Strategic autonomy in danger: European Tech companies warn of lowering data protection levels in the EU.

Strategic autonomy in danger: European Tech companies warn of lowering data protection levels in the EU.

In the course of the initiative "Fighting child sexual abuse: detection, removal, and reporting of illegal content", the European Union plans to abolish the digital privacy of correspondence.

Secure Comms: Cracking the Encrypted Messages of Balkan Crime Gangs

Secure Comms: Cracking the Encrypted Messages of Balkan Crime Gangs

Law enforcement authorities in the United States and Europe, however, say it was created with the sole purpose of facilitating drug trafficking and had become the messaging app of choice for transnational crime organisations.

Facebook Says It’s Your Fault That Hackers Got Half a Billion User Phone Numbers

Facebook Says It’s Your Fault That Hackers Got Half a Billion User Phone Numbers

A blog post titled “The Facts on News Reports About Facebook Data,” published Tuesday evening, is designed to silence the growing criticism the company is facing for failing to protect the phone numbers and other personal information of 533 million users after a database containing that information was shared for free in low level hacking forums over the weekend, as first reported by Business Insider.

Encryption Has Never Been More Essential—or Threatened

Encryption Has Never Been More Essential—or Threatened

Five years ago today, WhatsApp completed our roll out of end-to-end encryption, which provides people all over the world with the ability to communicate privately and securely.

Whistleblower: Ubiquiti Breach “Catastrophic” — Krebs on Security

Whistleblower: Ubiquiti Breach “Catastrophic” — Krebs on Security

[NYSE:UI] — a major vendor of cloud-enabled Internet of Things (IoT) devices such as routers, network video recorders and security cameras — disclosed that a breach involving a third-party cloud provider had exposed customer account credentials.

Best Practices for preventing IoT Security Camera Hacks

Best Practices for preventing IoT Security Camera Hacks

Botnets can include PCs with viruses or IoT (internet of things) devices like smart thermostats or security cameras that have malware or have such easy access to their administration accounts, that they can be collectively controlled by remote code execution.

Privacy Talks: Interview with Micah Lee from The Intercept

Privacy Talks: Interview with Micah Lee from The Intercept

Timestamp Links & Questions: [0:50] – Could you tell us a little bit about what you do in your position as Director of Information Security at First Look Media, the organization behind The Intercept?

Hobby Lobby Exposes Customer Data in Cloud Misconfiguration

Hobby Lobby Exposes Customer Data in Cloud Misconfiguration

Arts-and-crafts retailer Hobby Lobby has suffered a cloud-bucket misconfiguration, exposing a raft of customer information, according to a report.“The Hobby Lobby incident is the latest example of why we need to take public cloud threat vectors so seriously,” said Douglas Murray, CEO at Valtix, told Threatpost.

Invasive apps

Invasive apps

By using the new Apple privacy labels featured in the App Store, we identified which apps share the most of your private data with third parties and which gather the most for their own benefits, to find the most invasive overall.

DuckDuckGo Privacy Essentials vulnerabilities: Insecure communication and Universal XSS

DuckDuckGo Privacy Essentials vulnerabilities: Insecure communication and Universal XSS

This doesn’t stop extensions from trying of course, simply because this API is so convenient compared to secure extension APIs. In case of DuckDuckGo Privacy Essentials, the content script.While this communication is intended for the content script loaded in a frame, the web page there can see it as well.

CEO of Sky Global encrypted chat platform indicted by US

CEO of Sky Global encrypted chat platform indicted by US

The US Department of Justice has indicted the CEO of encrypted messaging company Sky Global, and an associate for allegedly aiding criminal enterprises avoid detection by law enforcement.Earlier this week, Europol announced that law enforcement in Belgium and the Netherlands made arrests after monitoring the Sky ECC encrypted chat platform for illegal activity.

Research finds 14% of mobile apps leave user data in unsecured servers

Research finds 14% of mobile apps leave user data in unsecured servers

App developers rely on third-party servers to simplify data storage, but new research indicates that these servers are often left with little to no security over sensitive data.The issue lies in developers who do not secure their server, so any and all app categories are affected.

New Yorkers would have to flash COVID-19 passport to enter venues under new program

New Yorkers would have to flash COVID-19 passport to enter venues under new program

The plan is to test the “Excelsior Pass,” which will use secure technology to confirm if a person has gotten vaccinated or has had a recent negative COVID-19 exam result, during events at Madison Square Garden and Barclays Center, Cuomo said in a statement.

Border agents can search phones freely under new circuit court ruling

Border agents can search phones freely under new circuit court ruling

A US appeals court has ruled that Customs and Border Protection agents can conduct in-depth searches of phones and laptops, overturning an earlier legal victory for civil liberties groups.

How Apple's locked down security gives extra protection to the best hackers

How Apple's locked down security gives extra protection to the best hackers

But the 1% of top hackers are going to find a way in and, once they’re inside, the impenetrable fortress of the iPhone protects them.”Bill Marczak, Citizen Lab. Despite these difficulties, Stortz says, modern computers are converging on the lockdown philosophy—and he thinks the trade-off is worth it.

