https://www.axios.com/china-cyberattacks-nato-181e71d2-7414-45f3-9463-c8b1d46392c1.html
The U.S., NATO, European Union, U.K., Australia, Canada, New Zealand and Japan say they can now, “with high confidence,” attribute the March attack using the Exchange flaw to cyberattackers affiliated with China’s state security ministry. That attack crippled thousands of computers around the world.
Human rights activists, journalists and lawyers across the world have been targeted by authoritarian governments using hacking software sold by the Israeli surveillance company NSO Group, according to an investigation into a massive data leak.
The investigation by the Guardian and 16 other media organisations suggests widespread and continuing abuse of NSO’s hacking spyware, Pegasus, which the company insists is only intended for use against criminals and terrorists.
Pegasus is a malware that infects iPhones and Android devices to enable operators of the tool to extract messages, photos and emails, record calls and secretly activate microphones.
Our investigation shows how repressive regimes can buy and use the kind of spying tools Edward Snowden warned us about
Law-abiding people – including citizens and residents of democracies such as the UK, such as editors-in-chief of leading newspapers – are not immune from unwarranted surveillance. And western countries do not have a monopoly on the most invasive surveillance technologies. We’re entering a new surveillance era, and unless protections are put in place, none of us are safe.
https://www.theguardian.com/news/2021/jul/19/how-does-apple-technology-hold-up-against-nso-spyware
The iPhone maker says it is keeping pace with malware, but the Pegasus project paints a worrying picture
Data leak and forensics suggest NSO’s surveillance tool used against journalists at some of world’s top media companies
A successful Pegasus infection gives NSO customers access to all data stored on the device. An attack on a journalist could expose a reporter’s confidential sources as well as allowing NSO’s government client to read their chat messages, harvest their address book, listen to their calls, track their precise movements and even record their conversations by activating the device’s microphone.
Amnesty International’s Security Lab has performed in-depth forensic analysis of numerous mobile devices from human rights defenders (HRDs) and journalists around the world. This research has uncovered widespread, persistent and ongoing unlawful surveillance and human rights abuses perpetrated using NSO Group’s Pegasus spyware.
Most recently, a successful “zero-click” attack has been observed exploiting multiple zero-days to attack a fully patched iPhone 12 running iOS 14.6 in July 2021.
https://www.cnbc.com/2021/06/25/tiktok-insiders-say-chinese-parent-bytedance-in-control.html
Former TikTok employees say there is cause for concern when it comes to the popular social media app’s Chinese parent company.
They say ByteDance has access to TikTok’s American user data and is closely involved in the Los Angeles company’s decision-making and product development.
Some cybersecurity experts worry that the Chinese government could use TikTok to spread propaganda or censorship to American audience, or to exercise influence over users who may come to regret what they posted on the service.
https://underjord.io/trust-in-software-an-all-time-low.html
I don’t think I’ve ever had more distrust and as a consequence distate for software than in recent years
So while the big actors are slightly less likely to completely screw you on security, software quality or straight money. They are pretty much guaranteed to screw you on privacy.
Your privacy is very important to us. We would like to know what you are doing at all times. Accept / Ask me again later.
https://www.nrk.no/norge/stort-dataangrep-mot-norsk-ingeniorselskap-1.15568171
Hackargruppa hevdar dei har 2000 gigabyte med sensitiv informasjon som dei vil publisere viss selskapet ikkje innfrir kravet
https://techcrunch.com/2021/07/03/digital-violence-nso-group-spyware/
The research reveals new links between phone hacks and real-world violence
For the first time, researchers have mapped all the known targets, including journalists, activists, and human rights defenders, whose phones were hacked by Pegasus, a spyware developed by NSO Group
https://www.nrk.no/urix/sverige_-hackere-krever-600-millioner-kroner-1.15564723
Angrepet har rammet hundrevis av selskaper over hele verden. Blant dem er svenske Coop, som har måttet stenge hundrevis av dagligvarebutikker, Apotek Hjärtat og SJ.
Kravet er blitt publisert på bloggen til hackergruppen Revil og virker ifølge eksperter autentisk.
Angrepet ble innledet fredag og var rettet mot det amerikanske programvareselskapet Kaseya, som selger tjenester til kunder over hele verden, deriblant Coop.
https://www.svt.se/nyheter/inrikes/coop-tvingas-stanga-efter-kassahaveri
https://therecord.media/north-korean-hackers-breach-south-korean-submarine-builder-again/
The target of the attack was Daewoo Shipbuilding & Marine Engineering (DSME), one of the country’s three primary shipbuilding companies—together with Hyundai and Samsung—and the only submarine builder.
Sources said that some of the stolen files included plans for a nuclear-powered submarine that DSME and the South Korean Navy had been working on for the past few years.
https://www.wired.com/story/atm-hack-nfc-bugs-point-of-sale/
FOR YEARS, SECURITY researchers and cybercriminals have hacked ATMs by using all possible avenues to their innards, from opening a front panel and sticking a thumb drive into a USB port to drilling a hole that exposes internal wiring. Now one researcher has found a collection of bugs that allow him to hack ATMs—along with a wide variety of point-of-sale terminals—in a new way: with a wave of his phone over a contactless credit card reader.
Rodriguez has built an Android app that allows his smartphone to mimic those credit card radio communications and exploit flaws in the NFC systems’ firmware.
https://www.wired.com/story/french-spyware-executives-indicted-aiding-torture/
The managers are accused of selling tech to Libya and Egypt that was used to identify activists, read private messages, and kidnap, torture, or kill them.
https://www.theverge.com/2021/6/21/22538240/google-chat-allo-hangouts-talk-messaging-mess-timeline
Google keeps falling into the same cycle, […], one that has repeated itself throughout the years. It’ll build out new services, integrating them into more areas of its product lineup, then try to wipe the slate clean, launch new services that (eventually) replace the old set, and start the cycle anew.
https://www.nytimes.com/2021/06/25/opinion/coronavirus-lab.html
https://www.nytimes.com/2021/06/24/technology/computer-energy-use-study.html
The giant tech companies with their power-hungry, football-field-size data centers are not the environmental villains they are sometimes portrayed to be on social media and elsewhere.
Shutting off your Zoom camera or throttling your Netflix service to lower-definition viewing does not yield a big saving in energy use, contrary to what some people have claimed.
Even the predicted environmental impact of Bitcoin, which does require lots of computing firepower, has been considerably exaggerated by some researchers.
Those are the conclusions of a new analysis by Jonathan Koomey and Eric Masanet, two leading scientists in the field of technology, energy use and the environment.
Systemleverandøren Axiell vart denne veka hacka, som har lamma tenestene til mange lokalbibliotek.
Kring halvparten av alle bibliotek i Noreg er råka av hackinga. Dei store bybiblioteka har eigne system, og er ikkje råka.
Hackarane har bedt om løysepengar, men det er uvisst kva sum det er snakk om. Hillestad har ikkje gått i dialog med hackarane.
– Det er ikkje eit alternativ å betala ut løysepengar for å få tilgang til eigne data. Me samarbeider ikkje med kriminelle på nokon som helst måte.
Dei jobbar no med å få på plass ei backup-løysing, som skal vera klar til bruk frå neste veke av.
Western Digital, maker of the popular My Disk external hard drives, is recommending that customers unplug My Book Live storage devices from the Internet until further notice while company engineers investigate unexplained compromises that have completely wiped data from devices around the world.