelated earlier intervention and had Network pods put upon them. APT20 utilized those Network pods for primary parallel mobility and surveillances. The group's other methods for getting primary entrance involve the use of phishing e-mails and corrupt movable media accessories. Similar to several different threats,

APT20's plan after getting a primary space is to attempt and collect and use entrance information of vested profiles, like those relating to businesses and domains manager. The organization has also used the administrator account to obtain the target system via its own Virtual Private Network (VPN). Fox-IT further says- Our research reveals that the threat uses a variety of design devices and legal assistance in its surveillance. Amongst the designing tools, it works on is one that gets data on software, public links. APT20 uses various tools for the attacks, some of which are: PowerShell, External Remote Services, Command-Line Interface, and WMI (Windows Management Instrumentation) and WAS (Windows Admin Shares).

The tools used by APT20 are authentic in all phases of the intervention series, from primary entrance and performance to exclusive acceleration and parallel flow, to endurance, support dodging, compilation, and filtration. The data on the attacks shows organs of the threat APT20 are most probably from China, that usually works for 8 hours every day, except the weekends.
Read more »
surveillance
Chinese Hackers internet Security Privacy Privacy Breach surveillance

Hackers Working For the Chinese Government Tracking Movements of Ethnic Uighurs




Hackers working for the Chinese government are said to have been tracking the movements of ethnic Uighurs, a mostly Muslim minority, which is viewed as a security threat by Beijing. The hacks are a part of a rather extensive cyber-espionage campaign focused on “high-value individuals” such as diplomats and foreign military personnel, the sources said.

As a part of the campaign, various groups of Chinese hackers have compromised telecoms operators in nations including Turkey, Kazakhstan, India, Thailand and Malaysia, the four sources said.

China is currently confronting growing international criticism over its treatment of Uighurs in Xinjiang , as the members from the group have been subject to mass confinements in what China calls  “vocational training”  centres as well as 'widespread state surveillance'.

The nation has more than once denied association in any cyber-attacks or any abuse of the Uighur people, whose religious and cultural rights Beijing says are completely ensured, and the Chinese Foreign Ministry said any hacking charges should be upheld by legitimate proof.

“We would again like to stress that China is a resolute safeguarder of internet security. We consistently and resolutely oppose and crack down on any forms of internet attacks,” a ministry statement said.

While government authorities in India and Thailand declined to remark in regards to the specific telecoms operators that were undermined, officials in Malaysia, Kazakhstan and Turkey refused to promptly react to the requests for comments.

Read more »
Subscribe to: Posts (Atom)