Fleeing WhatsApp for Better Privacy? Don't Turn to Telegram

Fleeing WhatsApp for Better Privacy? Don't Turn to Telegram

Mimoun, the founder of the digital security nonprofit Horizontal, asked the participants to list messaging platforms that they'd heard of or used, and they quickly rattled off Facebook Messenger, WhatsApp, Signal, and Telegram.

Clubhouse Security Risk Follow-up: China Is Listening

Clubhouse Security Risk Follow-up: China Is Listening

The Shanghai-based infrastructure supplier of Clubhouse called Agora Inc. raised security concerns that it may provide information to the Chinese government to identify and monitor users, especially for politically exposed personnel.

Security experts Can Now Break Encryption that Protects People’s Data Using Quantum Computing

Security experts Can Now Break Encryption that Protects People’s Data Using Quantum Computing

Using the "quantum annealing" method, the company said its research found that even the strongest versions of the advanced encryption standard may be decodable by quantum computers that could be available a few years from now.

Social media is no place for COVID-19 vaccination cards

Social media is no place for COVID-19 vaccination cards

You’re posting a photo of your vaccination card on social media.When you post it to Facebook, Instagram, or to some other social media platform, you may be handing valuable information over to someone who could use it for identity theft.

Businesses Can’t Afford to Lose Trust in the Encrypted Economy, and Neither Can You

Businesses Can’t Afford to Lose Trust in the Encrypted Economy, and Neither Can You

As the co-founder of an end-to-end encrypted cloud service, I am deeply concerned at how demands for access to encrypted data will affect the security of thousands of businesses and the millions of clients who rely on them in the EU and worldwide.

Eoin's Articles

Eoin's Articles

Now not only will it be impossible for users to log into your server (youself included) unless they know your SSH private key but anyone who does try will be banned for a day.

Ring adds end-to-end video encryption to its doorbells and security cameras at CES 2021

Ring adds end-to-end video encryption to its doorbells and security cameras at CES 2021

Ring has updated its policies since, including making privacy and security settings more accessible via a Control Center dashboard and introducing mandatory two-factor authentication.Customers using Ring's end-to-end encryption feature would need to decrypt the video before sharing it with police.

Ubiquiti tells customers to change passwords after security breach

Ubiquiti tells customers to change passwords after security breach

Image: Ubiquiti Networks Networking equipment and IoT device vendor Ubiquiti Networks has sent out today notification emails to its customers informing them of a recent security breach.According to Ubiquiti, the intruder accessed servers that stored data on users, such as names, email addresses, and salted and hashed passwords.

Millions of Social Profiles Leaked by Chinese Data-Scrapers

Millions of Social Profiles Leaked by Chinese Data-Scrapers

The leak stems from a misconfigured ElasticSearch database owned by Chinese social-media management company SocialArks, which contained personally identifiable information (PII) from users of Facebook, Instagram, LinkedIn and other platforms, according to researchers at Safety Detectives.

The Crypto-Keepers

The Crypto-Keepers

“Right away they started asking about Telegram, which made me worry,” says Durov, explaining that it didn’t take long for his early-morning visitors to get to the point: the FBI wanted to set up some kind of informal backchannel process that would enable Telegram to hand over data on particular users in the event of a terrorist threat; they even came prepared with official-looking documents in hand.

Ransomware Gang Collects Data from Blood Testing Lab

Ransomware Gang Collects Data from Blood Testing Lab

Apex Laboratory, which provides blood work at home for patients in New York City, Long Island and South Florida, has been hit with a ransomware attack that also resulted in patient data being stolen.

Exfiltrating Remaining Private Information from Donated Devices

Exfiltrating Remaining Private Information from Donated Devices

Here is a breakdown of all the devices I purchased: Device Type Number of Devices Bought Desktop or laptop computer 41 Removable media (such as flash drives and memory cards) 27 Hard disk 11 Cell phone 6 After buying the devices, I took them to my command center (a cool name for my basement) and began the data extraction process.

Meet Hyper, The World's First Completely Private, Decentralized Instant Messenger

Meet Hyper, The World's First Completely Private, Decentralized Instant Messenger

Elastos, a decentralized internet platform built with the security of Bitcoin's hashpower, today launched the world's first completely private, decentralized messaging app on its network, Hyper IM.The Hyper team said that the app will soon be available on desktop (like WhatsApp web and Telegram), and that file transfer functions for non-text messages.

Why I don't believe in encrypted mail providers anymore

Why I don't believe in encrypted mail providers anymore

In the case of Protonmail, another encrypted mail provider, you'll need to find OpenPGP keys and you're basically back to square one.Tutanota doesn't have any bulk tools but it's easy enough to just shift-click all the email in the desktop client and export to eml files.

Europol and the European Commission inaugurate new decryption platform to tackle the challenge of encrypted material for law enforcement investigations

Europol and the European Commission inaugurate new decryption platform to tackle the challenge of encrypted material for law enforcement investigations

This week Europol launched an innovative decryption platform, developed in close cooperation with the European Commission's Joint Research Centre.The new Europol Decryption Platform, funded by the European Commission, will allow us to further enhance our support for Member State investigations.